diff --git a/.buildkite/pipeline-resource-definitions/kibana-on-merge.yml b/.buildkite/pipeline-resource-definitions/kibana-on-merge.yml index 97008d1ce78f7..6fe305979652e 100644 --- a/.buildkite/pipeline-resource-definitions/kibana-on-merge.yml +++ b/.buildkite/pipeline-resource-definitions/kibana-on-merge.yml @@ -20,7 +20,7 @@ spec: spec: env: SLACK_NOTIFICATIONS_CHANNEL: '#kibana-operations-alerts' - GITHUB_BUILD_COMMIT_STATUS_ENABLED: 'true' + ELASTIC_GITHUB_BUILD_COMMIT_STATUS_ENABLED: 'true' GITHUB_COMMIT_STATUS_CONTEXT: buildkite/on-merge REPORT_FAILED_TESTS_TO_GITHUB: 'true' ELASTIC_SLACK_NOTIFICATIONS_ENABLED: 'true' diff --git a/.buildkite/pipeline-resource-definitions/kibana-pr.yml b/.buildkite/pipeline-resource-definitions/kibana-pr.yml index 8d2a6c8bf9e99..4d6275843327e 100644 --- a/.buildkite/pipeline-resource-definitions/kibana-pr.yml +++ b/.buildkite/pipeline-resource-definitions/kibana-pr.yml @@ -19,10 +19,10 @@ spec: description: Runs manually for pull requests spec: env: - PR_COMMENTS_ENABLED: 'true' - GITHUB_BUILD_COMMIT_STATUS_ENABLED: 'true' + ELASTIC_PR_COMMENTS_ENABLED: 'true' + ELASTIC_GITHUB_BUILD_COMMIT_STATUS_ENABLED: 'true' + ELASTIC_GITHUB_STEP_COMMIT_STATUS_ENABLED: 'true' GITHUB_BUILD_COMMIT_STATUS_CONTEXT: kibana-ci - GITHUB_STEP_COMMIT_STATUS_ENABLED: 'true' allow_rebuilds: true branch_configuration: '' cancel_intermediate_builds: true diff --git a/.buildkite/pipeline-utils/test-failures/annotate.ts b/.buildkite/pipeline-utils/test-failures/annotate.ts index 7327aa82c065c..43f3b733ebcd7 100644 --- a/.buildkite/pipeline-utils/test-failures/annotate.ts +++ b/.buildkite/pipeline-utils/test-failures/annotate.ts @@ -171,7 +171,10 @@ export const annotateTestFailures = async () => { buildkite.setAnnotation('test_failures', 'error', getAnnotation(failures, failureHtmlArtifacts)); - if (process.env.PR_COMMENTS_ENABLED === 'true') { + if ( + process.env.PR_COMMENTS_ENABLED === 'true' || + process.env.ELASTIC_PR_COMMENTS_ENABLED === 'true' + ) { buildkite.setMetadata( 'pr_comment:test_failures:body', getPrComment(failures, failureHtmlArtifacts) diff --git a/.buildkite/scripts/lifecycle/post_build.sh b/.buildkite/scripts/lifecycle/post_build.sh index 3ca36e9d04b78..f35e0b97447f5 100755 --- a/.buildkite/scripts/lifecycle/post_build.sh +++ b/.buildkite/scripts/lifecycle/post_build.sh @@ -5,7 +5,7 @@ set -euo pipefail BUILD_SUCCESSFUL=$(ts-node "$(dirname "${0}")/build_status.ts") export BUILD_SUCCESSFUL -if [[ "${GITHUB_BUILD_COMMIT_STATUS_ENABLED:-}" != "true" ]]; then +if [[ "${GITHUB_BUILD_COMMIT_STATUS_ENABLED:-}" != "true" ]] && [[ "${ELASTIC_GITHUB_BUILD_COMMIT_STATUS_ENABLED:-}" != "true" ]]; then "$(dirname "${0}")/commit_status_complete.sh" fi diff --git a/.buildkite/scripts/lifecycle/pre_build.sh b/.buildkite/scripts/lifecycle/pre_build.sh index b8ccaf04f9bb9..31e569b10ca59 100755 --- a/.buildkite/scripts/lifecycle/pre_build.sh +++ b/.buildkite/scripts/lifecycle/pre_build.sh @@ -4,7 +4,7 @@ set -euo pipefail source .buildkite/scripts/common/util.sh -if [[ "${GITHUB_BUILD_COMMIT_STATUS_ENABLED:-}" != "true" ]]; then +if [[ "${GITHUB_BUILD_COMMIT_STATUS_ENABLED:-}" != "true" ]] && [[ "${ELASTIC_GITHUB_BUILD_COMMIT_STATUS_ENABLED:-}" != "true" ]]; then "$(dirname "${0}")/commit_status_start.sh" fi diff --git a/.buildkite/scripts/steps/capture_oas_snapshot.sh b/.buildkite/scripts/steps/capture_oas_snapshot.sh index 3c82fca5013c5..dc0ac88891f4f 100755 --- a/.buildkite/scripts/steps/capture_oas_snapshot.sh +++ b/.buildkite/scripts/steps/capture_oas_snapshot.sh @@ -5,7 +5,7 @@ set -euo pipefail source .buildkite/scripts/common/util.sh echo --- Capture OAS snapshot -cmd="node scripts/capture_oas_snapshot --include-path /api/status --include-path /api/alerting/rule/ --include-path /api/alerting/rules --include-path /api/actions --include-path /api/security/role --include-path /api/spaces" +cmd="node scripts/capture_oas_snapshot --include-path /api/status --include-path /api/alerting/rule/ --include-path /api/alerting/rules --include-path /api/actions --include-path /api/security/role --include-path /api/spaces --include-path /api/fleet" if is_pr && ! is_auto_commit_disabled; then cmd="$cmd --update" fi diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index e8d82c1388cda..12eef80dea380 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -683,6 +683,7 @@ packages/presentation/presentation_containers @elastic/kibana-presentation src/plugins/presentation_panel @elastic/kibana-presentation packages/presentation/presentation_publishing @elastic/kibana-presentation src/plugins/presentation_util @elastic/kibana-presentation +x-pack/packages/ai-infra/product-doc-artifact-builder @elastic/appex-ai-infra x-pack/plugins/observability_solution/profiling_data_access @elastic/obs-ux-infra_services-team x-pack/plugins/observability_solution/profiling @elastic/obs-ux-infra_services-team packages/kbn-profiling-utils @elastic/obs-ux-infra_services-team @@ -1308,6 +1309,10 @@ x-pack/test_serverless/**/test_suites/observability/ai_assistant @elastic/obs-ai /.devcontainer/ @elastic/kibana-operations # Appex QA +/x-pack/test_serverless/functional/page_objects/svl_common_page.ts @elastic/appex-qa +/x-pack/test_serverless/README.md @elastic/appex-qa +/x-pack/test_serverless/api_integration/ftr_provider_context.d.ts @elastic/appex-qa +/x-pack/test_serverless/api_integration/test_suites/common/README.md @elastic/appex-qa /src/dev/code_coverage @elastic/appex-qa /test/functional/services/common @elastic/appex-qa /test/functional/services/lib @elastic/appex-qa @@ -1406,6 +1411,7 @@ x-pack/plugins/cloud_integrations/cloud_full_story/server/config.ts @elastic/kib #CC# /x-pack/plugins/security/ @elastic/kibana-security # Response Ops team +/x-pack/test_serverless/functional/test_suites/security/screenshot_creation/index.ts @elastic/response-ops /x-pack/test/alerting_api_integration/ @elastic/response-ops /x-pack/test/alerting_api_integration/observability @elastic/obs-ux-management-team /x-pack/test/plugin_api_integration/test_suites/task_manager/ @elastic/response-ops @@ -1438,11 +1444,16 @@ x-pack/plugins/cloud_integrations/cloud_full_story/server/config.ts @elastic/kib /x-pack/test/functional/es_archives/alerting/8_2_0 @elastic/response-ops # Enterprise Search +/x-pack/test_serverless/functional/page_objects/svl_ingest_pipelines.ts @elastic/search-kibana +/x-pack/test/functional/apps/dev_tools/embedded_console.ts @elastic/search-kibana +/x-pack/test/functional/apps/ingest_pipelines/feature_controls/ingest_pipelines_security.ts @elastic/search-kibana +/x-pack/test/functional/page_objects/embedded_console.ts @elastic/search-kibana /x-pack/test/functional_enterprise_search/ @elastic/search-kibana /x-pack/plugins/enterprise_search/public/applications/shared/doc_links @elastic/platform-docs /x-pack/test_serverless/api_integration/test_suites/search/serverless_search @elastic/search-kibana /x-pack/test_serverless/functional/test_suites/search/ @elastic/search-kibana x-pack/test/api_integration/apis/management/index_management/inference_endpoints.ts @elastic/search-kibana +/x-pack/test_serverless/api_integration/test_suites/search @elastic/search-kibana # Management Experience - Deployment Management /x-pack/test_serverless/**/test_suites/common/index_management/ @elastic/kibana-management @@ -1469,7 +1480,14 @@ x-pack/test/api_integration/apis/management/index_management/inference_endpoints /x-pack/test/api_integration/apis/security_solution @elastic/security-solution /x-pack/test/functional/es_archives/auditbeat/default @elastic/security-solution /x-pack/test/functional/es_archives/auditbeat/hosts @elastic/security-solution - +/x-pack/test_serverless/functional/page_objects/svl_management_page.ts @elastic/security-solution +/x-pack/test_serverless/api_integration/test_suites/common/platform_security/ @elastic/security-solution +/x-pack/test_serverless/api_integration/test_suites/security @elastic/security-solution +/x-pack/test_serverless/functional/page_objects/svl_sec_landing_page.ts @elastic/security-solution + +/x-pack/test_serverless/functional/test_suites/security/cypress @elastic/security-solution +/x-pack/test_serverless/functional/test_suites/security/index.feature_flags.ts @elastic/security-solution +/x-pack/test_serverless/functional/test_suites/security/index.ts @elastic/security-solution #CC# /x-pack/plugins/security_solution/ @elastic/security-solution # Security Solution OpenAPI bundles @@ -1777,6 +1795,7 @@ x-pack/plugins/osquery @elastic/security-defend-workflows /x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/create_package_policy_page/single_page_layout/components/cloud_security_posture @elastic/fleet @elastic/kibana-cloud-security-posture /x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/create_package_policy_page/single_page_layout/hooks/setup_technology.* @elastic/fleet @elastic/kibana-cloud-security-posture /x-pack/plugins/security_solution/public/cloud_security_posture @elastic/kibana-cloud-security-posture +/x-pack/test/security_solution_cypress/cypress/e2e/explore/hosts/vulnerabilities_contextual_flyout.cy.ts @elastic/kibana-cloud-security-posture # Security Solution onboarding tour /x-pack/plugins/security_solution/public/common/components/guided_onboarding @elastic/security-threat-hunting-explore diff --git a/.github/workflows/undeploy-my-kibana.yml b/.github/workflows/undeploy-my-kibana.yml index 778ab4c73e302..5cff76398987c 100644 --- a/.github/workflows/undeploy-my-kibana.yml +++ b/.github/workflows/undeploy-my-kibana.yml @@ -21,12 +21,8 @@ jobs: if: contains(github.event.pull_request.labels.*.name, 'ci:project-deploy-observability') runs-on: ubuntu-latest steps: - - uses: elastic/apm-pipeline-library/.github/actions/github-token@current - with: - url: ${{ secrets.OBLT_VAULT_ADDR }} - roleId: ${{ secrets.OBLT_VAULT_ROLE_ID }} - secretId: ${{ secrets.OBLT_VAULT_SECRET_ID }} - - uses: elastic/apm-pipeline-library/.github/actions/undeploy-my-kibana@current + - uses: elastic/oblt-actions/oblt-cli/undeploy-my-kibana@v1 with: - token: ${{ env.GITHUB_TOKEN }} + github-app-id: ${{ secrets.OBS_AUTOMATION_APP_ID }} + github-app-private-key: ${{ secrets.OBS_AUTOMATION_APP_PEM }} diff --git a/api_docs/actions.mdx b/api_docs/actions.mdx index 43dbc3a676b6d..d56029340aba5 100644 --- a/api_docs/actions.mdx +++ b/api_docs/actions.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/actions title: "actions" image: https://source.unsplash.com/400x175/?github description: API docs for the actions plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'actions'] --- import actionsObj from './actions.devdocs.json'; diff --git a/api_docs/advanced_settings.mdx b/api_docs/advanced_settings.mdx index a64c66aa99594..20860883e6ba8 100644 --- a/api_docs/advanced_settings.mdx +++ b/api_docs/advanced_settings.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/advancedSettings title: "advancedSettings" image: https://source.unsplash.com/400x175/?github description: API docs for the advancedSettings plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'advancedSettings'] --- import advancedSettingsObj from './advanced_settings.devdocs.json'; diff --git a/api_docs/ai_assistant_management_selection.mdx b/api_docs/ai_assistant_management_selection.mdx index 2a799dcf6b77e..b5213e8f3e839 100644 --- a/api_docs/ai_assistant_management_selection.mdx +++ b/api_docs/ai_assistant_management_selection.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/aiAssistantManagementSelection title: "aiAssistantManagementSelection" image: https://source.unsplash.com/400x175/?github description: API docs for the aiAssistantManagementSelection plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'aiAssistantManagementSelection'] --- import aiAssistantManagementSelectionObj from './ai_assistant_management_selection.devdocs.json'; diff --git a/api_docs/aiops.mdx b/api_docs/aiops.mdx index 7cf00ff640da1..fd4957d1c445d 100644 --- a/api_docs/aiops.mdx +++ b/api_docs/aiops.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/aiops title: "aiops" image: https://source.unsplash.com/400x175/?github description: API docs for the aiops plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'aiops'] --- import aiopsObj from './aiops.devdocs.json'; diff --git a/api_docs/alerting.mdx b/api_docs/alerting.mdx index 1e32d80d130cc..a043121ca41f6 100644 --- a/api_docs/alerting.mdx +++ b/api_docs/alerting.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/alerting title: "alerting" image: https://source.unsplash.com/400x175/?github description: API docs for the alerting plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'alerting'] --- import alertingObj from './alerting.devdocs.json'; diff --git a/api_docs/apm.mdx b/api_docs/apm.mdx index 78d56db0c3fe0..70f16b5ae4668 100644 --- a/api_docs/apm.mdx +++ b/api_docs/apm.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/apm title: "apm" image: https://source.unsplash.com/400x175/?github description: API docs for the apm plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'apm'] --- import apmObj from './apm.devdocs.json'; diff --git a/api_docs/apm_data_access.mdx b/api_docs/apm_data_access.mdx index 4d2f329c67b1f..55162b99b8f55 100644 --- a/api_docs/apm_data_access.mdx +++ b/api_docs/apm_data_access.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/apmDataAccess title: "apmDataAccess" image: https://source.unsplash.com/400x175/?github description: API docs for the apmDataAccess plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'apmDataAccess'] --- import apmDataAccessObj from './apm_data_access.devdocs.json'; diff --git a/api_docs/banners.mdx b/api_docs/banners.mdx index 3e5f11bedf0dd..b533e4902cf7b 100644 --- a/api_docs/banners.mdx +++ b/api_docs/banners.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/banners title: "banners" image: https://source.unsplash.com/400x175/?github description: API docs for the banners plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'banners'] --- import bannersObj from './banners.devdocs.json'; diff --git a/api_docs/bfetch.mdx b/api_docs/bfetch.mdx index 390c5fcfbb252..53590eab0d561 100644 --- a/api_docs/bfetch.mdx +++ b/api_docs/bfetch.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/bfetch title: "bfetch" image: https://source.unsplash.com/400x175/?github description: API docs for the bfetch plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'bfetch'] --- import bfetchObj from './bfetch.devdocs.json'; diff --git a/api_docs/canvas.mdx b/api_docs/canvas.mdx index a06b5f0d7f8ab..bb3c833755d01 100644 --- a/api_docs/canvas.mdx +++ b/api_docs/canvas.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/canvas title: "canvas" image: https://source.unsplash.com/400x175/?github description: API docs for the canvas plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'canvas'] --- import canvasObj from './canvas.devdocs.json'; diff --git a/api_docs/cases.mdx b/api_docs/cases.mdx index 41f276e281392..625027f9716af 100644 --- a/api_docs/cases.mdx +++ b/api_docs/cases.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/cases title: "cases" image: https://source.unsplash.com/400x175/?github description: API docs for the cases plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'cases'] --- import casesObj from './cases.devdocs.json'; diff --git a/api_docs/charts.mdx b/api_docs/charts.mdx index 233d2d55c441c..cbb8bf96fc529 100644 --- a/api_docs/charts.mdx +++ b/api_docs/charts.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/charts title: "charts" image: https://source.unsplash.com/400x175/?github description: API docs for the charts plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'charts'] --- import chartsObj from './charts.devdocs.json'; diff --git a/api_docs/cloud.mdx b/api_docs/cloud.mdx index 62ee13dfa2d76..f9a711d6e0bfc 100644 --- a/api_docs/cloud.mdx +++ b/api_docs/cloud.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/cloud title: "cloud" image: https://source.unsplash.com/400x175/?github description: API docs for the cloud plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'cloud'] --- import cloudObj from './cloud.devdocs.json'; diff --git a/api_docs/cloud_data_migration.mdx b/api_docs/cloud_data_migration.mdx index 3bc9176721f19..fa67c11a3218b 100644 --- a/api_docs/cloud_data_migration.mdx +++ b/api_docs/cloud_data_migration.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/cloudDataMigration title: "cloudDataMigration" image: https://source.unsplash.com/400x175/?github description: API docs for the cloudDataMigration plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'cloudDataMigration'] --- import cloudDataMigrationObj from './cloud_data_migration.devdocs.json'; diff --git a/api_docs/cloud_defend.mdx b/api_docs/cloud_defend.mdx index 2d5e0d2850aac..d7fa6638d9f78 100644 --- a/api_docs/cloud_defend.mdx +++ b/api_docs/cloud_defend.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/cloudDefend title: "cloudDefend" image: https://source.unsplash.com/400x175/?github description: API docs for the cloudDefend plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'cloudDefend'] --- import cloudDefendObj from './cloud_defend.devdocs.json'; diff --git a/api_docs/cloud_security_posture.mdx b/api_docs/cloud_security_posture.mdx index 12da2b0f06aa2..1d84ebd444b69 100644 --- a/api_docs/cloud_security_posture.mdx +++ b/api_docs/cloud_security_posture.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/cloudSecurityPosture title: "cloudSecurityPosture" image: https://source.unsplash.com/400x175/?github description: API docs for the cloudSecurityPosture plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'cloudSecurityPosture'] --- import cloudSecurityPostureObj from './cloud_security_posture.devdocs.json'; diff --git a/api_docs/console.mdx b/api_docs/console.mdx index bc34a63729fb5..f03556268ac6b 100644 --- a/api_docs/console.mdx +++ b/api_docs/console.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/console title: "console" image: https://source.unsplash.com/400x175/?github description: API docs for the console plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'console'] --- import consoleObj from './console.devdocs.json'; diff --git a/api_docs/content_management.mdx b/api_docs/content_management.mdx index 5f449e7846595..54fa54a49ac0a 100644 --- a/api_docs/content_management.mdx +++ b/api_docs/content_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/contentManagement title: "contentManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the contentManagement plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'contentManagement'] --- import contentManagementObj from './content_management.devdocs.json'; diff --git a/api_docs/controls.mdx b/api_docs/controls.mdx index dddd053640e9e..b92a7a543da6b 100644 --- a/api_docs/controls.mdx +++ b/api_docs/controls.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/controls title: "controls" image: https://source.unsplash.com/400x175/?github description: API docs for the controls plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'controls'] --- import controlsObj from './controls.devdocs.json'; diff --git a/api_docs/custom_integrations.mdx b/api_docs/custom_integrations.mdx index 4cdaf074294e8..7ff9be3ae665c 100644 --- a/api_docs/custom_integrations.mdx +++ b/api_docs/custom_integrations.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/customIntegrations title: "customIntegrations" image: https://source.unsplash.com/400x175/?github description: API docs for the customIntegrations plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'customIntegrations'] --- import customIntegrationsObj from './custom_integrations.devdocs.json'; diff --git a/api_docs/dashboard.mdx b/api_docs/dashboard.mdx index 284f1c921bcc1..f9590d17b2da2 100644 --- a/api_docs/dashboard.mdx +++ b/api_docs/dashboard.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dashboard title: "dashboard" image: https://source.unsplash.com/400x175/?github description: API docs for the dashboard plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dashboard'] --- import dashboardObj from './dashboard.devdocs.json'; diff --git a/api_docs/dashboard_enhanced.mdx b/api_docs/dashboard_enhanced.mdx index ed86e5aecee7f..d050db9f1019e 100644 --- a/api_docs/dashboard_enhanced.mdx +++ b/api_docs/dashboard_enhanced.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dashboardEnhanced title: "dashboardEnhanced" image: https://source.unsplash.com/400x175/?github description: API docs for the dashboardEnhanced plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dashboardEnhanced'] --- import dashboardEnhancedObj from './dashboard_enhanced.devdocs.json'; diff --git a/api_docs/data.mdx b/api_docs/data.mdx index e31b471e96ced..a7652437464cf 100644 --- a/api_docs/data.mdx +++ b/api_docs/data.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/data title: "data" image: https://source.unsplash.com/400x175/?github description: API docs for the data plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'data'] --- import dataObj from './data.devdocs.json'; diff --git a/api_docs/data_quality.mdx b/api_docs/data_quality.mdx index 7a42a0cfc24e1..637a24671ac95 100644 --- a/api_docs/data_quality.mdx +++ b/api_docs/data_quality.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dataQuality title: "dataQuality" image: https://source.unsplash.com/400x175/?github description: API docs for the dataQuality plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dataQuality'] --- import dataQualityObj from './data_quality.devdocs.json'; diff --git a/api_docs/data_query.mdx b/api_docs/data_query.mdx index 4df4d7b6e2c16..91bebf9c4b4b0 100644 --- a/api_docs/data_query.mdx +++ b/api_docs/data_query.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/data-query title: "data.query" image: https://source.unsplash.com/400x175/?github description: API docs for the data.query plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'data.query'] --- import dataQueryObj from './data_query.devdocs.json'; diff --git a/api_docs/data_search.mdx b/api_docs/data_search.mdx index d58ab4aeaa5d6..8ea2e1815075b 100644 --- a/api_docs/data_search.mdx +++ b/api_docs/data_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/data-search title: "data.search" image: https://source.unsplash.com/400x175/?github description: API docs for the data.search plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'data.search'] --- import dataSearchObj from './data_search.devdocs.json'; diff --git a/api_docs/data_usage.mdx b/api_docs/data_usage.mdx index a172adef631ab..306c297e9a5a8 100644 --- a/api_docs/data_usage.mdx +++ b/api_docs/data_usage.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dataUsage title: "dataUsage" image: https://source.unsplash.com/400x175/?github description: API docs for the dataUsage plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dataUsage'] --- import dataUsageObj from './data_usage.devdocs.json'; diff --git a/api_docs/data_view_editor.mdx b/api_docs/data_view_editor.mdx index df50945d1be02..9f8acea48defb 100644 --- a/api_docs/data_view_editor.mdx +++ b/api_docs/data_view_editor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dataViewEditor title: "dataViewEditor" image: https://source.unsplash.com/400x175/?github description: API docs for the dataViewEditor plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dataViewEditor'] --- import dataViewEditorObj from './data_view_editor.devdocs.json'; diff --git a/api_docs/data_view_field_editor.mdx b/api_docs/data_view_field_editor.mdx index 39cea276d52b4..95ad0787f1d23 100644 --- a/api_docs/data_view_field_editor.mdx +++ b/api_docs/data_view_field_editor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dataViewFieldEditor title: "dataViewFieldEditor" image: https://source.unsplash.com/400x175/?github description: API docs for the dataViewFieldEditor plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dataViewFieldEditor'] --- import dataViewFieldEditorObj from './data_view_field_editor.devdocs.json'; diff --git a/api_docs/data_view_management.mdx b/api_docs/data_view_management.mdx index 814c557ce7da7..a643b0d468b6a 100644 --- a/api_docs/data_view_management.mdx +++ b/api_docs/data_view_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dataViewManagement title: "dataViewManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the dataViewManagement plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dataViewManagement'] --- import dataViewManagementObj from './data_view_management.devdocs.json'; diff --git a/api_docs/data_views.mdx b/api_docs/data_views.mdx index 3dd815cee9ce6..926c0e0839a74 100644 --- a/api_docs/data_views.mdx +++ b/api_docs/data_views.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dataViews title: "dataViews" image: https://source.unsplash.com/400x175/?github description: API docs for the dataViews plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dataViews'] --- import dataViewsObj from './data_views.devdocs.json'; diff --git a/api_docs/data_visualizer.mdx b/api_docs/data_visualizer.mdx index b2797fd4b4211..9381e3d74657b 100644 --- a/api_docs/data_visualizer.mdx +++ b/api_docs/data_visualizer.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dataVisualizer title: "dataVisualizer" image: https://source.unsplash.com/400x175/?github description: API docs for the dataVisualizer plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dataVisualizer'] --- import dataVisualizerObj from './data_visualizer.devdocs.json'; diff --git a/api_docs/dataset_quality.devdocs.json b/api_docs/dataset_quality.devdocs.json index 817935610f576..6ab79f43aaa32 100644 --- a/api_docs/dataset_quality.devdocs.json +++ b/api_docs/dataset_quality.devdocs.json @@ -247,6 +247,30 @@ "DatasetQualityRouteHandlerResources", ", { integrations: ({ name: string; } & { title?: string | undefined; version?: string | undefined; icons?: ({ src: string; } & { path?: string | undefined; size?: string | undefined; title?: string | undefined; type?: string | undefined; })[] | undefined; datasets?: { [x: string]: string; } | undefined; })[]; }, ", "DatasetQualityRouteCreateOptions", + ">; \"GET /internal/dataset_quality/data_streams/{dataStream}/degraded_field/{degradedField}/analyze\": ", + { + "pluginId": "@kbn/server-route-repository-utils", + "scope": "common", + "docId": "kibKbnServerRouteRepositoryUtilsPluginApi", + "section": "def-common.ServerRoute", + "text": "ServerRoute" + }, + "<\"GET /internal/dataset_quality/data_streams/{dataStream}/degraded_field/{degradedField}/analyze\", ", + "TypeC", + "<{ path: ", + "TypeC", + "<{ dataStream: ", + "StringC", + "; degradedField: ", + "StringC", + "; }>; query: ", + "TypeC", + "<{ lastBackingIndex: ", + "StringC", + "; }>; }>, ", + "DatasetQualityRouteHandlerResources", + ", { isFieldLimitIssue: boolean; fieldCount: number; totalFieldLimit: number; } & { ignoreMalformed?: boolean | undefined; nestedFieldLimit?: number | undefined; fieldMapping?: { type?: string | undefined; ignore_above?: number | undefined; } | undefined; }, ", + "DatasetQualityRouteCreateOptions", ">; \"GET /internal/dataset_quality/data_streams/{dataStream}/settings\": ", { "pluginId": "@kbn/server-route-repository-utils", @@ -263,7 +287,7 @@ "StringC", "; }>; }>, ", "DatasetQualityRouteHandlerResources", - ", { createdOn?: number | null | undefined; integration?: string | undefined; datasetUserPrivileges?: ({ canMonitor: boolean; } & { canRead: boolean; canViewIntegrations: boolean; }) | undefined; }, ", + ", { lastBackingIndexName: string; } & { createdOn?: number | null | undefined; integration?: string | undefined; datasetUserPrivileges?: ({ canMonitor: boolean; } & { canRead: boolean; canViewIntegrations: boolean; }) | undefined; }, ", "DatasetQualityRouteCreateOptions", ">; \"GET /internal/dataset_quality/data_streams/{dataStream}/details\": ", { @@ -331,7 +355,7 @@ "Type", "; }>; }>, ", "DatasetQualityRouteHandlerResources", - ", { degradedFields: { name: string; count: number; lastOccurrence: number | null; timeSeries: { x: number; y: number; }[]; }[]; }, ", + ", { degradedFields: { name: string; count: number; lastOccurrence: number | null; timeSeries: { x: number; y: number; }[]; indexFieldWasLastPresentIn: string; }[]; }, ", "DatasetQualityRouteCreateOptions", ">; \"GET /internal/dataset_quality/data_streams/{dataStream}/non_aggregatable\": ", { @@ -524,6 +548,30 @@ "DatasetQualityRouteHandlerResources", ", { integrations: ({ name: string; } & { title?: string | undefined; version?: string | undefined; icons?: ({ src: string; } & { path?: string | undefined; size?: string | undefined; title?: string | undefined; type?: string | undefined; })[] | undefined; datasets?: { [x: string]: string; } | undefined; })[]; }, ", "DatasetQualityRouteCreateOptions", + ">; \"GET /internal/dataset_quality/data_streams/{dataStream}/degraded_field/{degradedField}/analyze\": ", + { + "pluginId": "@kbn/server-route-repository-utils", + "scope": "common", + "docId": "kibKbnServerRouteRepositoryUtilsPluginApi", + "section": "def-common.ServerRoute", + "text": "ServerRoute" + }, + "<\"GET /internal/dataset_quality/data_streams/{dataStream}/degraded_field/{degradedField}/analyze\", ", + "TypeC", + "<{ path: ", + "TypeC", + "<{ dataStream: ", + "StringC", + "; degradedField: ", + "StringC", + "; }>; query: ", + "TypeC", + "<{ lastBackingIndex: ", + "StringC", + "; }>; }>, ", + "DatasetQualityRouteHandlerResources", + ", { isFieldLimitIssue: boolean; fieldCount: number; totalFieldLimit: number; } & { ignoreMalformed?: boolean | undefined; nestedFieldLimit?: number | undefined; fieldMapping?: { type?: string | undefined; ignore_above?: number | undefined; } | undefined; }, ", + "DatasetQualityRouteCreateOptions", ">; \"GET /internal/dataset_quality/data_streams/{dataStream}/settings\": ", { "pluginId": "@kbn/server-route-repository-utils", @@ -540,7 +588,7 @@ "StringC", "; }>; }>, ", "DatasetQualityRouteHandlerResources", - ", { createdOn?: number | null | undefined; integration?: string | undefined; datasetUserPrivileges?: ({ canMonitor: boolean; } & { canRead: boolean; canViewIntegrations: boolean; }) | undefined; }, ", + ", { lastBackingIndexName: string; } & { createdOn?: number | null | undefined; integration?: string | undefined; datasetUserPrivileges?: ({ canMonitor: boolean; } & { canRead: boolean; canViewIntegrations: boolean; }) | undefined; }, ", "DatasetQualityRouteCreateOptions", ">; \"GET /internal/dataset_quality/data_streams/{dataStream}/details\": ", { @@ -608,7 +656,7 @@ "Type", "; }>; }>, ", "DatasetQualityRouteHandlerResources", - ", { degradedFields: { name: string; count: number; lastOccurrence: number | null; timeSeries: { x: number; y: number; }[]; }[]; }, ", + ", { degradedFields: { name: string; count: number; lastOccurrence: number | null; timeSeries: { x: number; y: number; }[]; indexFieldWasLastPresentIn: string; }[]; }, ", "DatasetQualityRouteCreateOptions", ">; \"GET /internal/dataset_quality/data_streams/{dataStream}/non_aggregatable\": ", { diff --git a/api_docs/dataset_quality.mdx b/api_docs/dataset_quality.mdx index 2cfe503e4b55c..a2cd0ee48742c 100644 --- a/api_docs/dataset_quality.mdx +++ b/api_docs/dataset_quality.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/datasetQuality title: "datasetQuality" image: https://source.unsplash.com/400x175/?github description: API docs for the datasetQuality plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'datasetQuality'] --- import datasetQualityObj from './dataset_quality.devdocs.json'; diff --git a/api_docs/deprecations_by_api.mdx b/api_docs/deprecations_by_api.mdx index 729b0c30a4395..60a62994c6e20 100644 --- a/api_docs/deprecations_by_api.mdx +++ b/api_docs/deprecations_by_api.mdx @@ -7,7 +7,7 @@ id: kibDevDocsDeprecationsByApi slug: /kibana-dev-docs/api-meta/deprecated-api-list-by-api title: Deprecated API usage by API description: A list of deprecated APIs, which plugins are still referencing them, and when they need to be removed by. -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana'] --- diff --git a/api_docs/deprecations_by_plugin.mdx b/api_docs/deprecations_by_plugin.mdx index 1db2f2d0ce389..6bb8558a96bc5 100644 --- a/api_docs/deprecations_by_plugin.mdx +++ b/api_docs/deprecations_by_plugin.mdx @@ -7,7 +7,7 @@ id: kibDevDocsDeprecationsByPlugin slug: /kibana-dev-docs/api-meta/deprecated-api-list-by-plugin title: Deprecated API usage by plugin description: A list of deprecated APIs, which plugins are still referencing them, and when they need to be removed by. -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana'] --- diff --git a/api_docs/deprecations_by_team.mdx b/api_docs/deprecations_by_team.mdx index 4ec4ec68ea47b..548814bd617da 100644 --- a/api_docs/deprecations_by_team.mdx +++ b/api_docs/deprecations_by_team.mdx @@ -7,7 +7,7 @@ id: kibDevDocsDeprecationsDueByTeam slug: /kibana-dev-docs/api-meta/deprecations-due-by-team title: Deprecated APIs due to be removed, by team description: Lists the teams that are referencing deprecated APIs with a remove by date. -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana'] --- diff --git a/api_docs/dev_tools.mdx b/api_docs/dev_tools.mdx index 44ee6a451149f..9341a3a546473 100644 --- a/api_docs/dev_tools.mdx +++ b/api_docs/dev_tools.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/devTools title: "devTools" image: https://source.unsplash.com/400x175/?github description: API docs for the devTools plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'devTools'] --- import devToolsObj from './dev_tools.devdocs.json'; diff --git a/api_docs/discover.mdx b/api_docs/discover.mdx index f0db0bd34bccb..f7dd22338abab 100644 --- a/api_docs/discover.mdx +++ b/api_docs/discover.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/discover title: "discover" image: https://source.unsplash.com/400x175/?github description: API docs for the discover plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'discover'] --- import discoverObj from './discover.devdocs.json'; diff --git a/api_docs/discover_enhanced.mdx b/api_docs/discover_enhanced.mdx index 525d999a8d95d..0a74498268f08 100644 --- a/api_docs/discover_enhanced.mdx +++ b/api_docs/discover_enhanced.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/discoverEnhanced title: "discoverEnhanced" image: https://source.unsplash.com/400x175/?github description: API docs for the discoverEnhanced plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'discoverEnhanced'] --- import discoverEnhancedObj from './discover_enhanced.devdocs.json'; diff --git a/api_docs/discover_shared.mdx b/api_docs/discover_shared.mdx index 4a90a24289959..a59e1b9419824 100644 --- a/api_docs/discover_shared.mdx +++ b/api_docs/discover_shared.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/discoverShared title: "discoverShared" image: https://source.unsplash.com/400x175/?github description: API docs for the discoverShared plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'discoverShared'] --- import discoverSharedObj from './discover_shared.devdocs.json'; diff --git a/api_docs/ecs_data_quality_dashboard.mdx b/api_docs/ecs_data_quality_dashboard.mdx index 4303d84b14e4c..8828fd30bb3e2 100644 --- a/api_docs/ecs_data_quality_dashboard.mdx +++ b/api_docs/ecs_data_quality_dashboard.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/ecsDataQualityDashboard title: "ecsDataQualityDashboard" image: https://source.unsplash.com/400x175/?github description: API docs for the ecsDataQualityDashboard plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'ecsDataQualityDashboard'] --- import ecsDataQualityDashboardObj from './ecs_data_quality_dashboard.devdocs.json'; diff --git a/api_docs/elastic_assistant.mdx b/api_docs/elastic_assistant.mdx index 0280bbfb271f4..1a24dd2d21f34 100644 --- a/api_docs/elastic_assistant.mdx +++ b/api_docs/elastic_assistant.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/elasticAssistant title: "elasticAssistant" image: https://source.unsplash.com/400x175/?github description: API docs for the elasticAssistant plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'elasticAssistant'] --- import elasticAssistantObj from './elastic_assistant.devdocs.json'; diff --git a/api_docs/embeddable.mdx b/api_docs/embeddable.mdx index 9ff0984900070..e1ef54537150e 100644 --- a/api_docs/embeddable.mdx +++ b/api_docs/embeddable.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/embeddable title: "embeddable" image: https://source.unsplash.com/400x175/?github description: API docs for the embeddable plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'embeddable'] --- import embeddableObj from './embeddable.devdocs.json'; diff --git a/api_docs/embeddable_enhanced.mdx b/api_docs/embeddable_enhanced.mdx index d52fdbe1267c0..6aac435fdba7d 100644 --- a/api_docs/embeddable_enhanced.mdx +++ b/api_docs/embeddable_enhanced.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/embeddableEnhanced title: "embeddableEnhanced" image: https://source.unsplash.com/400x175/?github description: API docs for the embeddableEnhanced plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'embeddableEnhanced'] --- import embeddableEnhancedObj from './embeddable_enhanced.devdocs.json'; diff --git a/api_docs/encrypted_saved_objects.mdx b/api_docs/encrypted_saved_objects.mdx index 94bd7bc445efe..32d991c5fd8ff 100644 --- a/api_docs/encrypted_saved_objects.mdx +++ b/api_docs/encrypted_saved_objects.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/encryptedSavedObjects title: "encryptedSavedObjects" image: https://source.unsplash.com/400x175/?github description: API docs for the encryptedSavedObjects plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'encryptedSavedObjects'] --- import encryptedSavedObjectsObj from './encrypted_saved_objects.devdocs.json'; diff --git a/api_docs/enterprise_search.mdx b/api_docs/enterprise_search.mdx index 8057aa2cd5645..8c1079871270b 100644 --- a/api_docs/enterprise_search.mdx +++ b/api_docs/enterprise_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/enterpriseSearch title: "enterpriseSearch" image: https://source.unsplash.com/400x175/?github description: API docs for the enterpriseSearch plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'enterpriseSearch'] --- import enterpriseSearchObj from './enterprise_search.devdocs.json'; diff --git a/api_docs/entities_data_access.mdx b/api_docs/entities_data_access.mdx index 1d372538e5224..6637fca0181ec 100644 --- a/api_docs/entities_data_access.mdx +++ b/api_docs/entities_data_access.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/entitiesDataAccess title: "entitiesDataAccess" image: https://source.unsplash.com/400x175/?github description: API docs for the entitiesDataAccess plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'entitiesDataAccess'] --- import entitiesDataAccessObj from './entities_data_access.devdocs.json'; diff --git a/api_docs/entity_manager.mdx b/api_docs/entity_manager.mdx index 990b35fb648ab..38e4962ebb7e4 100644 --- a/api_docs/entity_manager.mdx +++ b/api_docs/entity_manager.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/entityManager title: "entityManager" image: https://source.unsplash.com/400x175/?github description: API docs for the entityManager plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'entityManager'] --- import entityManagerObj from './entity_manager.devdocs.json'; diff --git a/api_docs/es_ui_shared.mdx b/api_docs/es_ui_shared.mdx index 1bbfb2f76956e..88cc420d938ee 100644 --- a/api_docs/es_ui_shared.mdx +++ b/api_docs/es_ui_shared.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/esUiShared title: "esUiShared" image: https://source.unsplash.com/400x175/?github description: API docs for the esUiShared plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'esUiShared'] --- import esUiSharedObj from './es_ui_shared.devdocs.json'; diff --git a/api_docs/esql.mdx b/api_docs/esql.mdx index 48494981242ad..9bfcf66024269 100644 --- a/api_docs/esql.mdx +++ b/api_docs/esql.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/esql title: "esql" image: https://source.unsplash.com/400x175/?github description: API docs for the esql plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'esql'] --- import esqlObj from './esql.devdocs.json'; diff --git a/api_docs/esql_data_grid.mdx b/api_docs/esql_data_grid.mdx index 6e6a4d638b2c3..1ef2d183619ef 100644 --- a/api_docs/esql_data_grid.mdx +++ b/api_docs/esql_data_grid.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/esqlDataGrid title: "esqlDataGrid" image: https://source.unsplash.com/400x175/?github description: API docs for the esqlDataGrid plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'esqlDataGrid'] --- import esqlDataGridObj from './esql_data_grid.devdocs.json'; diff --git a/api_docs/event_annotation.mdx b/api_docs/event_annotation.mdx index 3d9b954f39706..4384355292d29 100644 --- a/api_docs/event_annotation.mdx +++ b/api_docs/event_annotation.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/eventAnnotation title: "eventAnnotation" image: https://source.unsplash.com/400x175/?github description: API docs for the eventAnnotation plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'eventAnnotation'] --- import eventAnnotationObj from './event_annotation.devdocs.json'; diff --git a/api_docs/event_annotation_listing.mdx b/api_docs/event_annotation_listing.mdx index 6ba837632aa47..0761310b28dbc 100644 --- a/api_docs/event_annotation_listing.mdx +++ b/api_docs/event_annotation_listing.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/eventAnnotationListing title: "eventAnnotationListing" image: https://source.unsplash.com/400x175/?github description: API docs for the eventAnnotationListing plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'eventAnnotationListing'] --- import eventAnnotationListingObj from './event_annotation_listing.devdocs.json'; diff --git a/api_docs/event_log.mdx b/api_docs/event_log.mdx index cb209482ab81c..925cd20ff334a 100644 --- a/api_docs/event_log.mdx +++ b/api_docs/event_log.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/eventLog title: "eventLog" image: https://source.unsplash.com/400x175/?github description: API docs for the eventLog plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'eventLog'] --- import eventLogObj from './event_log.devdocs.json'; diff --git a/api_docs/exploratory_view.mdx b/api_docs/exploratory_view.mdx index 47aff5f3af9a3..2e75cbbd7d80e 100644 --- a/api_docs/exploratory_view.mdx +++ b/api_docs/exploratory_view.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/exploratoryView title: "exploratoryView" image: https://source.unsplash.com/400x175/?github description: API docs for the exploratoryView plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'exploratoryView'] --- import exploratoryViewObj from './exploratory_view.devdocs.json'; diff --git a/api_docs/expression_error.mdx b/api_docs/expression_error.mdx index 7a14273a66e82..3f79582aaa778 100644 --- a/api_docs/expression_error.mdx +++ b/api_docs/expression_error.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionError title: "expressionError" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionError plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionError'] --- import expressionErrorObj from './expression_error.devdocs.json'; diff --git a/api_docs/expression_gauge.mdx b/api_docs/expression_gauge.mdx index e26c4af702924..cefe9169aa96d 100644 --- a/api_docs/expression_gauge.mdx +++ b/api_docs/expression_gauge.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionGauge title: "expressionGauge" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionGauge plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionGauge'] --- import expressionGaugeObj from './expression_gauge.devdocs.json'; diff --git a/api_docs/expression_heatmap.mdx b/api_docs/expression_heatmap.mdx index a7674d54f7c01..39c07890816dc 100644 --- a/api_docs/expression_heatmap.mdx +++ b/api_docs/expression_heatmap.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionHeatmap title: "expressionHeatmap" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionHeatmap plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionHeatmap'] --- import expressionHeatmapObj from './expression_heatmap.devdocs.json'; diff --git a/api_docs/expression_image.mdx b/api_docs/expression_image.mdx index a00dcb5e75742..6a193f2ecf48e 100644 --- a/api_docs/expression_image.mdx +++ b/api_docs/expression_image.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionImage title: "expressionImage" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionImage plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionImage'] --- import expressionImageObj from './expression_image.devdocs.json'; diff --git a/api_docs/expression_legacy_metric_vis.mdx b/api_docs/expression_legacy_metric_vis.mdx index f84ca7620bbc4..6a9ad118682e4 100644 --- a/api_docs/expression_legacy_metric_vis.mdx +++ b/api_docs/expression_legacy_metric_vis.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionLegacyMetricVis title: "expressionLegacyMetricVis" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionLegacyMetricVis plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionLegacyMetricVis'] --- import expressionLegacyMetricVisObj from './expression_legacy_metric_vis.devdocs.json'; diff --git a/api_docs/expression_metric.mdx b/api_docs/expression_metric.mdx index f2adbad2562c2..e58bd9b81ffd3 100644 --- a/api_docs/expression_metric.mdx +++ b/api_docs/expression_metric.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionMetric title: "expressionMetric" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionMetric plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionMetric'] --- import expressionMetricObj from './expression_metric.devdocs.json'; diff --git a/api_docs/expression_metric_vis.mdx b/api_docs/expression_metric_vis.mdx index 7ba29c0beb14c..193be80a6a3cd 100644 --- a/api_docs/expression_metric_vis.mdx +++ b/api_docs/expression_metric_vis.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionMetricVis title: "expressionMetricVis" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionMetricVis plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionMetricVis'] --- import expressionMetricVisObj from './expression_metric_vis.devdocs.json'; diff --git a/api_docs/expression_partition_vis.mdx b/api_docs/expression_partition_vis.mdx index 340f75a503925..4c23876ee5e74 100644 --- a/api_docs/expression_partition_vis.mdx +++ b/api_docs/expression_partition_vis.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionPartitionVis title: "expressionPartitionVis" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionPartitionVis plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionPartitionVis'] --- import expressionPartitionVisObj from './expression_partition_vis.devdocs.json'; diff --git a/api_docs/expression_repeat_image.mdx b/api_docs/expression_repeat_image.mdx index 14ea2b7c455b0..35d0f14d693ea 100644 --- a/api_docs/expression_repeat_image.mdx +++ b/api_docs/expression_repeat_image.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionRepeatImage title: "expressionRepeatImage" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionRepeatImage plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionRepeatImage'] --- import expressionRepeatImageObj from './expression_repeat_image.devdocs.json'; diff --git a/api_docs/expression_reveal_image.mdx b/api_docs/expression_reveal_image.mdx index e3ba508a582d2..be3f26a550a78 100644 --- a/api_docs/expression_reveal_image.mdx +++ b/api_docs/expression_reveal_image.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionRevealImage title: "expressionRevealImage" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionRevealImage plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionRevealImage'] --- import expressionRevealImageObj from './expression_reveal_image.devdocs.json'; diff --git a/api_docs/expression_shape.mdx b/api_docs/expression_shape.mdx index 55eec3863be04..ae7987bb3288b 100644 --- a/api_docs/expression_shape.mdx +++ b/api_docs/expression_shape.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionShape title: "expressionShape" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionShape plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionShape'] --- import expressionShapeObj from './expression_shape.devdocs.json'; diff --git a/api_docs/expression_tagcloud.mdx b/api_docs/expression_tagcloud.mdx index 8fd26db8f0e5c..569e397030210 100644 --- a/api_docs/expression_tagcloud.mdx +++ b/api_docs/expression_tagcloud.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionTagcloud title: "expressionTagcloud" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionTagcloud plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionTagcloud'] --- import expressionTagcloudObj from './expression_tagcloud.devdocs.json'; diff --git a/api_docs/expression_x_y.mdx b/api_docs/expression_x_y.mdx index e990ee31de192..e5f9e07423ec1 100644 --- a/api_docs/expression_x_y.mdx +++ b/api_docs/expression_x_y.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionXY title: "expressionXY" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionXY plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionXY'] --- import expressionXYObj from './expression_x_y.devdocs.json'; diff --git a/api_docs/expressions.mdx b/api_docs/expressions.mdx index 44a1a8b943ace..c836fbb2098cf 100644 --- a/api_docs/expressions.mdx +++ b/api_docs/expressions.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressions title: "expressions" image: https://source.unsplash.com/400x175/?github description: API docs for the expressions plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressions'] --- import expressionsObj from './expressions.devdocs.json'; diff --git a/api_docs/features.mdx b/api_docs/features.mdx index 74a97fb68e421..2abc629187d3c 100644 --- a/api_docs/features.mdx +++ b/api_docs/features.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/features title: "features" image: https://source.unsplash.com/400x175/?github description: API docs for the features plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'features'] --- import featuresObj from './features.devdocs.json'; diff --git a/api_docs/field_formats.mdx b/api_docs/field_formats.mdx index 8a3bda7681d8a..4a503e599e61a 100644 --- a/api_docs/field_formats.mdx +++ b/api_docs/field_formats.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/fieldFormats title: "fieldFormats" image: https://source.unsplash.com/400x175/?github description: API docs for the fieldFormats plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'fieldFormats'] --- import fieldFormatsObj from './field_formats.devdocs.json'; diff --git a/api_docs/fields_metadata.mdx b/api_docs/fields_metadata.mdx index edfeefb1800f1..2e9c817b8a984 100644 --- a/api_docs/fields_metadata.mdx +++ b/api_docs/fields_metadata.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/fieldsMetadata title: "fieldsMetadata" image: https://source.unsplash.com/400x175/?github description: API docs for the fieldsMetadata plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'fieldsMetadata'] --- import fieldsMetadataObj from './fields_metadata.devdocs.json'; diff --git a/api_docs/file_upload.mdx b/api_docs/file_upload.mdx index a2586aaff889f..58bdd8b478da4 100644 --- a/api_docs/file_upload.mdx +++ b/api_docs/file_upload.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/fileUpload title: "fileUpload" image: https://source.unsplash.com/400x175/?github description: API docs for the fileUpload plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'fileUpload'] --- import fileUploadObj from './file_upload.devdocs.json'; diff --git a/api_docs/files.mdx b/api_docs/files.mdx index f752813dd7399..59108ca4fe858 100644 --- a/api_docs/files.mdx +++ b/api_docs/files.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/files title: "files" image: https://source.unsplash.com/400x175/?github description: API docs for the files plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'files'] --- import filesObj from './files.devdocs.json'; diff --git a/api_docs/files_management.mdx b/api_docs/files_management.mdx index 5cddc43fcee0a..f3306519a7386 100644 --- a/api_docs/files_management.mdx +++ b/api_docs/files_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/filesManagement title: "filesManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the filesManagement plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'filesManagement'] --- import filesManagementObj from './files_management.devdocs.json'; diff --git a/api_docs/fleet.mdx b/api_docs/fleet.mdx index 2f4806c2ef2c6..0813e0f134b8c 100644 --- a/api_docs/fleet.mdx +++ b/api_docs/fleet.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/fleet title: "fleet" image: https://source.unsplash.com/400x175/?github description: API docs for the fleet plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'fleet'] --- import fleetObj from './fleet.devdocs.json'; diff --git a/api_docs/global_search.mdx b/api_docs/global_search.mdx index 49959a0353c56..8dabf285b6422 100644 --- a/api_docs/global_search.mdx +++ b/api_docs/global_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/globalSearch title: "globalSearch" image: https://source.unsplash.com/400x175/?github description: API docs for the globalSearch plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'globalSearch'] --- import globalSearchObj from './global_search.devdocs.json'; diff --git a/api_docs/guided_onboarding.mdx b/api_docs/guided_onboarding.mdx index 26f6452528dde..50a5944ad6aaf 100644 --- a/api_docs/guided_onboarding.mdx +++ b/api_docs/guided_onboarding.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/guidedOnboarding title: "guidedOnboarding" image: https://source.unsplash.com/400x175/?github description: API docs for the guidedOnboarding plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'guidedOnboarding'] --- import guidedOnboardingObj from './guided_onboarding.devdocs.json'; diff --git a/api_docs/home.mdx b/api_docs/home.mdx index a4b712e5fecba..c33ef2c975d72 100644 --- a/api_docs/home.mdx +++ b/api_docs/home.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/home title: "home" image: https://source.unsplash.com/400x175/?github description: API docs for the home plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'home'] --- import homeObj from './home.devdocs.json'; diff --git a/api_docs/image_embeddable.mdx b/api_docs/image_embeddable.mdx index dc53092e430d7..4ab6f5400c67e 100644 --- a/api_docs/image_embeddable.mdx +++ b/api_docs/image_embeddable.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/imageEmbeddable title: "imageEmbeddable" image: https://source.unsplash.com/400x175/?github description: API docs for the imageEmbeddable plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'imageEmbeddable'] --- import imageEmbeddableObj from './image_embeddable.devdocs.json'; diff --git a/api_docs/index_lifecycle_management.mdx b/api_docs/index_lifecycle_management.mdx index f4555718e2b3b..587efefc1b264 100644 --- a/api_docs/index_lifecycle_management.mdx +++ b/api_docs/index_lifecycle_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/indexLifecycleManagement title: "indexLifecycleManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the indexLifecycleManagement plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'indexLifecycleManagement'] --- import indexLifecycleManagementObj from './index_lifecycle_management.devdocs.json'; diff --git a/api_docs/index_management.mdx b/api_docs/index_management.mdx index 8abeb2ef82800..059e0774ecc71 100644 --- a/api_docs/index_management.mdx +++ b/api_docs/index_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/indexManagement title: "indexManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the indexManagement plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'indexManagement'] --- import indexManagementObj from './index_management.devdocs.json'; diff --git a/api_docs/inference.mdx b/api_docs/inference.mdx index b7a711f2fc480..11fd265859c83 100644 --- a/api_docs/inference.mdx +++ b/api_docs/inference.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/inference title: "inference" image: https://source.unsplash.com/400x175/?github description: API docs for the inference plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'inference'] --- import inferenceObj from './inference.devdocs.json'; diff --git a/api_docs/infra.devdocs.json b/api_docs/infra.devdocs.json index 45fef4d09c08d..550f704efb515 100644 --- a/api_docs/infra.devdocs.json +++ b/api_docs/infra.devdocs.json @@ -272,6 +272,26 @@ "trackAdoption": false, "children": [], "returnComment": [] + }, + { + "parentPluginId": "infra", + "id": "def-server.InfraRequestHandlerContext.entityManager", + "type": "Object", + "tags": [], + "label": "entityManager", + "description": [], + "signature": [ + { + "pluginId": "entityManager", + "scope": "server", + "docId": "kibEntityManagerPluginApi", + "section": "def-server.EntityManagerServerPluginStart", + "text": "EntityManagerServerPluginStart" + } + ], + "path": "x-pack/plugins/observability_solution/infra/server/types.ts", + "deprecated": false, + "trackAdoption": false } ], "initialIsOpen": false diff --git a/api_docs/infra.mdx b/api_docs/infra.mdx index 2b271137a770b..5bb7ee8008f10 100644 --- a/api_docs/infra.mdx +++ b/api_docs/infra.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/infra title: "infra" image: https://source.unsplash.com/400x175/?github description: API docs for the infra plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'infra'] --- import infraObj from './infra.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/obs-ux-logs-team](https://github.com/orgs/elastic/teams/obs-ux | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 23 | 0 | 23 | 5 | +| 24 | 0 | 24 | 5 | ## Client diff --git a/api_docs/ingest_pipelines.mdx b/api_docs/ingest_pipelines.mdx index f28c47b2cff0d..6efd12d5db2bf 100644 --- a/api_docs/ingest_pipelines.mdx +++ b/api_docs/ingest_pipelines.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/ingestPipelines title: "ingestPipelines" image: https://source.unsplash.com/400x175/?github description: API docs for the ingestPipelines plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'ingestPipelines'] --- import ingestPipelinesObj from './ingest_pipelines.devdocs.json'; diff --git a/api_docs/inspector.mdx b/api_docs/inspector.mdx index 73c2b2f5f1f3f..ec1ac65290ecd 100644 --- a/api_docs/inspector.mdx +++ b/api_docs/inspector.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/inspector title: "inspector" image: https://source.unsplash.com/400x175/?github description: API docs for the inspector plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'inspector'] --- import inspectorObj from './inspector.devdocs.json'; diff --git a/api_docs/integration_assistant.mdx b/api_docs/integration_assistant.mdx index 3c50de589f2e1..295db0c7353ac 100644 --- a/api_docs/integration_assistant.mdx +++ b/api_docs/integration_assistant.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/integrationAssistant title: "integrationAssistant" image: https://source.unsplash.com/400x175/?github description: API docs for the integrationAssistant plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'integrationAssistant'] --- import integrationAssistantObj from './integration_assistant.devdocs.json'; diff --git a/api_docs/interactive_setup.mdx b/api_docs/interactive_setup.mdx index e9d938a736fe2..15cb61644e656 100644 --- a/api_docs/interactive_setup.mdx +++ b/api_docs/interactive_setup.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/interactiveSetup title: "interactiveSetup" image: https://source.unsplash.com/400x175/?github description: API docs for the interactiveSetup plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'interactiveSetup'] --- import interactiveSetupObj from './interactive_setup.devdocs.json'; diff --git a/api_docs/inventory.mdx b/api_docs/inventory.mdx index dacc695223374..e26ad4c51d265 100644 --- a/api_docs/inventory.mdx +++ b/api_docs/inventory.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/inventory title: "inventory" image: https://source.unsplash.com/400x175/?github description: API docs for the inventory plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'inventory'] --- import inventoryObj from './inventory.devdocs.json'; diff --git a/api_docs/investigate.mdx b/api_docs/investigate.mdx index 33632f679b265..b537cf96d5d63 100644 --- a/api_docs/investigate.mdx +++ b/api_docs/investigate.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/investigate title: "investigate" image: https://source.unsplash.com/400x175/?github description: API docs for the investigate plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'investigate'] --- import investigateObj from './investigate.devdocs.json'; diff --git a/api_docs/investigate_app.devdocs.json b/api_docs/investigate_app.devdocs.json index 87c8a1b67033f..7a64341aac333 100644 --- a/api_docs/investigate_app.devdocs.json +++ b/api_docs/investigate_app.devdocs.json @@ -74,6 +74,18 @@ "InvestigateAppRouteHandlerResources", ", { count: Partial>; total: number; }, ", "InvestigateAppRouteCreateOptions", + ">; \"GET /api/observability/investigation/entities 2023-10-31\": ", + { + "pluginId": "@kbn/server-route-repository-utils", + "scope": "common", + "docId": "kibKbnServerRouteRepositoryUtilsPluginApi", + "section": "def-common.ServerRoute", + "text": "ServerRoute" + }, + "<\"GET /api/observability/investigation/entities 2023-10-31\", Zod.ZodObject<{ query: Zod.ZodOptional; 'service.environment': Zod.ZodOptional; 'host.name': Zod.ZodOptional; 'container.id': Zod.ZodOptional; }, \"strip\", Zod.ZodTypeAny, { 'container.id'?: string | undefined; 'host.name'?: string | undefined; 'service.environment'?: string | undefined; 'service.name'?: string | undefined; }, { 'container.id'?: string | undefined; 'host.name'?: string | undefined; 'service.environment'?: string | undefined; 'service.name'?: string | undefined; }>>; }, \"strip\", Zod.ZodTypeAny, { query?: { 'container.id'?: string | undefined; 'host.name'?: string | undefined; 'service.environment'?: string | undefined; 'service.name'?: string | undefined; } | undefined; }, { query?: { 'container.id'?: string | undefined; 'host.name'?: string | undefined; 'service.environment'?: string | undefined; 'service.name'?: string | undefined; } | undefined; }>, ", + "InvestigateAppRouteHandlerResources", + ", { entities: ({ id: string; type: string; metrics: { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logRate?: number | undefined; logErrorRate?: number | undefined; }; displayName: string; identityFields: string[]; definitionId: string; definitionVersion: string; firstSeenTimestamp: string; lastSeenTimestamp: string; schemaVersion: string; } & { sources: { dataStream?: string | undefined; }[]; })[]; }, ", + "InvestigateAppRouteCreateOptions", ">; \"GET /api/observability/events 2023-10-31\": ", { "pluginId": "@kbn/server-route-repository-utils", diff --git a/api_docs/investigate_app.mdx b/api_docs/investigate_app.mdx index 2135d95473d42..7911a4c02bd51 100644 --- a/api_docs/investigate_app.mdx +++ b/api_docs/investigate_app.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/investigateApp title: "investigateApp" image: https://source.unsplash.com/400x175/?github description: API docs for the investigateApp plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'investigateApp'] --- import investigateAppObj from './investigate_app.devdocs.json'; diff --git a/api_docs/kbn_ace.mdx b/api_docs/kbn_ace.mdx index a443d0942e66d..a51ef3337770f 100644 --- a/api_docs/kbn_ace.mdx +++ b/api_docs/kbn_ace.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ace title: "@kbn/ace" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ace plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ace'] --- import kbnAceObj from './kbn_ace.devdocs.json'; diff --git a/api_docs/kbn_actions_types.mdx b/api_docs/kbn_actions_types.mdx index b063620efea76..dd32f491aa3e3 100644 --- a/api_docs/kbn_actions_types.mdx +++ b/api_docs/kbn_actions_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-actions-types title: "@kbn/actions-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/actions-types plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/actions-types'] --- import kbnActionsTypesObj from './kbn_actions_types.devdocs.json'; diff --git a/api_docs/kbn_aiops_components.mdx b/api_docs/kbn_aiops_components.mdx index d8feef68a5243..4c993279cf8e5 100644 --- a/api_docs/kbn_aiops_components.mdx +++ b/api_docs/kbn_aiops_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-aiops-components title: "@kbn/aiops-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/aiops-components plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/aiops-components'] --- import kbnAiopsComponentsObj from './kbn_aiops_components.devdocs.json'; diff --git a/api_docs/kbn_aiops_log_pattern_analysis.mdx b/api_docs/kbn_aiops_log_pattern_analysis.mdx index 3ca55896d41f4..40e2b1921fb9c 100644 --- a/api_docs/kbn_aiops_log_pattern_analysis.mdx +++ b/api_docs/kbn_aiops_log_pattern_analysis.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-aiops-log-pattern-analysis title: "@kbn/aiops-log-pattern-analysis" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/aiops-log-pattern-analysis plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/aiops-log-pattern-analysis'] --- import kbnAiopsLogPatternAnalysisObj from './kbn_aiops_log_pattern_analysis.devdocs.json'; diff --git a/api_docs/kbn_aiops_log_rate_analysis.mdx b/api_docs/kbn_aiops_log_rate_analysis.mdx index 635f5b6a43f3e..55027ec743a0c 100644 --- a/api_docs/kbn_aiops_log_rate_analysis.mdx +++ b/api_docs/kbn_aiops_log_rate_analysis.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-aiops-log-rate-analysis title: "@kbn/aiops-log-rate-analysis" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/aiops-log-rate-analysis plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/aiops-log-rate-analysis'] --- import kbnAiopsLogRateAnalysisObj from './kbn_aiops_log_rate_analysis.devdocs.json'; diff --git a/api_docs/kbn_alerting_api_integration_helpers.mdx b/api_docs/kbn_alerting_api_integration_helpers.mdx index b68f33aa73072..4e37bddc160ac 100644 --- a/api_docs/kbn_alerting_api_integration_helpers.mdx +++ b/api_docs/kbn_alerting_api_integration_helpers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-alerting-api-integration-helpers title: "@kbn/alerting-api-integration-helpers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/alerting-api-integration-helpers plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/alerting-api-integration-helpers'] --- import kbnAlertingApiIntegrationHelpersObj from './kbn_alerting_api_integration_helpers.devdocs.json'; diff --git a/api_docs/kbn_alerting_comparators.mdx b/api_docs/kbn_alerting_comparators.mdx index 5e3cf95490143..61cb6857875d4 100644 --- a/api_docs/kbn_alerting_comparators.mdx +++ b/api_docs/kbn_alerting_comparators.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-alerting-comparators title: "@kbn/alerting-comparators" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/alerting-comparators plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/alerting-comparators'] --- import kbnAlertingComparatorsObj from './kbn_alerting_comparators.devdocs.json'; diff --git a/api_docs/kbn_alerting_state_types.mdx b/api_docs/kbn_alerting_state_types.mdx index a58432f003c95..b29ff94f046ec 100644 --- a/api_docs/kbn_alerting_state_types.mdx +++ b/api_docs/kbn_alerting_state_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-alerting-state-types title: "@kbn/alerting-state-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/alerting-state-types plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/alerting-state-types'] --- import kbnAlertingStateTypesObj from './kbn_alerting_state_types.devdocs.json'; diff --git a/api_docs/kbn_alerting_types.mdx b/api_docs/kbn_alerting_types.mdx index 83b81b144f3a2..6c36e3f408ce2 100644 --- a/api_docs/kbn_alerting_types.mdx +++ b/api_docs/kbn_alerting_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-alerting-types title: "@kbn/alerting-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/alerting-types plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/alerting-types'] --- import kbnAlertingTypesObj from './kbn_alerting_types.devdocs.json'; diff --git a/api_docs/kbn_alerts_as_data_utils.mdx b/api_docs/kbn_alerts_as_data_utils.mdx index d4745fe6f4949..f4e058d7eddbb 100644 --- a/api_docs/kbn_alerts_as_data_utils.mdx +++ b/api_docs/kbn_alerts_as_data_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-alerts-as-data-utils title: "@kbn/alerts-as-data-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/alerts-as-data-utils plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/alerts-as-data-utils'] --- import kbnAlertsAsDataUtilsObj from './kbn_alerts_as_data_utils.devdocs.json'; diff --git a/api_docs/kbn_alerts_grouping.mdx b/api_docs/kbn_alerts_grouping.mdx index de54cdb9aee7e..f4d6cc1fcb756 100644 --- a/api_docs/kbn_alerts_grouping.mdx +++ b/api_docs/kbn_alerts_grouping.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-alerts-grouping title: "@kbn/alerts-grouping" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/alerts-grouping plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/alerts-grouping'] --- import kbnAlertsGroupingObj from './kbn_alerts_grouping.devdocs.json'; diff --git a/api_docs/kbn_alerts_ui_shared.devdocs.json b/api_docs/kbn_alerts_ui_shared.devdocs.json index b2e1689c762f7..c30709ffb3dab 100644 --- a/api_docs/kbn_alerts_ui_shared.devdocs.json +++ b/api_docs/kbn_alerts_ui_shared.devdocs.json @@ -3602,6 +3602,20 @@ "path": "packages/kbn-alerts-ui-shared/src/alert_filter_controls/types.ts", "deprecated": false, "trackAdoption": false + }, + { + "parentPluginId": "@kbn/alerts-ui-shared", + "id": "def-public.FilterGroupProps.storageKey", + "type": "string", + "tags": [], + "label": "storageKey", + "description": [], + "signature": [ + "string | undefined" + ], + "path": "packages/kbn-alerts-ui-shared/src/alert_filter_controls/types.ts", + "deprecated": false, + "trackAdoption": false } ], "initialIsOpen": false diff --git a/api_docs/kbn_alerts_ui_shared.mdx b/api_docs/kbn_alerts_ui_shared.mdx index 3fc7fce41b21f..a7a739cc261de 100644 --- a/api_docs/kbn_alerts_ui_shared.mdx +++ b/api_docs/kbn_alerts_ui_shared.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-alerts-ui-shared title: "@kbn/alerts-ui-shared" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/alerts-ui-shared plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/alerts-ui-shared'] --- import kbnAlertsUiSharedObj from './kbn_alerts_ui_shared.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/response-ops](https://github.com/orgs/elastic/teams/response-o | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 317 | 0 | 301 | 8 | +| 318 | 0 | 302 | 8 | ## Client diff --git a/api_docs/kbn_analytics.mdx b/api_docs/kbn_analytics.mdx index e4cd4a2677cd1..cedd3ce3255c3 100644 --- a/api_docs/kbn_analytics.mdx +++ b/api_docs/kbn_analytics.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-analytics title: "@kbn/analytics" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/analytics plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/analytics'] --- import kbnAnalyticsObj from './kbn_analytics.devdocs.json'; diff --git a/api_docs/kbn_analytics_collection_utils.mdx b/api_docs/kbn_analytics_collection_utils.mdx index da77536b6b2ac..4baf9391721dd 100644 --- a/api_docs/kbn_analytics_collection_utils.mdx +++ b/api_docs/kbn_analytics_collection_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-analytics-collection-utils title: "@kbn/analytics-collection-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/analytics-collection-utils plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/analytics-collection-utils'] --- import kbnAnalyticsCollectionUtilsObj from './kbn_analytics_collection_utils.devdocs.json'; diff --git a/api_docs/kbn_apm_config_loader.mdx b/api_docs/kbn_apm_config_loader.mdx index 3e010184a80df..036e044c9e80a 100644 --- a/api_docs/kbn_apm_config_loader.mdx +++ b/api_docs/kbn_apm_config_loader.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-apm-config-loader title: "@kbn/apm-config-loader" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/apm-config-loader plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/apm-config-loader'] --- import kbnApmConfigLoaderObj from './kbn_apm_config_loader.devdocs.json'; diff --git a/api_docs/kbn_apm_data_view.mdx b/api_docs/kbn_apm_data_view.mdx index 4f20864f70f70..e2776e306a1d1 100644 --- a/api_docs/kbn_apm_data_view.mdx +++ b/api_docs/kbn_apm_data_view.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-apm-data-view title: "@kbn/apm-data-view" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/apm-data-view plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/apm-data-view'] --- import kbnApmDataViewObj from './kbn_apm_data_view.devdocs.json'; diff --git a/api_docs/kbn_apm_synthtrace.mdx b/api_docs/kbn_apm_synthtrace.mdx index d74003c322ff3..97e8e06fb824a 100644 --- a/api_docs/kbn_apm_synthtrace.mdx +++ b/api_docs/kbn_apm_synthtrace.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-apm-synthtrace title: "@kbn/apm-synthtrace" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/apm-synthtrace plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/apm-synthtrace'] --- import kbnApmSynthtraceObj from './kbn_apm_synthtrace.devdocs.json'; diff --git a/api_docs/kbn_apm_synthtrace_client.mdx b/api_docs/kbn_apm_synthtrace_client.mdx index 8f61abefc2eec..9ef517d0ad9c8 100644 --- a/api_docs/kbn_apm_synthtrace_client.mdx +++ b/api_docs/kbn_apm_synthtrace_client.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-apm-synthtrace-client title: "@kbn/apm-synthtrace-client" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/apm-synthtrace-client plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/apm-synthtrace-client'] --- import kbnApmSynthtraceClientObj from './kbn_apm_synthtrace_client.devdocs.json'; diff --git a/api_docs/kbn_apm_types.mdx b/api_docs/kbn_apm_types.mdx index 2bf08e4dc36b2..705bc0b07a33f 100644 --- a/api_docs/kbn_apm_types.mdx +++ b/api_docs/kbn_apm_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-apm-types title: "@kbn/apm-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/apm-types plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/apm-types'] --- import kbnApmTypesObj from './kbn_apm_types.devdocs.json'; diff --git a/api_docs/kbn_apm_utils.mdx b/api_docs/kbn_apm_utils.mdx index d542939c01359..16735aa99bfca 100644 --- a/api_docs/kbn_apm_utils.mdx +++ b/api_docs/kbn_apm_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-apm-utils title: "@kbn/apm-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/apm-utils plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/apm-utils'] --- import kbnApmUtilsObj from './kbn_apm_utils.devdocs.json'; diff --git a/api_docs/kbn_avc_banner.mdx b/api_docs/kbn_avc_banner.mdx index 21c100e0280aa..3ab2c9c1ce0c9 100644 --- a/api_docs/kbn_avc_banner.mdx +++ b/api_docs/kbn_avc_banner.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-avc-banner title: "@kbn/avc-banner" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/avc-banner plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/avc-banner'] --- import kbnAvcBannerObj from './kbn_avc_banner.devdocs.json'; diff --git a/api_docs/kbn_axe_config.mdx b/api_docs/kbn_axe_config.mdx index ede15e8bc1e03..691997dd7b0b5 100644 --- a/api_docs/kbn_axe_config.mdx +++ b/api_docs/kbn_axe_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-axe-config title: "@kbn/axe-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/axe-config plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/axe-config'] --- import kbnAxeConfigObj from './kbn_axe_config.devdocs.json'; diff --git a/api_docs/kbn_bfetch_error.mdx b/api_docs/kbn_bfetch_error.mdx index 9c0dd8c2a8afe..23d931d773fa3 100644 --- a/api_docs/kbn_bfetch_error.mdx +++ b/api_docs/kbn_bfetch_error.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-bfetch-error title: "@kbn/bfetch-error" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/bfetch-error plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/bfetch-error'] --- import kbnBfetchErrorObj from './kbn_bfetch_error.devdocs.json'; diff --git a/api_docs/kbn_calculate_auto.mdx b/api_docs/kbn_calculate_auto.mdx index 544646eb58bbe..1ee4785c9f87e 100644 --- a/api_docs/kbn_calculate_auto.mdx +++ b/api_docs/kbn_calculate_auto.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-calculate-auto title: "@kbn/calculate-auto" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/calculate-auto plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/calculate-auto'] --- import kbnCalculateAutoObj from './kbn_calculate_auto.devdocs.json'; diff --git a/api_docs/kbn_calculate_width_from_char_count.mdx b/api_docs/kbn_calculate_width_from_char_count.mdx index fe9060bd7fbad..0ce1cb15d1933 100644 --- a/api_docs/kbn_calculate_width_from_char_count.mdx +++ b/api_docs/kbn_calculate_width_from_char_count.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-calculate-width-from-char-count title: "@kbn/calculate-width-from-char-count" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/calculate-width-from-char-count plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/calculate-width-from-char-count'] --- import kbnCalculateWidthFromCharCountObj from './kbn_calculate_width_from_char_count.devdocs.json'; diff --git a/api_docs/kbn_cases_components.mdx b/api_docs/kbn_cases_components.mdx index 8ffb8b2e0e16d..17abbfc6d4162 100644 --- a/api_docs/kbn_cases_components.mdx +++ b/api_docs/kbn_cases_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-cases-components title: "@kbn/cases-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/cases-components plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/cases-components'] --- import kbnCasesComponentsObj from './kbn_cases_components.devdocs.json'; diff --git a/api_docs/kbn_cbor.mdx b/api_docs/kbn_cbor.mdx index c8e9719340d65..325d8ed0832e8 100644 --- a/api_docs/kbn_cbor.mdx +++ b/api_docs/kbn_cbor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-cbor title: "@kbn/cbor" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/cbor plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/cbor'] --- import kbnCborObj from './kbn_cbor.devdocs.json'; diff --git a/api_docs/kbn_cell_actions.mdx b/api_docs/kbn_cell_actions.mdx index 6e804fbd93b99..eef8608e787ea 100644 --- a/api_docs/kbn_cell_actions.mdx +++ b/api_docs/kbn_cell_actions.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-cell-actions title: "@kbn/cell-actions" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/cell-actions plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/cell-actions'] --- import kbnCellActionsObj from './kbn_cell_actions.devdocs.json'; diff --git a/api_docs/kbn_chart_expressions_common.mdx b/api_docs/kbn_chart_expressions_common.mdx index efb38723d7801..f9e52513846d6 100644 --- a/api_docs/kbn_chart_expressions_common.mdx +++ b/api_docs/kbn_chart_expressions_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-chart-expressions-common title: "@kbn/chart-expressions-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/chart-expressions-common plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/chart-expressions-common'] --- import kbnChartExpressionsCommonObj from './kbn_chart_expressions_common.devdocs.json'; diff --git a/api_docs/kbn_chart_icons.mdx b/api_docs/kbn_chart_icons.mdx index 79b5570202c55..139acf1155bb9 100644 --- a/api_docs/kbn_chart_icons.mdx +++ b/api_docs/kbn_chart_icons.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-chart-icons title: "@kbn/chart-icons" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/chart-icons plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/chart-icons'] --- import kbnChartIconsObj from './kbn_chart_icons.devdocs.json'; diff --git a/api_docs/kbn_ci_stats_core.mdx b/api_docs/kbn_ci_stats_core.mdx index 3c9460ca39478..4cef640fe6913 100644 --- a/api_docs/kbn_ci_stats_core.mdx +++ b/api_docs/kbn_ci_stats_core.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ci-stats-core title: "@kbn/ci-stats-core" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ci-stats-core plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ci-stats-core'] --- import kbnCiStatsCoreObj from './kbn_ci_stats_core.devdocs.json'; diff --git a/api_docs/kbn_ci_stats_performance_metrics.mdx b/api_docs/kbn_ci_stats_performance_metrics.mdx index e2413ab4a630d..897b58ab87b03 100644 --- a/api_docs/kbn_ci_stats_performance_metrics.mdx +++ b/api_docs/kbn_ci_stats_performance_metrics.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ci-stats-performance-metrics title: "@kbn/ci-stats-performance-metrics" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ci-stats-performance-metrics plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ci-stats-performance-metrics'] --- import kbnCiStatsPerformanceMetricsObj from './kbn_ci_stats_performance_metrics.devdocs.json'; diff --git a/api_docs/kbn_ci_stats_reporter.mdx b/api_docs/kbn_ci_stats_reporter.mdx index 4d9c0ec14fce3..2186a922d2ffd 100644 --- a/api_docs/kbn_ci_stats_reporter.mdx +++ b/api_docs/kbn_ci_stats_reporter.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ci-stats-reporter title: "@kbn/ci-stats-reporter" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ci-stats-reporter plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ci-stats-reporter'] --- import kbnCiStatsReporterObj from './kbn_ci_stats_reporter.devdocs.json'; diff --git a/api_docs/kbn_cli_dev_mode.mdx b/api_docs/kbn_cli_dev_mode.mdx index 2fac095dfb8c7..18b245f1b2402 100644 --- a/api_docs/kbn_cli_dev_mode.mdx +++ b/api_docs/kbn_cli_dev_mode.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-cli-dev-mode title: "@kbn/cli-dev-mode" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/cli-dev-mode plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/cli-dev-mode'] --- import kbnCliDevModeObj from './kbn_cli_dev_mode.devdocs.json'; diff --git a/api_docs/kbn_cloud_security_posture.devdocs.json b/api_docs/kbn_cloud_security_posture.devdocs.json index 4282c09f0c9a1..f4d09de3a48ad 100644 --- a/api_docs/kbn_cloud_security_posture.devdocs.json +++ b/api_docs/kbn_cloud_security_posture.devdocs.json @@ -102,6 +102,100 @@ "returnComment": [], "initialIsOpen": false }, + { + "parentPluginId": "@kbn/cloud-security-posture", + "id": "def-public.getSeverityStatusColor", + "type": "Function", + "tags": [], + "label": "getSeverityStatusColor", + "description": [], + "signature": [ + "(severity: ", + { + "pluginId": "@kbn/cloud-security-posture-common", + "scope": "common", + "docId": "kibKbnCloudSecurityPostureCommonPluginApi", + "section": "def-common.VulnSeverity", + "text": "VulnSeverity" + }, + ") => string" + ], + "path": "x-pack/packages/kbn-cloud-security-posture/src/utils/get_vulnerability_colors.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/cloud-security-posture", + "id": "def-public.getSeverityStatusColor.$1", + "type": "CompoundType", + "tags": [], + "label": "severity", + "description": [], + "signature": [ + { + "pluginId": "@kbn/cloud-security-posture-common", + "scope": "common", + "docId": "kibKbnCloudSecurityPostureCommonPluginApi", + "section": "def-common.VulnSeverity", + "text": "VulnSeverity" + } + ], + "path": "x-pack/packages/kbn-cloud-security-posture/src/utils/get_vulnerability_colors.ts", + "deprecated": false, + "trackAdoption": false, + "isRequired": true + } + ], + "returnComment": [], + "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/cloud-security-posture", + "id": "def-public.getSeverityText", + "type": "Function", + "tags": [], + "label": "getSeverityText", + "description": [], + "signature": [ + "(severity: ", + { + "pluginId": "@kbn/cloud-security-posture-common", + "scope": "common", + "docId": "kibKbnCloudSecurityPostureCommonPluginApi", + "section": "def-common.VulnSeverity", + "text": "VulnSeverity" + }, + ") => string" + ], + "path": "x-pack/packages/kbn-cloud-security-posture/src/utils/get_vulnerability_text.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/cloud-security-posture", + "id": "def-public.getSeverityText.$1", + "type": "CompoundType", + "tags": [], + "label": "severity", + "description": [], + "signature": [ + { + "pluginId": "@kbn/cloud-security-posture-common", + "scope": "common", + "docId": "kibKbnCloudSecurityPostureCommonPluginApi", + "section": "def-common.VulnSeverity", + "text": "VulnSeverity" + } + ], + "path": "x-pack/packages/kbn-cloud-security-posture/src/utils/get_vulnerability_text.ts", + "deprecated": false, + "trackAdoption": false, + "isRequired": true + } + ], + "returnComment": [], + "initialIsOpen": false + }, { "parentPluginId": "@kbn/cloud-security-posture", "id": "def-public.showErrorToast", @@ -166,6 +260,36 @@ } ], "interfaces": [ + { + "parentPluginId": "@kbn/cloud-security-posture", + "id": "def-public.CspBaseEsQuery", + "type": "Interface", + "tags": [], + "label": "CspBaseEsQuery", + "description": [], + "path": "x-pack/packages/kbn-cloud-security-posture/type.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/cloud-security-posture", + "id": "def-public.CspBaseEsQuery.query", + "type": "Object", + "tags": [], + "label": "query", + "description": [], + "signature": [ + "{ bool: { filter: ", + "QueryDslQueryContainer", + "[]; }; } | undefined" + ], + "path": "x-pack/packages/kbn-cloud-security-posture/type.ts", + "deprecated": false, + "trackAdoption": false + } + ], + "initialIsOpen": false + }, { "parentPluginId": "@kbn/cloud-security-posture", "id": "def-public.CspClientPluginStartDeps", @@ -671,56 +795,26 @@ }, { "parentPluginId": "@kbn/cloud-security-posture", - "id": "def-public.MisconfigurationBaseEsQuery", - "type": "Interface", - "tags": [], - "label": "MisconfigurationBaseEsQuery", - "description": [], - "path": "x-pack/packages/kbn-cloud-security-posture/type.ts", - "deprecated": false, - "trackAdoption": false, - "children": [ - { - "parentPluginId": "@kbn/cloud-security-posture", - "id": "def-public.MisconfigurationBaseEsQuery.query", - "type": "Object", - "tags": [], - "label": "query", - "description": [], - "signature": [ - "{ bool: { filter: ", - "QueryDslQueryContainer", - "[]; }; } | undefined" - ], - "path": "x-pack/packages/kbn-cloud-security-posture/type.ts", - "deprecated": false, - "trackAdoption": false - } - ], - "initialIsOpen": false - }, - { - "parentPluginId": "@kbn/cloud-security-posture", - "id": "def-public.UseMisconfigurationOptions", + "id": "def-public.UseCspOptions", "type": "Interface", "tags": [], - "label": "UseMisconfigurationOptions", + "label": "UseCspOptions", "description": [], "signature": [ { "pluginId": "@kbn/cloud-security-posture", "scope": "public", "docId": "kibKbnCloudSecurityPosturePluginApi", - "section": "def-public.UseMisconfigurationOptions", - "text": "UseMisconfigurationOptions" + "section": "def-public.UseCspOptions", + "text": "UseCspOptions" }, " extends ", { "pluginId": "@kbn/cloud-security-posture", "scope": "public", "docId": "kibKbnCloudSecurityPosturePluginApi", - "section": "def-public.MisconfigurationBaseEsQuery", - "text": "MisconfigurationBaseEsQuery" + "section": "def-public.CspBaseEsQuery", + "text": "CspBaseEsQuery" } ], "path": "x-pack/packages/kbn-cloud-security-posture/type.ts", @@ -729,7 +823,7 @@ "children": [ { "parentPluginId": "@kbn/cloud-security-posture", - "id": "def-public.UseMisconfigurationOptions.sort", + "id": "def-public.UseCspOptions.sort", "type": "Array", "tags": [], "label": "sort", @@ -743,7 +837,7 @@ }, { "parentPluginId": "@kbn/cloud-security-posture", - "id": "def-public.UseMisconfigurationOptions.enabled", + "id": "def-public.UseCspOptions.enabled", "type": "boolean", "tags": [], "label": "enabled", @@ -754,7 +848,7 @@ }, { "parentPluginId": "@kbn/cloud-security-posture", - "id": "def-public.UseMisconfigurationOptions.pageSize", + "id": "def-public.UseCspOptions.pageSize", "type": "number", "tags": [], "label": "pageSize", @@ -765,7 +859,7 @@ }, { "parentPluginId": "@kbn/cloud-security-posture", - "id": "def-public.UseMisconfigurationOptions.ignore_unavailable", + "id": "def-public.UseCspOptions.ignore_unavailable", "type": "CompoundType", "tags": [], "label": "ignore_unavailable", diff --git a/api_docs/kbn_cloud_security_posture.mdx b/api_docs/kbn_cloud_security_posture.mdx index 03823f8792baa..64d5bb547e2c0 100644 --- a/api_docs/kbn_cloud_security_posture.mdx +++ b/api_docs/kbn_cloud_security_posture.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-cloud-security-posture title: "@kbn/cloud-security-posture" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/cloud-security-posture plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/cloud-security-posture'] --- import kbnCloudSecurityPostureObj from './kbn_cloud_security_posture.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/kibana-cloud-security-posture](https://github.com/orgs/elastic | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 74 | 1 | 74 | 0 | +| 78 | 1 | 78 | 0 | ## Client diff --git a/api_docs/kbn_cloud_security_posture_common.devdocs.json b/api_docs/kbn_cloud_security_posture_common.devdocs.json index 4a9fcaef28d0a..861cdce4d1a83 100644 --- a/api_docs/kbn_cloud_security_posture_common.devdocs.json +++ b/api_docs/kbn_cloud_security_posture_common.devdocs.json @@ -135,7 +135,7 @@ "label": "buildEntityFlyoutPreviewQuery", "description": [], "signature": [ - "(field: string, queryValue?: string | undefined) => { bool: { filter: { bool: { should: { term: { [x: string]: { value: string; }; }; }[]; minimum_should_match: number; }; }[]; }; }" + "(field: string, queryValue?: string | undefined) => { bool: { filter: { bool: { should: { term: { [x: string]: string; }; }[]; minimum_should_match: number; }; }[]; }; }" ], "path": "x-pack/packages/kbn-cloud-security-posture-common/utils/helpers.ts", "deprecated": false, @@ -658,6 +658,20 @@ "deprecated": false, "trackAdoption": false }, + { + "parentPluginId": "@kbn/cloud-security-posture-common", + "id": "def-common.CspFinding.observer", + "type": "Object", + "tags": [], + "label": "observer", + "description": [], + "signature": [ + "EcsObserver" + ], + "path": "x-pack/packages/kbn-cloud-security-posture-common/types/findings.ts", + "deprecated": false, + "trackAdoption": false + }, { "parentPluginId": "@kbn/cloud-security-posture-common", "id": "def-common.CspFinding.agent", @@ -745,6 +759,185 @@ ], "initialIsOpen": false }, + { + "parentPluginId": "@kbn/cloud-security-posture-common", + "id": "def-common.CspVulnerabilityFinding", + "type": "Interface", + "tags": [], + "label": "CspVulnerabilityFinding", + "description": [], + "path": "x-pack/packages/kbn-cloud-security-posture-common/schema/vulnerabilities/csp_vulnerability_finding.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/cloud-security-posture-common", + "id": "def-common.CspVulnerabilityFinding.timestamp", + "type": "string", + "tags": [], + "label": "'@timestamp'", + "description": [], + "path": "x-pack/packages/kbn-cloud-security-posture-common/schema/vulnerabilities/csp_vulnerability_finding.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/cloud-security-posture-common", + "id": "def-common.CspVulnerabilityFinding.resource", + "type": "Object", + "tags": [], + "label": "resource", + "description": [], + "signature": [ + "{ id: string; name: string; } | undefined" + ], + "path": "x-pack/packages/kbn-cloud-security-posture-common/schema/vulnerabilities/csp_vulnerability_finding.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/cloud-security-posture-common", + "id": "def-common.CspVulnerabilityFinding.event", + "type": "Object", + "tags": [], + "label": "event", + "description": [], + "signature": [ + "EcsEvent" + ], + "path": "x-pack/packages/kbn-cloud-security-posture-common/schema/vulnerabilities/csp_vulnerability_finding.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/cloud-security-posture-common", + "id": "def-common.CspVulnerabilityFinding.vulnerability", + "type": "Object", + "tags": [], + "label": "vulnerability", + "description": [], + "signature": [ + "Vulnerability" + ], + "path": "x-pack/packages/kbn-cloud-security-posture-common/schema/vulnerabilities/csp_vulnerability_finding.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/cloud-security-posture-common", + "id": "def-common.CspVulnerabilityFinding.ecs", + "type": "Object", + "tags": [], + "label": "ecs", + "description": [], + "signature": [ + "{ version: string; }" + ], + "path": "x-pack/packages/kbn-cloud-security-posture-common/schema/vulnerabilities/csp_vulnerability_finding.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/cloud-security-posture-common", + "id": "def-common.CspVulnerabilityFinding.host", + "type": "Object", + "tags": [], + "label": "host", + "description": [], + "signature": [ + "{ os: { name: string; kernel: string; codename: string; type: string; platform: string; version: string; family: string; }; id: string; name: string; containerized: boolean; ip: string[]; mac: string[]; hostname: string; architecture: string; }" + ], + "path": "x-pack/packages/kbn-cloud-security-posture-common/schema/vulnerabilities/csp_vulnerability_finding.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/cloud-security-posture-common", + "id": "def-common.CspVulnerabilityFinding.agent", + "type": "Object", + "tags": [], + "label": "agent", + "description": [], + "signature": [ + "{ ephemeral_id: string; id: string; name: string; type: string; version: string; }" + ], + "path": "x-pack/packages/kbn-cloud-security-posture-common/schema/vulnerabilities/csp_vulnerability_finding.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/cloud-security-posture-common", + "id": "def-common.CspVulnerabilityFinding.cloud", + "type": "Object", + "tags": [], + "label": "cloud", + "description": [], + "signature": [ + "{ image?: { id: string; } | undefined; provider?: string | undefined; instance?: { id: string; } | undefined; machine?: { type: string; } | undefined; region: string; availability_zone?: string | undefined; service?: { name: string; } | undefined; account?: { id: string; } | undefined; }" + ], + "path": "x-pack/packages/kbn-cloud-security-posture-common/schema/vulnerabilities/csp_vulnerability_finding.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/cloud-security-posture-common", + "id": "def-common.CspVulnerabilityFinding.cloudbeat", + "type": "Object", + "tags": [], + "label": "cloudbeat", + "description": [], + "signature": [ + "{ version: string; commit_sha: string; commit_time: string; }" + ], + "path": "x-pack/packages/kbn-cloud-security-posture-common/schema/vulnerabilities/csp_vulnerability_finding.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/cloud-security-posture-common", + "id": "def-common.CspVulnerabilityFinding.package", + "type": "Object", + "tags": [], + "label": "package", + "description": [], + "signature": [ + "{ version?: string | undefined; name?: string | undefined; fixed_version?: string | undefined; }" + ], + "path": "x-pack/packages/kbn-cloud-security-posture-common/schema/vulnerabilities/csp_vulnerability_finding.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/cloud-security-posture-common", + "id": "def-common.CspVulnerabilityFinding.data_stream", + "type": "Object", + "tags": [], + "label": "data_stream", + "description": [], + "signature": [ + "EcsDataStream" + ], + "path": "x-pack/packages/kbn-cloud-security-posture-common/schema/vulnerabilities/csp_vulnerability_finding.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/cloud-security-posture-common", + "id": "def-common.CspVulnerabilityFinding.observer", + "type": "Object", + "tags": [], + "label": "observer", + "description": [], + "signature": [ + "EcsObserver" + ], + "path": "x-pack/packages/kbn-cloud-security-posture-common/schema/vulnerabilities/csp_vulnerability_finding.ts", + "deprecated": false, + "trackAdoption": false + } + ], + "initialIsOpen": false + }, { "parentPluginId": "@kbn/cloud-security-posture-common", "id": "def-common.IndexDetails", @@ -1150,6 +1343,91 @@ "initialIsOpen": false } ], - "objects": [] + "objects": [ + { + "parentPluginId": "@kbn/cloud-security-posture-common", + "id": "def-common.VULNERABILITIES_SEVERITY", + "type": "Object", + "tags": [], + "label": "VULNERABILITIES_SEVERITY", + "description": [], + "path": "x-pack/packages/kbn-cloud-security-posture-common/constants.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/cloud-security-posture-common", + "id": "def-common.VULNERABILITIES_SEVERITY.LOW", + "type": "string", + "tags": [], + "label": "LOW", + "description": [], + "signature": [ + "\"LOW\"" + ], + "path": "x-pack/packages/kbn-cloud-security-posture-common/constants.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/cloud-security-posture-common", + "id": "def-common.VULNERABILITIES_SEVERITY.MEDIUM", + "type": "string", + "tags": [], + "label": "MEDIUM", + "description": [], + "signature": [ + "\"MEDIUM\"" + ], + "path": "x-pack/packages/kbn-cloud-security-posture-common/constants.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/cloud-security-posture-common", + "id": "def-common.VULNERABILITIES_SEVERITY.HIGH", + "type": "string", + "tags": [], + "label": "HIGH", + "description": [], + "signature": [ + "\"HIGH\"" + ], + "path": "x-pack/packages/kbn-cloud-security-posture-common/constants.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/cloud-security-posture-common", + "id": "def-common.VULNERABILITIES_SEVERITY.CRITICAL", + "type": "string", + "tags": [], + "label": "CRITICAL", + "description": [], + "signature": [ + "\"CRITICAL\"" + ], + "path": "x-pack/packages/kbn-cloud-security-posture-common/constants.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/cloud-security-posture-common", + "id": "def-common.VULNERABILITIES_SEVERITY.UNKNOWN", + "type": "string", + "tags": [], + "label": "UNKNOWN", + "description": [], + "signature": [ + "\"UNKNOWN\"" + ], + "path": "x-pack/packages/kbn-cloud-security-posture-common/constants.ts", + "deprecated": false, + "trackAdoption": false + } + ], + "initialIsOpen": false + } + ] } } \ No newline at end of file diff --git a/api_docs/kbn_cloud_security_posture_common.mdx b/api_docs/kbn_cloud_security_posture_common.mdx index bfd3788b8ffbf..b31eeec45ad37 100644 --- a/api_docs/kbn_cloud_security_posture_common.mdx +++ b/api_docs/kbn_cloud_security_posture_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-cloud-security-posture-common title: "@kbn/cloud-security-posture-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/cloud-security-posture-common plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/cloud-security-posture-common'] --- import kbnCloudSecurityPostureCommonObj from './kbn_cloud_security_posture_common.devdocs.json'; @@ -21,10 +21,13 @@ Contact [@elastic/kibana-cloud-security-posture](https://github.com/orgs/elastic | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 74 | 0 | 72 | 0 | +| 94 | 0 | 92 | 1 | ## Common +### Objects + + ### Functions diff --git a/api_docs/kbn_code_editor.mdx b/api_docs/kbn_code_editor.mdx index f5aab040c1632..d1173c6729c7c 100644 --- a/api_docs/kbn_code_editor.mdx +++ b/api_docs/kbn_code_editor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-code-editor title: "@kbn/code-editor" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/code-editor plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/code-editor'] --- import kbnCodeEditorObj from './kbn_code_editor.devdocs.json'; diff --git a/api_docs/kbn_code_editor_mock.mdx b/api_docs/kbn_code_editor_mock.mdx index 9ba0851cceacd..737130c767bc7 100644 --- a/api_docs/kbn_code_editor_mock.mdx +++ b/api_docs/kbn_code_editor_mock.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-code-editor-mock title: "@kbn/code-editor-mock" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/code-editor-mock plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/code-editor-mock'] --- import kbnCodeEditorMockObj from './kbn_code_editor_mock.devdocs.json'; diff --git a/api_docs/kbn_code_owners.mdx b/api_docs/kbn_code_owners.mdx index c35c11dc73289..fffbad9363e7d 100644 --- a/api_docs/kbn_code_owners.mdx +++ b/api_docs/kbn_code_owners.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-code-owners title: "@kbn/code-owners" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/code-owners plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/code-owners'] --- import kbnCodeOwnersObj from './kbn_code_owners.devdocs.json'; diff --git a/api_docs/kbn_coloring.mdx b/api_docs/kbn_coloring.mdx index 962fb22b4b230..b67775f9b1117 100644 --- a/api_docs/kbn_coloring.mdx +++ b/api_docs/kbn_coloring.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-coloring title: "@kbn/coloring" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/coloring plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/coloring'] --- import kbnColoringObj from './kbn_coloring.devdocs.json'; diff --git a/api_docs/kbn_config.mdx b/api_docs/kbn_config.mdx index 15426291751fa..dac435d3be586 100644 --- a/api_docs/kbn_config.mdx +++ b/api_docs/kbn_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-config title: "@kbn/config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/config plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/config'] --- import kbnConfigObj from './kbn_config.devdocs.json'; diff --git a/api_docs/kbn_config_mocks.mdx b/api_docs/kbn_config_mocks.mdx index 45cd45af1b383..9815387cd62f9 100644 --- a/api_docs/kbn_config_mocks.mdx +++ b/api_docs/kbn_config_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-config-mocks title: "@kbn/config-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/config-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/config-mocks'] --- import kbnConfigMocksObj from './kbn_config_mocks.devdocs.json'; diff --git a/api_docs/kbn_config_schema.mdx b/api_docs/kbn_config_schema.mdx index 706b2a398ed61..004485b6368f4 100644 --- a/api_docs/kbn_config_schema.mdx +++ b/api_docs/kbn_config_schema.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-config-schema title: "@kbn/config-schema" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/config-schema plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/config-schema'] --- import kbnConfigSchemaObj from './kbn_config_schema.devdocs.json'; diff --git a/api_docs/kbn_content_management_content_editor.mdx b/api_docs/kbn_content_management_content_editor.mdx index 98ef8012c1742..90591465de76d 100644 --- a/api_docs/kbn_content_management_content_editor.mdx +++ b/api_docs/kbn_content_management_content_editor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-content-editor title: "@kbn/content-management-content-editor" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-content-editor plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-content-editor'] --- import kbnContentManagementContentEditorObj from './kbn_content_management_content_editor.devdocs.json'; diff --git a/api_docs/kbn_content_management_content_insights_public.mdx b/api_docs/kbn_content_management_content_insights_public.mdx index 6e946201cf406..899c4e751a0c5 100644 --- a/api_docs/kbn_content_management_content_insights_public.mdx +++ b/api_docs/kbn_content_management_content_insights_public.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-content-insights-public title: "@kbn/content-management-content-insights-public" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-content-insights-public plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-content-insights-public'] --- import kbnContentManagementContentInsightsPublicObj from './kbn_content_management_content_insights_public.devdocs.json'; diff --git a/api_docs/kbn_content_management_content_insights_server.mdx b/api_docs/kbn_content_management_content_insights_server.mdx index e87e6f28b138b..ac6008407b9d9 100644 --- a/api_docs/kbn_content_management_content_insights_server.mdx +++ b/api_docs/kbn_content_management_content_insights_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-content-insights-server title: "@kbn/content-management-content-insights-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-content-insights-server plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-content-insights-server'] --- import kbnContentManagementContentInsightsServerObj from './kbn_content_management_content_insights_server.devdocs.json'; diff --git a/api_docs/kbn_content_management_favorites_public.mdx b/api_docs/kbn_content_management_favorites_public.mdx index 019db568d5bc5..c1074de232e12 100644 --- a/api_docs/kbn_content_management_favorites_public.mdx +++ b/api_docs/kbn_content_management_favorites_public.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-favorites-public title: "@kbn/content-management-favorites-public" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-favorites-public plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-favorites-public'] --- import kbnContentManagementFavoritesPublicObj from './kbn_content_management_favorites_public.devdocs.json'; diff --git a/api_docs/kbn_content_management_favorites_server.mdx b/api_docs/kbn_content_management_favorites_server.mdx index 308069c689e93..5907f161e7ebb 100644 --- a/api_docs/kbn_content_management_favorites_server.mdx +++ b/api_docs/kbn_content_management_favorites_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-favorites-server title: "@kbn/content-management-favorites-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-favorites-server plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-favorites-server'] --- import kbnContentManagementFavoritesServerObj from './kbn_content_management_favorites_server.devdocs.json'; diff --git a/api_docs/kbn_content_management_tabbed_table_list_view.mdx b/api_docs/kbn_content_management_tabbed_table_list_view.mdx index 78cb265b8bb8a..cd18ba4944b1e 100644 --- a/api_docs/kbn_content_management_tabbed_table_list_view.mdx +++ b/api_docs/kbn_content_management_tabbed_table_list_view.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-tabbed-table-list-view title: "@kbn/content-management-tabbed-table-list-view" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-tabbed-table-list-view plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-tabbed-table-list-view'] --- import kbnContentManagementTabbedTableListViewObj from './kbn_content_management_tabbed_table_list_view.devdocs.json'; diff --git a/api_docs/kbn_content_management_table_list_view.mdx b/api_docs/kbn_content_management_table_list_view.mdx index 794ee1283340e..12294535dcc05 100644 --- a/api_docs/kbn_content_management_table_list_view.mdx +++ b/api_docs/kbn_content_management_table_list_view.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-table-list-view title: "@kbn/content-management-table-list-view" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-table-list-view plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-table-list-view'] --- import kbnContentManagementTableListViewObj from './kbn_content_management_table_list_view.devdocs.json'; diff --git a/api_docs/kbn_content_management_table_list_view_common.mdx b/api_docs/kbn_content_management_table_list_view_common.mdx index 24ab99bd7a274..c9d3ff9cadeaf 100644 --- a/api_docs/kbn_content_management_table_list_view_common.mdx +++ b/api_docs/kbn_content_management_table_list_view_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-table-list-view-common title: "@kbn/content-management-table-list-view-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-table-list-view-common plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-table-list-view-common'] --- import kbnContentManagementTableListViewCommonObj from './kbn_content_management_table_list_view_common.devdocs.json'; diff --git a/api_docs/kbn_content_management_table_list_view_table.mdx b/api_docs/kbn_content_management_table_list_view_table.mdx index 132639002121a..e7693e671493b 100644 --- a/api_docs/kbn_content_management_table_list_view_table.mdx +++ b/api_docs/kbn_content_management_table_list_view_table.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-table-list-view-table title: "@kbn/content-management-table-list-view-table" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-table-list-view-table plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-table-list-view-table'] --- import kbnContentManagementTableListViewTableObj from './kbn_content_management_table_list_view_table.devdocs.json'; diff --git a/api_docs/kbn_content_management_user_profiles.mdx b/api_docs/kbn_content_management_user_profiles.mdx index d5101770dd05e..f56d19c9d66f9 100644 --- a/api_docs/kbn_content_management_user_profiles.mdx +++ b/api_docs/kbn_content_management_user_profiles.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-user-profiles title: "@kbn/content-management-user-profiles" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-user-profiles plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-user-profiles'] --- import kbnContentManagementUserProfilesObj from './kbn_content_management_user_profiles.devdocs.json'; diff --git a/api_docs/kbn_content_management_utils.mdx b/api_docs/kbn_content_management_utils.mdx index 05570050dbde8..10fef036b9ec1 100644 --- a/api_docs/kbn_content_management_utils.mdx +++ b/api_docs/kbn_content_management_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-utils title: "@kbn/content-management-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-utils plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-utils'] --- import kbnContentManagementUtilsObj from './kbn_content_management_utils.devdocs.json'; diff --git a/api_docs/kbn_core_analytics_browser.mdx b/api_docs/kbn_core_analytics_browser.mdx index 64c049381944a..7a7296e7c0bea 100644 --- a/api_docs/kbn_core_analytics_browser.mdx +++ b/api_docs/kbn_core_analytics_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-analytics-browser title: "@kbn/core-analytics-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-analytics-browser plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-analytics-browser'] --- import kbnCoreAnalyticsBrowserObj from './kbn_core_analytics_browser.devdocs.json'; diff --git a/api_docs/kbn_core_analytics_browser_internal.mdx b/api_docs/kbn_core_analytics_browser_internal.mdx index d4b83d4050f28..942b36b4fe222 100644 --- a/api_docs/kbn_core_analytics_browser_internal.mdx +++ b/api_docs/kbn_core_analytics_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-analytics-browser-internal title: "@kbn/core-analytics-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-analytics-browser-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-analytics-browser-internal'] --- import kbnCoreAnalyticsBrowserInternalObj from './kbn_core_analytics_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_analytics_browser_mocks.mdx b/api_docs/kbn_core_analytics_browser_mocks.mdx index 365ad8ccb843e..699a9b6dac35a 100644 --- a/api_docs/kbn_core_analytics_browser_mocks.mdx +++ b/api_docs/kbn_core_analytics_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-analytics-browser-mocks title: "@kbn/core-analytics-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-analytics-browser-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-analytics-browser-mocks'] --- import kbnCoreAnalyticsBrowserMocksObj from './kbn_core_analytics_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_analytics_server.mdx b/api_docs/kbn_core_analytics_server.mdx index cff796f4eac31..00f6f8905067f 100644 --- a/api_docs/kbn_core_analytics_server.mdx +++ b/api_docs/kbn_core_analytics_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-analytics-server title: "@kbn/core-analytics-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-analytics-server plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-analytics-server'] --- import kbnCoreAnalyticsServerObj from './kbn_core_analytics_server.devdocs.json'; diff --git a/api_docs/kbn_core_analytics_server_internal.mdx b/api_docs/kbn_core_analytics_server_internal.mdx index 6becc15e9cb45..dffeabd111c41 100644 --- a/api_docs/kbn_core_analytics_server_internal.mdx +++ b/api_docs/kbn_core_analytics_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-analytics-server-internal title: "@kbn/core-analytics-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-analytics-server-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-analytics-server-internal'] --- import kbnCoreAnalyticsServerInternalObj from './kbn_core_analytics_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_analytics_server_mocks.mdx b/api_docs/kbn_core_analytics_server_mocks.mdx index ca729867ce02e..2379bd10d3f6d 100644 --- a/api_docs/kbn_core_analytics_server_mocks.mdx +++ b/api_docs/kbn_core_analytics_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-analytics-server-mocks title: "@kbn/core-analytics-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-analytics-server-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-analytics-server-mocks'] --- import kbnCoreAnalyticsServerMocksObj from './kbn_core_analytics_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_application_browser.mdx b/api_docs/kbn_core_application_browser.mdx index e9ee5a63d3ae0..310689c5240fa 100644 --- a/api_docs/kbn_core_application_browser.mdx +++ b/api_docs/kbn_core_application_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-application-browser title: "@kbn/core-application-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-application-browser plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-application-browser'] --- import kbnCoreApplicationBrowserObj from './kbn_core_application_browser.devdocs.json'; diff --git a/api_docs/kbn_core_application_browser_internal.mdx b/api_docs/kbn_core_application_browser_internal.mdx index 5496fcd17edaf..d7f0f1d44564d 100644 --- a/api_docs/kbn_core_application_browser_internal.mdx +++ b/api_docs/kbn_core_application_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-application-browser-internal title: "@kbn/core-application-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-application-browser-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-application-browser-internal'] --- import kbnCoreApplicationBrowserInternalObj from './kbn_core_application_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_application_browser_mocks.mdx b/api_docs/kbn_core_application_browser_mocks.mdx index a0472992db614..edbcb3127552f 100644 --- a/api_docs/kbn_core_application_browser_mocks.mdx +++ b/api_docs/kbn_core_application_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-application-browser-mocks title: "@kbn/core-application-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-application-browser-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-application-browser-mocks'] --- import kbnCoreApplicationBrowserMocksObj from './kbn_core_application_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_application_common.mdx b/api_docs/kbn_core_application_common.mdx index d9c4aeb32050e..72c763674bdd8 100644 --- a/api_docs/kbn_core_application_common.mdx +++ b/api_docs/kbn_core_application_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-application-common title: "@kbn/core-application-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-application-common plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-application-common'] --- import kbnCoreApplicationCommonObj from './kbn_core_application_common.devdocs.json'; diff --git a/api_docs/kbn_core_apps_browser_internal.mdx b/api_docs/kbn_core_apps_browser_internal.mdx index 0af75312eb65d..1c123711288ac 100644 --- a/api_docs/kbn_core_apps_browser_internal.mdx +++ b/api_docs/kbn_core_apps_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-apps-browser-internal title: "@kbn/core-apps-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-apps-browser-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-apps-browser-internal'] --- import kbnCoreAppsBrowserInternalObj from './kbn_core_apps_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_apps_browser_mocks.mdx b/api_docs/kbn_core_apps_browser_mocks.mdx index d039329a7b27a..7838977557456 100644 --- a/api_docs/kbn_core_apps_browser_mocks.mdx +++ b/api_docs/kbn_core_apps_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-apps-browser-mocks title: "@kbn/core-apps-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-apps-browser-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-apps-browser-mocks'] --- import kbnCoreAppsBrowserMocksObj from './kbn_core_apps_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_apps_server_internal.mdx b/api_docs/kbn_core_apps_server_internal.mdx index 21a270476848d..131c647801835 100644 --- a/api_docs/kbn_core_apps_server_internal.mdx +++ b/api_docs/kbn_core_apps_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-apps-server-internal title: "@kbn/core-apps-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-apps-server-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-apps-server-internal'] --- import kbnCoreAppsServerInternalObj from './kbn_core_apps_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_base_browser_mocks.mdx b/api_docs/kbn_core_base_browser_mocks.mdx index c244e9e838302..547d2eec0b89e 100644 --- a/api_docs/kbn_core_base_browser_mocks.mdx +++ b/api_docs/kbn_core_base_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-base-browser-mocks title: "@kbn/core-base-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-base-browser-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-base-browser-mocks'] --- import kbnCoreBaseBrowserMocksObj from './kbn_core_base_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_base_common.mdx b/api_docs/kbn_core_base_common.mdx index 1890d5b7c96ab..e78d8574aee49 100644 --- a/api_docs/kbn_core_base_common.mdx +++ b/api_docs/kbn_core_base_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-base-common title: "@kbn/core-base-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-base-common plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-base-common'] --- import kbnCoreBaseCommonObj from './kbn_core_base_common.devdocs.json'; diff --git a/api_docs/kbn_core_base_server_internal.mdx b/api_docs/kbn_core_base_server_internal.mdx index fc25d6f543ea1..b3aeb2c6bbb8f 100644 --- a/api_docs/kbn_core_base_server_internal.mdx +++ b/api_docs/kbn_core_base_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-base-server-internal title: "@kbn/core-base-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-base-server-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-base-server-internal'] --- import kbnCoreBaseServerInternalObj from './kbn_core_base_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_base_server_mocks.mdx b/api_docs/kbn_core_base_server_mocks.mdx index e0b81abc17cbf..c07364ccdc663 100644 --- a/api_docs/kbn_core_base_server_mocks.mdx +++ b/api_docs/kbn_core_base_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-base-server-mocks title: "@kbn/core-base-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-base-server-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-base-server-mocks'] --- import kbnCoreBaseServerMocksObj from './kbn_core_base_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_capabilities_browser_mocks.mdx b/api_docs/kbn_core_capabilities_browser_mocks.mdx index 04e404b09c19d..6f946998bcb18 100644 --- a/api_docs/kbn_core_capabilities_browser_mocks.mdx +++ b/api_docs/kbn_core_capabilities_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-capabilities-browser-mocks title: "@kbn/core-capabilities-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-capabilities-browser-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-capabilities-browser-mocks'] --- import kbnCoreCapabilitiesBrowserMocksObj from './kbn_core_capabilities_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_capabilities_common.mdx b/api_docs/kbn_core_capabilities_common.mdx index 6dd424f7ce758..d26c8113c9b9a 100644 --- a/api_docs/kbn_core_capabilities_common.mdx +++ b/api_docs/kbn_core_capabilities_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-capabilities-common title: "@kbn/core-capabilities-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-capabilities-common plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-capabilities-common'] --- import kbnCoreCapabilitiesCommonObj from './kbn_core_capabilities_common.devdocs.json'; diff --git a/api_docs/kbn_core_capabilities_server.mdx b/api_docs/kbn_core_capabilities_server.mdx index 81c58804a3366..24123bb36691a 100644 --- a/api_docs/kbn_core_capabilities_server.mdx +++ b/api_docs/kbn_core_capabilities_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-capabilities-server title: "@kbn/core-capabilities-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-capabilities-server plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-capabilities-server'] --- import kbnCoreCapabilitiesServerObj from './kbn_core_capabilities_server.devdocs.json'; diff --git a/api_docs/kbn_core_capabilities_server_mocks.mdx b/api_docs/kbn_core_capabilities_server_mocks.mdx index cb58a7e4f1304..2d9dd7bbddba1 100644 --- a/api_docs/kbn_core_capabilities_server_mocks.mdx +++ b/api_docs/kbn_core_capabilities_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-capabilities-server-mocks title: "@kbn/core-capabilities-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-capabilities-server-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-capabilities-server-mocks'] --- import kbnCoreCapabilitiesServerMocksObj from './kbn_core_capabilities_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_chrome_browser.mdx b/api_docs/kbn_core_chrome_browser.mdx index 0690744ef3646..59440f289675b 100644 --- a/api_docs/kbn_core_chrome_browser.mdx +++ b/api_docs/kbn_core_chrome_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-chrome-browser title: "@kbn/core-chrome-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-chrome-browser plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-chrome-browser'] --- import kbnCoreChromeBrowserObj from './kbn_core_chrome_browser.devdocs.json'; diff --git a/api_docs/kbn_core_chrome_browser_mocks.mdx b/api_docs/kbn_core_chrome_browser_mocks.mdx index 811567028ccba..d324c54b01d62 100644 --- a/api_docs/kbn_core_chrome_browser_mocks.mdx +++ b/api_docs/kbn_core_chrome_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-chrome-browser-mocks title: "@kbn/core-chrome-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-chrome-browser-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-chrome-browser-mocks'] --- import kbnCoreChromeBrowserMocksObj from './kbn_core_chrome_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_config_server_internal.mdx b/api_docs/kbn_core_config_server_internal.mdx index 41b284b835816..e2d48459ccd5f 100644 --- a/api_docs/kbn_core_config_server_internal.mdx +++ b/api_docs/kbn_core_config_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-config-server-internal title: "@kbn/core-config-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-config-server-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-config-server-internal'] --- import kbnCoreConfigServerInternalObj from './kbn_core_config_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_custom_branding_browser.mdx b/api_docs/kbn_core_custom_branding_browser.mdx index e0825768b65f6..a735805a7bb27 100644 --- a/api_docs/kbn_core_custom_branding_browser.mdx +++ b/api_docs/kbn_core_custom_branding_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-custom-branding-browser title: "@kbn/core-custom-branding-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-custom-branding-browser plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-custom-branding-browser'] --- import kbnCoreCustomBrandingBrowserObj from './kbn_core_custom_branding_browser.devdocs.json'; diff --git a/api_docs/kbn_core_custom_branding_browser_internal.mdx b/api_docs/kbn_core_custom_branding_browser_internal.mdx index 94d481f7ed4b9..66a265c756850 100644 --- a/api_docs/kbn_core_custom_branding_browser_internal.mdx +++ b/api_docs/kbn_core_custom_branding_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-custom-branding-browser-internal title: "@kbn/core-custom-branding-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-custom-branding-browser-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-custom-branding-browser-internal'] --- import kbnCoreCustomBrandingBrowserInternalObj from './kbn_core_custom_branding_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_custom_branding_browser_mocks.mdx b/api_docs/kbn_core_custom_branding_browser_mocks.mdx index 3a6db03cd546c..2598fb0413217 100644 --- a/api_docs/kbn_core_custom_branding_browser_mocks.mdx +++ b/api_docs/kbn_core_custom_branding_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-custom-branding-browser-mocks title: "@kbn/core-custom-branding-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-custom-branding-browser-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-custom-branding-browser-mocks'] --- import kbnCoreCustomBrandingBrowserMocksObj from './kbn_core_custom_branding_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_custom_branding_common.mdx b/api_docs/kbn_core_custom_branding_common.mdx index 084688849c967..deb49fae21832 100644 --- a/api_docs/kbn_core_custom_branding_common.mdx +++ b/api_docs/kbn_core_custom_branding_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-custom-branding-common title: "@kbn/core-custom-branding-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-custom-branding-common plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-custom-branding-common'] --- import kbnCoreCustomBrandingCommonObj from './kbn_core_custom_branding_common.devdocs.json'; diff --git a/api_docs/kbn_core_custom_branding_server.mdx b/api_docs/kbn_core_custom_branding_server.mdx index 01c9441a9bf38..e1eaad7a9e52e 100644 --- a/api_docs/kbn_core_custom_branding_server.mdx +++ b/api_docs/kbn_core_custom_branding_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-custom-branding-server title: "@kbn/core-custom-branding-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-custom-branding-server plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-custom-branding-server'] --- import kbnCoreCustomBrandingServerObj from './kbn_core_custom_branding_server.devdocs.json'; diff --git a/api_docs/kbn_core_custom_branding_server_internal.mdx b/api_docs/kbn_core_custom_branding_server_internal.mdx index 43669e9953c1f..cbee05730fa25 100644 --- a/api_docs/kbn_core_custom_branding_server_internal.mdx +++ b/api_docs/kbn_core_custom_branding_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-custom-branding-server-internal title: "@kbn/core-custom-branding-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-custom-branding-server-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-custom-branding-server-internal'] --- import kbnCoreCustomBrandingServerInternalObj from './kbn_core_custom_branding_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_custom_branding_server_mocks.mdx b/api_docs/kbn_core_custom_branding_server_mocks.mdx index 954001b107976..503a12c714ff2 100644 --- a/api_docs/kbn_core_custom_branding_server_mocks.mdx +++ b/api_docs/kbn_core_custom_branding_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-custom-branding-server-mocks title: "@kbn/core-custom-branding-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-custom-branding-server-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-custom-branding-server-mocks'] --- import kbnCoreCustomBrandingServerMocksObj from './kbn_core_custom_branding_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_deprecations_browser.mdx b/api_docs/kbn_core_deprecations_browser.mdx index 18c0f287ca317..f310414aa5969 100644 --- a/api_docs/kbn_core_deprecations_browser.mdx +++ b/api_docs/kbn_core_deprecations_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-deprecations-browser title: "@kbn/core-deprecations-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-deprecations-browser plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-deprecations-browser'] --- import kbnCoreDeprecationsBrowserObj from './kbn_core_deprecations_browser.devdocs.json'; diff --git a/api_docs/kbn_core_deprecations_browser_internal.mdx b/api_docs/kbn_core_deprecations_browser_internal.mdx index 4f523d89a9740..e105c7f3670e5 100644 --- a/api_docs/kbn_core_deprecations_browser_internal.mdx +++ b/api_docs/kbn_core_deprecations_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-deprecations-browser-internal title: "@kbn/core-deprecations-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-deprecations-browser-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-deprecations-browser-internal'] --- import kbnCoreDeprecationsBrowserInternalObj from './kbn_core_deprecations_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_deprecations_browser_mocks.mdx b/api_docs/kbn_core_deprecations_browser_mocks.mdx index 46a991f918b10..3fa52d84af855 100644 --- a/api_docs/kbn_core_deprecations_browser_mocks.mdx +++ b/api_docs/kbn_core_deprecations_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-deprecations-browser-mocks title: "@kbn/core-deprecations-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-deprecations-browser-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-deprecations-browser-mocks'] --- import kbnCoreDeprecationsBrowserMocksObj from './kbn_core_deprecations_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_deprecations_common.mdx b/api_docs/kbn_core_deprecations_common.mdx index 7b938552a9c73..5172d723fbb19 100644 --- a/api_docs/kbn_core_deprecations_common.mdx +++ b/api_docs/kbn_core_deprecations_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-deprecations-common title: "@kbn/core-deprecations-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-deprecations-common plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-deprecations-common'] --- import kbnCoreDeprecationsCommonObj from './kbn_core_deprecations_common.devdocs.json'; diff --git a/api_docs/kbn_core_deprecations_server.mdx b/api_docs/kbn_core_deprecations_server.mdx index 764229fa65051..c939f7141b91a 100644 --- a/api_docs/kbn_core_deprecations_server.mdx +++ b/api_docs/kbn_core_deprecations_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-deprecations-server title: "@kbn/core-deprecations-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-deprecations-server plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-deprecations-server'] --- import kbnCoreDeprecationsServerObj from './kbn_core_deprecations_server.devdocs.json'; diff --git a/api_docs/kbn_core_deprecations_server_internal.mdx b/api_docs/kbn_core_deprecations_server_internal.mdx index 21aebf7ac709d..4f4eda9eb5ee6 100644 --- a/api_docs/kbn_core_deprecations_server_internal.mdx +++ b/api_docs/kbn_core_deprecations_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-deprecations-server-internal title: "@kbn/core-deprecations-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-deprecations-server-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-deprecations-server-internal'] --- import kbnCoreDeprecationsServerInternalObj from './kbn_core_deprecations_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_deprecations_server_mocks.mdx b/api_docs/kbn_core_deprecations_server_mocks.mdx index be38bf55aaf57..3df364c548f1e 100644 --- a/api_docs/kbn_core_deprecations_server_mocks.mdx +++ b/api_docs/kbn_core_deprecations_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-deprecations-server-mocks title: "@kbn/core-deprecations-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-deprecations-server-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-deprecations-server-mocks'] --- import kbnCoreDeprecationsServerMocksObj from './kbn_core_deprecations_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_doc_links_browser.mdx b/api_docs/kbn_core_doc_links_browser.mdx index 6f0de990f2623..92bc37909d20f 100644 --- a/api_docs/kbn_core_doc_links_browser.mdx +++ b/api_docs/kbn_core_doc_links_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-doc-links-browser title: "@kbn/core-doc-links-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-doc-links-browser plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-doc-links-browser'] --- import kbnCoreDocLinksBrowserObj from './kbn_core_doc_links_browser.devdocs.json'; diff --git a/api_docs/kbn_core_doc_links_browser_mocks.mdx b/api_docs/kbn_core_doc_links_browser_mocks.mdx index c5c3e3beaf658..24f64af5583cb 100644 --- a/api_docs/kbn_core_doc_links_browser_mocks.mdx +++ b/api_docs/kbn_core_doc_links_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-doc-links-browser-mocks title: "@kbn/core-doc-links-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-doc-links-browser-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-doc-links-browser-mocks'] --- import kbnCoreDocLinksBrowserMocksObj from './kbn_core_doc_links_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_doc_links_server.mdx b/api_docs/kbn_core_doc_links_server.mdx index b78c773d9e51a..c284b3348936b 100644 --- a/api_docs/kbn_core_doc_links_server.mdx +++ b/api_docs/kbn_core_doc_links_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-doc-links-server title: "@kbn/core-doc-links-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-doc-links-server plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-doc-links-server'] --- import kbnCoreDocLinksServerObj from './kbn_core_doc_links_server.devdocs.json'; diff --git a/api_docs/kbn_core_doc_links_server_mocks.mdx b/api_docs/kbn_core_doc_links_server_mocks.mdx index dd282cecb8fcc..d97447a0bdc0e 100644 --- a/api_docs/kbn_core_doc_links_server_mocks.mdx +++ b/api_docs/kbn_core_doc_links_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-doc-links-server-mocks title: "@kbn/core-doc-links-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-doc-links-server-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-doc-links-server-mocks'] --- import kbnCoreDocLinksServerMocksObj from './kbn_core_doc_links_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_elasticsearch_client_server_internal.mdx b/api_docs/kbn_core_elasticsearch_client_server_internal.mdx index 708346a339d03..905f8609b8628 100644 --- a/api_docs/kbn_core_elasticsearch_client_server_internal.mdx +++ b/api_docs/kbn_core_elasticsearch_client_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-elasticsearch-client-server-internal title: "@kbn/core-elasticsearch-client-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-elasticsearch-client-server-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-elasticsearch-client-server-internal'] --- import kbnCoreElasticsearchClientServerInternalObj from './kbn_core_elasticsearch_client_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_elasticsearch_client_server_mocks.mdx b/api_docs/kbn_core_elasticsearch_client_server_mocks.mdx index 660a94683c45c..1da6c1a7c5838 100644 --- a/api_docs/kbn_core_elasticsearch_client_server_mocks.mdx +++ b/api_docs/kbn_core_elasticsearch_client_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-elasticsearch-client-server-mocks title: "@kbn/core-elasticsearch-client-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-elasticsearch-client-server-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-elasticsearch-client-server-mocks'] --- import kbnCoreElasticsearchClientServerMocksObj from './kbn_core_elasticsearch_client_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_elasticsearch_server.mdx b/api_docs/kbn_core_elasticsearch_server.mdx index c7456856956bb..327ac088d4eb6 100644 --- a/api_docs/kbn_core_elasticsearch_server.mdx +++ b/api_docs/kbn_core_elasticsearch_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-elasticsearch-server title: "@kbn/core-elasticsearch-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-elasticsearch-server plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-elasticsearch-server'] --- import kbnCoreElasticsearchServerObj from './kbn_core_elasticsearch_server.devdocs.json'; diff --git a/api_docs/kbn_core_elasticsearch_server_internal.mdx b/api_docs/kbn_core_elasticsearch_server_internal.mdx index a4d15e84a1bd2..6d7c6ef978535 100644 --- a/api_docs/kbn_core_elasticsearch_server_internal.mdx +++ b/api_docs/kbn_core_elasticsearch_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-elasticsearch-server-internal title: "@kbn/core-elasticsearch-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-elasticsearch-server-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-elasticsearch-server-internal'] --- import kbnCoreElasticsearchServerInternalObj from './kbn_core_elasticsearch_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_elasticsearch_server_mocks.mdx b/api_docs/kbn_core_elasticsearch_server_mocks.mdx index 24f437a4f0959..d087e91e67195 100644 --- a/api_docs/kbn_core_elasticsearch_server_mocks.mdx +++ b/api_docs/kbn_core_elasticsearch_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-elasticsearch-server-mocks title: "@kbn/core-elasticsearch-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-elasticsearch-server-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-elasticsearch-server-mocks'] --- import kbnCoreElasticsearchServerMocksObj from './kbn_core_elasticsearch_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_environment_server_internal.mdx b/api_docs/kbn_core_environment_server_internal.mdx index a08c18e805db0..91ce03b6e7949 100644 --- a/api_docs/kbn_core_environment_server_internal.mdx +++ b/api_docs/kbn_core_environment_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-environment-server-internal title: "@kbn/core-environment-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-environment-server-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-environment-server-internal'] --- import kbnCoreEnvironmentServerInternalObj from './kbn_core_environment_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_environment_server_mocks.mdx b/api_docs/kbn_core_environment_server_mocks.mdx index 1f7594d1603f8..79cf70deb0e96 100644 --- a/api_docs/kbn_core_environment_server_mocks.mdx +++ b/api_docs/kbn_core_environment_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-environment-server-mocks title: "@kbn/core-environment-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-environment-server-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-environment-server-mocks'] --- import kbnCoreEnvironmentServerMocksObj from './kbn_core_environment_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_execution_context_browser.mdx b/api_docs/kbn_core_execution_context_browser.mdx index 43b267795b39e..c89db848e47f6 100644 --- a/api_docs/kbn_core_execution_context_browser.mdx +++ b/api_docs/kbn_core_execution_context_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-execution-context-browser title: "@kbn/core-execution-context-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-execution-context-browser plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-execution-context-browser'] --- import kbnCoreExecutionContextBrowserObj from './kbn_core_execution_context_browser.devdocs.json'; diff --git a/api_docs/kbn_core_execution_context_browser_internal.mdx b/api_docs/kbn_core_execution_context_browser_internal.mdx index 738f72b066514..d2f68c125a84a 100644 --- a/api_docs/kbn_core_execution_context_browser_internal.mdx +++ b/api_docs/kbn_core_execution_context_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-execution-context-browser-internal title: "@kbn/core-execution-context-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-execution-context-browser-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-execution-context-browser-internal'] --- import kbnCoreExecutionContextBrowserInternalObj from './kbn_core_execution_context_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_execution_context_browser_mocks.mdx b/api_docs/kbn_core_execution_context_browser_mocks.mdx index 99a18af5719bc..0b1f343b38569 100644 --- a/api_docs/kbn_core_execution_context_browser_mocks.mdx +++ b/api_docs/kbn_core_execution_context_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-execution-context-browser-mocks title: "@kbn/core-execution-context-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-execution-context-browser-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-execution-context-browser-mocks'] --- import kbnCoreExecutionContextBrowserMocksObj from './kbn_core_execution_context_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_execution_context_common.mdx b/api_docs/kbn_core_execution_context_common.mdx index bd848cef0f03f..02a491631c0a2 100644 --- a/api_docs/kbn_core_execution_context_common.mdx +++ b/api_docs/kbn_core_execution_context_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-execution-context-common title: "@kbn/core-execution-context-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-execution-context-common plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-execution-context-common'] --- import kbnCoreExecutionContextCommonObj from './kbn_core_execution_context_common.devdocs.json'; diff --git a/api_docs/kbn_core_execution_context_server.mdx b/api_docs/kbn_core_execution_context_server.mdx index fd82893c6bee3..6a438281fc64d 100644 --- a/api_docs/kbn_core_execution_context_server.mdx +++ b/api_docs/kbn_core_execution_context_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-execution-context-server title: "@kbn/core-execution-context-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-execution-context-server plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-execution-context-server'] --- import kbnCoreExecutionContextServerObj from './kbn_core_execution_context_server.devdocs.json'; diff --git a/api_docs/kbn_core_execution_context_server_internal.mdx b/api_docs/kbn_core_execution_context_server_internal.mdx index 57aff1e80a242..c42f30446a825 100644 --- a/api_docs/kbn_core_execution_context_server_internal.mdx +++ b/api_docs/kbn_core_execution_context_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-execution-context-server-internal title: "@kbn/core-execution-context-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-execution-context-server-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-execution-context-server-internal'] --- import kbnCoreExecutionContextServerInternalObj from './kbn_core_execution_context_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_execution_context_server_mocks.mdx b/api_docs/kbn_core_execution_context_server_mocks.mdx index 9f691b8ed8abc..860405a9330dc 100644 --- a/api_docs/kbn_core_execution_context_server_mocks.mdx +++ b/api_docs/kbn_core_execution_context_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-execution-context-server-mocks title: "@kbn/core-execution-context-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-execution-context-server-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-execution-context-server-mocks'] --- import kbnCoreExecutionContextServerMocksObj from './kbn_core_execution_context_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_fatal_errors_browser.mdx b/api_docs/kbn_core_fatal_errors_browser.mdx index 94f9a43fdf00a..df108713def3e 100644 --- a/api_docs/kbn_core_fatal_errors_browser.mdx +++ b/api_docs/kbn_core_fatal_errors_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-fatal-errors-browser title: "@kbn/core-fatal-errors-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-fatal-errors-browser plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-fatal-errors-browser'] --- import kbnCoreFatalErrorsBrowserObj from './kbn_core_fatal_errors_browser.devdocs.json'; diff --git a/api_docs/kbn_core_fatal_errors_browser_mocks.mdx b/api_docs/kbn_core_fatal_errors_browser_mocks.mdx index 7723943c00ada..10485d13deaa6 100644 --- a/api_docs/kbn_core_fatal_errors_browser_mocks.mdx +++ b/api_docs/kbn_core_fatal_errors_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-fatal-errors-browser-mocks title: "@kbn/core-fatal-errors-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-fatal-errors-browser-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-fatal-errors-browser-mocks'] --- import kbnCoreFatalErrorsBrowserMocksObj from './kbn_core_fatal_errors_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_feature_flags_browser.mdx b/api_docs/kbn_core_feature_flags_browser.mdx index 1be95bd799150..7fe1df40e8e2c 100644 --- a/api_docs/kbn_core_feature_flags_browser.mdx +++ b/api_docs/kbn_core_feature_flags_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-feature-flags-browser title: "@kbn/core-feature-flags-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-feature-flags-browser plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-feature-flags-browser'] --- import kbnCoreFeatureFlagsBrowserObj from './kbn_core_feature_flags_browser.devdocs.json'; diff --git a/api_docs/kbn_core_feature_flags_browser_internal.mdx b/api_docs/kbn_core_feature_flags_browser_internal.mdx index 8a8ab1fdb2684..356aa5dc2d221 100644 --- a/api_docs/kbn_core_feature_flags_browser_internal.mdx +++ b/api_docs/kbn_core_feature_flags_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-feature-flags-browser-internal title: "@kbn/core-feature-flags-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-feature-flags-browser-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-feature-flags-browser-internal'] --- import kbnCoreFeatureFlagsBrowserInternalObj from './kbn_core_feature_flags_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_feature_flags_browser_mocks.mdx b/api_docs/kbn_core_feature_flags_browser_mocks.mdx index 7ea500bb4b611..94dc081a185e2 100644 --- a/api_docs/kbn_core_feature_flags_browser_mocks.mdx +++ b/api_docs/kbn_core_feature_flags_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-feature-flags-browser-mocks title: "@kbn/core-feature-flags-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-feature-flags-browser-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-feature-flags-browser-mocks'] --- import kbnCoreFeatureFlagsBrowserMocksObj from './kbn_core_feature_flags_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_feature_flags_server.mdx b/api_docs/kbn_core_feature_flags_server.mdx index 9459c8d38bc58..34e1d517a33f6 100644 --- a/api_docs/kbn_core_feature_flags_server.mdx +++ b/api_docs/kbn_core_feature_flags_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-feature-flags-server title: "@kbn/core-feature-flags-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-feature-flags-server plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-feature-flags-server'] --- import kbnCoreFeatureFlagsServerObj from './kbn_core_feature_flags_server.devdocs.json'; diff --git a/api_docs/kbn_core_feature_flags_server_internal.mdx b/api_docs/kbn_core_feature_flags_server_internal.mdx index 3caad023b4177..4e069ec776f7b 100644 --- a/api_docs/kbn_core_feature_flags_server_internal.mdx +++ b/api_docs/kbn_core_feature_flags_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-feature-flags-server-internal title: "@kbn/core-feature-flags-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-feature-flags-server-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-feature-flags-server-internal'] --- import kbnCoreFeatureFlagsServerInternalObj from './kbn_core_feature_flags_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_feature_flags_server_mocks.mdx b/api_docs/kbn_core_feature_flags_server_mocks.mdx index 4d0d484ee25d3..fc12aa3c5bfe0 100644 --- a/api_docs/kbn_core_feature_flags_server_mocks.mdx +++ b/api_docs/kbn_core_feature_flags_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-feature-flags-server-mocks title: "@kbn/core-feature-flags-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-feature-flags-server-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-feature-flags-server-mocks'] --- import kbnCoreFeatureFlagsServerMocksObj from './kbn_core_feature_flags_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_http_browser.mdx b/api_docs/kbn_core_http_browser.mdx index acecc654ad750..30e62dc90363a 100644 --- a/api_docs/kbn_core_http_browser.mdx +++ b/api_docs/kbn_core_http_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-browser title: "@kbn/core-http-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-browser plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-browser'] --- import kbnCoreHttpBrowserObj from './kbn_core_http_browser.devdocs.json'; diff --git a/api_docs/kbn_core_http_browser_internal.mdx b/api_docs/kbn_core_http_browser_internal.mdx index f09fbbdf90631..d20a977d16ae0 100644 --- a/api_docs/kbn_core_http_browser_internal.mdx +++ b/api_docs/kbn_core_http_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-browser-internal title: "@kbn/core-http-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-browser-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-browser-internal'] --- import kbnCoreHttpBrowserInternalObj from './kbn_core_http_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_http_browser_mocks.mdx b/api_docs/kbn_core_http_browser_mocks.mdx index a6354b382d779..d44f11d487f02 100644 --- a/api_docs/kbn_core_http_browser_mocks.mdx +++ b/api_docs/kbn_core_http_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-browser-mocks title: "@kbn/core-http-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-browser-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-browser-mocks'] --- import kbnCoreHttpBrowserMocksObj from './kbn_core_http_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_http_common.mdx b/api_docs/kbn_core_http_common.mdx index 53ae019cd67f6..3b620a2e67a61 100644 --- a/api_docs/kbn_core_http_common.mdx +++ b/api_docs/kbn_core_http_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-common title: "@kbn/core-http-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-common plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-common'] --- import kbnCoreHttpCommonObj from './kbn_core_http_common.devdocs.json'; diff --git a/api_docs/kbn_core_http_context_server_mocks.mdx b/api_docs/kbn_core_http_context_server_mocks.mdx index 1a5710cda5d6b..031f5e455a58b 100644 --- a/api_docs/kbn_core_http_context_server_mocks.mdx +++ b/api_docs/kbn_core_http_context_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-context-server-mocks title: "@kbn/core-http-context-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-context-server-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-context-server-mocks'] --- import kbnCoreHttpContextServerMocksObj from './kbn_core_http_context_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_http_request_handler_context_server.mdx b/api_docs/kbn_core_http_request_handler_context_server.mdx index b370911f6fa7f..325b141c41454 100644 --- a/api_docs/kbn_core_http_request_handler_context_server.mdx +++ b/api_docs/kbn_core_http_request_handler_context_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-request-handler-context-server title: "@kbn/core-http-request-handler-context-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-request-handler-context-server plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-request-handler-context-server'] --- import kbnCoreHttpRequestHandlerContextServerObj from './kbn_core_http_request_handler_context_server.devdocs.json'; diff --git a/api_docs/kbn_core_http_resources_server.mdx b/api_docs/kbn_core_http_resources_server.mdx index 0e30ef4c1574b..7374c4a7ca777 100644 --- a/api_docs/kbn_core_http_resources_server.mdx +++ b/api_docs/kbn_core_http_resources_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-resources-server title: "@kbn/core-http-resources-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-resources-server plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-resources-server'] --- import kbnCoreHttpResourcesServerObj from './kbn_core_http_resources_server.devdocs.json'; diff --git a/api_docs/kbn_core_http_resources_server_internal.mdx b/api_docs/kbn_core_http_resources_server_internal.mdx index ab064a8b27b8e..e626dc2cc5bb3 100644 --- a/api_docs/kbn_core_http_resources_server_internal.mdx +++ b/api_docs/kbn_core_http_resources_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-resources-server-internal title: "@kbn/core-http-resources-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-resources-server-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-resources-server-internal'] --- import kbnCoreHttpResourcesServerInternalObj from './kbn_core_http_resources_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_http_resources_server_mocks.mdx b/api_docs/kbn_core_http_resources_server_mocks.mdx index ee78a2df2bb69..39a0938762c50 100644 --- a/api_docs/kbn_core_http_resources_server_mocks.mdx +++ b/api_docs/kbn_core_http_resources_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-resources-server-mocks title: "@kbn/core-http-resources-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-resources-server-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-resources-server-mocks'] --- import kbnCoreHttpResourcesServerMocksObj from './kbn_core_http_resources_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_http_router_server_internal.mdx b/api_docs/kbn_core_http_router_server_internal.mdx index f1e3911546fa4..51d54a2376074 100644 --- a/api_docs/kbn_core_http_router_server_internal.mdx +++ b/api_docs/kbn_core_http_router_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-router-server-internal title: "@kbn/core-http-router-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-router-server-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-router-server-internal'] --- import kbnCoreHttpRouterServerInternalObj from './kbn_core_http_router_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_http_router_server_mocks.mdx b/api_docs/kbn_core_http_router_server_mocks.mdx index c3704fea8f20e..b812151405a52 100644 --- a/api_docs/kbn_core_http_router_server_mocks.mdx +++ b/api_docs/kbn_core_http_router_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-router-server-mocks title: "@kbn/core-http-router-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-router-server-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-router-server-mocks'] --- import kbnCoreHttpRouterServerMocksObj from './kbn_core_http_router_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_http_server.mdx b/api_docs/kbn_core_http_server.mdx index 964f42bb971d6..d772655fad793 100644 --- a/api_docs/kbn_core_http_server.mdx +++ b/api_docs/kbn_core_http_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-server title: "@kbn/core-http-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-server plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-server'] --- import kbnCoreHttpServerObj from './kbn_core_http_server.devdocs.json'; diff --git a/api_docs/kbn_core_http_server_internal.mdx b/api_docs/kbn_core_http_server_internal.mdx index 496618e9ef406..ab6d7fb2f9217 100644 --- a/api_docs/kbn_core_http_server_internal.mdx +++ b/api_docs/kbn_core_http_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-server-internal title: "@kbn/core-http-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-server-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-server-internal'] --- import kbnCoreHttpServerInternalObj from './kbn_core_http_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_http_server_mocks.mdx b/api_docs/kbn_core_http_server_mocks.mdx index 0ab3d44010074..6bfb2cec895eb 100644 --- a/api_docs/kbn_core_http_server_mocks.mdx +++ b/api_docs/kbn_core_http_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-server-mocks title: "@kbn/core-http-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-server-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-server-mocks'] --- import kbnCoreHttpServerMocksObj from './kbn_core_http_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_i18n_browser.mdx b/api_docs/kbn_core_i18n_browser.mdx index 32b809f0f2627..b63cb1a69856a 100644 --- a/api_docs/kbn_core_i18n_browser.mdx +++ b/api_docs/kbn_core_i18n_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-i18n-browser title: "@kbn/core-i18n-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-i18n-browser plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-i18n-browser'] --- import kbnCoreI18nBrowserObj from './kbn_core_i18n_browser.devdocs.json'; diff --git a/api_docs/kbn_core_i18n_browser_mocks.mdx b/api_docs/kbn_core_i18n_browser_mocks.mdx index 5b0272a44324f..c7df3cb1b54b2 100644 --- a/api_docs/kbn_core_i18n_browser_mocks.mdx +++ b/api_docs/kbn_core_i18n_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-i18n-browser-mocks title: "@kbn/core-i18n-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-i18n-browser-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-i18n-browser-mocks'] --- import kbnCoreI18nBrowserMocksObj from './kbn_core_i18n_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_i18n_server.mdx b/api_docs/kbn_core_i18n_server.mdx index 3817c7fa344f9..7a5d4addfe31c 100644 --- a/api_docs/kbn_core_i18n_server.mdx +++ b/api_docs/kbn_core_i18n_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-i18n-server title: "@kbn/core-i18n-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-i18n-server plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-i18n-server'] --- import kbnCoreI18nServerObj from './kbn_core_i18n_server.devdocs.json'; diff --git a/api_docs/kbn_core_i18n_server_internal.mdx b/api_docs/kbn_core_i18n_server_internal.mdx index 459bdfb1083df..a261e66bf7d38 100644 --- a/api_docs/kbn_core_i18n_server_internal.mdx +++ b/api_docs/kbn_core_i18n_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-i18n-server-internal title: "@kbn/core-i18n-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-i18n-server-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-i18n-server-internal'] --- import kbnCoreI18nServerInternalObj from './kbn_core_i18n_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_i18n_server_mocks.mdx b/api_docs/kbn_core_i18n_server_mocks.mdx index bbfa66b8069ee..0c4063167a641 100644 --- a/api_docs/kbn_core_i18n_server_mocks.mdx +++ b/api_docs/kbn_core_i18n_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-i18n-server-mocks title: "@kbn/core-i18n-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-i18n-server-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-i18n-server-mocks'] --- import kbnCoreI18nServerMocksObj from './kbn_core_i18n_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_injected_metadata_browser_mocks.mdx b/api_docs/kbn_core_injected_metadata_browser_mocks.mdx index 67ff409e7d683..560b2cc24b040 100644 --- a/api_docs/kbn_core_injected_metadata_browser_mocks.mdx +++ b/api_docs/kbn_core_injected_metadata_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-injected-metadata-browser-mocks title: "@kbn/core-injected-metadata-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-injected-metadata-browser-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-injected-metadata-browser-mocks'] --- import kbnCoreInjectedMetadataBrowserMocksObj from './kbn_core_injected_metadata_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_integrations_browser_internal.mdx b/api_docs/kbn_core_integrations_browser_internal.mdx index a352be9d98085..40b56180f23b1 100644 --- a/api_docs/kbn_core_integrations_browser_internal.mdx +++ b/api_docs/kbn_core_integrations_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-integrations-browser-internal title: "@kbn/core-integrations-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-integrations-browser-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-integrations-browser-internal'] --- import kbnCoreIntegrationsBrowserInternalObj from './kbn_core_integrations_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_integrations_browser_mocks.mdx b/api_docs/kbn_core_integrations_browser_mocks.mdx index fdb686b66283d..e0f60928e9d76 100644 --- a/api_docs/kbn_core_integrations_browser_mocks.mdx +++ b/api_docs/kbn_core_integrations_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-integrations-browser-mocks title: "@kbn/core-integrations-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-integrations-browser-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-integrations-browser-mocks'] --- import kbnCoreIntegrationsBrowserMocksObj from './kbn_core_integrations_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_lifecycle_browser.mdx b/api_docs/kbn_core_lifecycle_browser.mdx index f7c56c678751c..235d6184db759 100644 --- a/api_docs/kbn_core_lifecycle_browser.mdx +++ b/api_docs/kbn_core_lifecycle_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-lifecycle-browser title: "@kbn/core-lifecycle-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-lifecycle-browser plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-lifecycle-browser'] --- import kbnCoreLifecycleBrowserObj from './kbn_core_lifecycle_browser.devdocs.json'; diff --git a/api_docs/kbn_core_lifecycle_browser_mocks.mdx b/api_docs/kbn_core_lifecycle_browser_mocks.mdx index fa642e999ea23..2b0be2e35f08e 100644 --- a/api_docs/kbn_core_lifecycle_browser_mocks.mdx +++ b/api_docs/kbn_core_lifecycle_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-lifecycle-browser-mocks title: "@kbn/core-lifecycle-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-lifecycle-browser-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-lifecycle-browser-mocks'] --- import kbnCoreLifecycleBrowserMocksObj from './kbn_core_lifecycle_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_lifecycle_server.mdx b/api_docs/kbn_core_lifecycle_server.mdx index 2a1b718a238cc..3e3d72d1c8ec1 100644 --- a/api_docs/kbn_core_lifecycle_server.mdx +++ b/api_docs/kbn_core_lifecycle_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-lifecycle-server title: "@kbn/core-lifecycle-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-lifecycle-server plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-lifecycle-server'] --- import kbnCoreLifecycleServerObj from './kbn_core_lifecycle_server.devdocs.json'; diff --git a/api_docs/kbn_core_lifecycle_server_mocks.mdx b/api_docs/kbn_core_lifecycle_server_mocks.mdx index 0afd199704354..1a85eb4240320 100644 --- a/api_docs/kbn_core_lifecycle_server_mocks.mdx +++ b/api_docs/kbn_core_lifecycle_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-lifecycle-server-mocks title: "@kbn/core-lifecycle-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-lifecycle-server-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-lifecycle-server-mocks'] --- import kbnCoreLifecycleServerMocksObj from './kbn_core_lifecycle_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_logging_browser_mocks.mdx b/api_docs/kbn_core_logging_browser_mocks.mdx index dfd05e29e1dac..51022dc6be376 100644 --- a/api_docs/kbn_core_logging_browser_mocks.mdx +++ b/api_docs/kbn_core_logging_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-logging-browser-mocks title: "@kbn/core-logging-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-logging-browser-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-logging-browser-mocks'] --- import kbnCoreLoggingBrowserMocksObj from './kbn_core_logging_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_logging_common_internal.mdx b/api_docs/kbn_core_logging_common_internal.mdx index 763e03692a7cc..6faea7d21a8ed 100644 --- a/api_docs/kbn_core_logging_common_internal.mdx +++ b/api_docs/kbn_core_logging_common_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-logging-common-internal title: "@kbn/core-logging-common-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-logging-common-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-logging-common-internal'] --- import kbnCoreLoggingCommonInternalObj from './kbn_core_logging_common_internal.devdocs.json'; diff --git a/api_docs/kbn_core_logging_server.mdx b/api_docs/kbn_core_logging_server.mdx index 34af2c49cbdaa..22a453a3384b8 100644 --- a/api_docs/kbn_core_logging_server.mdx +++ b/api_docs/kbn_core_logging_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-logging-server title: "@kbn/core-logging-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-logging-server plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-logging-server'] --- import kbnCoreLoggingServerObj from './kbn_core_logging_server.devdocs.json'; diff --git a/api_docs/kbn_core_logging_server_internal.mdx b/api_docs/kbn_core_logging_server_internal.mdx index 11f2e8a69602c..6c7916d6f73d2 100644 --- a/api_docs/kbn_core_logging_server_internal.mdx +++ b/api_docs/kbn_core_logging_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-logging-server-internal title: "@kbn/core-logging-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-logging-server-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-logging-server-internal'] --- import kbnCoreLoggingServerInternalObj from './kbn_core_logging_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_logging_server_mocks.mdx b/api_docs/kbn_core_logging_server_mocks.mdx index abfd9f9fbdeae..13d38bd5cf8d2 100644 --- a/api_docs/kbn_core_logging_server_mocks.mdx +++ b/api_docs/kbn_core_logging_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-logging-server-mocks title: "@kbn/core-logging-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-logging-server-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-logging-server-mocks'] --- import kbnCoreLoggingServerMocksObj from './kbn_core_logging_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_metrics_collectors_server_internal.mdx b/api_docs/kbn_core_metrics_collectors_server_internal.mdx index 076c35111499f..4a571036367b6 100644 --- a/api_docs/kbn_core_metrics_collectors_server_internal.mdx +++ b/api_docs/kbn_core_metrics_collectors_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-metrics-collectors-server-internal title: "@kbn/core-metrics-collectors-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-metrics-collectors-server-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-metrics-collectors-server-internal'] --- import kbnCoreMetricsCollectorsServerInternalObj from './kbn_core_metrics_collectors_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_metrics_collectors_server_mocks.mdx b/api_docs/kbn_core_metrics_collectors_server_mocks.mdx index 5679d903df4d7..6e8359d8e4e8b 100644 --- a/api_docs/kbn_core_metrics_collectors_server_mocks.mdx +++ b/api_docs/kbn_core_metrics_collectors_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-metrics-collectors-server-mocks title: "@kbn/core-metrics-collectors-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-metrics-collectors-server-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-metrics-collectors-server-mocks'] --- import kbnCoreMetricsCollectorsServerMocksObj from './kbn_core_metrics_collectors_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_metrics_server.mdx b/api_docs/kbn_core_metrics_server.mdx index d7f7e3174cefa..a76087cf985f3 100644 --- a/api_docs/kbn_core_metrics_server.mdx +++ b/api_docs/kbn_core_metrics_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-metrics-server title: "@kbn/core-metrics-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-metrics-server plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-metrics-server'] --- import kbnCoreMetricsServerObj from './kbn_core_metrics_server.devdocs.json'; diff --git a/api_docs/kbn_core_metrics_server_internal.mdx b/api_docs/kbn_core_metrics_server_internal.mdx index 31de27a4fb516..d10338fa23669 100644 --- a/api_docs/kbn_core_metrics_server_internal.mdx +++ b/api_docs/kbn_core_metrics_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-metrics-server-internal title: "@kbn/core-metrics-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-metrics-server-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-metrics-server-internal'] --- import kbnCoreMetricsServerInternalObj from './kbn_core_metrics_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_metrics_server_mocks.mdx b/api_docs/kbn_core_metrics_server_mocks.mdx index 3b67080466e45..084ac42ef20c8 100644 --- a/api_docs/kbn_core_metrics_server_mocks.mdx +++ b/api_docs/kbn_core_metrics_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-metrics-server-mocks title: "@kbn/core-metrics-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-metrics-server-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-metrics-server-mocks'] --- import kbnCoreMetricsServerMocksObj from './kbn_core_metrics_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_mount_utils_browser.mdx b/api_docs/kbn_core_mount_utils_browser.mdx index 40c461ca7cee4..6d01326bfc862 100644 --- a/api_docs/kbn_core_mount_utils_browser.mdx +++ b/api_docs/kbn_core_mount_utils_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-mount-utils-browser title: "@kbn/core-mount-utils-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-mount-utils-browser plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-mount-utils-browser'] --- import kbnCoreMountUtilsBrowserObj from './kbn_core_mount_utils_browser.devdocs.json'; diff --git a/api_docs/kbn_core_node_server.mdx b/api_docs/kbn_core_node_server.mdx index 15c2ef3a0b731..270ce433cc689 100644 --- a/api_docs/kbn_core_node_server.mdx +++ b/api_docs/kbn_core_node_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-node-server title: "@kbn/core-node-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-node-server plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-node-server'] --- import kbnCoreNodeServerObj from './kbn_core_node_server.devdocs.json'; diff --git a/api_docs/kbn_core_node_server_internal.mdx b/api_docs/kbn_core_node_server_internal.mdx index f3b6d02a8f7b2..ec07b4a518671 100644 --- a/api_docs/kbn_core_node_server_internal.mdx +++ b/api_docs/kbn_core_node_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-node-server-internal title: "@kbn/core-node-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-node-server-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-node-server-internal'] --- import kbnCoreNodeServerInternalObj from './kbn_core_node_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_node_server_mocks.mdx b/api_docs/kbn_core_node_server_mocks.mdx index 95fe95cb646bf..1f8660b9624cf 100644 --- a/api_docs/kbn_core_node_server_mocks.mdx +++ b/api_docs/kbn_core_node_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-node-server-mocks title: "@kbn/core-node-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-node-server-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-node-server-mocks'] --- import kbnCoreNodeServerMocksObj from './kbn_core_node_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_notifications_browser.mdx b/api_docs/kbn_core_notifications_browser.mdx index 8ed03bd0b4981..b6df8fa0c0991 100644 --- a/api_docs/kbn_core_notifications_browser.mdx +++ b/api_docs/kbn_core_notifications_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-notifications-browser title: "@kbn/core-notifications-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-notifications-browser plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-notifications-browser'] --- import kbnCoreNotificationsBrowserObj from './kbn_core_notifications_browser.devdocs.json'; diff --git a/api_docs/kbn_core_notifications_browser_internal.mdx b/api_docs/kbn_core_notifications_browser_internal.mdx index 175e1c70bbb0c..96c4a9cffecf8 100644 --- a/api_docs/kbn_core_notifications_browser_internal.mdx +++ b/api_docs/kbn_core_notifications_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-notifications-browser-internal title: "@kbn/core-notifications-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-notifications-browser-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-notifications-browser-internal'] --- import kbnCoreNotificationsBrowserInternalObj from './kbn_core_notifications_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_notifications_browser_mocks.mdx b/api_docs/kbn_core_notifications_browser_mocks.mdx index 83f39fe692b95..d2375731244a3 100644 --- a/api_docs/kbn_core_notifications_browser_mocks.mdx +++ b/api_docs/kbn_core_notifications_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-notifications-browser-mocks title: "@kbn/core-notifications-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-notifications-browser-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-notifications-browser-mocks'] --- import kbnCoreNotificationsBrowserMocksObj from './kbn_core_notifications_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_overlays_browser.mdx b/api_docs/kbn_core_overlays_browser.mdx index d949d6e662a2f..28c66479a9d65 100644 --- a/api_docs/kbn_core_overlays_browser.mdx +++ b/api_docs/kbn_core_overlays_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-overlays-browser title: "@kbn/core-overlays-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-overlays-browser plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-overlays-browser'] --- import kbnCoreOverlaysBrowserObj from './kbn_core_overlays_browser.devdocs.json'; diff --git a/api_docs/kbn_core_overlays_browser_internal.mdx b/api_docs/kbn_core_overlays_browser_internal.mdx index 76bee78a9cb2a..42ae09c09b361 100644 --- a/api_docs/kbn_core_overlays_browser_internal.mdx +++ b/api_docs/kbn_core_overlays_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-overlays-browser-internal title: "@kbn/core-overlays-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-overlays-browser-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-overlays-browser-internal'] --- import kbnCoreOverlaysBrowserInternalObj from './kbn_core_overlays_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_overlays_browser_mocks.mdx b/api_docs/kbn_core_overlays_browser_mocks.mdx index a4f4cd855943e..2e987e4fbef6e 100644 --- a/api_docs/kbn_core_overlays_browser_mocks.mdx +++ b/api_docs/kbn_core_overlays_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-overlays-browser-mocks title: "@kbn/core-overlays-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-overlays-browser-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-overlays-browser-mocks'] --- import kbnCoreOverlaysBrowserMocksObj from './kbn_core_overlays_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_plugins_browser.mdx b/api_docs/kbn_core_plugins_browser.mdx index b77da95b5ede7..b0ccca2ee9757 100644 --- a/api_docs/kbn_core_plugins_browser.mdx +++ b/api_docs/kbn_core_plugins_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-plugins-browser title: "@kbn/core-plugins-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-plugins-browser plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-plugins-browser'] --- import kbnCorePluginsBrowserObj from './kbn_core_plugins_browser.devdocs.json'; diff --git a/api_docs/kbn_core_plugins_browser_mocks.mdx b/api_docs/kbn_core_plugins_browser_mocks.mdx index 929a0ebbc28ad..30d0f384d2822 100644 --- a/api_docs/kbn_core_plugins_browser_mocks.mdx +++ b/api_docs/kbn_core_plugins_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-plugins-browser-mocks title: "@kbn/core-plugins-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-plugins-browser-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-plugins-browser-mocks'] --- import kbnCorePluginsBrowserMocksObj from './kbn_core_plugins_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_plugins_contracts_browser.mdx b/api_docs/kbn_core_plugins_contracts_browser.mdx index 6c7d206c18fe1..15b89a6ba37fe 100644 --- a/api_docs/kbn_core_plugins_contracts_browser.mdx +++ b/api_docs/kbn_core_plugins_contracts_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-plugins-contracts-browser title: "@kbn/core-plugins-contracts-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-plugins-contracts-browser plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-plugins-contracts-browser'] --- import kbnCorePluginsContractsBrowserObj from './kbn_core_plugins_contracts_browser.devdocs.json'; diff --git a/api_docs/kbn_core_plugins_contracts_server.mdx b/api_docs/kbn_core_plugins_contracts_server.mdx index 1cb22ec9f9793..627a7bdcc1564 100644 --- a/api_docs/kbn_core_plugins_contracts_server.mdx +++ b/api_docs/kbn_core_plugins_contracts_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-plugins-contracts-server title: "@kbn/core-plugins-contracts-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-plugins-contracts-server plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-plugins-contracts-server'] --- import kbnCorePluginsContractsServerObj from './kbn_core_plugins_contracts_server.devdocs.json'; diff --git a/api_docs/kbn_core_plugins_server.mdx b/api_docs/kbn_core_plugins_server.mdx index 619d446811355..479b07eb6212a 100644 --- a/api_docs/kbn_core_plugins_server.mdx +++ b/api_docs/kbn_core_plugins_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-plugins-server title: "@kbn/core-plugins-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-plugins-server plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-plugins-server'] --- import kbnCorePluginsServerObj from './kbn_core_plugins_server.devdocs.json'; diff --git a/api_docs/kbn_core_plugins_server_mocks.mdx b/api_docs/kbn_core_plugins_server_mocks.mdx index af9c803db8379..c8516a132a44e 100644 --- a/api_docs/kbn_core_plugins_server_mocks.mdx +++ b/api_docs/kbn_core_plugins_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-plugins-server-mocks title: "@kbn/core-plugins-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-plugins-server-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-plugins-server-mocks'] --- import kbnCorePluginsServerMocksObj from './kbn_core_plugins_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_preboot_server.mdx b/api_docs/kbn_core_preboot_server.mdx index f4d24c14265e2..820b9335e5a63 100644 --- a/api_docs/kbn_core_preboot_server.mdx +++ b/api_docs/kbn_core_preboot_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-preboot-server title: "@kbn/core-preboot-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-preboot-server plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-preboot-server'] --- import kbnCorePrebootServerObj from './kbn_core_preboot_server.devdocs.json'; diff --git a/api_docs/kbn_core_preboot_server_mocks.mdx b/api_docs/kbn_core_preboot_server_mocks.mdx index 807afb4b254cc..5bba932fb2adc 100644 --- a/api_docs/kbn_core_preboot_server_mocks.mdx +++ b/api_docs/kbn_core_preboot_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-preboot-server-mocks title: "@kbn/core-preboot-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-preboot-server-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-preboot-server-mocks'] --- import kbnCorePrebootServerMocksObj from './kbn_core_preboot_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_rendering_browser_mocks.mdx b/api_docs/kbn_core_rendering_browser_mocks.mdx index b7b13e7497351..d1e587f93aa38 100644 --- a/api_docs/kbn_core_rendering_browser_mocks.mdx +++ b/api_docs/kbn_core_rendering_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-rendering-browser-mocks title: "@kbn/core-rendering-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-rendering-browser-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-rendering-browser-mocks'] --- import kbnCoreRenderingBrowserMocksObj from './kbn_core_rendering_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_rendering_server_internal.mdx b/api_docs/kbn_core_rendering_server_internal.mdx index c39603bf942c5..b03f919df0aca 100644 --- a/api_docs/kbn_core_rendering_server_internal.mdx +++ b/api_docs/kbn_core_rendering_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-rendering-server-internal title: "@kbn/core-rendering-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-rendering-server-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-rendering-server-internal'] --- import kbnCoreRenderingServerInternalObj from './kbn_core_rendering_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_rendering_server_mocks.mdx b/api_docs/kbn_core_rendering_server_mocks.mdx index dd824f72d385b..64b2911317293 100644 --- a/api_docs/kbn_core_rendering_server_mocks.mdx +++ b/api_docs/kbn_core_rendering_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-rendering-server-mocks title: "@kbn/core-rendering-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-rendering-server-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-rendering-server-mocks'] --- import kbnCoreRenderingServerMocksObj from './kbn_core_rendering_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_root_server_internal.mdx b/api_docs/kbn_core_root_server_internal.mdx index a38fae00301e2..945339202f3b9 100644 --- a/api_docs/kbn_core_root_server_internal.mdx +++ b/api_docs/kbn_core_root_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-root-server-internal title: "@kbn/core-root-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-root-server-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-root-server-internal'] --- import kbnCoreRootServerInternalObj from './kbn_core_root_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_api_browser.mdx b/api_docs/kbn_core_saved_objects_api_browser.mdx index 8504e5f311488..19bbcae795c76 100644 --- a/api_docs/kbn_core_saved_objects_api_browser.mdx +++ b/api_docs/kbn_core_saved_objects_api_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-api-browser title: "@kbn/core-saved-objects-api-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-api-browser plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-api-browser'] --- import kbnCoreSavedObjectsApiBrowserObj from './kbn_core_saved_objects_api_browser.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_api_server.mdx b/api_docs/kbn_core_saved_objects_api_server.mdx index 61839dfa6d6f1..30faac237398e 100644 --- a/api_docs/kbn_core_saved_objects_api_server.mdx +++ b/api_docs/kbn_core_saved_objects_api_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-api-server title: "@kbn/core-saved-objects-api-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-api-server plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-api-server'] --- import kbnCoreSavedObjectsApiServerObj from './kbn_core_saved_objects_api_server.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_api_server_mocks.mdx b/api_docs/kbn_core_saved_objects_api_server_mocks.mdx index 1a05aed06dee6..d1bfa2155607f 100644 --- a/api_docs/kbn_core_saved_objects_api_server_mocks.mdx +++ b/api_docs/kbn_core_saved_objects_api_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-api-server-mocks title: "@kbn/core-saved-objects-api-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-api-server-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-api-server-mocks'] --- import kbnCoreSavedObjectsApiServerMocksObj from './kbn_core_saved_objects_api_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_base_server_internal.mdx b/api_docs/kbn_core_saved_objects_base_server_internal.mdx index c5181ad57baf1..1b4d56496995f 100644 --- a/api_docs/kbn_core_saved_objects_base_server_internal.mdx +++ b/api_docs/kbn_core_saved_objects_base_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-base-server-internal title: "@kbn/core-saved-objects-base-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-base-server-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-base-server-internal'] --- import kbnCoreSavedObjectsBaseServerInternalObj from './kbn_core_saved_objects_base_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_base_server_mocks.mdx b/api_docs/kbn_core_saved_objects_base_server_mocks.mdx index d34102ed8c492..fbf78519afbdd 100644 --- a/api_docs/kbn_core_saved_objects_base_server_mocks.mdx +++ b/api_docs/kbn_core_saved_objects_base_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-base-server-mocks title: "@kbn/core-saved-objects-base-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-base-server-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-base-server-mocks'] --- import kbnCoreSavedObjectsBaseServerMocksObj from './kbn_core_saved_objects_base_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_browser.mdx b/api_docs/kbn_core_saved_objects_browser.mdx index a03c308a5904b..4bf8adcdb4c18 100644 --- a/api_docs/kbn_core_saved_objects_browser.mdx +++ b/api_docs/kbn_core_saved_objects_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-browser title: "@kbn/core-saved-objects-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-browser plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-browser'] --- import kbnCoreSavedObjectsBrowserObj from './kbn_core_saved_objects_browser.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_browser_internal.mdx b/api_docs/kbn_core_saved_objects_browser_internal.mdx index 3da90c5300fcb..2cf7b18734ba8 100644 --- a/api_docs/kbn_core_saved_objects_browser_internal.mdx +++ b/api_docs/kbn_core_saved_objects_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-browser-internal title: "@kbn/core-saved-objects-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-browser-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-browser-internal'] --- import kbnCoreSavedObjectsBrowserInternalObj from './kbn_core_saved_objects_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_browser_mocks.mdx b/api_docs/kbn_core_saved_objects_browser_mocks.mdx index a4ca8ee0ddd63..eded29c048c48 100644 --- a/api_docs/kbn_core_saved_objects_browser_mocks.mdx +++ b/api_docs/kbn_core_saved_objects_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-browser-mocks title: "@kbn/core-saved-objects-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-browser-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-browser-mocks'] --- import kbnCoreSavedObjectsBrowserMocksObj from './kbn_core_saved_objects_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_common.mdx b/api_docs/kbn_core_saved_objects_common.mdx index 34a0234c42ce0..78e72fef1618f 100644 --- a/api_docs/kbn_core_saved_objects_common.mdx +++ b/api_docs/kbn_core_saved_objects_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-common title: "@kbn/core-saved-objects-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-common plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-common'] --- import kbnCoreSavedObjectsCommonObj from './kbn_core_saved_objects_common.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_import_export_server_internal.mdx b/api_docs/kbn_core_saved_objects_import_export_server_internal.mdx index e7fbda0081e88..d2538ec60c794 100644 --- a/api_docs/kbn_core_saved_objects_import_export_server_internal.mdx +++ b/api_docs/kbn_core_saved_objects_import_export_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-import-export-server-internal title: "@kbn/core-saved-objects-import-export-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-import-export-server-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-import-export-server-internal'] --- import kbnCoreSavedObjectsImportExportServerInternalObj from './kbn_core_saved_objects_import_export_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_import_export_server_mocks.mdx b/api_docs/kbn_core_saved_objects_import_export_server_mocks.mdx index 7878f297187cb..400e75eb100db 100644 --- a/api_docs/kbn_core_saved_objects_import_export_server_mocks.mdx +++ b/api_docs/kbn_core_saved_objects_import_export_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-import-export-server-mocks title: "@kbn/core-saved-objects-import-export-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-import-export-server-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-import-export-server-mocks'] --- import kbnCoreSavedObjectsImportExportServerMocksObj from './kbn_core_saved_objects_import_export_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_migration_server_internal.mdx b/api_docs/kbn_core_saved_objects_migration_server_internal.mdx index cd515832752cb..56a3e157b6a8f 100644 --- a/api_docs/kbn_core_saved_objects_migration_server_internal.mdx +++ b/api_docs/kbn_core_saved_objects_migration_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-migration-server-internal title: "@kbn/core-saved-objects-migration-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-migration-server-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-migration-server-internal'] --- import kbnCoreSavedObjectsMigrationServerInternalObj from './kbn_core_saved_objects_migration_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_migration_server_mocks.mdx b/api_docs/kbn_core_saved_objects_migration_server_mocks.mdx index 89ac7214f0b9e..acdbf0baa96b7 100644 --- a/api_docs/kbn_core_saved_objects_migration_server_mocks.mdx +++ b/api_docs/kbn_core_saved_objects_migration_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-migration-server-mocks title: "@kbn/core-saved-objects-migration-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-migration-server-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-migration-server-mocks'] --- import kbnCoreSavedObjectsMigrationServerMocksObj from './kbn_core_saved_objects_migration_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_server.mdx b/api_docs/kbn_core_saved_objects_server.mdx index bb3f3783162ef..d1ad114b84410 100644 --- a/api_docs/kbn_core_saved_objects_server.mdx +++ b/api_docs/kbn_core_saved_objects_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-server title: "@kbn/core-saved-objects-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-server plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-server'] --- import kbnCoreSavedObjectsServerObj from './kbn_core_saved_objects_server.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_server_internal.mdx b/api_docs/kbn_core_saved_objects_server_internal.mdx index da9470a9d88b5..d4aefe61e9df5 100644 --- a/api_docs/kbn_core_saved_objects_server_internal.mdx +++ b/api_docs/kbn_core_saved_objects_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-server-internal title: "@kbn/core-saved-objects-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-server-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-server-internal'] --- import kbnCoreSavedObjectsServerInternalObj from './kbn_core_saved_objects_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_server_mocks.mdx b/api_docs/kbn_core_saved_objects_server_mocks.mdx index a0803b97d8e5a..11be88534bd3f 100644 --- a/api_docs/kbn_core_saved_objects_server_mocks.mdx +++ b/api_docs/kbn_core_saved_objects_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-server-mocks title: "@kbn/core-saved-objects-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-server-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-server-mocks'] --- import kbnCoreSavedObjectsServerMocksObj from './kbn_core_saved_objects_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_utils_server.mdx b/api_docs/kbn_core_saved_objects_utils_server.mdx index 05db75320f72a..4ef6d6f230a38 100644 --- a/api_docs/kbn_core_saved_objects_utils_server.mdx +++ b/api_docs/kbn_core_saved_objects_utils_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-utils-server title: "@kbn/core-saved-objects-utils-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-utils-server plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-utils-server'] --- import kbnCoreSavedObjectsUtilsServerObj from './kbn_core_saved_objects_utils_server.devdocs.json'; diff --git a/api_docs/kbn_core_security_browser.mdx b/api_docs/kbn_core_security_browser.mdx index d8270c2356daf..593fed51d048a 100644 --- a/api_docs/kbn_core_security_browser.mdx +++ b/api_docs/kbn_core_security_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-security-browser title: "@kbn/core-security-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-security-browser plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-security-browser'] --- import kbnCoreSecurityBrowserObj from './kbn_core_security_browser.devdocs.json'; diff --git a/api_docs/kbn_core_security_browser_internal.mdx b/api_docs/kbn_core_security_browser_internal.mdx index 4a415eadb74b1..776af0fe2e850 100644 --- a/api_docs/kbn_core_security_browser_internal.mdx +++ b/api_docs/kbn_core_security_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-security-browser-internal title: "@kbn/core-security-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-security-browser-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-security-browser-internal'] --- import kbnCoreSecurityBrowserInternalObj from './kbn_core_security_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_security_browser_mocks.mdx b/api_docs/kbn_core_security_browser_mocks.mdx index 65c34d8aaca13..d8989d8e6294c 100644 --- a/api_docs/kbn_core_security_browser_mocks.mdx +++ b/api_docs/kbn_core_security_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-security-browser-mocks title: "@kbn/core-security-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-security-browser-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-security-browser-mocks'] --- import kbnCoreSecurityBrowserMocksObj from './kbn_core_security_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_security_common.mdx b/api_docs/kbn_core_security_common.mdx index 67c48b20ad67a..63543ced3213c 100644 --- a/api_docs/kbn_core_security_common.mdx +++ b/api_docs/kbn_core_security_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-security-common title: "@kbn/core-security-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-security-common plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-security-common'] --- import kbnCoreSecurityCommonObj from './kbn_core_security_common.devdocs.json'; diff --git a/api_docs/kbn_core_security_server.mdx b/api_docs/kbn_core_security_server.mdx index 5381721f161d5..ea2c03c7be52a 100644 --- a/api_docs/kbn_core_security_server.mdx +++ b/api_docs/kbn_core_security_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-security-server title: "@kbn/core-security-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-security-server plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-security-server'] --- import kbnCoreSecurityServerObj from './kbn_core_security_server.devdocs.json'; diff --git a/api_docs/kbn_core_security_server_internal.mdx b/api_docs/kbn_core_security_server_internal.mdx index a9280231c76b2..a8872ad061a25 100644 --- a/api_docs/kbn_core_security_server_internal.mdx +++ b/api_docs/kbn_core_security_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-security-server-internal title: "@kbn/core-security-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-security-server-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-security-server-internal'] --- import kbnCoreSecurityServerInternalObj from './kbn_core_security_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_security_server_mocks.mdx b/api_docs/kbn_core_security_server_mocks.mdx index 04caadfcdecf8..53441938019bd 100644 --- a/api_docs/kbn_core_security_server_mocks.mdx +++ b/api_docs/kbn_core_security_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-security-server-mocks title: "@kbn/core-security-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-security-server-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-security-server-mocks'] --- import kbnCoreSecurityServerMocksObj from './kbn_core_security_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_status_common.mdx b/api_docs/kbn_core_status_common.mdx index f231a662c32f3..30ddd9ec6b060 100644 --- a/api_docs/kbn_core_status_common.mdx +++ b/api_docs/kbn_core_status_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-status-common title: "@kbn/core-status-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-status-common plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-status-common'] --- import kbnCoreStatusCommonObj from './kbn_core_status_common.devdocs.json'; diff --git a/api_docs/kbn_core_status_common_internal.mdx b/api_docs/kbn_core_status_common_internal.mdx index f07d5fe5b3a23..29dbac53c7d9b 100644 --- a/api_docs/kbn_core_status_common_internal.mdx +++ b/api_docs/kbn_core_status_common_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-status-common-internal title: "@kbn/core-status-common-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-status-common-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-status-common-internal'] --- import kbnCoreStatusCommonInternalObj from './kbn_core_status_common_internal.devdocs.json'; diff --git a/api_docs/kbn_core_status_server.mdx b/api_docs/kbn_core_status_server.mdx index 42547f2491be3..da6aa7653d15d 100644 --- a/api_docs/kbn_core_status_server.mdx +++ b/api_docs/kbn_core_status_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-status-server title: "@kbn/core-status-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-status-server plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-status-server'] --- import kbnCoreStatusServerObj from './kbn_core_status_server.devdocs.json'; diff --git a/api_docs/kbn_core_status_server_internal.mdx b/api_docs/kbn_core_status_server_internal.mdx index 6e2ced67bc827..8ae16f3b7e623 100644 --- a/api_docs/kbn_core_status_server_internal.mdx +++ b/api_docs/kbn_core_status_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-status-server-internal title: "@kbn/core-status-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-status-server-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-status-server-internal'] --- import kbnCoreStatusServerInternalObj from './kbn_core_status_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_status_server_mocks.mdx b/api_docs/kbn_core_status_server_mocks.mdx index f49f0ea535bd5..7882459c889d5 100644 --- a/api_docs/kbn_core_status_server_mocks.mdx +++ b/api_docs/kbn_core_status_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-status-server-mocks title: "@kbn/core-status-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-status-server-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-status-server-mocks'] --- import kbnCoreStatusServerMocksObj from './kbn_core_status_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_test_helpers_deprecations_getters.mdx b/api_docs/kbn_core_test_helpers_deprecations_getters.mdx index 6b4f8d8a15db0..6ebb9f75434e0 100644 --- a/api_docs/kbn_core_test_helpers_deprecations_getters.mdx +++ b/api_docs/kbn_core_test_helpers_deprecations_getters.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-test-helpers-deprecations-getters title: "@kbn/core-test-helpers-deprecations-getters" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-test-helpers-deprecations-getters plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-test-helpers-deprecations-getters'] --- import kbnCoreTestHelpersDeprecationsGettersObj from './kbn_core_test_helpers_deprecations_getters.devdocs.json'; diff --git a/api_docs/kbn_core_test_helpers_http_setup_browser.mdx b/api_docs/kbn_core_test_helpers_http_setup_browser.mdx index 2c3e7df514b3a..c0076367babc2 100644 --- a/api_docs/kbn_core_test_helpers_http_setup_browser.mdx +++ b/api_docs/kbn_core_test_helpers_http_setup_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-test-helpers-http-setup-browser title: "@kbn/core-test-helpers-http-setup-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-test-helpers-http-setup-browser plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-test-helpers-http-setup-browser'] --- import kbnCoreTestHelpersHttpSetupBrowserObj from './kbn_core_test_helpers_http_setup_browser.devdocs.json'; diff --git a/api_docs/kbn_core_test_helpers_kbn_server.mdx b/api_docs/kbn_core_test_helpers_kbn_server.mdx index 7310ce2237d38..ec13f31d38681 100644 --- a/api_docs/kbn_core_test_helpers_kbn_server.mdx +++ b/api_docs/kbn_core_test_helpers_kbn_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-test-helpers-kbn-server title: "@kbn/core-test-helpers-kbn-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-test-helpers-kbn-server plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-test-helpers-kbn-server'] --- import kbnCoreTestHelpersKbnServerObj from './kbn_core_test_helpers_kbn_server.devdocs.json'; diff --git a/api_docs/kbn_core_test_helpers_model_versions.mdx b/api_docs/kbn_core_test_helpers_model_versions.mdx index fa52224e358dd..bcbb3688c50c8 100644 --- a/api_docs/kbn_core_test_helpers_model_versions.mdx +++ b/api_docs/kbn_core_test_helpers_model_versions.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-test-helpers-model-versions title: "@kbn/core-test-helpers-model-versions" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-test-helpers-model-versions plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-test-helpers-model-versions'] --- import kbnCoreTestHelpersModelVersionsObj from './kbn_core_test_helpers_model_versions.devdocs.json'; diff --git a/api_docs/kbn_core_test_helpers_so_type_serializer.mdx b/api_docs/kbn_core_test_helpers_so_type_serializer.mdx index 4434f30a923b3..27705a5d65962 100644 --- a/api_docs/kbn_core_test_helpers_so_type_serializer.mdx +++ b/api_docs/kbn_core_test_helpers_so_type_serializer.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-test-helpers-so-type-serializer title: "@kbn/core-test-helpers-so-type-serializer" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-test-helpers-so-type-serializer plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-test-helpers-so-type-serializer'] --- import kbnCoreTestHelpersSoTypeSerializerObj from './kbn_core_test_helpers_so_type_serializer.devdocs.json'; diff --git a/api_docs/kbn_core_test_helpers_test_utils.mdx b/api_docs/kbn_core_test_helpers_test_utils.mdx index ce656fff3f053..31ba3217b9950 100644 --- a/api_docs/kbn_core_test_helpers_test_utils.mdx +++ b/api_docs/kbn_core_test_helpers_test_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-test-helpers-test-utils title: "@kbn/core-test-helpers-test-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-test-helpers-test-utils plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-test-helpers-test-utils'] --- import kbnCoreTestHelpersTestUtilsObj from './kbn_core_test_helpers_test_utils.devdocs.json'; diff --git a/api_docs/kbn_core_theme_browser.mdx b/api_docs/kbn_core_theme_browser.mdx index dd701e43f89ec..cb21e26ec98a7 100644 --- a/api_docs/kbn_core_theme_browser.mdx +++ b/api_docs/kbn_core_theme_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-theme-browser title: "@kbn/core-theme-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-theme-browser plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-theme-browser'] --- import kbnCoreThemeBrowserObj from './kbn_core_theme_browser.devdocs.json'; diff --git a/api_docs/kbn_core_theme_browser_mocks.mdx b/api_docs/kbn_core_theme_browser_mocks.mdx index ee57ec191b247..6edf44e8dbee5 100644 --- a/api_docs/kbn_core_theme_browser_mocks.mdx +++ b/api_docs/kbn_core_theme_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-theme-browser-mocks title: "@kbn/core-theme-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-theme-browser-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-theme-browser-mocks'] --- import kbnCoreThemeBrowserMocksObj from './kbn_core_theme_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_ui_settings_browser.mdx b/api_docs/kbn_core_ui_settings_browser.mdx index a4c572b6abcca..112e2c393d164 100644 --- a/api_docs/kbn_core_ui_settings_browser.mdx +++ b/api_docs/kbn_core_ui_settings_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-ui-settings-browser title: "@kbn/core-ui-settings-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-ui-settings-browser plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-ui-settings-browser'] --- import kbnCoreUiSettingsBrowserObj from './kbn_core_ui_settings_browser.devdocs.json'; diff --git a/api_docs/kbn_core_ui_settings_browser_internal.mdx b/api_docs/kbn_core_ui_settings_browser_internal.mdx index 6f2e5361990a9..7077b40fc35ae 100644 --- a/api_docs/kbn_core_ui_settings_browser_internal.mdx +++ b/api_docs/kbn_core_ui_settings_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-ui-settings-browser-internal title: "@kbn/core-ui-settings-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-ui-settings-browser-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-ui-settings-browser-internal'] --- import kbnCoreUiSettingsBrowserInternalObj from './kbn_core_ui_settings_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_ui_settings_browser_mocks.mdx b/api_docs/kbn_core_ui_settings_browser_mocks.mdx index 7372cec921d44..a7f6d5b4a5ee9 100644 --- a/api_docs/kbn_core_ui_settings_browser_mocks.mdx +++ b/api_docs/kbn_core_ui_settings_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-ui-settings-browser-mocks title: "@kbn/core-ui-settings-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-ui-settings-browser-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-ui-settings-browser-mocks'] --- import kbnCoreUiSettingsBrowserMocksObj from './kbn_core_ui_settings_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_ui_settings_common.mdx b/api_docs/kbn_core_ui_settings_common.mdx index dcfc19a59f8ad..424f526681436 100644 --- a/api_docs/kbn_core_ui_settings_common.mdx +++ b/api_docs/kbn_core_ui_settings_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-ui-settings-common title: "@kbn/core-ui-settings-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-ui-settings-common plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-ui-settings-common'] --- import kbnCoreUiSettingsCommonObj from './kbn_core_ui_settings_common.devdocs.json'; diff --git a/api_docs/kbn_core_ui_settings_server.mdx b/api_docs/kbn_core_ui_settings_server.mdx index d485391e59760..2a620c31a3d7e 100644 --- a/api_docs/kbn_core_ui_settings_server.mdx +++ b/api_docs/kbn_core_ui_settings_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-ui-settings-server title: "@kbn/core-ui-settings-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-ui-settings-server plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-ui-settings-server'] --- import kbnCoreUiSettingsServerObj from './kbn_core_ui_settings_server.devdocs.json'; diff --git a/api_docs/kbn_core_ui_settings_server_internal.mdx b/api_docs/kbn_core_ui_settings_server_internal.mdx index cce9d0bcb41fa..ae2a024af1fb9 100644 --- a/api_docs/kbn_core_ui_settings_server_internal.mdx +++ b/api_docs/kbn_core_ui_settings_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-ui-settings-server-internal title: "@kbn/core-ui-settings-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-ui-settings-server-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-ui-settings-server-internal'] --- import kbnCoreUiSettingsServerInternalObj from './kbn_core_ui_settings_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_ui_settings_server_mocks.mdx b/api_docs/kbn_core_ui_settings_server_mocks.mdx index f7f84eb029efa..35eaa618fd0b6 100644 --- a/api_docs/kbn_core_ui_settings_server_mocks.mdx +++ b/api_docs/kbn_core_ui_settings_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-ui-settings-server-mocks title: "@kbn/core-ui-settings-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-ui-settings-server-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-ui-settings-server-mocks'] --- import kbnCoreUiSettingsServerMocksObj from './kbn_core_ui_settings_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_usage_data_server.mdx b/api_docs/kbn_core_usage_data_server.mdx index 9fb0f157d7a9f..4c1b8c3b94bec 100644 --- a/api_docs/kbn_core_usage_data_server.mdx +++ b/api_docs/kbn_core_usage_data_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-usage-data-server title: "@kbn/core-usage-data-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-usage-data-server plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-usage-data-server'] --- import kbnCoreUsageDataServerObj from './kbn_core_usage_data_server.devdocs.json'; diff --git a/api_docs/kbn_core_usage_data_server_internal.mdx b/api_docs/kbn_core_usage_data_server_internal.mdx index 15bfb0473a899..8efb8aec5c180 100644 --- a/api_docs/kbn_core_usage_data_server_internal.mdx +++ b/api_docs/kbn_core_usage_data_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-usage-data-server-internal title: "@kbn/core-usage-data-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-usage-data-server-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-usage-data-server-internal'] --- import kbnCoreUsageDataServerInternalObj from './kbn_core_usage_data_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_usage_data_server_mocks.mdx b/api_docs/kbn_core_usage_data_server_mocks.mdx index c3a68f09474f6..cfb459929b2ff 100644 --- a/api_docs/kbn_core_usage_data_server_mocks.mdx +++ b/api_docs/kbn_core_usage_data_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-usage-data-server-mocks title: "@kbn/core-usage-data-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-usage-data-server-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-usage-data-server-mocks'] --- import kbnCoreUsageDataServerMocksObj from './kbn_core_usage_data_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_user_profile_browser.mdx b/api_docs/kbn_core_user_profile_browser.mdx index e1b2fc5fafca8..375dea72562ce 100644 --- a/api_docs/kbn_core_user_profile_browser.mdx +++ b/api_docs/kbn_core_user_profile_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-profile-browser title: "@kbn/core-user-profile-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-profile-browser plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-profile-browser'] --- import kbnCoreUserProfileBrowserObj from './kbn_core_user_profile_browser.devdocs.json'; diff --git a/api_docs/kbn_core_user_profile_browser_internal.mdx b/api_docs/kbn_core_user_profile_browser_internal.mdx index 8750b75876460..cd21921c62147 100644 --- a/api_docs/kbn_core_user_profile_browser_internal.mdx +++ b/api_docs/kbn_core_user_profile_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-profile-browser-internal title: "@kbn/core-user-profile-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-profile-browser-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-profile-browser-internal'] --- import kbnCoreUserProfileBrowserInternalObj from './kbn_core_user_profile_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_user_profile_browser_mocks.mdx b/api_docs/kbn_core_user_profile_browser_mocks.mdx index ca22017592f22..a795c4559de08 100644 --- a/api_docs/kbn_core_user_profile_browser_mocks.mdx +++ b/api_docs/kbn_core_user_profile_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-profile-browser-mocks title: "@kbn/core-user-profile-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-profile-browser-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-profile-browser-mocks'] --- import kbnCoreUserProfileBrowserMocksObj from './kbn_core_user_profile_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_user_profile_common.mdx b/api_docs/kbn_core_user_profile_common.mdx index 2b9e49bcf65a6..f7a511e6c7c7b 100644 --- a/api_docs/kbn_core_user_profile_common.mdx +++ b/api_docs/kbn_core_user_profile_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-profile-common title: "@kbn/core-user-profile-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-profile-common plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-profile-common'] --- import kbnCoreUserProfileCommonObj from './kbn_core_user_profile_common.devdocs.json'; diff --git a/api_docs/kbn_core_user_profile_server.mdx b/api_docs/kbn_core_user_profile_server.mdx index d1bedab0a65f9..89fed169d754b 100644 --- a/api_docs/kbn_core_user_profile_server.mdx +++ b/api_docs/kbn_core_user_profile_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-profile-server title: "@kbn/core-user-profile-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-profile-server plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-profile-server'] --- import kbnCoreUserProfileServerObj from './kbn_core_user_profile_server.devdocs.json'; diff --git a/api_docs/kbn_core_user_profile_server_internal.mdx b/api_docs/kbn_core_user_profile_server_internal.mdx index 8f7390f556699..411d91a5255e6 100644 --- a/api_docs/kbn_core_user_profile_server_internal.mdx +++ b/api_docs/kbn_core_user_profile_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-profile-server-internal title: "@kbn/core-user-profile-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-profile-server-internal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-profile-server-internal'] --- import kbnCoreUserProfileServerInternalObj from './kbn_core_user_profile_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_user_profile_server_mocks.mdx b/api_docs/kbn_core_user_profile_server_mocks.mdx index c70d21055c6e9..e2af83c2f7daa 100644 --- a/api_docs/kbn_core_user_profile_server_mocks.mdx +++ b/api_docs/kbn_core_user_profile_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-profile-server-mocks title: "@kbn/core-user-profile-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-profile-server-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-profile-server-mocks'] --- import kbnCoreUserProfileServerMocksObj from './kbn_core_user_profile_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_user_settings_server.mdx b/api_docs/kbn_core_user_settings_server.mdx index c7283f8520707..80df4aeb8fb7d 100644 --- a/api_docs/kbn_core_user_settings_server.mdx +++ b/api_docs/kbn_core_user_settings_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-settings-server title: "@kbn/core-user-settings-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-settings-server plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-settings-server'] --- import kbnCoreUserSettingsServerObj from './kbn_core_user_settings_server.devdocs.json'; diff --git a/api_docs/kbn_core_user_settings_server_mocks.mdx b/api_docs/kbn_core_user_settings_server_mocks.mdx index 54ee94fd3025a..3077176d2392d 100644 --- a/api_docs/kbn_core_user_settings_server_mocks.mdx +++ b/api_docs/kbn_core_user_settings_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-settings-server-mocks title: "@kbn/core-user-settings-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-settings-server-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-settings-server-mocks'] --- import kbnCoreUserSettingsServerMocksObj from './kbn_core_user_settings_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_crypto.mdx b/api_docs/kbn_crypto.mdx index 497b6e1d76e3b..1840ac53317a1 100644 --- a/api_docs/kbn_crypto.mdx +++ b/api_docs/kbn_crypto.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-crypto title: "@kbn/crypto" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/crypto plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/crypto'] --- import kbnCryptoObj from './kbn_crypto.devdocs.json'; diff --git a/api_docs/kbn_crypto_browser.mdx b/api_docs/kbn_crypto_browser.mdx index cb50f024548d8..a9781f6162faa 100644 --- a/api_docs/kbn_crypto_browser.mdx +++ b/api_docs/kbn_crypto_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-crypto-browser title: "@kbn/crypto-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/crypto-browser plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/crypto-browser'] --- import kbnCryptoBrowserObj from './kbn_crypto_browser.devdocs.json'; diff --git a/api_docs/kbn_custom_icons.mdx b/api_docs/kbn_custom_icons.mdx index 8595e357d3e53..923867e1697f8 100644 --- a/api_docs/kbn_custom_icons.mdx +++ b/api_docs/kbn_custom_icons.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-custom-icons title: "@kbn/custom-icons" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/custom-icons plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/custom-icons'] --- import kbnCustomIconsObj from './kbn_custom_icons.devdocs.json'; diff --git a/api_docs/kbn_custom_integrations.mdx b/api_docs/kbn_custom_integrations.mdx index f224bc7e5d46e..c082eeafb5a4e 100644 --- a/api_docs/kbn_custom_integrations.mdx +++ b/api_docs/kbn_custom_integrations.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-custom-integrations title: "@kbn/custom-integrations" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/custom-integrations plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/custom-integrations'] --- import kbnCustomIntegrationsObj from './kbn_custom_integrations.devdocs.json'; diff --git a/api_docs/kbn_cypress_config.mdx b/api_docs/kbn_cypress_config.mdx index ee0ffefdf4c28..5beffc6258afc 100644 --- a/api_docs/kbn_cypress_config.mdx +++ b/api_docs/kbn_cypress_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-cypress-config title: "@kbn/cypress-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/cypress-config plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/cypress-config'] --- import kbnCypressConfigObj from './kbn_cypress_config.devdocs.json'; diff --git a/api_docs/kbn_data_forge.mdx b/api_docs/kbn_data_forge.mdx index e9b82cc9fd0b8..e0c9448673dd6 100644 --- a/api_docs/kbn_data_forge.mdx +++ b/api_docs/kbn_data_forge.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-data-forge title: "@kbn/data-forge" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/data-forge plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/data-forge'] --- import kbnDataForgeObj from './kbn_data_forge.devdocs.json'; diff --git a/api_docs/kbn_data_service.mdx b/api_docs/kbn_data_service.mdx index a07a88c36088c..221948c51fb06 100644 --- a/api_docs/kbn_data_service.mdx +++ b/api_docs/kbn_data_service.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-data-service title: "@kbn/data-service" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/data-service plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/data-service'] --- import kbnDataServiceObj from './kbn_data_service.devdocs.json'; diff --git a/api_docs/kbn_data_stream_adapter.mdx b/api_docs/kbn_data_stream_adapter.mdx index da6fe7fd0e24f..b5b88d41ef27e 100644 --- a/api_docs/kbn_data_stream_adapter.mdx +++ b/api_docs/kbn_data_stream_adapter.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-data-stream-adapter title: "@kbn/data-stream-adapter" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/data-stream-adapter plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/data-stream-adapter'] --- import kbnDataStreamAdapterObj from './kbn_data_stream_adapter.devdocs.json'; diff --git a/api_docs/kbn_data_view_utils.mdx b/api_docs/kbn_data_view_utils.mdx index a4cd30fe6a7ff..fb63db5c12c27 100644 --- a/api_docs/kbn_data_view_utils.mdx +++ b/api_docs/kbn_data_view_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-data-view-utils title: "@kbn/data-view-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/data-view-utils plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/data-view-utils'] --- import kbnDataViewUtilsObj from './kbn_data_view_utils.devdocs.json'; diff --git a/api_docs/kbn_datemath.mdx b/api_docs/kbn_datemath.mdx index 05a6fad94eb83..e9639ffa579f9 100644 --- a/api_docs/kbn_datemath.mdx +++ b/api_docs/kbn_datemath.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-datemath title: "@kbn/datemath" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/datemath plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/datemath'] --- import kbnDatemathObj from './kbn_datemath.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_analytics.mdx b/api_docs/kbn_deeplinks_analytics.mdx index ac462ec37c190..61d416bde67d4 100644 --- a/api_docs/kbn_deeplinks_analytics.mdx +++ b/api_docs/kbn_deeplinks_analytics.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-analytics title: "@kbn/deeplinks-analytics" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-analytics plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-analytics'] --- import kbnDeeplinksAnalyticsObj from './kbn_deeplinks_analytics.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_devtools.mdx b/api_docs/kbn_deeplinks_devtools.mdx index 574328d6c74ff..d86ca3db268d9 100644 --- a/api_docs/kbn_deeplinks_devtools.mdx +++ b/api_docs/kbn_deeplinks_devtools.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-devtools title: "@kbn/deeplinks-devtools" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-devtools plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-devtools'] --- import kbnDeeplinksDevtoolsObj from './kbn_deeplinks_devtools.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_fleet.mdx b/api_docs/kbn_deeplinks_fleet.mdx index 5244ab46cf5fb..9d542782639c5 100644 --- a/api_docs/kbn_deeplinks_fleet.mdx +++ b/api_docs/kbn_deeplinks_fleet.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-fleet title: "@kbn/deeplinks-fleet" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-fleet plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-fleet'] --- import kbnDeeplinksFleetObj from './kbn_deeplinks_fleet.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_management.mdx b/api_docs/kbn_deeplinks_management.mdx index ad15213eed150..43e0177ebe81c 100644 --- a/api_docs/kbn_deeplinks_management.mdx +++ b/api_docs/kbn_deeplinks_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-management title: "@kbn/deeplinks-management" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-management plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-management'] --- import kbnDeeplinksManagementObj from './kbn_deeplinks_management.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_ml.mdx b/api_docs/kbn_deeplinks_ml.mdx index dfad204237508..e84ca55f9d6b6 100644 --- a/api_docs/kbn_deeplinks_ml.mdx +++ b/api_docs/kbn_deeplinks_ml.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-ml title: "@kbn/deeplinks-ml" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-ml plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-ml'] --- import kbnDeeplinksMlObj from './kbn_deeplinks_ml.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_observability.devdocs.json b/api_docs/kbn_deeplinks_observability.devdocs.json index 7c0c1af2b6682..bb9e832ebbb02 100644 --- a/api_docs/kbn_deeplinks_observability.devdocs.json +++ b/api_docs/kbn_deeplinks_observability.devdocs.json @@ -114,6 +114,20 @@ "path": "packages/deeplinks/observability/locators/dataset_quality_details.ts", "deprecated": false, "trackAdoption": false + }, + { + "parentPluginId": "@kbn/deeplinks-observability", + "id": "def-common.DataQualityDetailsLocatorParams.showCurrentQualityIssues", + "type": "CompoundType", + "tags": [], + "label": "showCurrentQualityIssues", + "description": [], + "signature": [ + "boolean | undefined" + ], + "path": "packages/deeplinks/observability/locators/dataset_quality_details.ts", + "deprecated": false, + "trackAdoption": false } ], "initialIsOpen": false diff --git a/api_docs/kbn_deeplinks_observability.mdx b/api_docs/kbn_deeplinks_observability.mdx index 6e93015cd2da9..3216699269e57 100644 --- a/api_docs/kbn_deeplinks_observability.mdx +++ b/api_docs/kbn_deeplinks_observability.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-observability title: "@kbn/deeplinks-observability" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-observability plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-observability'] --- import kbnDeeplinksObservabilityObj from './kbn_deeplinks_observability.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/obs-ux-management-team](https://github.com/orgs/elastic/teams/ | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 62 | 0 | 50 | 0 | +| 63 | 0 | 51 | 0 | ## Common diff --git a/api_docs/kbn_deeplinks_search.mdx b/api_docs/kbn_deeplinks_search.mdx index d36d2608ee380..546810c6d9ce5 100644 --- a/api_docs/kbn_deeplinks_search.mdx +++ b/api_docs/kbn_deeplinks_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-search title: "@kbn/deeplinks-search" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-search plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-search'] --- import kbnDeeplinksSearchObj from './kbn_deeplinks_search.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_security.mdx b/api_docs/kbn_deeplinks_security.mdx index b7ece7737da89..4a0797b1bc8bb 100644 --- a/api_docs/kbn_deeplinks_security.mdx +++ b/api_docs/kbn_deeplinks_security.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-security title: "@kbn/deeplinks-security" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-security plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-security'] --- import kbnDeeplinksSecurityObj from './kbn_deeplinks_security.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_shared.mdx b/api_docs/kbn_deeplinks_shared.mdx index ebf826ea3fe21..ff8b3f8361436 100644 --- a/api_docs/kbn_deeplinks_shared.mdx +++ b/api_docs/kbn_deeplinks_shared.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-shared title: "@kbn/deeplinks-shared" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-shared plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-shared'] --- import kbnDeeplinksSharedObj from './kbn_deeplinks_shared.devdocs.json'; diff --git a/api_docs/kbn_default_nav_analytics.mdx b/api_docs/kbn_default_nav_analytics.mdx index 42e7f8a2fc180..5d1859b12a571 100644 --- a/api_docs/kbn_default_nav_analytics.mdx +++ b/api_docs/kbn_default_nav_analytics.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-default-nav-analytics title: "@kbn/default-nav-analytics" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/default-nav-analytics plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/default-nav-analytics'] --- import kbnDefaultNavAnalyticsObj from './kbn_default_nav_analytics.devdocs.json'; diff --git a/api_docs/kbn_default_nav_devtools.mdx b/api_docs/kbn_default_nav_devtools.mdx index 49d1dfcef0573..dec9904016aec 100644 --- a/api_docs/kbn_default_nav_devtools.mdx +++ b/api_docs/kbn_default_nav_devtools.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-default-nav-devtools title: "@kbn/default-nav-devtools" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/default-nav-devtools plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/default-nav-devtools'] --- import kbnDefaultNavDevtoolsObj from './kbn_default_nav_devtools.devdocs.json'; diff --git a/api_docs/kbn_default_nav_management.mdx b/api_docs/kbn_default_nav_management.mdx index 67c3a85b12c9a..d0525e7952123 100644 --- a/api_docs/kbn_default_nav_management.mdx +++ b/api_docs/kbn_default_nav_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-default-nav-management title: "@kbn/default-nav-management" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/default-nav-management plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/default-nav-management'] --- import kbnDefaultNavManagementObj from './kbn_default_nav_management.devdocs.json'; diff --git a/api_docs/kbn_default_nav_ml.mdx b/api_docs/kbn_default_nav_ml.mdx index 435b50a4d7323..469e055cd70b6 100644 --- a/api_docs/kbn_default_nav_ml.mdx +++ b/api_docs/kbn_default_nav_ml.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-default-nav-ml title: "@kbn/default-nav-ml" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/default-nav-ml plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/default-nav-ml'] --- import kbnDefaultNavMlObj from './kbn_default_nav_ml.devdocs.json'; diff --git a/api_docs/kbn_dev_cli_errors.mdx b/api_docs/kbn_dev_cli_errors.mdx index c4a4c471a095d..bfb07f8657c41 100644 --- a/api_docs/kbn_dev_cli_errors.mdx +++ b/api_docs/kbn_dev_cli_errors.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-dev-cli-errors title: "@kbn/dev-cli-errors" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/dev-cli-errors plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/dev-cli-errors'] --- import kbnDevCliErrorsObj from './kbn_dev_cli_errors.devdocs.json'; diff --git a/api_docs/kbn_dev_cli_runner.mdx b/api_docs/kbn_dev_cli_runner.mdx index 84dd052bda967..20b28a2d4dc83 100644 --- a/api_docs/kbn_dev_cli_runner.mdx +++ b/api_docs/kbn_dev_cli_runner.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-dev-cli-runner title: "@kbn/dev-cli-runner" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/dev-cli-runner plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/dev-cli-runner'] --- import kbnDevCliRunnerObj from './kbn_dev_cli_runner.devdocs.json'; diff --git a/api_docs/kbn_dev_proc_runner.mdx b/api_docs/kbn_dev_proc_runner.mdx index d2abf01a3f4d4..091ffba56585b 100644 --- a/api_docs/kbn_dev_proc_runner.mdx +++ b/api_docs/kbn_dev_proc_runner.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-dev-proc-runner title: "@kbn/dev-proc-runner" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/dev-proc-runner plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/dev-proc-runner'] --- import kbnDevProcRunnerObj from './kbn_dev_proc_runner.devdocs.json'; diff --git a/api_docs/kbn_dev_utils.mdx b/api_docs/kbn_dev_utils.mdx index 1e764d67c136e..5657e0d8434e7 100644 --- a/api_docs/kbn_dev_utils.mdx +++ b/api_docs/kbn_dev_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-dev-utils title: "@kbn/dev-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/dev-utils plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/dev-utils'] --- import kbnDevUtilsObj from './kbn_dev_utils.devdocs.json'; diff --git a/api_docs/kbn_discover_utils.mdx b/api_docs/kbn_discover_utils.mdx index 43659f8eb8ffe..07229ee9ba804 100644 --- a/api_docs/kbn_discover_utils.mdx +++ b/api_docs/kbn_discover_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-discover-utils title: "@kbn/discover-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/discover-utils plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/discover-utils'] --- import kbnDiscoverUtilsObj from './kbn_discover_utils.devdocs.json'; diff --git a/api_docs/kbn_doc_links.mdx b/api_docs/kbn_doc_links.mdx index 80f302a42c184..fa32337f8464e 100644 --- a/api_docs/kbn_doc_links.mdx +++ b/api_docs/kbn_doc_links.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-doc-links title: "@kbn/doc-links" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/doc-links plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/doc-links'] --- import kbnDocLinksObj from './kbn_doc_links.devdocs.json'; diff --git a/api_docs/kbn_docs_utils.mdx b/api_docs/kbn_docs_utils.mdx index 38dafe84a45ee..a4790dae36d8e 100644 --- a/api_docs/kbn_docs_utils.mdx +++ b/api_docs/kbn_docs_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-docs-utils title: "@kbn/docs-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/docs-utils plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/docs-utils'] --- import kbnDocsUtilsObj from './kbn_docs_utils.devdocs.json'; diff --git a/api_docs/kbn_dom_drag_drop.mdx b/api_docs/kbn_dom_drag_drop.mdx index a894d568047ee..10dfddd007651 100644 --- a/api_docs/kbn_dom_drag_drop.mdx +++ b/api_docs/kbn_dom_drag_drop.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-dom-drag-drop title: "@kbn/dom-drag-drop" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/dom-drag-drop plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/dom-drag-drop'] --- import kbnDomDragDropObj from './kbn_dom_drag_drop.devdocs.json'; diff --git a/api_docs/kbn_ebt_tools.mdx b/api_docs/kbn_ebt_tools.mdx index d51b0ccbf0872..bdf488357d048 100644 --- a/api_docs/kbn_ebt_tools.mdx +++ b/api_docs/kbn_ebt_tools.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ebt-tools title: "@kbn/ebt-tools" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ebt-tools plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ebt-tools'] --- import kbnEbtToolsObj from './kbn_ebt_tools.devdocs.json'; diff --git a/api_docs/kbn_ecs_data_quality_dashboard.mdx b/api_docs/kbn_ecs_data_quality_dashboard.mdx index f637da0ee41d6..707cbed90a0de 100644 --- a/api_docs/kbn_ecs_data_quality_dashboard.mdx +++ b/api_docs/kbn_ecs_data_quality_dashboard.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ecs-data-quality-dashboard title: "@kbn/ecs-data-quality-dashboard" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ecs-data-quality-dashboard plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ecs-data-quality-dashboard'] --- import kbnEcsDataQualityDashboardObj from './kbn_ecs_data_quality_dashboard.devdocs.json'; diff --git a/api_docs/kbn_elastic_agent_utils.mdx b/api_docs/kbn_elastic_agent_utils.mdx index 213cb18f0e4b3..a8c501d028b69 100644 --- a/api_docs/kbn_elastic_agent_utils.mdx +++ b/api_docs/kbn_elastic_agent_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-elastic-agent-utils title: "@kbn/elastic-agent-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/elastic-agent-utils plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/elastic-agent-utils'] --- import kbnElasticAgentUtilsObj from './kbn_elastic_agent_utils.devdocs.json'; diff --git a/api_docs/kbn_elastic_assistant.mdx b/api_docs/kbn_elastic_assistant.mdx index 54456c0e5865a..b6afdb6b36cd2 100644 --- a/api_docs/kbn_elastic_assistant.mdx +++ b/api_docs/kbn_elastic_assistant.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-elastic-assistant title: "@kbn/elastic-assistant" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/elastic-assistant plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/elastic-assistant'] --- import kbnElasticAssistantObj from './kbn_elastic_assistant.devdocs.json'; diff --git a/api_docs/kbn_elastic_assistant_common.mdx b/api_docs/kbn_elastic_assistant_common.mdx index 96b03a3d6373b..9d4c552f66b79 100644 --- a/api_docs/kbn_elastic_assistant_common.mdx +++ b/api_docs/kbn_elastic_assistant_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-elastic-assistant-common title: "@kbn/elastic-assistant-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/elastic-assistant-common plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/elastic-assistant-common'] --- import kbnElasticAssistantCommonObj from './kbn_elastic_assistant_common.devdocs.json'; diff --git a/api_docs/kbn_entities_schema.devdocs.json b/api_docs/kbn_entities_schema.devdocs.json index 7ab3229f21731..88e3a79d5b1cf 100644 --- a/api_docs/kbn_entities_schema.devdocs.json +++ b/api_docs/kbn_entities_schema.devdocs.json @@ -515,7 +515,7 @@ "label": "entityBaseSchema", "description": [], "signature": [ - "Zod.ZodObject<{ id: Zod.ZodString; type: Zod.ZodString; identityFields: Zod.ZodArray; displayName: Zod.ZodString; metrics: Zod.ZodRecord; definitionVersion: Zod.ZodString; schemaVersion: Zod.ZodString; definitionId: Zod.ZodString; }, \"strip\", Zod.ZodTypeAny, { id: string; type: string; metrics: Record; displayName: string; identityFields: string[]; definitionVersion: string; schemaVersion: string; definitionId: string; }, { id: string; type: string; metrics: Record; displayName: string; identityFields: string[]; definitionVersion: string; schemaVersion: string; definitionId: string; }>" + "Zod.ZodObject<{ id: Zod.ZodString; type: Zod.ZodString; identityFields: Zod.ZodArray; displayName: Zod.ZodString; metrics: Zod.ZodRecord; definitionVersion: Zod.ZodString; schemaVersion: Zod.ZodString; definitionId: Zod.ZodString; }, \"strip\", Zod.ZodTypeAny, { id: string; type: string; metrics: Record; displayName: string; identityFields: string[]; definitionId: string; definitionVersion: string; schemaVersion: string; }, { id: string; type: string; metrics: Record; displayName: string; identityFields: string[]; definitionId: string; definitionVersion: string; schemaVersion: string; }>" ], "path": "x-pack/packages/kbn-entities-schema/src/schema/entity.ts", "deprecated": false, @@ -672,7 +672,7 @@ "label": "entityHistorySchema", "description": [], "signature": [ - "Zod.ZodIntersection; displayName: Zod.ZodString; metrics: Zod.ZodRecord; definitionVersion: Zod.ZodString; schemaVersion: Zod.ZodString; definitionId: Zod.ZodString; }, \"strip\", Zod.ZodTypeAny, { id: string; type: string; metrics: Record; displayName: string; identityFields: string[]; definitionVersion: string; schemaVersion: string; definitionId: string; }, { id: string; type: string; metrics: Record; displayName: string; identityFields: string[]; definitionVersion: string; schemaVersion: string; definitionId: string; }>; }, \"strip\", Zod.ZodTypeAny, { '@timestamp': string; entity: { id: string; type: string; metrics: Record; displayName: string; identityFields: string[]; definitionVersion: string; schemaVersion: string; definitionId: string; }; }, { '@timestamp': string; entity: { id: string; type: string; metrics: Record; displayName: string; identityFields: string[]; definitionVersion: string; schemaVersion: string; definitionId: string; }; }>, Zod.ZodType>" + "Zod.ZodIntersection; displayName: Zod.ZodString; metrics: Zod.ZodRecord; definitionVersion: Zod.ZodString; schemaVersion: Zod.ZodString; definitionId: Zod.ZodString; }, \"strip\", Zod.ZodTypeAny, { id: string; type: string; metrics: Record; displayName: string; identityFields: string[]; definitionId: string; definitionVersion: string; schemaVersion: string; }, { id: string; type: string; metrics: Record; displayName: string; identityFields: string[]; definitionId: string; definitionVersion: string; schemaVersion: string; }>; }, \"strip\", Zod.ZodTypeAny, { '@timestamp': string; entity: { id: string; type: string; metrics: Record; displayName: string; identityFields: string[]; definitionId: string; definitionVersion: string; schemaVersion: string; }; }, { '@timestamp': string; entity: { id: string; type: string; metrics: Record; displayName: string; identityFields: string[]; definitionId: string; definitionVersion: string; schemaVersion: string; }; }>, Zod.ZodType>" ], "path": "x-pack/packages/kbn-entities-schema/src/schema/entity.ts", "deprecated": false, @@ -687,7 +687,7 @@ "label": "entityLatestSchema", "description": [], "signature": [ - "Zod.ZodIntersection; displayName: Zod.ZodString; metrics: Zod.ZodRecord; definitionVersion: Zod.ZodString; schemaVersion: Zod.ZodString; definitionId: Zod.ZodString; }, { lastSeenTimestamp: Zod.ZodString; firstSeenTimestamp: Zod.ZodString; }>, \"strip\", Zod.ZodTypeAny, { id: string; type: string; metrics: Record; displayName: string; identityFields: string[]; definitionVersion: string; schemaVersion: string; definitionId: string; lastSeenTimestamp: string; firstSeenTimestamp: string; }, { id: string; type: string; metrics: Record; displayName: string; identityFields: string[]; definitionVersion: string; schemaVersion: string; definitionId: string; lastSeenTimestamp: string; firstSeenTimestamp: string; }>; }, \"strip\", Zod.ZodTypeAny, { entity: { id: string; type: string; metrics: Record; displayName: string; identityFields: string[]; definitionVersion: string; schemaVersion: string; definitionId: string; lastSeenTimestamp: string; firstSeenTimestamp: string; }; }, { entity: { id: string; type: string; metrics: Record; displayName: string; identityFields: string[]; definitionVersion: string; schemaVersion: string; definitionId: string; lastSeenTimestamp: string; firstSeenTimestamp: string; }; }>, Zod.ZodType>" + "Zod.ZodIntersection; displayName: Zod.ZodString; metrics: Zod.ZodRecord; definitionVersion: Zod.ZodString; schemaVersion: Zod.ZodString; definitionId: Zod.ZodString; }, { lastSeenTimestamp: Zod.ZodString; firstSeenTimestamp: Zod.ZodString; }>, \"strip\", Zod.ZodTypeAny, { id: string; type: string; metrics: Record; displayName: string; identityFields: string[]; definitionId: string; definitionVersion: string; firstSeenTimestamp: string; lastSeenTimestamp: string; schemaVersion: string; }, { id: string; type: string; metrics: Record; displayName: string; identityFields: string[]; definitionId: string; definitionVersion: string; firstSeenTimestamp: string; lastSeenTimestamp: string; schemaVersion: string; }>; }, \"strip\", Zod.ZodTypeAny, { entity: { id: string; type: string; metrics: Record; displayName: string; identityFields: string[]; definitionId: string; definitionVersion: string; firstSeenTimestamp: string; lastSeenTimestamp: string; schemaVersion: string; }; }, { entity: { id: string; type: string; metrics: Record; displayName: string; identityFields: string[]; definitionId: string; definitionVersion: string; firstSeenTimestamp: string; lastSeenTimestamp: string; schemaVersion: string; }; }>, Zod.ZodType>" ], "path": "x-pack/packages/kbn-entities-schema/src/schema/entity.ts", "deprecated": false, diff --git a/api_docs/kbn_entities_schema.mdx b/api_docs/kbn_entities_schema.mdx index adab2eb2cb8e1..0e4d4fa4c1ddf 100644 --- a/api_docs/kbn_entities_schema.mdx +++ b/api_docs/kbn_entities_schema.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-entities-schema title: "@kbn/entities-schema" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/entities-schema plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/entities-schema'] --- import kbnEntitiesSchemaObj from './kbn_entities_schema.devdocs.json'; diff --git a/api_docs/kbn_es.mdx b/api_docs/kbn_es.mdx index 3b46267fce25a..d7c9751415e41 100644 --- a/api_docs/kbn_es.mdx +++ b/api_docs/kbn_es.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-es title: "@kbn/es" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/es plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/es'] --- import kbnEsObj from './kbn_es.devdocs.json'; diff --git a/api_docs/kbn_es_archiver.mdx b/api_docs/kbn_es_archiver.mdx index 79d1174fc91f6..96cd5019da8a2 100644 --- a/api_docs/kbn_es_archiver.mdx +++ b/api_docs/kbn_es_archiver.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-es-archiver title: "@kbn/es-archiver" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/es-archiver plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/es-archiver'] --- import kbnEsArchiverObj from './kbn_es_archiver.devdocs.json'; diff --git a/api_docs/kbn_es_errors.mdx b/api_docs/kbn_es_errors.mdx index bee20fdbe0614..02e7ee6deeb5b 100644 --- a/api_docs/kbn_es_errors.mdx +++ b/api_docs/kbn_es_errors.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-es-errors title: "@kbn/es-errors" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/es-errors plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/es-errors'] --- import kbnEsErrorsObj from './kbn_es_errors.devdocs.json'; diff --git a/api_docs/kbn_es_query.mdx b/api_docs/kbn_es_query.mdx index c57c3b10527e1..3d9cf28ef0659 100644 --- a/api_docs/kbn_es_query.mdx +++ b/api_docs/kbn_es_query.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-es-query title: "@kbn/es-query" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/es-query plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/es-query'] --- import kbnEsQueryObj from './kbn_es_query.devdocs.json'; diff --git a/api_docs/kbn_es_types.devdocs.json b/api_docs/kbn_es_types.devdocs.json index a385619aa6bd5..4852b77676007 100644 --- a/api_docs/kbn_es_types.devdocs.json +++ b/api_docs/kbn_es_types.devdocs.json @@ -210,6 +210,20 @@ "path": "packages/kbn-es-types/src/search.ts", "deprecated": false, "trackAdoption": false + }, + { + "parentPluginId": "@kbn/es-types", + "id": "def-common.ESQLSearchResponse.took", + "type": "number", + "tags": [], + "label": "took", + "description": [], + "signature": [ + "number | undefined" + ], + "path": "packages/kbn-es-types/src/search.ts", + "deprecated": false, + "trackAdoption": false } ], "initialIsOpen": false diff --git a/api_docs/kbn_es_types.mdx b/api_docs/kbn_es_types.mdx index 7c1a245f115d5..bc3d8f5fa6e1c 100644 --- a/api_docs/kbn_es_types.mdx +++ b/api_docs/kbn_es_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-es-types title: "@kbn/es-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/es-types plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/es-types'] --- import kbnEsTypesObj from './kbn_es_types.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 27 | 0 | 27 | 1 | +| 28 | 0 | 28 | 1 | ## Common diff --git a/api_docs/kbn_eslint_plugin_imports.mdx b/api_docs/kbn_eslint_plugin_imports.mdx index b8a0af85c4326..bd8ff451cd7f5 100644 --- a/api_docs/kbn_eslint_plugin_imports.mdx +++ b/api_docs/kbn_eslint_plugin_imports.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-eslint-plugin-imports title: "@kbn/eslint-plugin-imports" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/eslint-plugin-imports plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/eslint-plugin-imports'] --- import kbnEslintPluginImportsObj from './kbn_eslint_plugin_imports.devdocs.json'; diff --git a/api_docs/kbn_esql_ast.mdx b/api_docs/kbn_esql_ast.mdx index 9816c27f75231..e46a0eaf6022a 100644 --- a/api_docs/kbn_esql_ast.mdx +++ b/api_docs/kbn_esql_ast.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-esql-ast title: "@kbn/esql-ast" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/esql-ast plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/esql-ast'] --- import kbnEsqlAstObj from './kbn_esql_ast.devdocs.json'; diff --git a/api_docs/kbn_esql_editor.mdx b/api_docs/kbn_esql_editor.mdx index 39650d90c407d..bd2081143e531 100644 --- a/api_docs/kbn_esql_editor.mdx +++ b/api_docs/kbn_esql_editor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-esql-editor title: "@kbn/esql-editor" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/esql-editor plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/esql-editor'] --- import kbnEsqlEditorObj from './kbn_esql_editor.devdocs.json'; diff --git a/api_docs/kbn_esql_utils.mdx b/api_docs/kbn_esql_utils.mdx index 777615a80b875..d353717843115 100644 --- a/api_docs/kbn_esql_utils.mdx +++ b/api_docs/kbn_esql_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-esql-utils title: "@kbn/esql-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/esql-utils plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/esql-utils'] --- import kbnEsqlUtilsObj from './kbn_esql_utils.devdocs.json'; diff --git a/api_docs/kbn_esql_validation_autocomplete.mdx b/api_docs/kbn_esql_validation_autocomplete.mdx index e2570bc92e66b..f8c4cfd2f3866 100644 --- a/api_docs/kbn_esql_validation_autocomplete.mdx +++ b/api_docs/kbn_esql_validation_autocomplete.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-esql-validation-autocomplete title: "@kbn/esql-validation-autocomplete" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/esql-validation-autocomplete plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/esql-validation-autocomplete'] --- import kbnEsqlValidationAutocompleteObj from './kbn_esql_validation_autocomplete.devdocs.json'; diff --git a/api_docs/kbn_event_annotation_common.mdx b/api_docs/kbn_event_annotation_common.mdx index 3e6c1e02d0db9..5809cffd10619 100644 --- a/api_docs/kbn_event_annotation_common.mdx +++ b/api_docs/kbn_event_annotation_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-event-annotation-common title: "@kbn/event-annotation-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/event-annotation-common plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/event-annotation-common'] --- import kbnEventAnnotationCommonObj from './kbn_event_annotation_common.devdocs.json'; diff --git a/api_docs/kbn_event_annotation_components.mdx b/api_docs/kbn_event_annotation_components.mdx index 9a6efee6c3705..49f7c9763c851 100644 --- a/api_docs/kbn_event_annotation_components.mdx +++ b/api_docs/kbn_event_annotation_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-event-annotation-components title: "@kbn/event-annotation-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/event-annotation-components plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/event-annotation-components'] --- import kbnEventAnnotationComponentsObj from './kbn_event_annotation_components.devdocs.json'; diff --git a/api_docs/kbn_expandable_flyout.mdx b/api_docs/kbn_expandable_flyout.mdx index d063c3b7ba456..6e98c6c36777f 100644 --- a/api_docs/kbn_expandable_flyout.mdx +++ b/api_docs/kbn_expandable_flyout.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-expandable-flyout title: "@kbn/expandable-flyout" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/expandable-flyout plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/expandable-flyout'] --- import kbnExpandableFlyoutObj from './kbn_expandable_flyout.devdocs.json'; diff --git a/api_docs/kbn_field_types.mdx b/api_docs/kbn_field_types.mdx index 7ae57e3937ef4..51974c586ed89 100644 --- a/api_docs/kbn_field_types.mdx +++ b/api_docs/kbn_field_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-field-types title: "@kbn/field-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/field-types plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/field-types'] --- import kbnFieldTypesObj from './kbn_field_types.devdocs.json'; diff --git a/api_docs/kbn_field_utils.mdx b/api_docs/kbn_field_utils.mdx index 394163abfdd64..24613995bfac6 100644 --- a/api_docs/kbn_field_utils.mdx +++ b/api_docs/kbn_field_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-field-utils title: "@kbn/field-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/field-utils plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/field-utils'] --- import kbnFieldUtilsObj from './kbn_field_utils.devdocs.json'; diff --git a/api_docs/kbn_find_used_node_modules.mdx b/api_docs/kbn_find_used_node_modules.mdx index 4cfa7080b0e75..8d4295da86599 100644 --- a/api_docs/kbn_find_used_node_modules.mdx +++ b/api_docs/kbn_find_used_node_modules.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-find-used-node-modules title: "@kbn/find-used-node-modules" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/find-used-node-modules plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/find-used-node-modules'] --- import kbnFindUsedNodeModulesObj from './kbn_find_used_node_modules.devdocs.json'; diff --git a/api_docs/kbn_formatters.mdx b/api_docs/kbn_formatters.mdx index d689cf606af6f..0941c76a1891b 100644 --- a/api_docs/kbn_formatters.mdx +++ b/api_docs/kbn_formatters.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-formatters title: "@kbn/formatters" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/formatters plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/formatters'] --- import kbnFormattersObj from './kbn_formatters.devdocs.json'; diff --git a/api_docs/kbn_ftr_common_functional_services.mdx b/api_docs/kbn_ftr_common_functional_services.mdx index 06caedb7f5c9d..a77f09d6f034e 100644 --- a/api_docs/kbn_ftr_common_functional_services.mdx +++ b/api_docs/kbn_ftr_common_functional_services.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ftr-common-functional-services title: "@kbn/ftr-common-functional-services" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ftr-common-functional-services plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ftr-common-functional-services'] --- import kbnFtrCommonFunctionalServicesObj from './kbn_ftr_common_functional_services.devdocs.json'; diff --git a/api_docs/kbn_ftr_common_functional_ui_services.mdx b/api_docs/kbn_ftr_common_functional_ui_services.mdx index 0638b76e1f1b6..6707224f0c384 100644 --- a/api_docs/kbn_ftr_common_functional_ui_services.mdx +++ b/api_docs/kbn_ftr_common_functional_ui_services.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ftr-common-functional-ui-services title: "@kbn/ftr-common-functional-ui-services" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ftr-common-functional-ui-services plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ftr-common-functional-ui-services'] --- import kbnFtrCommonFunctionalUiServicesObj from './kbn_ftr_common_functional_ui_services.devdocs.json'; diff --git a/api_docs/kbn_generate.mdx b/api_docs/kbn_generate.mdx index 82ec0c2d6e12b..d8b6457295106 100644 --- a/api_docs/kbn_generate.mdx +++ b/api_docs/kbn_generate.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-generate title: "@kbn/generate" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/generate plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/generate'] --- import kbnGenerateObj from './kbn_generate.devdocs.json'; diff --git a/api_docs/kbn_generate_console_definitions.mdx b/api_docs/kbn_generate_console_definitions.mdx index 65782a121eacc..c306b164109b7 100644 --- a/api_docs/kbn_generate_console_definitions.mdx +++ b/api_docs/kbn_generate_console_definitions.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-generate-console-definitions title: "@kbn/generate-console-definitions" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/generate-console-definitions plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/generate-console-definitions'] --- import kbnGenerateConsoleDefinitionsObj from './kbn_generate_console_definitions.devdocs.json'; diff --git a/api_docs/kbn_generate_csv.mdx b/api_docs/kbn_generate_csv.mdx index 53cea7be57197..7ba94edaef50a 100644 --- a/api_docs/kbn_generate_csv.mdx +++ b/api_docs/kbn_generate_csv.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-generate-csv title: "@kbn/generate-csv" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/generate-csv plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/generate-csv'] --- import kbnGenerateCsvObj from './kbn_generate_csv.devdocs.json'; diff --git a/api_docs/kbn_grid_layout.mdx b/api_docs/kbn_grid_layout.mdx index 620eeaa96247d..4502343bd9cde 100644 --- a/api_docs/kbn_grid_layout.mdx +++ b/api_docs/kbn_grid_layout.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-grid-layout title: "@kbn/grid-layout" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/grid-layout plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/grid-layout'] --- import kbnGridLayoutObj from './kbn_grid_layout.devdocs.json'; diff --git a/api_docs/kbn_grouping.mdx b/api_docs/kbn_grouping.mdx index 369ecfb68ce83..2078f8fc832b4 100644 --- a/api_docs/kbn_grouping.mdx +++ b/api_docs/kbn_grouping.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-grouping title: "@kbn/grouping" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/grouping plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/grouping'] --- import kbnGroupingObj from './kbn_grouping.devdocs.json'; diff --git a/api_docs/kbn_guided_onboarding.mdx b/api_docs/kbn_guided_onboarding.mdx index a9c4abbc1a2e0..dc10e449e751a 100644 --- a/api_docs/kbn_guided_onboarding.mdx +++ b/api_docs/kbn_guided_onboarding.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-guided-onboarding title: "@kbn/guided-onboarding" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/guided-onboarding plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/guided-onboarding'] --- import kbnGuidedOnboardingObj from './kbn_guided_onboarding.devdocs.json'; diff --git a/api_docs/kbn_handlebars.mdx b/api_docs/kbn_handlebars.mdx index 53c81a4610211..0d2178268913e 100644 --- a/api_docs/kbn_handlebars.mdx +++ b/api_docs/kbn_handlebars.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-handlebars title: "@kbn/handlebars" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/handlebars plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/handlebars'] --- import kbnHandlebarsObj from './kbn_handlebars.devdocs.json'; diff --git a/api_docs/kbn_hapi_mocks.mdx b/api_docs/kbn_hapi_mocks.mdx index 9eade7b1413ce..22424a8f4f0b1 100644 --- a/api_docs/kbn_hapi_mocks.mdx +++ b/api_docs/kbn_hapi_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-hapi-mocks title: "@kbn/hapi-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/hapi-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/hapi-mocks'] --- import kbnHapiMocksObj from './kbn_hapi_mocks.devdocs.json'; diff --git a/api_docs/kbn_health_gateway_server.mdx b/api_docs/kbn_health_gateway_server.mdx index aa4ed28c8e054..fdb75a96e793f 100644 --- a/api_docs/kbn_health_gateway_server.mdx +++ b/api_docs/kbn_health_gateway_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-health-gateway-server title: "@kbn/health-gateway-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/health-gateway-server plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/health-gateway-server'] --- import kbnHealthGatewayServerObj from './kbn_health_gateway_server.devdocs.json'; diff --git a/api_docs/kbn_home_sample_data_card.mdx b/api_docs/kbn_home_sample_data_card.mdx index b90e8c619aed5..90edb6cf314a6 100644 --- a/api_docs/kbn_home_sample_data_card.mdx +++ b/api_docs/kbn_home_sample_data_card.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-home-sample-data-card title: "@kbn/home-sample-data-card" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/home-sample-data-card plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/home-sample-data-card'] --- import kbnHomeSampleDataCardObj from './kbn_home_sample_data_card.devdocs.json'; diff --git a/api_docs/kbn_home_sample_data_tab.mdx b/api_docs/kbn_home_sample_data_tab.mdx index 90a13f2f3332b..6bb128e4e3032 100644 --- a/api_docs/kbn_home_sample_data_tab.mdx +++ b/api_docs/kbn_home_sample_data_tab.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-home-sample-data-tab title: "@kbn/home-sample-data-tab" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/home-sample-data-tab plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/home-sample-data-tab'] --- import kbnHomeSampleDataTabObj from './kbn_home_sample_data_tab.devdocs.json'; diff --git a/api_docs/kbn_i18n.mdx b/api_docs/kbn_i18n.mdx index 9a8dfc3948b5e..3ff3aec0cfa8a 100644 --- a/api_docs/kbn_i18n.mdx +++ b/api_docs/kbn_i18n.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-i18n title: "@kbn/i18n" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/i18n plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/i18n'] --- import kbnI18nObj from './kbn_i18n.devdocs.json'; diff --git a/api_docs/kbn_i18n_react.mdx b/api_docs/kbn_i18n_react.mdx index bb8d567d646ab..dd9aba61cb19f 100644 --- a/api_docs/kbn_i18n_react.mdx +++ b/api_docs/kbn_i18n_react.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-i18n-react title: "@kbn/i18n-react" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/i18n-react plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/i18n-react'] --- import kbnI18nReactObj from './kbn_i18n_react.devdocs.json'; diff --git a/api_docs/kbn_import_resolver.mdx b/api_docs/kbn_import_resolver.mdx index 7de8fc0a40d63..df703e96eba16 100644 --- a/api_docs/kbn_import_resolver.mdx +++ b/api_docs/kbn_import_resolver.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-import-resolver title: "@kbn/import-resolver" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/import-resolver plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/import-resolver'] --- import kbnImportResolverObj from './kbn_import_resolver.devdocs.json'; diff --git a/api_docs/kbn_index_management_shared_types.mdx b/api_docs/kbn_index_management_shared_types.mdx index 1b35db0cd2297..8dcf587f15b59 100644 --- a/api_docs/kbn_index_management_shared_types.mdx +++ b/api_docs/kbn_index_management_shared_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-index-management-shared-types title: "@kbn/index-management-shared-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/index-management-shared-types plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/index-management-shared-types'] --- import kbnIndexManagementSharedTypesObj from './kbn_index_management_shared_types.devdocs.json'; diff --git a/api_docs/kbn_inference_integration_flyout.mdx b/api_docs/kbn_inference_integration_flyout.mdx index 259d74401e8c5..bd25ef22a03ee 100644 --- a/api_docs/kbn_inference_integration_flyout.mdx +++ b/api_docs/kbn_inference_integration_flyout.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-inference_integration_flyout title: "@kbn/inference_integration_flyout" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/inference_integration_flyout plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/inference_integration_flyout'] --- import kbnInferenceIntegrationFlyoutObj from './kbn_inference_integration_flyout.devdocs.json'; diff --git a/api_docs/kbn_infra_forge.mdx b/api_docs/kbn_infra_forge.mdx index 9b744b52851af..55755096e8042 100644 --- a/api_docs/kbn_infra_forge.mdx +++ b/api_docs/kbn_infra_forge.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-infra-forge title: "@kbn/infra-forge" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/infra-forge plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/infra-forge'] --- import kbnInfraForgeObj from './kbn_infra_forge.devdocs.json'; diff --git a/api_docs/kbn_interpreter.mdx b/api_docs/kbn_interpreter.mdx index 5e87235eb3123..bd7d12bce6edd 100644 --- a/api_docs/kbn_interpreter.mdx +++ b/api_docs/kbn_interpreter.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-interpreter title: "@kbn/interpreter" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/interpreter plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/interpreter'] --- import kbnInterpreterObj from './kbn_interpreter.devdocs.json'; diff --git a/api_docs/kbn_investigation_shared.devdocs.json b/api_docs/kbn_investigation_shared.devdocs.json index 8845c6011ce8c..cb596b4e3af4d 100644 --- a/api_docs/kbn_investigation_shared.devdocs.json +++ b/api_docs/kbn_investigation_shared.devdocs.json @@ -157,6 +157,36 @@ "trackAdoption": false, "initialIsOpen": false }, + { + "parentPluginId": "@kbn/investigation-shared", + "id": "def-common.EntitySource", + "type": "Type", + "tags": [], + "label": "EntitySource", + "description": [], + "signature": [ + "{ dataStream?: string | undefined; }" + ], + "path": "packages/kbn-investigation-shared/src/rest_specs/entity.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/investigation-shared", + "id": "def-common.EntityWithSource", + "type": "Type", + "tags": [], + "label": "EntityWithSource", + "description": [], + "signature": [ + "{ id: string; type: string; metrics: { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logRate?: number | undefined; logErrorRate?: number | undefined; }; displayName: string; identityFields: string[]; definitionId: string; definitionVersion: string; firstSeenTimestamp: string; lastSeenTimestamp: string; schemaVersion: string; } & { sources: { dataStream?: string | undefined; }[]; }" + ], + "path": "packages/kbn-investigation-shared/src/rest_specs/entity.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, { "parentPluginId": "@kbn/investigation-shared", "id": "def-common.EventResponse", @@ -232,6 +262,36 @@ "trackAdoption": false, "initialIsOpen": false }, + { + "parentPluginId": "@kbn/investigation-shared", + "id": "def-common.GetEntitiesParams", + "type": "Type", + "tags": [], + "label": "GetEntitiesParams", + "description": [], + "signature": [ + "{ 'container.id'?: string | undefined; 'host.name'?: string | undefined; 'service.environment'?: string | undefined; 'service.name'?: string | undefined; } | undefined" + ], + "path": "packages/kbn-investigation-shared/src/rest_specs/get_entities.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/investigation-shared", + "id": "def-common.GetEntitiesResponse", + "type": "Type", + "tags": [], + "label": "GetEntitiesResponse", + "description": [], + "signature": [ + "{ entities: ({ id: string; type: string; metrics: { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logRate?: number | undefined; logErrorRate?: number | undefined; }; displayName: string; identityFields: string[]; definitionId: string; definitionVersion: string; firstSeenTimestamp: string; lastSeenTimestamp: string; schemaVersion: string; } & { sources: { dataStream?: string | undefined; }[]; })[]; }" + ], + "path": "packages/kbn-investigation-shared/src/rest_specs/get_entities.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, { "parentPluginId": "@kbn/investigation-shared", "id": "def-common.GetEventsParams", @@ -669,6 +729,36 @@ "trackAdoption": false, "initialIsOpen": false }, + { + "parentPluginId": "@kbn/investigation-shared", + "id": "def-common.entitySchema", + "type": "Object", + "tags": [], + "label": "entitySchema", + "description": [], + "signature": [ + "Zod.ZodObject<{ id: Zod.ZodString; definitionId: Zod.ZodString; definitionVersion: Zod.ZodString; displayName: Zod.ZodString; firstSeenTimestamp: Zod.ZodString; lastSeenTimestamp: Zod.ZodString; identityFields: Zod.ZodArray; schemaVersion: Zod.ZodString; type: Zod.ZodString; metrics: Zod.ZodObject<{ failedTransactionRate: Zod.ZodOptional; latency: Zod.ZodOptional; throughput: Zod.ZodOptional; logErrorRate: Zod.ZodOptional; logRate: Zod.ZodOptional; }, \"strip\", Zod.ZodTypeAny, { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logRate?: number | undefined; logErrorRate?: number | undefined; }, { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logRate?: number | undefined; logErrorRate?: number | undefined; }>; }, \"strip\", Zod.ZodTypeAny, { id: string; type: string; metrics: { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logRate?: number | undefined; logErrorRate?: number | undefined; }; displayName: string; identityFields: string[]; definitionId: string; definitionVersion: string; firstSeenTimestamp: string; lastSeenTimestamp: string; schemaVersion: string; }, { id: string; type: string; metrics: { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logRate?: number | undefined; logErrorRate?: number | undefined; }; displayName: string; identityFields: string[]; definitionId: string; definitionVersion: string; firstSeenTimestamp: string; lastSeenTimestamp: string; schemaVersion: string; }>" + ], + "path": "packages/kbn-investigation-shared/src/rest_specs/entity.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/investigation-shared", + "id": "def-common.entityWithSourceSchema", + "type": "Object", + "tags": [], + "label": "entityWithSourceSchema", + "description": [], + "signature": [ + "Zod.ZodIntersection; schemaVersion: Zod.ZodString; type: Zod.ZodString; metrics: Zod.ZodObject<{ failedTransactionRate: Zod.ZodOptional; latency: Zod.ZodOptional; throughput: Zod.ZodOptional; logErrorRate: Zod.ZodOptional; logRate: Zod.ZodOptional; }, \"strip\", Zod.ZodTypeAny, { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logRate?: number | undefined; logErrorRate?: number | undefined; }, { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logRate?: number | undefined; logErrorRate?: number | undefined; }>; }, \"strip\", Zod.ZodTypeAny, { id: string; type: string; metrics: { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logRate?: number | undefined; logErrorRate?: number | undefined; }; displayName: string; identityFields: string[]; definitionId: string; definitionVersion: string; firstSeenTimestamp: string; lastSeenTimestamp: string; schemaVersion: string; }, { id: string; type: string; metrics: { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logRate?: number | undefined; logErrorRate?: number | undefined; }; displayName: string; identityFields: string[]; definitionId: string; definitionVersion: string; firstSeenTimestamp: string; lastSeenTimestamp: string; schemaVersion: string; }>, Zod.ZodObject<{ sources: Zod.ZodArray; }, \"strip\", Zod.ZodTypeAny, { dataStream?: string | undefined; }, { dataStream?: string | undefined; }>, \"many\">; }, \"strip\", Zod.ZodTypeAny, { sources: { dataStream?: string | undefined; }[]; }, { sources: { dataStream?: string | undefined; }[]; }>>" + ], + "path": "packages/kbn-investigation-shared/src/rest_specs/entity.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, { "parentPluginId": "@kbn/investigation-shared", "id": "def-common.eventResponseSchema", @@ -789,6 +879,36 @@ "trackAdoption": false, "initialIsOpen": false }, + { + "parentPluginId": "@kbn/investigation-shared", + "id": "def-common.getEntitiesParamsSchema", + "type": "Object", + "tags": [], + "label": "getEntitiesParamsSchema", + "description": [], + "signature": [ + "Zod.ZodObject<{ query: Zod.ZodOptional; 'service.environment': Zod.ZodOptional; 'host.name': Zod.ZodOptional; 'container.id': Zod.ZodOptional; }, \"strip\", Zod.ZodTypeAny, { 'container.id'?: string | undefined; 'host.name'?: string | undefined; 'service.environment'?: string | undefined; 'service.name'?: string | undefined; }, { 'container.id'?: string | undefined; 'host.name'?: string | undefined; 'service.environment'?: string | undefined; 'service.name'?: string | undefined; }>>; }, \"strip\", Zod.ZodTypeAny, { query?: { 'container.id'?: string | undefined; 'host.name'?: string | undefined; 'service.environment'?: string | undefined; 'service.name'?: string | undefined; } | undefined; }, { query?: { 'container.id'?: string | undefined; 'host.name'?: string | undefined; 'service.environment'?: string | undefined; 'service.name'?: string | undefined; } | undefined; }>" + ], + "path": "packages/kbn-investigation-shared/src/rest_specs/get_entities.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/investigation-shared", + "id": "def-common.getEntitiesResponseSchema", + "type": "Object", + "tags": [], + "label": "getEntitiesResponseSchema", + "description": [], + "signature": [ + "Zod.ZodObject<{ entities: Zod.ZodArray; schemaVersion: Zod.ZodString; type: Zod.ZodString; metrics: Zod.ZodObject<{ failedTransactionRate: Zod.ZodOptional; latency: Zod.ZodOptional; throughput: Zod.ZodOptional; logErrorRate: Zod.ZodOptional; logRate: Zod.ZodOptional; }, \"strip\", Zod.ZodTypeAny, { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logRate?: number | undefined; logErrorRate?: number | undefined; }, { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logRate?: number | undefined; logErrorRate?: number | undefined; }>; }, \"strip\", Zod.ZodTypeAny, { id: string; type: string; metrics: { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logRate?: number | undefined; logErrorRate?: number | undefined; }; displayName: string; identityFields: string[]; definitionId: string; definitionVersion: string; firstSeenTimestamp: string; lastSeenTimestamp: string; schemaVersion: string; }, { id: string; type: string; metrics: { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logRate?: number | undefined; logErrorRate?: number | undefined; }; displayName: string; identityFields: string[]; definitionId: string; definitionVersion: string; firstSeenTimestamp: string; lastSeenTimestamp: string; schemaVersion: string; }>, Zod.ZodObject<{ sources: Zod.ZodArray; }, \"strip\", Zod.ZodTypeAny, { dataStream?: string | undefined; }, { dataStream?: string | undefined; }>, \"many\">; }, \"strip\", Zod.ZodTypeAny, { sources: { dataStream?: string | undefined; }[]; }, { sources: { dataStream?: string | undefined; }[]; }>>, \"many\">; }, \"strip\", Zod.ZodTypeAny, { entities: ({ id: string; type: string; metrics: { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logRate?: number | undefined; logErrorRate?: number | undefined; }; displayName: string; identityFields: string[]; definitionId: string; definitionVersion: string; firstSeenTimestamp: string; lastSeenTimestamp: string; schemaVersion: string; } & { sources: { dataStream?: string | undefined; }[]; })[]; }, { entities: ({ id: string; type: string; metrics: { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logRate?: number | undefined; logErrorRate?: number | undefined; }; displayName: string; identityFields: string[]; definitionId: string; definitionVersion: string; firstSeenTimestamp: string; lastSeenTimestamp: string; schemaVersion: string; } & { sources: { dataStream?: string | undefined; }[]; })[]; }>" + ], + "path": "packages/kbn-investigation-shared/src/rest_specs/get_entities.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, { "parentPluginId": "@kbn/investigation-shared", "id": "def-common.getEventsParamsSchema", diff --git a/api_docs/kbn_investigation_shared.mdx b/api_docs/kbn_investigation_shared.mdx index ecbae870096aa..0bc8b170c6be0 100644 --- a/api_docs/kbn_investigation_shared.mdx +++ b/api_docs/kbn_investigation_shared.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-investigation-shared title: "@kbn/investigation-shared" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/investigation-shared plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/investigation-shared'] --- import kbnInvestigationSharedObj from './kbn_investigation_shared.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/obs-ux-management-team](https://github.com/orgs/elastic/teams/ | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 73 | 0 | 73 | 0 | +| 81 | 0 | 81 | 0 | ## Common diff --git a/api_docs/kbn_io_ts_utils.mdx b/api_docs/kbn_io_ts_utils.mdx index b6fdd59c50ce9..562237a1f3cc0 100644 --- a/api_docs/kbn_io_ts_utils.mdx +++ b/api_docs/kbn_io_ts_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-io-ts-utils title: "@kbn/io-ts-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/io-ts-utils plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/io-ts-utils'] --- import kbnIoTsUtilsObj from './kbn_io_ts_utils.devdocs.json'; diff --git a/api_docs/kbn_ipynb.mdx b/api_docs/kbn_ipynb.mdx index 7f6ac8ded1639..8eadc048c9394 100644 --- a/api_docs/kbn_ipynb.mdx +++ b/api_docs/kbn_ipynb.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ipynb title: "@kbn/ipynb" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ipynb plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ipynb'] --- import kbnIpynbObj from './kbn_ipynb.devdocs.json'; diff --git a/api_docs/kbn_jest_serializers.mdx b/api_docs/kbn_jest_serializers.mdx index 794ce157e525c..3689bc573625b 100644 --- a/api_docs/kbn_jest_serializers.mdx +++ b/api_docs/kbn_jest_serializers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-jest-serializers title: "@kbn/jest-serializers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/jest-serializers plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/jest-serializers'] --- import kbnJestSerializersObj from './kbn_jest_serializers.devdocs.json'; diff --git a/api_docs/kbn_journeys.mdx b/api_docs/kbn_journeys.mdx index 3383ed9964ebc..9564b0696aba3 100644 --- a/api_docs/kbn_journeys.mdx +++ b/api_docs/kbn_journeys.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-journeys title: "@kbn/journeys" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/journeys plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/journeys'] --- import kbnJourneysObj from './kbn_journeys.devdocs.json'; diff --git a/api_docs/kbn_json_ast.mdx b/api_docs/kbn_json_ast.mdx index c3f00e0d44b4e..aa2bffbdef3f0 100644 --- a/api_docs/kbn_json_ast.mdx +++ b/api_docs/kbn_json_ast.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-json-ast title: "@kbn/json-ast" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/json-ast plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/json-ast'] --- import kbnJsonAstObj from './kbn_json_ast.devdocs.json'; diff --git a/api_docs/kbn_json_schemas.mdx b/api_docs/kbn_json_schemas.mdx index 59844f7404733..3e964139794bc 100644 --- a/api_docs/kbn_json_schemas.mdx +++ b/api_docs/kbn_json_schemas.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-json-schemas title: "@kbn/json-schemas" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/json-schemas plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/json-schemas'] --- import kbnJsonSchemasObj from './kbn_json_schemas.devdocs.json'; diff --git a/api_docs/kbn_kibana_manifest_schema.mdx b/api_docs/kbn_kibana_manifest_schema.mdx index 3ec23ee442811..fd25faee33f32 100644 --- a/api_docs/kbn_kibana_manifest_schema.mdx +++ b/api_docs/kbn_kibana_manifest_schema.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-kibana-manifest-schema title: "@kbn/kibana-manifest-schema" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/kibana-manifest-schema plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/kibana-manifest-schema'] --- import kbnKibanaManifestSchemaObj from './kbn_kibana_manifest_schema.devdocs.json'; diff --git a/api_docs/kbn_language_documentation.mdx b/api_docs/kbn_language_documentation.mdx index 45469b501a5fa..0dab6dfcf68f4 100644 --- a/api_docs/kbn_language_documentation.mdx +++ b/api_docs/kbn_language_documentation.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-language-documentation title: "@kbn/language-documentation" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/language-documentation plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/language-documentation'] --- import kbnLanguageDocumentationObj from './kbn_language_documentation.devdocs.json'; diff --git a/api_docs/kbn_lens_embeddable_utils.mdx b/api_docs/kbn_lens_embeddable_utils.mdx index b6813c90c1d3c..d9959e198c8e7 100644 --- a/api_docs/kbn_lens_embeddable_utils.mdx +++ b/api_docs/kbn_lens_embeddable_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-lens-embeddable-utils title: "@kbn/lens-embeddable-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/lens-embeddable-utils plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/lens-embeddable-utils'] --- import kbnLensEmbeddableUtilsObj from './kbn_lens_embeddable_utils.devdocs.json'; diff --git a/api_docs/kbn_lens_formula_docs.mdx b/api_docs/kbn_lens_formula_docs.mdx index 84cf7b0b665fe..b282b4dd92984 100644 --- a/api_docs/kbn_lens_formula_docs.mdx +++ b/api_docs/kbn_lens_formula_docs.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-lens-formula-docs title: "@kbn/lens-formula-docs" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/lens-formula-docs plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/lens-formula-docs'] --- import kbnLensFormulaDocsObj from './kbn_lens_formula_docs.devdocs.json'; diff --git a/api_docs/kbn_logging.mdx b/api_docs/kbn_logging.mdx index c97ce768f4773..a8f07baf24897 100644 --- a/api_docs/kbn_logging.mdx +++ b/api_docs/kbn_logging.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-logging title: "@kbn/logging" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/logging plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/logging'] --- import kbnLoggingObj from './kbn_logging.devdocs.json'; diff --git a/api_docs/kbn_logging_mocks.mdx b/api_docs/kbn_logging_mocks.mdx index 2c6f69cb39653..47255372d5dbd 100644 --- a/api_docs/kbn_logging_mocks.mdx +++ b/api_docs/kbn_logging_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-logging-mocks title: "@kbn/logging-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/logging-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/logging-mocks'] --- import kbnLoggingMocksObj from './kbn_logging_mocks.devdocs.json'; diff --git a/api_docs/kbn_managed_content_badge.mdx b/api_docs/kbn_managed_content_badge.mdx index 3627a92f1266f..d689481dcdb48 100644 --- a/api_docs/kbn_managed_content_badge.mdx +++ b/api_docs/kbn_managed_content_badge.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-managed-content-badge title: "@kbn/managed-content-badge" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/managed-content-badge plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/managed-content-badge'] --- import kbnManagedContentBadgeObj from './kbn_managed_content_badge.devdocs.json'; diff --git a/api_docs/kbn_managed_vscode_config.mdx b/api_docs/kbn_managed_vscode_config.mdx index 910de719dec86..772c902940ae5 100644 --- a/api_docs/kbn_managed_vscode_config.mdx +++ b/api_docs/kbn_managed_vscode_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-managed-vscode-config title: "@kbn/managed-vscode-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/managed-vscode-config plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/managed-vscode-config'] --- import kbnManagedVscodeConfigObj from './kbn_managed_vscode_config.devdocs.json'; diff --git a/api_docs/kbn_management_cards_navigation.mdx b/api_docs/kbn_management_cards_navigation.mdx index 8b552e7b0d79e..76f5d2a6a39c0 100644 --- a/api_docs/kbn_management_cards_navigation.mdx +++ b/api_docs/kbn_management_cards_navigation.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-cards-navigation title: "@kbn/management-cards-navigation" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-cards-navigation plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-cards-navigation'] --- import kbnManagementCardsNavigationObj from './kbn_management_cards_navigation.devdocs.json'; diff --git a/api_docs/kbn_management_settings_application.mdx b/api_docs/kbn_management_settings_application.mdx index 652b50df94167..c1747d0ab6a02 100644 --- a/api_docs/kbn_management_settings_application.mdx +++ b/api_docs/kbn_management_settings_application.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-application title: "@kbn/management-settings-application" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-application plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-application'] --- import kbnManagementSettingsApplicationObj from './kbn_management_settings_application.devdocs.json'; diff --git a/api_docs/kbn_management_settings_components_field_category.devdocs.json b/api_docs/kbn_management_settings_components_field_category.devdocs.json index 15e17ede31cad..8c7e3f4645d9d 100644 --- a/api_docs/kbn_management_settings_components_field_category.devdocs.json +++ b/api_docs/kbn_management_settings_components_field_category.devdocs.json @@ -401,7 +401,7 @@ "section": "def-public.ClearQueryLinkProps", "text": "ClearQueryLinkProps" }, - ", \"onClearQuery\" | \"fieldCount\">" + ", \"fieldCount\" | \"onClearQuery\">" ], "path": "packages/kbn-management/settings/components/field_category/category.tsx", "deprecated": false, diff --git a/api_docs/kbn_management_settings_components_field_category.mdx b/api_docs/kbn_management_settings_components_field_category.mdx index 1dc2e9b317dbf..b46d26d9f2732 100644 --- a/api_docs/kbn_management_settings_components_field_category.mdx +++ b/api_docs/kbn_management_settings_components_field_category.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-components-field-category title: "@kbn/management-settings-components-field-category" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-components-field-category plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-components-field-category'] --- import kbnManagementSettingsComponentsFieldCategoryObj from './kbn_management_settings_components_field_category.devdocs.json'; diff --git a/api_docs/kbn_management_settings_components_field_input.mdx b/api_docs/kbn_management_settings_components_field_input.mdx index 5e3081a0d3d35..0caf1cea1cd17 100644 --- a/api_docs/kbn_management_settings_components_field_input.mdx +++ b/api_docs/kbn_management_settings_components_field_input.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-components-field-input title: "@kbn/management-settings-components-field-input" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-components-field-input plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-components-field-input'] --- import kbnManagementSettingsComponentsFieldInputObj from './kbn_management_settings_components_field_input.devdocs.json'; diff --git a/api_docs/kbn_management_settings_components_field_row.mdx b/api_docs/kbn_management_settings_components_field_row.mdx index 37ce47c71426d..e7d1ebaf580eb 100644 --- a/api_docs/kbn_management_settings_components_field_row.mdx +++ b/api_docs/kbn_management_settings_components_field_row.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-components-field-row title: "@kbn/management-settings-components-field-row" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-components-field-row plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-components-field-row'] --- import kbnManagementSettingsComponentsFieldRowObj from './kbn_management_settings_components_field_row.devdocs.json'; diff --git a/api_docs/kbn_management_settings_components_form.mdx b/api_docs/kbn_management_settings_components_form.mdx index eed4224d24665..b92dcc7f1a902 100644 --- a/api_docs/kbn_management_settings_components_form.mdx +++ b/api_docs/kbn_management_settings_components_form.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-components-form title: "@kbn/management-settings-components-form" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-components-form plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-components-form'] --- import kbnManagementSettingsComponentsFormObj from './kbn_management_settings_components_form.devdocs.json'; diff --git a/api_docs/kbn_management_settings_field_definition.mdx b/api_docs/kbn_management_settings_field_definition.mdx index c720b1f201071..70c5ce41fedf4 100644 --- a/api_docs/kbn_management_settings_field_definition.mdx +++ b/api_docs/kbn_management_settings_field_definition.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-field-definition title: "@kbn/management-settings-field-definition" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-field-definition plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-field-definition'] --- import kbnManagementSettingsFieldDefinitionObj from './kbn_management_settings_field_definition.devdocs.json'; diff --git a/api_docs/kbn_management_settings_ids.mdx b/api_docs/kbn_management_settings_ids.mdx index dcada159a809e..d586683b1176f 100644 --- a/api_docs/kbn_management_settings_ids.mdx +++ b/api_docs/kbn_management_settings_ids.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-ids title: "@kbn/management-settings-ids" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-ids plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-ids'] --- import kbnManagementSettingsIdsObj from './kbn_management_settings_ids.devdocs.json'; diff --git a/api_docs/kbn_management_settings_section_registry.mdx b/api_docs/kbn_management_settings_section_registry.mdx index 6a6659d691946..8591b80ce5f0d 100644 --- a/api_docs/kbn_management_settings_section_registry.mdx +++ b/api_docs/kbn_management_settings_section_registry.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-section-registry title: "@kbn/management-settings-section-registry" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-section-registry plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-section-registry'] --- import kbnManagementSettingsSectionRegistryObj from './kbn_management_settings_section_registry.devdocs.json'; diff --git a/api_docs/kbn_management_settings_types.mdx b/api_docs/kbn_management_settings_types.mdx index 49dd50b251a9a..dff7b36a8ed7b 100644 --- a/api_docs/kbn_management_settings_types.mdx +++ b/api_docs/kbn_management_settings_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-types title: "@kbn/management-settings-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-types plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-types'] --- import kbnManagementSettingsTypesObj from './kbn_management_settings_types.devdocs.json'; diff --git a/api_docs/kbn_management_settings_utilities.mdx b/api_docs/kbn_management_settings_utilities.mdx index 28fa9287fe9c5..7c1b5ba9e0710 100644 --- a/api_docs/kbn_management_settings_utilities.mdx +++ b/api_docs/kbn_management_settings_utilities.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-utilities title: "@kbn/management-settings-utilities" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-utilities plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-utilities'] --- import kbnManagementSettingsUtilitiesObj from './kbn_management_settings_utilities.devdocs.json'; diff --git a/api_docs/kbn_management_storybook_config.mdx b/api_docs/kbn_management_storybook_config.mdx index d142791a1ff2e..6638b14fd17fa 100644 --- a/api_docs/kbn_management_storybook_config.mdx +++ b/api_docs/kbn_management_storybook_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-storybook-config title: "@kbn/management-storybook-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-storybook-config plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-storybook-config'] --- import kbnManagementStorybookConfigObj from './kbn_management_storybook_config.devdocs.json'; diff --git a/api_docs/kbn_mapbox_gl.mdx b/api_docs/kbn_mapbox_gl.mdx index 9272675565a99..588fc10c1b888 100644 --- a/api_docs/kbn_mapbox_gl.mdx +++ b/api_docs/kbn_mapbox_gl.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-mapbox-gl title: "@kbn/mapbox-gl" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/mapbox-gl plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/mapbox-gl'] --- import kbnMapboxGlObj from './kbn_mapbox_gl.devdocs.json'; diff --git a/api_docs/kbn_maps_vector_tile_utils.mdx b/api_docs/kbn_maps_vector_tile_utils.mdx index a547d94fa6dff..b3c043bb8096e 100644 --- a/api_docs/kbn_maps_vector_tile_utils.mdx +++ b/api_docs/kbn_maps_vector_tile_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-maps-vector-tile-utils title: "@kbn/maps-vector-tile-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/maps-vector-tile-utils plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/maps-vector-tile-utils'] --- import kbnMapsVectorTileUtilsObj from './kbn_maps_vector_tile_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_agg_utils.mdx b/api_docs/kbn_ml_agg_utils.mdx index 02a062a087ff8..52ff1e029374a 100644 --- a/api_docs/kbn_ml_agg_utils.mdx +++ b/api_docs/kbn_ml_agg_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-agg-utils title: "@kbn/ml-agg-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-agg-utils plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-agg-utils'] --- import kbnMlAggUtilsObj from './kbn_ml_agg_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_anomaly_utils.mdx b/api_docs/kbn_ml_anomaly_utils.mdx index 3912bd1b1dfa4..685189eda72a5 100644 --- a/api_docs/kbn_ml_anomaly_utils.mdx +++ b/api_docs/kbn_ml_anomaly_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-anomaly-utils title: "@kbn/ml-anomaly-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-anomaly-utils plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-anomaly-utils'] --- import kbnMlAnomalyUtilsObj from './kbn_ml_anomaly_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_cancellable_search.mdx b/api_docs/kbn_ml_cancellable_search.mdx index e16fcc7e3246d..98dc9a76bbb4a 100644 --- a/api_docs/kbn_ml_cancellable_search.mdx +++ b/api_docs/kbn_ml_cancellable_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-cancellable-search title: "@kbn/ml-cancellable-search" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-cancellable-search plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-cancellable-search'] --- import kbnMlCancellableSearchObj from './kbn_ml_cancellable_search.devdocs.json'; diff --git a/api_docs/kbn_ml_category_validator.mdx b/api_docs/kbn_ml_category_validator.mdx index 380dedbb4a64f..9b7eccd5f5e91 100644 --- a/api_docs/kbn_ml_category_validator.mdx +++ b/api_docs/kbn_ml_category_validator.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-category-validator title: "@kbn/ml-category-validator" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-category-validator plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-category-validator'] --- import kbnMlCategoryValidatorObj from './kbn_ml_category_validator.devdocs.json'; diff --git a/api_docs/kbn_ml_chi2test.mdx b/api_docs/kbn_ml_chi2test.mdx index c19d54a941b5a..3cee20832f159 100644 --- a/api_docs/kbn_ml_chi2test.mdx +++ b/api_docs/kbn_ml_chi2test.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-chi2test title: "@kbn/ml-chi2test" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-chi2test plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-chi2test'] --- import kbnMlChi2testObj from './kbn_ml_chi2test.devdocs.json'; diff --git a/api_docs/kbn_ml_data_frame_analytics_utils.mdx b/api_docs/kbn_ml_data_frame_analytics_utils.mdx index 62a40e331806b..02fbd5f1d41ec 100644 --- a/api_docs/kbn_ml_data_frame_analytics_utils.mdx +++ b/api_docs/kbn_ml_data_frame_analytics_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-data-frame-analytics-utils title: "@kbn/ml-data-frame-analytics-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-data-frame-analytics-utils plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-data-frame-analytics-utils'] --- import kbnMlDataFrameAnalyticsUtilsObj from './kbn_ml_data_frame_analytics_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_data_grid.mdx b/api_docs/kbn_ml_data_grid.mdx index 6355593382987..ccc5a2ffea35d 100644 --- a/api_docs/kbn_ml_data_grid.mdx +++ b/api_docs/kbn_ml_data_grid.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-data-grid title: "@kbn/ml-data-grid" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-data-grid plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-data-grid'] --- import kbnMlDataGridObj from './kbn_ml_data_grid.devdocs.json'; diff --git a/api_docs/kbn_ml_date_picker.mdx b/api_docs/kbn_ml_date_picker.mdx index f63c8ce04dd54..a10c01e9304f4 100644 --- a/api_docs/kbn_ml_date_picker.mdx +++ b/api_docs/kbn_ml_date_picker.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-date-picker title: "@kbn/ml-date-picker" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-date-picker plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-date-picker'] --- import kbnMlDatePickerObj from './kbn_ml_date_picker.devdocs.json'; diff --git a/api_docs/kbn_ml_date_utils.mdx b/api_docs/kbn_ml_date_utils.mdx index fc39d42afd575..9eb6ec4c1a3da 100644 --- a/api_docs/kbn_ml_date_utils.mdx +++ b/api_docs/kbn_ml_date_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-date-utils title: "@kbn/ml-date-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-date-utils plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-date-utils'] --- import kbnMlDateUtilsObj from './kbn_ml_date_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_error_utils.mdx b/api_docs/kbn_ml_error_utils.mdx index a44e50135be3a..89a8705d6b691 100644 --- a/api_docs/kbn_ml_error_utils.mdx +++ b/api_docs/kbn_ml_error_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-error-utils title: "@kbn/ml-error-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-error-utils plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-error-utils'] --- import kbnMlErrorUtilsObj from './kbn_ml_error_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_field_stats_flyout.mdx b/api_docs/kbn_ml_field_stats_flyout.mdx index 75093aae99896..98260eba872fb 100644 --- a/api_docs/kbn_ml_field_stats_flyout.mdx +++ b/api_docs/kbn_ml_field_stats_flyout.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-field-stats-flyout title: "@kbn/ml-field-stats-flyout" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-field-stats-flyout plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-field-stats-flyout'] --- import kbnMlFieldStatsFlyoutObj from './kbn_ml_field_stats_flyout.devdocs.json'; diff --git a/api_docs/kbn_ml_in_memory_table.mdx b/api_docs/kbn_ml_in_memory_table.mdx index fd920e051341c..545fab15a78ff 100644 --- a/api_docs/kbn_ml_in_memory_table.mdx +++ b/api_docs/kbn_ml_in_memory_table.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-in-memory-table title: "@kbn/ml-in-memory-table" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-in-memory-table plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-in-memory-table'] --- import kbnMlInMemoryTableObj from './kbn_ml_in_memory_table.devdocs.json'; diff --git a/api_docs/kbn_ml_is_defined.mdx b/api_docs/kbn_ml_is_defined.mdx index 6d8623c3eaee7..093cc37a81a99 100644 --- a/api_docs/kbn_ml_is_defined.mdx +++ b/api_docs/kbn_ml_is_defined.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-is-defined title: "@kbn/ml-is-defined" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-is-defined plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-is-defined'] --- import kbnMlIsDefinedObj from './kbn_ml_is_defined.devdocs.json'; diff --git a/api_docs/kbn_ml_is_populated_object.mdx b/api_docs/kbn_ml_is_populated_object.mdx index 51ffc6a4f3053..58d152e370e4c 100644 --- a/api_docs/kbn_ml_is_populated_object.mdx +++ b/api_docs/kbn_ml_is_populated_object.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-is-populated-object title: "@kbn/ml-is-populated-object" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-is-populated-object plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-is-populated-object'] --- import kbnMlIsPopulatedObjectObj from './kbn_ml_is_populated_object.devdocs.json'; diff --git a/api_docs/kbn_ml_kibana_theme.mdx b/api_docs/kbn_ml_kibana_theme.mdx index 5a4c6497b070c..358f73099b8cd 100644 --- a/api_docs/kbn_ml_kibana_theme.mdx +++ b/api_docs/kbn_ml_kibana_theme.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-kibana-theme title: "@kbn/ml-kibana-theme" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-kibana-theme plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-kibana-theme'] --- import kbnMlKibanaThemeObj from './kbn_ml_kibana_theme.devdocs.json'; diff --git a/api_docs/kbn_ml_local_storage.mdx b/api_docs/kbn_ml_local_storage.mdx index 7f1c83a56b88b..1e734b7d99287 100644 --- a/api_docs/kbn_ml_local_storage.mdx +++ b/api_docs/kbn_ml_local_storage.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-local-storage title: "@kbn/ml-local-storage" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-local-storage plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-local-storage'] --- import kbnMlLocalStorageObj from './kbn_ml_local_storage.devdocs.json'; diff --git a/api_docs/kbn_ml_nested_property.mdx b/api_docs/kbn_ml_nested_property.mdx index 042532d4a5d57..384aed77a8699 100644 --- a/api_docs/kbn_ml_nested_property.mdx +++ b/api_docs/kbn_ml_nested_property.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-nested-property title: "@kbn/ml-nested-property" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-nested-property plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-nested-property'] --- import kbnMlNestedPropertyObj from './kbn_ml_nested_property.devdocs.json'; diff --git a/api_docs/kbn_ml_number_utils.mdx b/api_docs/kbn_ml_number_utils.mdx index f092c83aa9bd8..f7381d7af757e 100644 --- a/api_docs/kbn_ml_number_utils.mdx +++ b/api_docs/kbn_ml_number_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-number-utils title: "@kbn/ml-number-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-number-utils plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-number-utils'] --- import kbnMlNumberUtilsObj from './kbn_ml_number_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_parse_interval.mdx b/api_docs/kbn_ml_parse_interval.mdx index ce8512675a789..a8316379ff1f5 100644 --- a/api_docs/kbn_ml_parse_interval.mdx +++ b/api_docs/kbn_ml_parse_interval.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-parse-interval title: "@kbn/ml-parse-interval" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-parse-interval plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-parse-interval'] --- import kbnMlParseIntervalObj from './kbn_ml_parse_interval.devdocs.json'; diff --git a/api_docs/kbn_ml_query_utils.mdx b/api_docs/kbn_ml_query_utils.mdx index e665c85d742b6..0e97a3e79ca96 100644 --- a/api_docs/kbn_ml_query_utils.mdx +++ b/api_docs/kbn_ml_query_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-query-utils title: "@kbn/ml-query-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-query-utils plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-query-utils'] --- import kbnMlQueryUtilsObj from './kbn_ml_query_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_random_sampler_utils.mdx b/api_docs/kbn_ml_random_sampler_utils.mdx index f631aeed553d9..57afc64c245f6 100644 --- a/api_docs/kbn_ml_random_sampler_utils.mdx +++ b/api_docs/kbn_ml_random_sampler_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-random-sampler-utils title: "@kbn/ml-random-sampler-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-random-sampler-utils plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-random-sampler-utils'] --- import kbnMlRandomSamplerUtilsObj from './kbn_ml_random_sampler_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_route_utils.mdx b/api_docs/kbn_ml_route_utils.mdx index 6bf315690e786..aaccec9b9b66b 100644 --- a/api_docs/kbn_ml_route_utils.mdx +++ b/api_docs/kbn_ml_route_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-route-utils title: "@kbn/ml-route-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-route-utils plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-route-utils'] --- import kbnMlRouteUtilsObj from './kbn_ml_route_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_runtime_field_utils.mdx b/api_docs/kbn_ml_runtime_field_utils.mdx index 1e9f667424a1a..92cdd0fcf3582 100644 --- a/api_docs/kbn_ml_runtime_field_utils.mdx +++ b/api_docs/kbn_ml_runtime_field_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-runtime-field-utils title: "@kbn/ml-runtime-field-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-runtime-field-utils plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-runtime-field-utils'] --- import kbnMlRuntimeFieldUtilsObj from './kbn_ml_runtime_field_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_string_hash.mdx b/api_docs/kbn_ml_string_hash.mdx index 030b268092225..2ff85f1878212 100644 --- a/api_docs/kbn_ml_string_hash.mdx +++ b/api_docs/kbn_ml_string_hash.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-string-hash title: "@kbn/ml-string-hash" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-string-hash plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-string-hash'] --- import kbnMlStringHashObj from './kbn_ml_string_hash.devdocs.json'; diff --git a/api_docs/kbn_ml_time_buckets.mdx b/api_docs/kbn_ml_time_buckets.mdx index 14eec13cb452e..0b7e619c1d496 100644 --- a/api_docs/kbn_ml_time_buckets.mdx +++ b/api_docs/kbn_ml_time_buckets.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-time-buckets title: "@kbn/ml-time-buckets" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-time-buckets plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-time-buckets'] --- import kbnMlTimeBucketsObj from './kbn_ml_time_buckets.devdocs.json'; diff --git a/api_docs/kbn_ml_trained_models_utils.mdx b/api_docs/kbn_ml_trained_models_utils.mdx index eb89f20c32690..9c6464f8a37c6 100644 --- a/api_docs/kbn_ml_trained_models_utils.mdx +++ b/api_docs/kbn_ml_trained_models_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-trained-models-utils title: "@kbn/ml-trained-models-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-trained-models-utils plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-trained-models-utils'] --- import kbnMlTrainedModelsUtilsObj from './kbn_ml_trained_models_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_ui_actions.mdx b/api_docs/kbn_ml_ui_actions.mdx index 2dcae5ba3e0df..70eef9c64df07 100644 --- a/api_docs/kbn_ml_ui_actions.mdx +++ b/api_docs/kbn_ml_ui_actions.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-ui-actions title: "@kbn/ml-ui-actions" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-ui-actions plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-ui-actions'] --- import kbnMlUiActionsObj from './kbn_ml_ui_actions.devdocs.json'; diff --git a/api_docs/kbn_ml_url_state.mdx b/api_docs/kbn_ml_url_state.mdx index d706562e546fb..000961b765b7b 100644 --- a/api_docs/kbn_ml_url_state.mdx +++ b/api_docs/kbn_ml_url_state.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-url-state title: "@kbn/ml-url-state" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-url-state plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-url-state'] --- import kbnMlUrlStateObj from './kbn_ml_url_state.devdocs.json'; diff --git a/api_docs/kbn_ml_validators.mdx b/api_docs/kbn_ml_validators.mdx index 98a6c010228c9..bf70b42c6bffe 100644 --- a/api_docs/kbn_ml_validators.mdx +++ b/api_docs/kbn_ml_validators.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-validators title: "@kbn/ml-validators" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-validators plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-validators'] --- import kbnMlValidatorsObj from './kbn_ml_validators.devdocs.json'; diff --git a/api_docs/kbn_mock_idp_utils.mdx b/api_docs/kbn_mock_idp_utils.mdx index 937fa51cc921e..f0ddb24255976 100644 --- a/api_docs/kbn_mock_idp_utils.mdx +++ b/api_docs/kbn_mock_idp_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-mock-idp-utils title: "@kbn/mock-idp-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/mock-idp-utils plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/mock-idp-utils'] --- import kbnMockIdpUtilsObj from './kbn_mock_idp_utils.devdocs.json'; diff --git a/api_docs/kbn_monaco.mdx b/api_docs/kbn_monaco.mdx index 25ca3deca8506..3eef8040fe34e 100644 --- a/api_docs/kbn_monaco.mdx +++ b/api_docs/kbn_monaco.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-monaco title: "@kbn/monaco" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/monaco plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/monaco'] --- import kbnMonacoObj from './kbn_monaco.devdocs.json'; diff --git a/api_docs/kbn_object_versioning.mdx b/api_docs/kbn_object_versioning.mdx index b23c2199e887a..81731da8612ee 100644 --- a/api_docs/kbn_object_versioning.mdx +++ b/api_docs/kbn_object_versioning.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-object-versioning title: "@kbn/object-versioning" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/object-versioning plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/object-versioning'] --- import kbnObjectVersioningObj from './kbn_object_versioning.devdocs.json'; diff --git a/api_docs/kbn_object_versioning_utils.mdx b/api_docs/kbn_object_versioning_utils.mdx index a50bf191332d8..24494ffa2b5b8 100644 --- a/api_docs/kbn_object_versioning_utils.mdx +++ b/api_docs/kbn_object_versioning_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-object-versioning-utils title: "@kbn/object-versioning-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/object-versioning-utils plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/object-versioning-utils'] --- import kbnObjectVersioningUtilsObj from './kbn_object_versioning_utils.devdocs.json'; diff --git a/api_docs/kbn_observability_alert_details.mdx b/api_docs/kbn_observability_alert_details.mdx index d94fae58d5fda..c0b183feaa410 100644 --- a/api_docs/kbn_observability_alert_details.mdx +++ b/api_docs/kbn_observability_alert_details.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-observability-alert-details title: "@kbn/observability-alert-details" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/observability-alert-details plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/observability-alert-details'] --- import kbnObservabilityAlertDetailsObj from './kbn_observability_alert_details.devdocs.json'; diff --git a/api_docs/kbn_observability_alerting_rule_utils.mdx b/api_docs/kbn_observability_alerting_rule_utils.mdx index ef2d357369488..ddc5fefa167e6 100644 --- a/api_docs/kbn_observability_alerting_rule_utils.mdx +++ b/api_docs/kbn_observability_alerting_rule_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-observability-alerting-rule-utils title: "@kbn/observability-alerting-rule-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/observability-alerting-rule-utils plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/observability-alerting-rule-utils'] --- import kbnObservabilityAlertingRuleUtilsObj from './kbn_observability_alerting_rule_utils.devdocs.json'; diff --git a/api_docs/kbn_observability_alerting_test_data.mdx b/api_docs/kbn_observability_alerting_test_data.mdx index 034c534f232ba..84a5e3df82675 100644 --- a/api_docs/kbn_observability_alerting_test_data.mdx +++ b/api_docs/kbn_observability_alerting_test_data.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-observability-alerting-test-data title: "@kbn/observability-alerting-test-data" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/observability-alerting-test-data plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/observability-alerting-test-data'] --- import kbnObservabilityAlertingTestDataObj from './kbn_observability_alerting_test_data.devdocs.json'; diff --git a/api_docs/kbn_observability_get_padded_alert_time_range_util.mdx b/api_docs/kbn_observability_get_padded_alert_time_range_util.mdx index c69daf7f29a6a..d6c72cc67c34c 100644 --- a/api_docs/kbn_observability_get_padded_alert_time_range_util.mdx +++ b/api_docs/kbn_observability_get_padded_alert_time_range_util.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-observability-get-padded-alert-time-range-util title: "@kbn/observability-get-padded-alert-time-range-util" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/observability-get-padded-alert-time-range-util plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/observability-get-padded-alert-time-range-util'] --- import kbnObservabilityGetPaddedAlertTimeRangeUtilObj from './kbn_observability_get_padded_alert_time_range_util.devdocs.json'; diff --git a/api_docs/kbn_observability_synthetics_test_data.mdx b/api_docs/kbn_observability_synthetics_test_data.mdx index 20609070411dc..460092f8f58bb 100644 --- a/api_docs/kbn_observability_synthetics_test_data.mdx +++ b/api_docs/kbn_observability_synthetics_test_data.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-observability-synthetics-test-data title: "@kbn/observability-synthetics-test-data" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/observability-synthetics-test-data plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/observability-synthetics-test-data'] --- import kbnObservabilitySyntheticsTestDataObj from './kbn_observability_synthetics_test_data.devdocs.json'; diff --git a/api_docs/kbn_openapi_bundler.mdx b/api_docs/kbn_openapi_bundler.mdx index ce265102cc973..2ea3e88962b8f 100644 --- a/api_docs/kbn_openapi_bundler.mdx +++ b/api_docs/kbn_openapi_bundler.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-openapi-bundler title: "@kbn/openapi-bundler" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/openapi-bundler plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/openapi-bundler'] --- import kbnOpenapiBundlerObj from './kbn_openapi_bundler.devdocs.json'; diff --git a/api_docs/kbn_openapi_generator.mdx b/api_docs/kbn_openapi_generator.mdx index 84f0f0e1da152..1a7345ddaaaef 100644 --- a/api_docs/kbn_openapi_generator.mdx +++ b/api_docs/kbn_openapi_generator.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-openapi-generator title: "@kbn/openapi-generator" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/openapi-generator plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/openapi-generator'] --- import kbnOpenapiGeneratorObj from './kbn_openapi_generator.devdocs.json'; diff --git a/api_docs/kbn_optimizer.mdx b/api_docs/kbn_optimizer.mdx index 1d70d737e645a..4247dbe65fc6d 100644 --- a/api_docs/kbn_optimizer.mdx +++ b/api_docs/kbn_optimizer.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-optimizer title: "@kbn/optimizer" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/optimizer plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/optimizer'] --- import kbnOptimizerObj from './kbn_optimizer.devdocs.json'; diff --git a/api_docs/kbn_optimizer_webpack_helpers.mdx b/api_docs/kbn_optimizer_webpack_helpers.mdx index df68d89e27bdc..01d00759e4c19 100644 --- a/api_docs/kbn_optimizer_webpack_helpers.mdx +++ b/api_docs/kbn_optimizer_webpack_helpers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-optimizer-webpack-helpers title: "@kbn/optimizer-webpack-helpers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/optimizer-webpack-helpers plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/optimizer-webpack-helpers'] --- import kbnOptimizerWebpackHelpersObj from './kbn_optimizer_webpack_helpers.devdocs.json'; diff --git a/api_docs/kbn_osquery_io_ts_types.mdx b/api_docs/kbn_osquery_io_ts_types.mdx index eb5d046d03396..99cab425c98aa 100644 --- a/api_docs/kbn_osquery_io_ts_types.mdx +++ b/api_docs/kbn_osquery_io_ts_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-osquery-io-ts-types title: "@kbn/osquery-io-ts-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/osquery-io-ts-types plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/osquery-io-ts-types'] --- import kbnOsqueryIoTsTypesObj from './kbn_osquery_io_ts_types.devdocs.json'; diff --git a/api_docs/kbn_panel_loader.mdx b/api_docs/kbn_panel_loader.mdx index 20225bdf1cdda..2e9532bf04450 100644 --- a/api_docs/kbn_panel_loader.mdx +++ b/api_docs/kbn_panel_loader.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-panel-loader title: "@kbn/panel-loader" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/panel-loader plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/panel-loader'] --- import kbnPanelLoaderObj from './kbn_panel_loader.devdocs.json'; diff --git a/api_docs/kbn_performance_testing_dataset_extractor.mdx b/api_docs/kbn_performance_testing_dataset_extractor.mdx index bf6fdebf20d11..fd2ada244f2e4 100644 --- a/api_docs/kbn_performance_testing_dataset_extractor.mdx +++ b/api_docs/kbn_performance_testing_dataset_extractor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-performance-testing-dataset-extractor title: "@kbn/performance-testing-dataset-extractor" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/performance-testing-dataset-extractor plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/performance-testing-dataset-extractor'] --- import kbnPerformanceTestingDatasetExtractorObj from './kbn_performance_testing_dataset_extractor.devdocs.json'; diff --git a/api_docs/kbn_plugin_check.mdx b/api_docs/kbn_plugin_check.mdx index a1c8fce1afdda..1e7c508d3c5b4 100644 --- a/api_docs/kbn_plugin_check.mdx +++ b/api_docs/kbn_plugin_check.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-plugin-check title: "@kbn/plugin-check" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/plugin-check plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/plugin-check'] --- import kbnPluginCheckObj from './kbn_plugin_check.devdocs.json'; diff --git a/api_docs/kbn_plugin_generator.mdx b/api_docs/kbn_plugin_generator.mdx index 5dddfe040e712..cef6c9e408b4e 100644 --- a/api_docs/kbn_plugin_generator.mdx +++ b/api_docs/kbn_plugin_generator.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-plugin-generator title: "@kbn/plugin-generator" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/plugin-generator plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/plugin-generator'] --- import kbnPluginGeneratorObj from './kbn_plugin_generator.devdocs.json'; diff --git a/api_docs/kbn_plugin_helpers.mdx b/api_docs/kbn_plugin_helpers.mdx index 90c0efbee3a1e..73559631cbbad 100644 --- a/api_docs/kbn_plugin_helpers.mdx +++ b/api_docs/kbn_plugin_helpers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-plugin-helpers title: "@kbn/plugin-helpers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/plugin-helpers plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/plugin-helpers'] --- import kbnPluginHelpersObj from './kbn_plugin_helpers.devdocs.json'; diff --git a/api_docs/kbn_presentation_containers.mdx b/api_docs/kbn_presentation_containers.mdx index 0097825c65e82..9da99d16c318c 100644 --- a/api_docs/kbn_presentation_containers.mdx +++ b/api_docs/kbn_presentation_containers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-presentation-containers title: "@kbn/presentation-containers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/presentation-containers plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/presentation-containers'] --- import kbnPresentationContainersObj from './kbn_presentation_containers.devdocs.json'; diff --git a/api_docs/kbn_presentation_publishing.mdx b/api_docs/kbn_presentation_publishing.mdx index 8e8f821922d48..b20daa907274e 100644 --- a/api_docs/kbn_presentation_publishing.mdx +++ b/api_docs/kbn_presentation_publishing.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-presentation-publishing title: "@kbn/presentation-publishing" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/presentation-publishing plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/presentation-publishing'] --- import kbnPresentationPublishingObj from './kbn_presentation_publishing.devdocs.json'; diff --git a/api_docs/kbn_profiling_utils.mdx b/api_docs/kbn_profiling_utils.mdx index a899797ed12ec..7e88e34e7bcdb 100644 --- a/api_docs/kbn_profiling_utils.mdx +++ b/api_docs/kbn_profiling_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-profiling-utils title: "@kbn/profiling-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/profiling-utils plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/profiling-utils'] --- import kbnProfilingUtilsObj from './kbn_profiling_utils.devdocs.json'; diff --git a/api_docs/kbn_random_sampling.mdx b/api_docs/kbn_random_sampling.mdx index 207a2c3c260de..dbdacde2ede91 100644 --- a/api_docs/kbn_random_sampling.mdx +++ b/api_docs/kbn_random_sampling.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-random-sampling title: "@kbn/random-sampling" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/random-sampling plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/random-sampling'] --- import kbnRandomSamplingObj from './kbn_random_sampling.devdocs.json'; diff --git a/api_docs/kbn_react_field.mdx b/api_docs/kbn_react_field.mdx index ba1b0b52651ed..9d02b8f1fbb89 100644 --- a/api_docs/kbn_react_field.mdx +++ b/api_docs/kbn_react_field.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-field title: "@kbn/react-field" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-field plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-field'] --- import kbnReactFieldObj from './kbn_react_field.devdocs.json'; diff --git a/api_docs/kbn_react_hooks.mdx b/api_docs/kbn_react_hooks.mdx index 9f73dbc94f335..117c3d79442bf 100644 --- a/api_docs/kbn_react_hooks.mdx +++ b/api_docs/kbn_react_hooks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-hooks title: "@kbn/react-hooks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-hooks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-hooks'] --- import kbnReactHooksObj from './kbn_react_hooks.devdocs.json'; diff --git a/api_docs/kbn_react_kibana_context_common.mdx b/api_docs/kbn_react_kibana_context_common.mdx index 769976274be4b..7f0dd70c3154d 100644 --- a/api_docs/kbn_react_kibana_context_common.mdx +++ b/api_docs/kbn_react_kibana_context_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-kibana-context-common title: "@kbn/react-kibana-context-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-kibana-context-common plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-kibana-context-common'] --- import kbnReactKibanaContextCommonObj from './kbn_react_kibana_context_common.devdocs.json'; diff --git a/api_docs/kbn_react_kibana_context_render.mdx b/api_docs/kbn_react_kibana_context_render.mdx index 558b70138ecd4..4c644b916e2b1 100644 --- a/api_docs/kbn_react_kibana_context_render.mdx +++ b/api_docs/kbn_react_kibana_context_render.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-kibana-context-render title: "@kbn/react-kibana-context-render" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-kibana-context-render plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-kibana-context-render'] --- import kbnReactKibanaContextRenderObj from './kbn_react_kibana_context_render.devdocs.json'; diff --git a/api_docs/kbn_react_kibana_context_root.mdx b/api_docs/kbn_react_kibana_context_root.mdx index 47652d7f0b9c5..9acefb9fb622c 100644 --- a/api_docs/kbn_react_kibana_context_root.mdx +++ b/api_docs/kbn_react_kibana_context_root.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-kibana-context-root title: "@kbn/react-kibana-context-root" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-kibana-context-root plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-kibana-context-root'] --- import kbnReactKibanaContextRootObj from './kbn_react_kibana_context_root.devdocs.json'; diff --git a/api_docs/kbn_react_kibana_context_styled.mdx b/api_docs/kbn_react_kibana_context_styled.mdx index eaa632088c573..15d18d87c374a 100644 --- a/api_docs/kbn_react_kibana_context_styled.mdx +++ b/api_docs/kbn_react_kibana_context_styled.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-kibana-context-styled title: "@kbn/react-kibana-context-styled" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-kibana-context-styled plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-kibana-context-styled'] --- import kbnReactKibanaContextStyledObj from './kbn_react_kibana_context_styled.devdocs.json'; diff --git a/api_docs/kbn_react_kibana_context_theme.mdx b/api_docs/kbn_react_kibana_context_theme.mdx index 091349ef77ed9..092821ccd1dee 100644 --- a/api_docs/kbn_react_kibana_context_theme.mdx +++ b/api_docs/kbn_react_kibana_context_theme.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-kibana-context-theme title: "@kbn/react-kibana-context-theme" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-kibana-context-theme plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-kibana-context-theme'] --- import kbnReactKibanaContextThemeObj from './kbn_react_kibana_context_theme.devdocs.json'; diff --git a/api_docs/kbn_react_kibana_mount.mdx b/api_docs/kbn_react_kibana_mount.mdx index d5b85be7cce37..e9b1c86ecf909 100644 --- a/api_docs/kbn_react_kibana_mount.mdx +++ b/api_docs/kbn_react_kibana_mount.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-kibana-mount title: "@kbn/react-kibana-mount" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-kibana-mount plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-kibana-mount'] --- import kbnReactKibanaMountObj from './kbn_react_kibana_mount.devdocs.json'; diff --git a/api_docs/kbn_recently_accessed.mdx b/api_docs/kbn_recently_accessed.mdx index db64e87b36f9c..0d4757b457f47 100644 --- a/api_docs/kbn_recently_accessed.mdx +++ b/api_docs/kbn_recently_accessed.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-recently-accessed title: "@kbn/recently-accessed" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/recently-accessed plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/recently-accessed'] --- import kbnRecentlyAccessedObj from './kbn_recently_accessed.devdocs.json'; diff --git a/api_docs/kbn_repo_file_maps.mdx b/api_docs/kbn_repo_file_maps.mdx index f516f90d81c55..967172e8de40e 100644 --- a/api_docs/kbn_repo_file_maps.mdx +++ b/api_docs/kbn_repo_file_maps.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-repo-file-maps title: "@kbn/repo-file-maps" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/repo-file-maps plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/repo-file-maps'] --- import kbnRepoFileMapsObj from './kbn_repo_file_maps.devdocs.json'; diff --git a/api_docs/kbn_repo_linter.mdx b/api_docs/kbn_repo_linter.mdx index 6bd0206b4bcd9..ef87c75a85127 100644 --- a/api_docs/kbn_repo_linter.mdx +++ b/api_docs/kbn_repo_linter.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-repo-linter title: "@kbn/repo-linter" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/repo-linter plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/repo-linter'] --- import kbnRepoLinterObj from './kbn_repo_linter.devdocs.json'; diff --git a/api_docs/kbn_repo_path.mdx b/api_docs/kbn_repo_path.mdx index b9aa7ac781086..b0c63cea8fc75 100644 --- a/api_docs/kbn_repo_path.mdx +++ b/api_docs/kbn_repo_path.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-repo-path title: "@kbn/repo-path" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/repo-path plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/repo-path'] --- import kbnRepoPathObj from './kbn_repo_path.devdocs.json'; diff --git a/api_docs/kbn_repo_source_classifier.mdx b/api_docs/kbn_repo_source_classifier.mdx index fc391aa19d06a..0639ef9d242bc 100644 --- a/api_docs/kbn_repo_source_classifier.mdx +++ b/api_docs/kbn_repo_source_classifier.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-repo-source-classifier title: "@kbn/repo-source-classifier" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/repo-source-classifier plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/repo-source-classifier'] --- import kbnRepoSourceClassifierObj from './kbn_repo_source_classifier.devdocs.json'; diff --git a/api_docs/kbn_reporting_common.mdx b/api_docs/kbn_reporting_common.mdx index c19dca4d9cfb5..cb2059a5dd087 100644 --- a/api_docs/kbn_reporting_common.mdx +++ b/api_docs/kbn_reporting_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-common title: "@kbn/reporting-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-common plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-common'] --- import kbnReportingCommonObj from './kbn_reporting_common.devdocs.json'; diff --git a/api_docs/kbn_reporting_csv_share_panel.mdx b/api_docs/kbn_reporting_csv_share_panel.mdx index 73cb7799b10f7..9dd733f7c6942 100644 --- a/api_docs/kbn_reporting_csv_share_panel.mdx +++ b/api_docs/kbn_reporting_csv_share_panel.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-csv-share-panel title: "@kbn/reporting-csv-share-panel" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-csv-share-panel plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-csv-share-panel'] --- import kbnReportingCsvSharePanelObj from './kbn_reporting_csv_share_panel.devdocs.json'; diff --git a/api_docs/kbn_reporting_export_types_csv.mdx b/api_docs/kbn_reporting_export_types_csv.mdx index b91361fa16766..57241b2f95114 100644 --- a/api_docs/kbn_reporting_export_types_csv.mdx +++ b/api_docs/kbn_reporting_export_types_csv.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-export-types-csv title: "@kbn/reporting-export-types-csv" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-export-types-csv plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-export-types-csv'] --- import kbnReportingExportTypesCsvObj from './kbn_reporting_export_types_csv.devdocs.json'; diff --git a/api_docs/kbn_reporting_export_types_csv_common.mdx b/api_docs/kbn_reporting_export_types_csv_common.mdx index f7806a99fa972..d9d43f03e4eaf 100644 --- a/api_docs/kbn_reporting_export_types_csv_common.mdx +++ b/api_docs/kbn_reporting_export_types_csv_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-export-types-csv-common title: "@kbn/reporting-export-types-csv-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-export-types-csv-common plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-export-types-csv-common'] --- import kbnReportingExportTypesCsvCommonObj from './kbn_reporting_export_types_csv_common.devdocs.json'; diff --git a/api_docs/kbn_reporting_export_types_pdf.mdx b/api_docs/kbn_reporting_export_types_pdf.mdx index 899270815e64e..c10884296c5ba 100644 --- a/api_docs/kbn_reporting_export_types_pdf.mdx +++ b/api_docs/kbn_reporting_export_types_pdf.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-export-types-pdf title: "@kbn/reporting-export-types-pdf" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-export-types-pdf plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-export-types-pdf'] --- import kbnReportingExportTypesPdfObj from './kbn_reporting_export_types_pdf.devdocs.json'; diff --git a/api_docs/kbn_reporting_export_types_pdf_common.mdx b/api_docs/kbn_reporting_export_types_pdf_common.mdx index 5c753d775b72e..7d876ad376910 100644 --- a/api_docs/kbn_reporting_export_types_pdf_common.mdx +++ b/api_docs/kbn_reporting_export_types_pdf_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-export-types-pdf-common title: "@kbn/reporting-export-types-pdf-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-export-types-pdf-common plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-export-types-pdf-common'] --- import kbnReportingExportTypesPdfCommonObj from './kbn_reporting_export_types_pdf_common.devdocs.json'; diff --git a/api_docs/kbn_reporting_export_types_png.mdx b/api_docs/kbn_reporting_export_types_png.mdx index 4de485681b53b..8abbdff24cfa3 100644 --- a/api_docs/kbn_reporting_export_types_png.mdx +++ b/api_docs/kbn_reporting_export_types_png.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-export-types-png title: "@kbn/reporting-export-types-png" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-export-types-png plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-export-types-png'] --- import kbnReportingExportTypesPngObj from './kbn_reporting_export_types_png.devdocs.json'; diff --git a/api_docs/kbn_reporting_export_types_png_common.mdx b/api_docs/kbn_reporting_export_types_png_common.mdx index 6bd263c1ef42d..f35abb8c5a6c9 100644 --- a/api_docs/kbn_reporting_export_types_png_common.mdx +++ b/api_docs/kbn_reporting_export_types_png_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-export-types-png-common title: "@kbn/reporting-export-types-png-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-export-types-png-common plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-export-types-png-common'] --- import kbnReportingExportTypesPngCommonObj from './kbn_reporting_export_types_png_common.devdocs.json'; diff --git a/api_docs/kbn_reporting_mocks_server.mdx b/api_docs/kbn_reporting_mocks_server.mdx index 3f3bdef3671f2..f0489aecc0bb8 100644 --- a/api_docs/kbn_reporting_mocks_server.mdx +++ b/api_docs/kbn_reporting_mocks_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-mocks-server title: "@kbn/reporting-mocks-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-mocks-server plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-mocks-server'] --- import kbnReportingMocksServerObj from './kbn_reporting_mocks_server.devdocs.json'; diff --git a/api_docs/kbn_reporting_public.mdx b/api_docs/kbn_reporting_public.mdx index 650105a7e1e12..6acd6ff7bff5e 100644 --- a/api_docs/kbn_reporting_public.mdx +++ b/api_docs/kbn_reporting_public.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-public title: "@kbn/reporting-public" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-public plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-public'] --- import kbnReportingPublicObj from './kbn_reporting_public.devdocs.json'; diff --git a/api_docs/kbn_reporting_server.mdx b/api_docs/kbn_reporting_server.mdx index ca760c5caed50..b01971b00ca12 100644 --- a/api_docs/kbn_reporting_server.mdx +++ b/api_docs/kbn_reporting_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-server title: "@kbn/reporting-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-server plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-server'] --- import kbnReportingServerObj from './kbn_reporting_server.devdocs.json'; diff --git a/api_docs/kbn_resizable_layout.mdx b/api_docs/kbn_resizable_layout.mdx index f51d7f4b7dbc3..54608ca7863d3 100644 --- a/api_docs/kbn_resizable_layout.mdx +++ b/api_docs/kbn_resizable_layout.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-resizable-layout title: "@kbn/resizable-layout" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/resizable-layout plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/resizable-layout'] --- import kbnResizableLayoutObj from './kbn_resizable_layout.devdocs.json'; diff --git a/api_docs/kbn_response_ops_feature_flag_service.mdx b/api_docs/kbn_response_ops_feature_flag_service.mdx index b889848db0291..4b905c361b95a 100644 --- a/api_docs/kbn_response_ops_feature_flag_service.mdx +++ b/api_docs/kbn_response_ops_feature_flag_service.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-response-ops-feature-flag-service title: "@kbn/response-ops-feature-flag-service" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/response-ops-feature-flag-service plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/response-ops-feature-flag-service'] --- import kbnResponseOpsFeatureFlagServiceObj from './kbn_response_ops_feature_flag_service.devdocs.json'; diff --git a/api_docs/kbn_rison.mdx b/api_docs/kbn_rison.mdx index 98b6214b309a4..da12ba2d0140a 100644 --- a/api_docs/kbn_rison.mdx +++ b/api_docs/kbn_rison.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-rison title: "@kbn/rison" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/rison plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/rison'] --- import kbnRisonObj from './kbn_rison.devdocs.json'; diff --git a/api_docs/kbn_rollup.mdx b/api_docs/kbn_rollup.mdx index 1e2431351daf8..22170f4b27ee4 100644 --- a/api_docs/kbn_rollup.mdx +++ b/api_docs/kbn_rollup.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-rollup title: "@kbn/rollup" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/rollup plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/rollup'] --- import kbnRollupObj from './kbn_rollup.devdocs.json'; diff --git a/api_docs/kbn_router_to_openapispec.mdx b/api_docs/kbn_router_to_openapispec.mdx index 4d65701e1e059..cdaa90aa70a2e 100644 --- a/api_docs/kbn_router_to_openapispec.mdx +++ b/api_docs/kbn_router_to_openapispec.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-router-to-openapispec title: "@kbn/router-to-openapispec" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/router-to-openapispec plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/router-to-openapispec'] --- import kbnRouterToOpenapispecObj from './kbn_router_to_openapispec.devdocs.json'; diff --git a/api_docs/kbn_router_utils.mdx b/api_docs/kbn_router_utils.mdx index 517e416066751..09cc5fd59fd73 100644 --- a/api_docs/kbn_router_utils.mdx +++ b/api_docs/kbn_router_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-router-utils title: "@kbn/router-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/router-utils plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/router-utils'] --- import kbnRouterUtilsObj from './kbn_router_utils.devdocs.json'; diff --git a/api_docs/kbn_rrule.mdx b/api_docs/kbn_rrule.mdx index 4a77a415682e8..57d28f62c3b85 100644 --- a/api_docs/kbn_rrule.mdx +++ b/api_docs/kbn_rrule.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-rrule title: "@kbn/rrule" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/rrule plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/rrule'] --- import kbnRruleObj from './kbn_rrule.devdocs.json'; diff --git a/api_docs/kbn_rule_data_utils.mdx b/api_docs/kbn_rule_data_utils.mdx index 429ab6e360eb8..d7f584c5a9524 100644 --- a/api_docs/kbn_rule_data_utils.mdx +++ b/api_docs/kbn_rule_data_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-rule-data-utils title: "@kbn/rule-data-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/rule-data-utils plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/rule-data-utils'] --- import kbnRuleDataUtilsObj from './kbn_rule_data_utils.devdocs.json'; diff --git a/api_docs/kbn_saved_objects_settings.mdx b/api_docs/kbn_saved_objects_settings.mdx index 5aa3c5df2e7e9..128bed1489094 100644 --- a/api_docs/kbn_saved_objects_settings.mdx +++ b/api_docs/kbn_saved_objects_settings.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-saved-objects-settings title: "@kbn/saved-objects-settings" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/saved-objects-settings plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/saved-objects-settings'] --- import kbnSavedObjectsSettingsObj from './kbn_saved_objects_settings.devdocs.json'; diff --git a/api_docs/kbn_screenshotting_server.mdx b/api_docs/kbn_screenshotting_server.mdx index 122ed200107e1..01f1405540f05 100644 --- a/api_docs/kbn_screenshotting_server.mdx +++ b/api_docs/kbn_screenshotting_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-screenshotting-server title: "@kbn/screenshotting-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/screenshotting-server plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/screenshotting-server'] --- import kbnScreenshottingServerObj from './kbn_screenshotting_server.devdocs.json'; diff --git a/api_docs/kbn_search_api_keys_components.mdx b/api_docs/kbn_search_api_keys_components.mdx index 9b5169bc633d1..e0ae37b0f523a 100644 --- a/api_docs/kbn_search_api_keys_components.mdx +++ b/api_docs/kbn_search_api_keys_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-search-api-keys-components title: "@kbn/search-api-keys-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/search-api-keys-components plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/search-api-keys-components'] --- import kbnSearchApiKeysComponentsObj from './kbn_search_api_keys_components.devdocs.json'; diff --git a/api_docs/kbn_search_api_keys_server.mdx b/api_docs/kbn_search_api_keys_server.mdx index 06ebe05f42cf0..2a797b55c9804 100644 --- a/api_docs/kbn_search_api_keys_server.mdx +++ b/api_docs/kbn_search_api_keys_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-search-api-keys-server title: "@kbn/search-api-keys-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/search-api-keys-server plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/search-api-keys-server'] --- import kbnSearchApiKeysServerObj from './kbn_search_api_keys_server.devdocs.json'; diff --git a/api_docs/kbn_search_api_panels.mdx b/api_docs/kbn_search_api_panels.mdx index cb62813a91096..dd33603dd0250 100644 --- a/api_docs/kbn_search_api_panels.mdx +++ b/api_docs/kbn_search_api_panels.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-search-api-panels title: "@kbn/search-api-panels" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/search-api-panels plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/search-api-panels'] --- import kbnSearchApiPanelsObj from './kbn_search_api_panels.devdocs.json'; diff --git a/api_docs/kbn_search_connectors.mdx b/api_docs/kbn_search_connectors.mdx index 446d9864c950d..38200018061ff 100644 --- a/api_docs/kbn_search_connectors.mdx +++ b/api_docs/kbn_search_connectors.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-search-connectors title: "@kbn/search-connectors" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/search-connectors plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/search-connectors'] --- import kbnSearchConnectorsObj from './kbn_search_connectors.devdocs.json'; diff --git a/api_docs/kbn_search_errors.mdx b/api_docs/kbn_search_errors.mdx index 0d7bbdade9100..29c0a3e1c950f 100644 --- a/api_docs/kbn_search_errors.mdx +++ b/api_docs/kbn_search_errors.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-search-errors title: "@kbn/search-errors" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/search-errors plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/search-errors'] --- import kbnSearchErrorsObj from './kbn_search_errors.devdocs.json'; diff --git a/api_docs/kbn_search_index_documents.mdx b/api_docs/kbn_search_index_documents.mdx index 6f743725995e3..bd80553da21fa 100644 --- a/api_docs/kbn_search_index_documents.mdx +++ b/api_docs/kbn_search_index_documents.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-search-index-documents title: "@kbn/search-index-documents" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/search-index-documents plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/search-index-documents'] --- import kbnSearchIndexDocumentsObj from './kbn_search_index_documents.devdocs.json'; diff --git a/api_docs/kbn_search_response_warnings.mdx b/api_docs/kbn_search_response_warnings.mdx index 6b6a496022230..94946b2b10d1f 100644 --- a/api_docs/kbn_search_response_warnings.mdx +++ b/api_docs/kbn_search_response_warnings.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-search-response-warnings title: "@kbn/search-response-warnings" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/search-response-warnings plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/search-response-warnings'] --- import kbnSearchResponseWarningsObj from './kbn_search_response_warnings.devdocs.json'; diff --git a/api_docs/kbn_search_shared_ui.mdx b/api_docs/kbn_search_shared_ui.mdx index 56375ca0b22ef..1bfeb5d5941ce 100644 --- a/api_docs/kbn_search_shared_ui.mdx +++ b/api_docs/kbn_search_shared_ui.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-search-shared-ui title: "@kbn/search-shared-ui" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/search-shared-ui plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/search-shared-ui'] --- import kbnSearchSharedUiObj from './kbn_search_shared_ui.devdocs.json'; diff --git a/api_docs/kbn_search_types.mdx b/api_docs/kbn_search_types.mdx index 55a091190858a..6cfbc7bf39461 100644 --- a/api_docs/kbn_search_types.mdx +++ b/api_docs/kbn_search_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-search-types title: "@kbn/search-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/search-types plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/search-types'] --- import kbnSearchTypesObj from './kbn_search_types.devdocs.json'; diff --git a/api_docs/kbn_security_api_key_management.mdx b/api_docs/kbn_security_api_key_management.mdx index 2ec3e26b6c390..b84a35423fd50 100644 --- a/api_docs/kbn_security_api_key_management.mdx +++ b/api_docs/kbn_security_api_key_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-api-key-management title: "@kbn/security-api-key-management" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-api-key-management plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-api-key-management'] --- import kbnSecurityApiKeyManagementObj from './kbn_security_api_key_management.devdocs.json'; diff --git a/api_docs/kbn_security_authorization_core.mdx b/api_docs/kbn_security_authorization_core.mdx index 1c33bd2441beb..695b07f5404fd 100644 --- a/api_docs/kbn_security_authorization_core.mdx +++ b/api_docs/kbn_security_authorization_core.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-authorization-core title: "@kbn/security-authorization-core" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-authorization-core plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-authorization-core'] --- import kbnSecurityAuthorizationCoreObj from './kbn_security_authorization_core.devdocs.json'; diff --git a/api_docs/kbn_security_form_components.mdx b/api_docs/kbn_security_form_components.mdx index 5f7eccbb4b23b..d4301ac047cc1 100644 --- a/api_docs/kbn_security_form_components.mdx +++ b/api_docs/kbn_security_form_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-form-components title: "@kbn/security-form-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-form-components plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-form-components'] --- import kbnSecurityFormComponentsObj from './kbn_security_form_components.devdocs.json'; diff --git a/api_docs/kbn_security_hardening.mdx b/api_docs/kbn_security_hardening.mdx index a64edd0b145ac..f4ea7dfaa55a4 100644 --- a/api_docs/kbn_security_hardening.mdx +++ b/api_docs/kbn_security_hardening.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-hardening title: "@kbn/security-hardening" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-hardening plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-hardening'] --- import kbnSecurityHardeningObj from './kbn_security_hardening.devdocs.json'; diff --git a/api_docs/kbn_security_plugin_types_common.mdx b/api_docs/kbn_security_plugin_types_common.mdx index 18f31ef800e60..843f6b89ba0e5 100644 --- a/api_docs/kbn_security_plugin_types_common.mdx +++ b/api_docs/kbn_security_plugin_types_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-plugin-types-common title: "@kbn/security-plugin-types-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-plugin-types-common plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-plugin-types-common'] --- import kbnSecurityPluginTypesCommonObj from './kbn_security_plugin_types_common.devdocs.json'; diff --git a/api_docs/kbn_security_plugin_types_public.mdx b/api_docs/kbn_security_plugin_types_public.mdx index 6edcd6baa04fb..67dd043674026 100644 --- a/api_docs/kbn_security_plugin_types_public.mdx +++ b/api_docs/kbn_security_plugin_types_public.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-plugin-types-public title: "@kbn/security-plugin-types-public" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-plugin-types-public plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-plugin-types-public'] --- import kbnSecurityPluginTypesPublicObj from './kbn_security_plugin_types_public.devdocs.json'; diff --git a/api_docs/kbn_security_plugin_types_server.mdx b/api_docs/kbn_security_plugin_types_server.mdx index 25f0b972f026e..235abf9c36551 100644 --- a/api_docs/kbn_security_plugin_types_server.mdx +++ b/api_docs/kbn_security_plugin_types_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-plugin-types-server title: "@kbn/security-plugin-types-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-plugin-types-server plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-plugin-types-server'] --- import kbnSecurityPluginTypesServerObj from './kbn_security_plugin_types_server.devdocs.json'; diff --git a/api_docs/kbn_security_role_management_model.mdx b/api_docs/kbn_security_role_management_model.mdx index f42e055bd0d1f..4692b05429398 100644 --- a/api_docs/kbn_security_role_management_model.mdx +++ b/api_docs/kbn_security_role_management_model.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-role-management-model title: "@kbn/security-role-management-model" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-role-management-model plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-role-management-model'] --- import kbnSecurityRoleManagementModelObj from './kbn_security_role_management_model.devdocs.json'; diff --git a/api_docs/kbn_security_solution_common.mdx b/api_docs/kbn_security_solution_common.mdx index 055c8da801fa2..7344795b7a85b 100644 --- a/api_docs/kbn_security_solution_common.mdx +++ b/api_docs/kbn_security_solution_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-solution-common title: "@kbn/security-solution-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-solution-common plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-solution-common'] --- import kbnSecuritySolutionCommonObj from './kbn_security_solution_common.devdocs.json'; diff --git a/api_docs/kbn_security_solution_distribution_bar.mdx b/api_docs/kbn_security_solution_distribution_bar.mdx index e5dff41fa4646..6be3c447979f1 100644 --- a/api_docs/kbn_security_solution_distribution_bar.mdx +++ b/api_docs/kbn_security_solution_distribution_bar.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-solution-distribution-bar title: "@kbn/security-solution-distribution-bar" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-solution-distribution-bar plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-solution-distribution-bar'] --- import kbnSecuritySolutionDistributionBarObj from './kbn_security_solution_distribution_bar.devdocs.json'; diff --git a/api_docs/kbn_security_solution_features.mdx b/api_docs/kbn_security_solution_features.mdx index 2cc4cb6e95e95..54e3d7c523192 100644 --- a/api_docs/kbn_security_solution_features.mdx +++ b/api_docs/kbn_security_solution_features.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-solution-features title: "@kbn/security-solution-features" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-solution-features plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-solution-features'] --- import kbnSecuritySolutionFeaturesObj from './kbn_security_solution_features.devdocs.json'; diff --git a/api_docs/kbn_security_solution_navigation.mdx b/api_docs/kbn_security_solution_navigation.mdx index adf77c0318355..341766329d032 100644 --- a/api_docs/kbn_security_solution_navigation.mdx +++ b/api_docs/kbn_security_solution_navigation.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-solution-navigation title: "@kbn/security-solution-navigation" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-solution-navigation plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-solution-navigation'] --- import kbnSecuritySolutionNavigationObj from './kbn_security_solution_navigation.devdocs.json'; diff --git a/api_docs/kbn_security_solution_side_nav.mdx b/api_docs/kbn_security_solution_side_nav.mdx index 2f6099a166c2e..eee49844b138d 100644 --- a/api_docs/kbn_security_solution_side_nav.mdx +++ b/api_docs/kbn_security_solution_side_nav.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-solution-side-nav title: "@kbn/security-solution-side-nav" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-solution-side-nav plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-solution-side-nav'] --- import kbnSecuritySolutionSideNavObj from './kbn_security_solution_side_nav.devdocs.json'; diff --git a/api_docs/kbn_security_solution_storybook_config.mdx b/api_docs/kbn_security_solution_storybook_config.mdx index e8350fbc4eefa..23cdb700ed010 100644 --- a/api_docs/kbn_security_solution_storybook_config.mdx +++ b/api_docs/kbn_security_solution_storybook_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-solution-storybook-config title: "@kbn/security-solution-storybook-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-solution-storybook-config plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-solution-storybook-config'] --- import kbnSecuritySolutionStorybookConfigObj from './kbn_security_solution_storybook_config.devdocs.json'; diff --git a/api_docs/kbn_security_ui_components.mdx b/api_docs/kbn_security_ui_components.mdx index b805375daa8b5..843da466a05be 100644 --- a/api_docs/kbn_security_ui_components.mdx +++ b/api_docs/kbn_security_ui_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-ui-components title: "@kbn/security-ui-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-ui-components plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-ui-components'] --- import kbnSecurityUiComponentsObj from './kbn_security_ui_components.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_autocomplete.mdx b/api_docs/kbn_securitysolution_autocomplete.mdx index 6de712c6c34b4..a2fa29b7f1fe9 100644 --- a/api_docs/kbn_securitysolution_autocomplete.mdx +++ b/api_docs/kbn_securitysolution_autocomplete.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-autocomplete title: "@kbn/securitysolution-autocomplete" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-autocomplete plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-autocomplete'] --- import kbnSecuritysolutionAutocompleteObj from './kbn_securitysolution_autocomplete.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_data_table.mdx b/api_docs/kbn_securitysolution_data_table.mdx index f94070b38b024..1c31e3bec8388 100644 --- a/api_docs/kbn_securitysolution_data_table.mdx +++ b/api_docs/kbn_securitysolution_data_table.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-data-table title: "@kbn/securitysolution-data-table" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-data-table plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-data-table'] --- import kbnSecuritysolutionDataTableObj from './kbn_securitysolution_data_table.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_ecs.mdx b/api_docs/kbn_securitysolution_ecs.mdx index 3ec2202b588e9..abb6a0571a5a3 100644 --- a/api_docs/kbn_securitysolution_ecs.mdx +++ b/api_docs/kbn_securitysolution_ecs.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-ecs title: "@kbn/securitysolution-ecs" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-ecs plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-ecs'] --- import kbnSecuritysolutionEcsObj from './kbn_securitysolution_ecs.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_es_utils.mdx b/api_docs/kbn_securitysolution_es_utils.mdx index 9bc4e27098f36..a18729fb66927 100644 --- a/api_docs/kbn_securitysolution_es_utils.mdx +++ b/api_docs/kbn_securitysolution_es_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-es-utils title: "@kbn/securitysolution-es-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-es-utils plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-es-utils'] --- import kbnSecuritysolutionEsUtilsObj from './kbn_securitysolution_es_utils.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_exception_list_components.devdocs.json b/api_docs/kbn_securitysolution_exception_list_components.devdocs.json index 390b5a5c226ce..e1106dd5c031d 100644 --- a/api_docs/kbn_securitysolution_exception_list_components.devdocs.json +++ b/api_docs/kbn_securitysolution_exception_list_components.devdocs.json @@ -414,6 +414,23 @@ ], "initialIsOpen": false }, + { + "parentPluginId": "@kbn/securitysolution-exception-list-components", + "id": "def-common.PartialCodeSignatureCallout", + "type": "Function", + "tags": [], + "label": "PartialCodeSignatureCallout", + "description": [], + "signature": [ + "() => React.JSX.Element" + ], + "path": "packages/kbn-securitysolution-exception-list-components/src/partial_code_signature_callout/index.tsx", + "deprecated": false, + "trackAdoption": false, + "children": [], + "returnComment": [], + "initialIsOpen": false + }, { "parentPluginId": "@kbn/securitysolution-exception-list-components", "id": "def-common.SearchBar", diff --git a/api_docs/kbn_securitysolution_exception_list_components.mdx b/api_docs/kbn_securitysolution_exception_list_components.mdx index f8ff6d107adac..5f6a0a2513685 100644 --- a/api_docs/kbn_securitysolution_exception_list_components.mdx +++ b/api_docs/kbn_securitysolution_exception_list_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-exception-list-components title: "@kbn/securitysolution-exception-list-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-exception-list-components plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-exception-list-components'] --- import kbnSecuritysolutionExceptionListComponentsObj from './kbn_securitysolution_exception_list_components.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/security-detection-engine](https://github.com/orgs/elastic/tea | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 106 | 0 | 95 | 1 | +| 107 | 0 | 96 | 1 | ## Common diff --git a/api_docs/kbn_securitysolution_hook_utils.mdx b/api_docs/kbn_securitysolution_hook_utils.mdx index 033fa41ec154a..af9203c5e32c3 100644 --- a/api_docs/kbn_securitysolution_hook_utils.mdx +++ b/api_docs/kbn_securitysolution_hook_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-hook-utils title: "@kbn/securitysolution-hook-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-hook-utils plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-hook-utils'] --- import kbnSecuritysolutionHookUtilsObj from './kbn_securitysolution_hook_utils.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_io_ts_alerting_types.mdx b/api_docs/kbn_securitysolution_io_ts_alerting_types.mdx index 541eaf6a84b40..9c6aadbb7624e 100644 --- a/api_docs/kbn_securitysolution_io_ts_alerting_types.mdx +++ b/api_docs/kbn_securitysolution_io_ts_alerting_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-io-ts-alerting-types title: "@kbn/securitysolution-io-ts-alerting-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-io-ts-alerting-types plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-io-ts-alerting-types'] --- import kbnSecuritysolutionIoTsAlertingTypesObj from './kbn_securitysolution_io_ts_alerting_types.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_io_ts_list_types.mdx b/api_docs/kbn_securitysolution_io_ts_list_types.mdx index bf67cf2bd0faa..4a48223684b01 100644 --- a/api_docs/kbn_securitysolution_io_ts_list_types.mdx +++ b/api_docs/kbn_securitysolution_io_ts_list_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-io-ts-list-types title: "@kbn/securitysolution-io-ts-list-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-io-ts-list-types plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-io-ts-list-types'] --- import kbnSecuritysolutionIoTsListTypesObj from './kbn_securitysolution_io_ts_list_types.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_io_ts_types.mdx b/api_docs/kbn_securitysolution_io_ts_types.mdx index 766d3dbfda614..4e2def44a0222 100644 --- a/api_docs/kbn_securitysolution_io_ts_types.mdx +++ b/api_docs/kbn_securitysolution_io_ts_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-io-ts-types title: "@kbn/securitysolution-io-ts-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-io-ts-types plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-io-ts-types'] --- import kbnSecuritysolutionIoTsTypesObj from './kbn_securitysolution_io_ts_types.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_io_ts_utils.mdx b/api_docs/kbn_securitysolution_io_ts_utils.mdx index c30c4ca011762..d261ac6637592 100644 --- a/api_docs/kbn_securitysolution_io_ts_utils.mdx +++ b/api_docs/kbn_securitysolution_io_ts_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-io-ts-utils title: "@kbn/securitysolution-io-ts-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-io-ts-utils plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-io-ts-utils'] --- import kbnSecuritysolutionIoTsUtilsObj from './kbn_securitysolution_io_ts_utils.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_list_api.mdx b/api_docs/kbn_securitysolution_list_api.mdx index 1ecf61b2860d0..f95ae3bd28c35 100644 --- a/api_docs/kbn_securitysolution_list_api.mdx +++ b/api_docs/kbn_securitysolution_list_api.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-list-api title: "@kbn/securitysolution-list-api" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-list-api plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-list-api'] --- import kbnSecuritysolutionListApiObj from './kbn_securitysolution_list_api.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_list_constants.mdx b/api_docs/kbn_securitysolution_list_constants.mdx index 02972e9dbd45c..d52f2f3f9a691 100644 --- a/api_docs/kbn_securitysolution_list_constants.mdx +++ b/api_docs/kbn_securitysolution_list_constants.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-list-constants title: "@kbn/securitysolution-list-constants" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-list-constants plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-list-constants'] --- import kbnSecuritysolutionListConstantsObj from './kbn_securitysolution_list_constants.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_list_hooks.mdx b/api_docs/kbn_securitysolution_list_hooks.mdx index bf7f4ca1582c3..d4b15f45a799c 100644 --- a/api_docs/kbn_securitysolution_list_hooks.mdx +++ b/api_docs/kbn_securitysolution_list_hooks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-list-hooks title: "@kbn/securitysolution-list-hooks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-list-hooks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-list-hooks'] --- import kbnSecuritysolutionListHooksObj from './kbn_securitysolution_list_hooks.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_list_utils.devdocs.json b/api_docs/kbn_securitysolution_list_utils.devdocs.json index 5cf64af6019c8..418e2e278cea2 100644 --- a/api_docs/kbn_securitysolution_list_utils.devdocs.json +++ b/api_docs/kbn_securitysolution_list_utils.devdocs.json @@ -2254,6 +2254,56 @@ "returnComment": [], "initialIsOpen": false }, + { + "parentPluginId": "@kbn/securitysolution-list-utils", + "id": "def-common.hasPartialCodeSignatureEntry", + "type": "Function", + "tags": [], + "label": "hasPartialCodeSignatureEntry", + "description": [ + "\nEvent filters helper where given an exceptions list,\ndetermine if both 'subject_name' and 'trusted' are\nincluded in an entry with 'code_signature'" + ], + "signature": [ + "(items: ", + { + "pluginId": "@kbn/securitysolution-list-utils", + "scope": "common", + "docId": "kibKbnSecuritysolutionListUtilsPluginApi", + "section": "def-common.ExceptionsBuilderReturnExceptionItem", + "text": "ExceptionsBuilderReturnExceptionItem" + }, + "[]) => boolean" + ], + "path": "packages/kbn-securitysolution-list-utils/src/helpers/index.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/securitysolution-list-utils", + "id": "def-common.hasPartialCodeSignatureEntry.$1", + "type": "Array", + "tags": [], + "label": "items", + "description": [], + "signature": [ + { + "pluginId": "@kbn/securitysolution-list-utils", + "scope": "common", + "docId": "kibKbnSecuritysolutionListUtilsPluginApi", + "section": "def-common.ExceptionsBuilderReturnExceptionItem", + "text": "ExceptionsBuilderReturnExceptionItem" + }, + "[]" + ], + "path": "packages/kbn-securitysolution-list-utils/src/helpers/index.ts", + "deprecated": false, + "trackAdoption": false, + "isRequired": true + } + ], + "returnComment": [], + "initialIsOpen": false + }, { "parentPluginId": "@kbn/securitysolution-list-utils", "id": "def-common.hasWrongOperatorWithWildcard", diff --git a/api_docs/kbn_securitysolution_list_utils.mdx b/api_docs/kbn_securitysolution_list_utils.mdx index 59b13dee0b0f5..bf9a10a10df5e 100644 --- a/api_docs/kbn_securitysolution_list_utils.mdx +++ b/api_docs/kbn_securitysolution_list_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-list-utils title: "@kbn/securitysolution-list-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-list-utils plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-list-utils'] --- import kbnSecuritysolutionListUtilsObj from './kbn_securitysolution_list_utils.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/security-detection-engine](https://github.com/orgs/elastic/tea | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 209 | 0 | 161 | 0 | +| 211 | 0 | 162 | 0 | ## Common diff --git a/api_docs/kbn_securitysolution_rules.mdx b/api_docs/kbn_securitysolution_rules.mdx index 1c83f0d6460ff..6213bd497efed 100644 --- a/api_docs/kbn_securitysolution_rules.mdx +++ b/api_docs/kbn_securitysolution_rules.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-rules title: "@kbn/securitysolution-rules" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-rules plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-rules'] --- import kbnSecuritysolutionRulesObj from './kbn_securitysolution_rules.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_t_grid.mdx b/api_docs/kbn_securitysolution_t_grid.mdx index 6ce3cc4a58983..6dab8b4bb1d8f 100644 --- a/api_docs/kbn_securitysolution_t_grid.mdx +++ b/api_docs/kbn_securitysolution_t_grid.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-t-grid title: "@kbn/securitysolution-t-grid" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-t-grid plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-t-grid'] --- import kbnSecuritysolutionTGridObj from './kbn_securitysolution_t_grid.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_utils.mdx b/api_docs/kbn_securitysolution_utils.mdx index 88da785d4d25b..f55f2a68758d6 100644 --- a/api_docs/kbn_securitysolution_utils.mdx +++ b/api_docs/kbn_securitysolution_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-utils title: "@kbn/securitysolution-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-utils plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-utils'] --- import kbnSecuritysolutionUtilsObj from './kbn_securitysolution_utils.devdocs.json'; diff --git a/api_docs/kbn_server_http_tools.mdx b/api_docs/kbn_server_http_tools.mdx index 41f13da62e706..cb48d4d57a314 100644 --- a/api_docs/kbn_server_http_tools.mdx +++ b/api_docs/kbn_server_http_tools.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-server-http-tools title: "@kbn/server-http-tools" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/server-http-tools plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/server-http-tools'] --- import kbnServerHttpToolsObj from './kbn_server_http_tools.devdocs.json'; diff --git a/api_docs/kbn_server_route_repository.mdx b/api_docs/kbn_server_route_repository.mdx index 4372c91b3bc33..b2c0ff133170a 100644 --- a/api_docs/kbn_server_route_repository.mdx +++ b/api_docs/kbn_server_route_repository.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-server-route-repository title: "@kbn/server-route-repository" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/server-route-repository plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/server-route-repository'] --- import kbnServerRouteRepositoryObj from './kbn_server_route_repository.devdocs.json'; diff --git a/api_docs/kbn_server_route_repository_client.mdx b/api_docs/kbn_server_route_repository_client.mdx index 65821f10c0b01..63415ab8a903a 100644 --- a/api_docs/kbn_server_route_repository_client.mdx +++ b/api_docs/kbn_server_route_repository_client.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-server-route-repository-client title: "@kbn/server-route-repository-client" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/server-route-repository-client plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/server-route-repository-client'] --- import kbnServerRouteRepositoryClientObj from './kbn_server_route_repository_client.devdocs.json'; diff --git a/api_docs/kbn_server_route_repository_utils.mdx b/api_docs/kbn_server_route_repository_utils.mdx index 4e76d21aac2e6..e963371659bea 100644 --- a/api_docs/kbn_server_route_repository_utils.mdx +++ b/api_docs/kbn_server_route_repository_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-server-route-repository-utils title: "@kbn/server-route-repository-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/server-route-repository-utils plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/server-route-repository-utils'] --- import kbnServerRouteRepositoryUtilsObj from './kbn_server_route_repository_utils.devdocs.json'; diff --git a/api_docs/kbn_serverless_common_settings.mdx b/api_docs/kbn_serverless_common_settings.mdx index 33ad54092175e..1eb3e9ccfd782 100644 --- a/api_docs/kbn_serverless_common_settings.mdx +++ b/api_docs/kbn_serverless_common_settings.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-serverless-common-settings title: "@kbn/serverless-common-settings" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/serverless-common-settings plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/serverless-common-settings'] --- import kbnServerlessCommonSettingsObj from './kbn_serverless_common_settings.devdocs.json'; diff --git a/api_docs/kbn_serverless_observability_settings.mdx b/api_docs/kbn_serverless_observability_settings.mdx index 4e41bd71ece23..6e60db4f713ff 100644 --- a/api_docs/kbn_serverless_observability_settings.mdx +++ b/api_docs/kbn_serverless_observability_settings.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-serverless-observability-settings title: "@kbn/serverless-observability-settings" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/serverless-observability-settings plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/serverless-observability-settings'] --- import kbnServerlessObservabilitySettingsObj from './kbn_serverless_observability_settings.devdocs.json'; diff --git a/api_docs/kbn_serverless_project_switcher.mdx b/api_docs/kbn_serverless_project_switcher.mdx index b25431620f3e3..828f5dec9a1ad 100644 --- a/api_docs/kbn_serverless_project_switcher.mdx +++ b/api_docs/kbn_serverless_project_switcher.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-serverless-project-switcher title: "@kbn/serverless-project-switcher" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/serverless-project-switcher plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/serverless-project-switcher'] --- import kbnServerlessProjectSwitcherObj from './kbn_serverless_project_switcher.devdocs.json'; diff --git a/api_docs/kbn_serverless_search_settings.mdx b/api_docs/kbn_serverless_search_settings.mdx index 439c778c2533e..7f04191947f2d 100644 --- a/api_docs/kbn_serverless_search_settings.mdx +++ b/api_docs/kbn_serverless_search_settings.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-serverless-search-settings title: "@kbn/serverless-search-settings" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/serverless-search-settings plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/serverless-search-settings'] --- import kbnServerlessSearchSettingsObj from './kbn_serverless_search_settings.devdocs.json'; diff --git a/api_docs/kbn_serverless_security_settings.mdx b/api_docs/kbn_serverless_security_settings.mdx index dc050dcce7672..b715dc66877ec 100644 --- a/api_docs/kbn_serverless_security_settings.mdx +++ b/api_docs/kbn_serverless_security_settings.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-serverless-security-settings title: "@kbn/serverless-security-settings" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/serverless-security-settings plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/serverless-security-settings'] --- import kbnServerlessSecuritySettingsObj from './kbn_serverless_security_settings.devdocs.json'; diff --git a/api_docs/kbn_serverless_storybook_config.mdx b/api_docs/kbn_serverless_storybook_config.mdx index 60e2c544b85f4..af63e5679fbad 100644 --- a/api_docs/kbn_serverless_storybook_config.mdx +++ b/api_docs/kbn_serverless_storybook_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-serverless-storybook-config title: "@kbn/serverless-storybook-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/serverless-storybook-config plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/serverless-storybook-config'] --- import kbnServerlessStorybookConfigObj from './kbn_serverless_storybook_config.devdocs.json'; diff --git a/api_docs/kbn_shared_svg.mdx b/api_docs/kbn_shared_svg.mdx index 62fddf5a4f4ee..6737e8d2f7dc6 100644 --- a/api_docs/kbn_shared_svg.mdx +++ b/api_docs/kbn_shared_svg.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-svg title: "@kbn/shared-svg" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-svg plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-svg'] --- import kbnSharedSvgObj from './kbn_shared_svg.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_avatar_solution.mdx b/api_docs/kbn_shared_ux_avatar_solution.mdx index 4b9288a326f24..2d5baeef8042f 100644 --- a/api_docs/kbn_shared_ux_avatar_solution.mdx +++ b/api_docs/kbn_shared_ux_avatar_solution.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-avatar-solution title: "@kbn/shared-ux-avatar-solution" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-avatar-solution plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-avatar-solution'] --- import kbnSharedUxAvatarSolutionObj from './kbn_shared_ux_avatar_solution.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_button_exit_full_screen.mdx b/api_docs/kbn_shared_ux_button_exit_full_screen.mdx index 6f53340f0d068..9255a27446b7e 100644 --- a/api_docs/kbn_shared_ux_button_exit_full_screen.mdx +++ b/api_docs/kbn_shared_ux_button_exit_full_screen.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-button-exit-full-screen title: "@kbn/shared-ux-button-exit-full-screen" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-button-exit-full-screen plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-button-exit-full-screen'] --- import kbnSharedUxButtonExitFullScreenObj from './kbn_shared_ux_button_exit_full_screen.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_button_toolbar.mdx b/api_docs/kbn_shared_ux_button_toolbar.mdx index 1ffb111c517b0..ce4ef9bb515a7 100644 --- a/api_docs/kbn_shared_ux_button_toolbar.mdx +++ b/api_docs/kbn_shared_ux_button_toolbar.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-button-toolbar title: "@kbn/shared-ux-button-toolbar" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-button-toolbar plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-button-toolbar'] --- import kbnSharedUxButtonToolbarObj from './kbn_shared_ux_button_toolbar.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_card_no_data.mdx b/api_docs/kbn_shared_ux_card_no_data.mdx index 8c4593dd75f68..68e52f8d13d5f 100644 --- a/api_docs/kbn_shared_ux_card_no_data.mdx +++ b/api_docs/kbn_shared_ux_card_no_data.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-card-no-data title: "@kbn/shared-ux-card-no-data" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-card-no-data plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-card-no-data'] --- import kbnSharedUxCardNoDataObj from './kbn_shared_ux_card_no_data.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_card_no_data_mocks.mdx b/api_docs/kbn_shared_ux_card_no_data_mocks.mdx index b1e6e2f76402c..646f31f3fad0e 100644 --- a/api_docs/kbn_shared_ux_card_no_data_mocks.mdx +++ b/api_docs/kbn_shared_ux_card_no_data_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-card-no-data-mocks title: "@kbn/shared-ux-card-no-data-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-card-no-data-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-card-no-data-mocks'] --- import kbnSharedUxCardNoDataMocksObj from './kbn_shared_ux_card_no_data_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_chrome_navigation.mdx b/api_docs/kbn_shared_ux_chrome_navigation.mdx index 3f5b7973fd181..434d9e35f7330 100644 --- a/api_docs/kbn_shared_ux_chrome_navigation.mdx +++ b/api_docs/kbn_shared_ux_chrome_navigation.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-chrome-navigation title: "@kbn/shared-ux-chrome-navigation" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-chrome-navigation plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-chrome-navigation'] --- import kbnSharedUxChromeNavigationObj from './kbn_shared_ux_chrome_navigation.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_error_boundary.mdx b/api_docs/kbn_shared_ux_error_boundary.mdx index 7f49bd1aa847d..6e663fef366cf 100644 --- a/api_docs/kbn_shared_ux_error_boundary.mdx +++ b/api_docs/kbn_shared_ux_error_boundary.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-error-boundary title: "@kbn/shared-ux-error-boundary" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-error-boundary plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-error-boundary'] --- import kbnSharedUxErrorBoundaryObj from './kbn_shared_ux_error_boundary.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_context.mdx b/api_docs/kbn_shared_ux_file_context.mdx index b13482f376049..6d51957688f0a 100644 --- a/api_docs/kbn_shared_ux_file_context.mdx +++ b/api_docs/kbn_shared_ux_file_context.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-context title: "@kbn/shared-ux-file-context" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-context plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-context'] --- import kbnSharedUxFileContextObj from './kbn_shared_ux_file_context.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_image.mdx b/api_docs/kbn_shared_ux_file_image.mdx index 544a268b4b502..898f896a1a208 100644 --- a/api_docs/kbn_shared_ux_file_image.mdx +++ b/api_docs/kbn_shared_ux_file_image.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-image title: "@kbn/shared-ux-file-image" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-image plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-image'] --- import kbnSharedUxFileImageObj from './kbn_shared_ux_file_image.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_image_mocks.mdx b/api_docs/kbn_shared_ux_file_image_mocks.mdx index 16b5382bbcfd6..e500573c7cfdd 100644 --- a/api_docs/kbn_shared_ux_file_image_mocks.mdx +++ b/api_docs/kbn_shared_ux_file_image_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-image-mocks title: "@kbn/shared-ux-file-image-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-image-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-image-mocks'] --- import kbnSharedUxFileImageMocksObj from './kbn_shared_ux_file_image_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_mocks.mdx b/api_docs/kbn_shared_ux_file_mocks.mdx index 98fbe6b35a9dd..85050032390b9 100644 --- a/api_docs/kbn_shared_ux_file_mocks.mdx +++ b/api_docs/kbn_shared_ux_file_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-mocks title: "@kbn/shared-ux-file-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-mocks'] --- import kbnSharedUxFileMocksObj from './kbn_shared_ux_file_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_picker.mdx b/api_docs/kbn_shared_ux_file_picker.mdx index 05989c12c2ed8..81c83ecbbb7df 100644 --- a/api_docs/kbn_shared_ux_file_picker.mdx +++ b/api_docs/kbn_shared_ux_file_picker.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-picker title: "@kbn/shared-ux-file-picker" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-picker plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-picker'] --- import kbnSharedUxFilePickerObj from './kbn_shared_ux_file_picker.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_types.mdx b/api_docs/kbn_shared_ux_file_types.mdx index eb410d830992c..0da62eaea3b5b 100644 --- a/api_docs/kbn_shared_ux_file_types.mdx +++ b/api_docs/kbn_shared_ux_file_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-types title: "@kbn/shared-ux-file-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-types plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-types'] --- import kbnSharedUxFileTypesObj from './kbn_shared_ux_file_types.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_upload.mdx b/api_docs/kbn_shared_ux_file_upload.mdx index 052796a0ed0c1..c00681a086e21 100644 --- a/api_docs/kbn_shared_ux_file_upload.mdx +++ b/api_docs/kbn_shared_ux_file_upload.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-upload title: "@kbn/shared-ux-file-upload" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-upload plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-upload'] --- import kbnSharedUxFileUploadObj from './kbn_shared_ux_file_upload.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_util.mdx b/api_docs/kbn_shared_ux_file_util.mdx index ac858347523bd..637ba61850cfb 100644 --- a/api_docs/kbn_shared_ux_file_util.mdx +++ b/api_docs/kbn_shared_ux_file_util.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-util title: "@kbn/shared-ux-file-util" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-util plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-util'] --- import kbnSharedUxFileUtilObj from './kbn_shared_ux_file_util.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_link_redirect_app.mdx b/api_docs/kbn_shared_ux_link_redirect_app.mdx index dce137ee7ab5e..da322b6e59070 100644 --- a/api_docs/kbn_shared_ux_link_redirect_app.mdx +++ b/api_docs/kbn_shared_ux_link_redirect_app.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-link-redirect-app title: "@kbn/shared-ux-link-redirect-app" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-link-redirect-app plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-link-redirect-app'] --- import kbnSharedUxLinkRedirectAppObj from './kbn_shared_ux_link_redirect_app.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_link_redirect_app_mocks.mdx b/api_docs/kbn_shared_ux_link_redirect_app_mocks.mdx index 17b556414dea9..40d43e797be37 100644 --- a/api_docs/kbn_shared_ux_link_redirect_app_mocks.mdx +++ b/api_docs/kbn_shared_ux_link_redirect_app_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-link-redirect-app-mocks title: "@kbn/shared-ux-link-redirect-app-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-link-redirect-app-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-link-redirect-app-mocks'] --- import kbnSharedUxLinkRedirectAppMocksObj from './kbn_shared_ux_link_redirect_app_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_markdown.mdx b/api_docs/kbn_shared_ux_markdown.mdx index 0347c3ef15d72..5250fc91ddc3c 100644 --- a/api_docs/kbn_shared_ux_markdown.mdx +++ b/api_docs/kbn_shared_ux_markdown.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-markdown title: "@kbn/shared-ux-markdown" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-markdown plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-markdown'] --- import kbnSharedUxMarkdownObj from './kbn_shared_ux_markdown.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_markdown_mocks.mdx b/api_docs/kbn_shared_ux_markdown_mocks.mdx index 4b83915a04042..d17caa759143e 100644 --- a/api_docs/kbn_shared_ux_markdown_mocks.mdx +++ b/api_docs/kbn_shared_ux_markdown_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-markdown-mocks title: "@kbn/shared-ux-markdown-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-markdown-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-markdown-mocks'] --- import kbnSharedUxMarkdownMocksObj from './kbn_shared_ux_markdown_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_analytics_no_data.mdx b/api_docs/kbn_shared_ux_page_analytics_no_data.mdx index e6a4e5446ec6a..d189f1ac1e737 100644 --- a/api_docs/kbn_shared_ux_page_analytics_no_data.mdx +++ b/api_docs/kbn_shared_ux_page_analytics_no_data.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-analytics-no-data title: "@kbn/shared-ux-page-analytics-no-data" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-analytics-no-data plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-analytics-no-data'] --- import kbnSharedUxPageAnalyticsNoDataObj from './kbn_shared_ux_page_analytics_no_data.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_analytics_no_data_mocks.mdx b/api_docs/kbn_shared_ux_page_analytics_no_data_mocks.mdx index 4288b7040eb67..2dc483e848d2d 100644 --- a/api_docs/kbn_shared_ux_page_analytics_no_data_mocks.mdx +++ b/api_docs/kbn_shared_ux_page_analytics_no_data_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-analytics-no-data-mocks title: "@kbn/shared-ux-page-analytics-no-data-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-analytics-no-data-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-analytics-no-data-mocks'] --- import kbnSharedUxPageAnalyticsNoDataMocksObj from './kbn_shared_ux_page_analytics_no_data_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_kibana_no_data.mdx b/api_docs/kbn_shared_ux_page_kibana_no_data.mdx index 1a3798638a457..dc953b3abb99d 100644 --- a/api_docs/kbn_shared_ux_page_kibana_no_data.mdx +++ b/api_docs/kbn_shared_ux_page_kibana_no_data.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-kibana-no-data title: "@kbn/shared-ux-page-kibana-no-data" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-kibana-no-data plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-kibana-no-data'] --- import kbnSharedUxPageKibanaNoDataObj from './kbn_shared_ux_page_kibana_no_data.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_kibana_no_data_mocks.mdx b/api_docs/kbn_shared_ux_page_kibana_no_data_mocks.mdx index ec4891dbe5dbc..8942b515d953e 100644 --- a/api_docs/kbn_shared_ux_page_kibana_no_data_mocks.mdx +++ b/api_docs/kbn_shared_ux_page_kibana_no_data_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-kibana-no-data-mocks title: "@kbn/shared-ux-page-kibana-no-data-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-kibana-no-data-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-kibana-no-data-mocks'] --- import kbnSharedUxPageKibanaNoDataMocksObj from './kbn_shared_ux_page_kibana_no_data_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_kibana_template.mdx b/api_docs/kbn_shared_ux_page_kibana_template.mdx index b8625c6e22ef7..c6bfb83495425 100644 --- a/api_docs/kbn_shared_ux_page_kibana_template.mdx +++ b/api_docs/kbn_shared_ux_page_kibana_template.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-kibana-template title: "@kbn/shared-ux-page-kibana-template" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-kibana-template plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-kibana-template'] --- import kbnSharedUxPageKibanaTemplateObj from './kbn_shared_ux_page_kibana_template.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_kibana_template_mocks.mdx b/api_docs/kbn_shared_ux_page_kibana_template_mocks.mdx index 9375f81ed478b..a2d41cf1eed84 100644 --- a/api_docs/kbn_shared_ux_page_kibana_template_mocks.mdx +++ b/api_docs/kbn_shared_ux_page_kibana_template_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-kibana-template-mocks title: "@kbn/shared-ux-page-kibana-template-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-kibana-template-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-kibana-template-mocks'] --- import kbnSharedUxPageKibanaTemplateMocksObj from './kbn_shared_ux_page_kibana_template_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_no_data.mdx b/api_docs/kbn_shared_ux_page_no_data.mdx index c1be0a9e6b877..fed3149c4b4a3 100644 --- a/api_docs/kbn_shared_ux_page_no_data.mdx +++ b/api_docs/kbn_shared_ux_page_no_data.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-no-data title: "@kbn/shared-ux-page-no-data" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-no-data plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-no-data'] --- import kbnSharedUxPageNoDataObj from './kbn_shared_ux_page_no_data.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_no_data_config.mdx b/api_docs/kbn_shared_ux_page_no_data_config.mdx index da32220ac2fd0..84599158cc637 100644 --- a/api_docs/kbn_shared_ux_page_no_data_config.mdx +++ b/api_docs/kbn_shared_ux_page_no_data_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-no-data-config title: "@kbn/shared-ux-page-no-data-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-no-data-config plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-no-data-config'] --- import kbnSharedUxPageNoDataConfigObj from './kbn_shared_ux_page_no_data_config.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_no_data_config_mocks.mdx b/api_docs/kbn_shared_ux_page_no_data_config_mocks.mdx index 1dd6394741296..21c0438807559 100644 --- a/api_docs/kbn_shared_ux_page_no_data_config_mocks.mdx +++ b/api_docs/kbn_shared_ux_page_no_data_config_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-no-data-config-mocks title: "@kbn/shared-ux-page-no-data-config-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-no-data-config-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-no-data-config-mocks'] --- import kbnSharedUxPageNoDataConfigMocksObj from './kbn_shared_ux_page_no_data_config_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_no_data_mocks.mdx b/api_docs/kbn_shared_ux_page_no_data_mocks.mdx index 0ed7bee13da9e..ce0526c967eea 100644 --- a/api_docs/kbn_shared_ux_page_no_data_mocks.mdx +++ b/api_docs/kbn_shared_ux_page_no_data_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-no-data-mocks title: "@kbn/shared-ux-page-no-data-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-no-data-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-no-data-mocks'] --- import kbnSharedUxPageNoDataMocksObj from './kbn_shared_ux_page_no_data_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_solution_nav.mdx b/api_docs/kbn_shared_ux_page_solution_nav.mdx index 35d0546a3ea39..b0b43fe4511f2 100644 --- a/api_docs/kbn_shared_ux_page_solution_nav.mdx +++ b/api_docs/kbn_shared_ux_page_solution_nav.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-solution-nav title: "@kbn/shared-ux-page-solution-nav" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-solution-nav plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-solution-nav'] --- import kbnSharedUxPageSolutionNavObj from './kbn_shared_ux_page_solution_nav.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_prompt_no_data_views.mdx b/api_docs/kbn_shared_ux_prompt_no_data_views.mdx index 864f89eea20d8..d3bbc8e752b9d 100644 --- a/api_docs/kbn_shared_ux_prompt_no_data_views.mdx +++ b/api_docs/kbn_shared_ux_prompt_no_data_views.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-prompt-no-data-views title: "@kbn/shared-ux-prompt-no-data-views" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-prompt-no-data-views plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-prompt-no-data-views'] --- import kbnSharedUxPromptNoDataViewsObj from './kbn_shared_ux_prompt_no_data_views.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_prompt_no_data_views_mocks.mdx b/api_docs/kbn_shared_ux_prompt_no_data_views_mocks.mdx index efd8d5abd0b39..457a929581e5f 100644 --- a/api_docs/kbn_shared_ux_prompt_no_data_views_mocks.mdx +++ b/api_docs/kbn_shared_ux_prompt_no_data_views_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-prompt-no-data-views-mocks title: "@kbn/shared-ux-prompt-no-data-views-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-prompt-no-data-views-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-prompt-no-data-views-mocks'] --- import kbnSharedUxPromptNoDataViewsMocksObj from './kbn_shared_ux_prompt_no_data_views_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_prompt_not_found.mdx b/api_docs/kbn_shared_ux_prompt_not_found.mdx index f486e4e283b4a..cc0a0c66154c7 100644 --- a/api_docs/kbn_shared_ux_prompt_not_found.mdx +++ b/api_docs/kbn_shared_ux_prompt_not_found.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-prompt-not-found title: "@kbn/shared-ux-prompt-not-found" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-prompt-not-found plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-prompt-not-found'] --- import kbnSharedUxPromptNotFoundObj from './kbn_shared_ux_prompt_not_found.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_router.mdx b/api_docs/kbn_shared_ux_router.mdx index 855bb0de0f701..eafb28799b74c 100644 --- a/api_docs/kbn_shared_ux_router.mdx +++ b/api_docs/kbn_shared_ux_router.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-router title: "@kbn/shared-ux-router" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-router plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-router'] --- import kbnSharedUxRouterObj from './kbn_shared_ux_router.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_router_mocks.mdx b/api_docs/kbn_shared_ux_router_mocks.mdx index d0003ca6b424a..77eaae5acdfd9 100644 --- a/api_docs/kbn_shared_ux_router_mocks.mdx +++ b/api_docs/kbn_shared_ux_router_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-router-mocks title: "@kbn/shared-ux-router-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-router-mocks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-router-mocks'] --- import kbnSharedUxRouterMocksObj from './kbn_shared_ux_router_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_storybook_config.mdx b/api_docs/kbn_shared_ux_storybook_config.mdx index 5c3e5b26f1a33..988f3be606293 100644 --- a/api_docs/kbn_shared_ux_storybook_config.mdx +++ b/api_docs/kbn_shared_ux_storybook_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-storybook-config title: "@kbn/shared-ux-storybook-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-storybook-config plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-storybook-config'] --- import kbnSharedUxStorybookConfigObj from './kbn_shared_ux_storybook_config.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_storybook_mock.mdx b/api_docs/kbn_shared_ux_storybook_mock.mdx index e761c257d7684..8d7bc173d1583 100644 --- a/api_docs/kbn_shared_ux_storybook_mock.mdx +++ b/api_docs/kbn_shared_ux_storybook_mock.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-storybook-mock title: "@kbn/shared-ux-storybook-mock" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-storybook-mock plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-storybook-mock'] --- import kbnSharedUxStorybookMockObj from './kbn_shared_ux_storybook_mock.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_tabbed_modal.mdx b/api_docs/kbn_shared_ux_tabbed_modal.mdx index c16b873c27303..e36504143215e 100644 --- a/api_docs/kbn_shared_ux_tabbed_modal.mdx +++ b/api_docs/kbn_shared_ux_tabbed_modal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-tabbed-modal title: "@kbn/shared-ux-tabbed-modal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-tabbed-modal plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-tabbed-modal'] --- import kbnSharedUxTabbedModalObj from './kbn_shared_ux_tabbed_modal.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_table_persist.mdx b/api_docs/kbn_shared_ux_table_persist.mdx index 60736776774a7..b4808773358ae 100644 --- a/api_docs/kbn_shared_ux_table_persist.mdx +++ b/api_docs/kbn_shared_ux_table_persist.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-table-persist title: "@kbn/shared-ux-table-persist" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-table-persist plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-table-persist'] --- import kbnSharedUxTablePersistObj from './kbn_shared_ux_table_persist.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_utility.mdx b/api_docs/kbn_shared_ux_utility.mdx index d3a5f1deb86e9..8dda8f1aefa20 100644 --- a/api_docs/kbn_shared_ux_utility.mdx +++ b/api_docs/kbn_shared_ux_utility.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-utility title: "@kbn/shared-ux-utility" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-utility plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-utility'] --- import kbnSharedUxUtilityObj from './kbn_shared_ux_utility.devdocs.json'; diff --git a/api_docs/kbn_slo_schema.mdx b/api_docs/kbn_slo_schema.mdx index 930df4fff6bf5..14f2425d5fe8b 100644 --- a/api_docs/kbn_slo_schema.mdx +++ b/api_docs/kbn_slo_schema.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-slo-schema title: "@kbn/slo-schema" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/slo-schema plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/slo-schema'] --- import kbnSloSchemaObj from './kbn_slo_schema.devdocs.json'; diff --git a/api_docs/kbn_some_dev_log.mdx b/api_docs/kbn_some_dev_log.mdx index eb78457610fd9..22961c37b52e6 100644 --- a/api_docs/kbn_some_dev_log.mdx +++ b/api_docs/kbn_some_dev_log.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-some-dev-log title: "@kbn/some-dev-log" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/some-dev-log plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/some-dev-log'] --- import kbnSomeDevLogObj from './kbn_some_dev_log.devdocs.json'; diff --git a/api_docs/kbn_sort_predicates.mdx b/api_docs/kbn_sort_predicates.mdx index 54b27f920e4c3..7c8e6e7d5fa07 100644 --- a/api_docs/kbn_sort_predicates.mdx +++ b/api_docs/kbn_sort_predicates.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-sort-predicates title: "@kbn/sort-predicates" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/sort-predicates plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/sort-predicates'] --- import kbnSortPredicatesObj from './kbn_sort_predicates.devdocs.json'; diff --git a/api_docs/kbn_sse_utils.mdx b/api_docs/kbn_sse_utils.mdx index 20194037ee6c0..a9aa09014aa70 100644 --- a/api_docs/kbn_sse_utils.mdx +++ b/api_docs/kbn_sse_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-sse-utils title: "@kbn/sse-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/sse-utils plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/sse-utils'] --- import kbnSseUtilsObj from './kbn_sse_utils.devdocs.json'; diff --git a/api_docs/kbn_sse_utils_client.mdx b/api_docs/kbn_sse_utils_client.mdx index 7d7492389691b..0b85e3dc4467f 100644 --- a/api_docs/kbn_sse_utils_client.mdx +++ b/api_docs/kbn_sse_utils_client.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-sse-utils-client title: "@kbn/sse-utils-client" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/sse-utils-client plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/sse-utils-client'] --- import kbnSseUtilsClientObj from './kbn_sse_utils_client.devdocs.json'; diff --git a/api_docs/kbn_sse_utils_server.mdx b/api_docs/kbn_sse_utils_server.mdx index c3ce88ec99620..eec20b3d4461b 100644 --- a/api_docs/kbn_sse_utils_server.mdx +++ b/api_docs/kbn_sse_utils_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-sse-utils-server title: "@kbn/sse-utils-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/sse-utils-server plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/sse-utils-server'] --- import kbnSseUtilsServerObj from './kbn_sse_utils_server.devdocs.json'; diff --git a/api_docs/kbn_std.mdx b/api_docs/kbn_std.mdx index 5e9bd6fb93e38..08f0a7b9dea03 100644 --- a/api_docs/kbn_std.mdx +++ b/api_docs/kbn_std.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-std title: "@kbn/std" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/std plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/std'] --- import kbnStdObj from './kbn_std.devdocs.json'; diff --git a/api_docs/kbn_stdio_dev_helpers.mdx b/api_docs/kbn_stdio_dev_helpers.mdx index 54b44fe0d9928..3a446bc009369 100644 --- a/api_docs/kbn_stdio_dev_helpers.mdx +++ b/api_docs/kbn_stdio_dev_helpers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-stdio-dev-helpers title: "@kbn/stdio-dev-helpers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/stdio-dev-helpers plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/stdio-dev-helpers'] --- import kbnStdioDevHelpersObj from './kbn_stdio_dev_helpers.devdocs.json'; diff --git a/api_docs/kbn_storybook.mdx b/api_docs/kbn_storybook.mdx index deb343b11dd67..f6df77cb68e9c 100644 --- a/api_docs/kbn_storybook.mdx +++ b/api_docs/kbn_storybook.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-storybook title: "@kbn/storybook" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/storybook plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/storybook'] --- import kbnStorybookObj from './kbn_storybook.devdocs.json'; diff --git a/api_docs/kbn_synthetics_e2e.mdx b/api_docs/kbn_synthetics_e2e.mdx index 66c67f0073a8b..d2bef2a66f419 100644 --- a/api_docs/kbn_synthetics_e2e.mdx +++ b/api_docs/kbn_synthetics_e2e.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-synthetics-e2e title: "@kbn/synthetics-e2e" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/synthetics-e2e plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/synthetics-e2e'] --- import kbnSyntheticsE2eObj from './kbn_synthetics_e2e.devdocs.json'; diff --git a/api_docs/kbn_synthetics_private_location.mdx b/api_docs/kbn_synthetics_private_location.mdx index 5e88225343787..77dd3811412f3 100644 --- a/api_docs/kbn_synthetics_private_location.mdx +++ b/api_docs/kbn_synthetics_private_location.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-synthetics-private-location title: "@kbn/synthetics-private-location" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/synthetics-private-location plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/synthetics-private-location'] --- import kbnSyntheticsPrivateLocationObj from './kbn_synthetics_private_location.devdocs.json'; diff --git a/api_docs/kbn_telemetry_tools.mdx b/api_docs/kbn_telemetry_tools.mdx index f9e917b09c753..6439c81481fa0 100644 --- a/api_docs/kbn_telemetry_tools.mdx +++ b/api_docs/kbn_telemetry_tools.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-telemetry-tools title: "@kbn/telemetry-tools" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/telemetry-tools plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/telemetry-tools'] --- import kbnTelemetryToolsObj from './kbn_telemetry_tools.devdocs.json'; diff --git a/api_docs/kbn_test.mdx b/api_docs/kbn_test.mdx index 58f2751961976..5e68a7f3f7c38 100644 --- a/api_docs/kbn_test.mdx +++ b/api_docs/kbn_test.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-test title: "@kbn/test" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/test plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/test'] --- import kbnTestObj from './kbn_test.devdocs.json'; diff --git a/api_docs/kbn_test_eui_helpers.mdx b/api_docs/kbn_test_eui_helpers.mdx index 4a6b7887af066..42629735f7b6c 100644 --- a/api_docs/kbn_test_eui_helpers.mdx +++ b/api_docs/kbn_test_eui_helpers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-test-eui-helpers title: "@kbn/test-eui-helpers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/test-eui-helpers plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/test-eui-helpers'] --- import kbnTestEuiHelpersObj from './kbn_test_eui_helpers.devdocs.json'; diff --git a/api_docs/kbn_test_jest_helpers.mdx b/api_docs/kbn_test_jest_helpers.mdx index 9f7c02479018d..8f6fea33a703a 100644 --- a/api_docs/kbn_test_jest_helpers.mdx +++ b/api_docs/kbn_test_jest_helpers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-test-jest-helpers title: "@kbn/test-jest-helpers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/test-jest-helpers plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/test-jest-helpers'] --- import kbnTestJestHelpersObj from './kbn_test_jest_helpers.devdocs.json'; diff --git a/api_docs/kbn_test_subj_selector.mdx b/api_docs/kbn_test_subj_selector.mdx index 1c4ca7fecf4df..b0a65f9731c0d 100644 --- a/api_docs/kbn_test_subj_selector.mdx +++ b/api_docs/kbn_test_subj_selector.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-test-subj-selector title: "@kbn/test-subj-selector" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/test-subj-selector plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/test-subj-selector'] --- import kbnTestSubjSelectorObj from './kbn_test_subj_selector.devdocs.json'; diff --git a/api_docs/kbn_timerange.mdx b/api_docs/kbn_timerange.mdx index 514f5dd72846e..f1ce6a1cb7e59 100644 --- a/api_docs/kbn_timerange.mdx +++ b/api_docs/kbn_timerange.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-timerange title: "@kbn/timerange" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/timerange plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/timerange'] --- import kbnTimerangeObj from './kbn_timerange.devdocs.json'; diff --git a/api_docs/kbn_tooling_log.mdx b/api_docs/kbn_tooling_log.mdx index aaded47252ff9..b2214267d68bb 100644 --- a/api_docs/kbn_tooling_log.mdx +++ b/api_docs/kbn_tooling_log.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-tooling-log title: "@kbn/tooling-log" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/tooling-log plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/tooling-log'] --- import kbnToolingLogObj from './kbn_tooling_log.devdocs.json'; diff --git a/api_docs/kbn_triggers_actions_ui_types.mdx b/api_docs/kbn_triggers_actions_ui_types.mdx index 10fbbd3e7f68c..d253d672b0bda 100644 --- a/api_docs/kbn_triggers_actions_ui_types.mdx +++ b/api_docs/kbn_triggers_actions_ui_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-triggers-actions-ui-types title: "@kbn/triggers-actions-ui-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/triggers-actions-ui-types plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/triggers-actions-ui-types'] --- import kbnTriggersActionsUiTypesObj from './kbn_triggers_actions_ui_types.devdocs.json'; diff --git a/api_docs/kbn_try_in_console.mdx b/api_docs/kbn_try_in_console.mdx index bbfa9d876a33d..7f150bfb1c1fc 100644 --- a/api_docs/kbn_try_in_console.mdx +++ b/api_docs/kbn_try_in_console.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-try-in-console title: "@kbn/try-in-console" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/try-in-console plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/try-in-console'] --- import kbnTryInConsoleObj from './kbn_try_in_console.devdocs.json'; diff --git a/api_docs/kbn_ts_projects.mdx b/api_docs/kbn_ts_projects.mdx index c8d247f2846ef..0a87bc0a07bce 100644 --- a/api_docs/kbn_ts_projects.mdx +++ b/api_docs/kbn_ts_projects.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ts-projects title: "@kbn/ts-projects" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ts-projects plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ts-projects'] --- import kbnTsProjectsObj from './kbn_ts_projects.devdocs.json'; diff --git a/api_docs/kbn_typed_react_router_config.mdx b/api_docs/kbn_typed_react_router_config.mdx index 8725c116e3b72..b69a12d2bf677 100644 --- a/api_docs/kbn_typed_react_router_config.mdx +++ b/api_docs/kbn_typed_react_router_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-typed-react-router-config title: "@kbn/typed-react-router-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/typed-react-router-config plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/typed-react-router-config'] --- import kbnTypedReactRouterConfigObj from './kbn_typed_react_router_config.devdocs.json'; diff --git a/api_docs/kbn_ui_actions_browser.mdx b/api_docs/kbn_ui_actions_browser.mdx index 17fc6cf2d45dc..11a5cc4f202ef 100644 --- a/api_docs/kbn_ui_actions_browser.mdx +++ b/api_docs/kbn_ui_actions_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ui-actions-browser title: "@kbn/ui-actions-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ui-actions-browser plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ui-actions-browser'] --- import kbnUiActionsBrowserObj from './kbn_ui_actions_browser.devdocs.json'; diff --git a/api_docs/kbn_ui_shared_deps_src.mdx b/api_docs/kbn_ui_shared_deps_src.mdx index 70298a1b6aac9..f1ff3b442f277 100644 --- a/api_docs/kbn_ui_shared_deps_src.mdx +++ b/api_docs/kbn_ui_shared_deps_src.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ui-shared-deps-src title: "@kbn/ui-shared-deps-src" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ui-shared-deps-src plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ui-shared-deps-src'] --- import kbnUiSharedDepsSrcObj from './kbn_ui_shared_deps_src.devdocs.json'; diff --git a/api_docs/kbn_ui_theme.mdx b/api_docs/kbn_ui_theme.mdx index e9d8289de5757..bd289fcb50dbf 100644 --- a/api_docs/kbn_ui_theme.mdx +++ b/api_docs/kbn_ui_theme.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ui-theme title: "@kbn/ui-theme" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ui-theme plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ui-theme'] --- import kbnUiThemeObj from './kbn_ui_theme.devdocs.json'; diff --git a/api_docs/kbn_unified_data_table.mdx b/api_docs/kbn_unified_data_table.mdx index a0b91c7e124d9..a89a169ae24b5 100644 --- a/api_docs/kbn_unified_data_table.mdx +++ b/api_docs/kbn_unified_data_table.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-unified-data-table title: "@kbn/unified-data-table" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/unified-data-table plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/unified-data-table'] --- import kbnUnifiedDataTableObj from './kbn_unified_data_table.devdocs.json'; diff --git a/api_docs/kbn_unified_doc_viewer.mdx b/api_docs/kbn_unified_doc_viewer.mdx index fd57c020fb19f..afd8556f0f9e3 100644 --- a/api_docs/kbn_unified_doc_viewer.mdx +++ b/api_docs/kbn_unified_doc_viewer.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-unified-doc-viewer title: "@kbn/unified-doc-viewer" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/unified-doc-viewer plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/unified-doc-viewer'] --- import kbnUnifiedDocViewerObj from './kbn_unified_doc_viewer.devdocs.json'; diff --git a/api_docs/kbn_unified_field_list.mdx b/api_docs/kbn_unified_field_list.mdx index 0d05d859ada33..bb026891593f2 100644 --- a/api_docs/kbn_unified_field_list.mdx +++ b/api_docs/kbn_unified_field_list.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-unified-field-list title: "@kbn/unified-field-list" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/unified-field-list plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/unified-field-list'] --- import kbnUnifiedFieldListObj from './kbn_unified_field_list.devdocs.json'; diff --git a/api_docs/kbn_unsaved_changes_badge.mdx b/api_docs/kbn_unsaved_changes_badge.mdx index 26fe1206582ae..a6295aaeba7d7 100644 --- a/api_docs/kbn_unsaved_changes_badge.mdx +++ b/api_docs/kbn_unsaved_changes_badge.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-unsaved-changes-badge title: "@kbn/unsaved-changes-badge" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/unsaved-changes-badge plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/unsaved-changes-badge'] --- import kbnUnsavedChangesBadgeObj from './kbn_unsaved_changes_badge.devdocs.json'; diff --git a/api_docs/kbn_unsaved_changes_prompt.mdx b/api_docs/kbn_unsaved_changes_prompt.mdx index b11df6c436cde..9d334e573324d 100644 --- a/api_docs/kbn_unsaved_changes_prompt.mdx +++ b/api_docs/kbn_unsaved_changes_prompt.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-unsaved-changes-prompt title: "@kbn/unsaved-changes-prompt" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/unsaved-changes-prompt plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/unsaved-changes-prompt'] --- import kbnUnsavedChangesPromptObj from './kbn_unsaved_changes_prompt.devdocs.json'; diff --git a/api_docs/kbn_use_tracked_promise.mdx b/api_docs/kbn_use_tracked_promise.mdx index 6f46e87566e27..0940fb53f1bec 100644 --- a/api_docs/kbn_use_tracked_promise.mdx +++ b/api_docs/kbn_use_tracked_promise.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-use-tracked-promise title: "@kbn/use-tracked-promise" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/use-tracked-promise plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/use-tracked-promise'] --- import kbnUseTrackedPromiseObj from './kbn_use_tracked_promise.devdocs.json'; diff --git a/api_docs/kbn_user_profile_components.mdx b/api_docs/kbn_user_profile_components.mdx index 0636bd82fa2f5..6526de1bc65f0 100644 --- a/api_docs/kbn_user_profile_components.mdx +++ b/api_docs/kbn_user_profile_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-user-profile-components title: "@kbn/user-profile-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/user-profile-components plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/user-profile-components'] --- import kbnUserProfileComponentsObj from './kbn_user_profile_components.devdocs.json'; diff --git a/api_docs/kbn_utility_types.mdx b/api_docs/kbn_utility_types.mdx index a77386e1d3e46..9b22385aa574a 100644 --- a/api_docs/kbn_utility_types.mdx +++ b/api_docs/kbn_utility_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-utility-types title: "@kbn/utility-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/utility-types plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/utility-types'] --- import kbnUtilityTypesObj from './kbn_utility_types.devdocs.json'; diff --git a/api_docs/kbn_utility_types_jest.mdx b/api_docs/kbn_utility_types_jest.mdx index cf1b53b7794bf..0984ebe938ca3 100644 --- a/api_docs/kbn_utility_types_jest.mdx +++ b/api_docs/kbn_utility_types_jest.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-utility-types-jest title: "@kbn/utility-types-jest" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/utility-types-jest plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/utility-types-jest'] --- import kbnUtilityTypesJestObj from './kbn_utility_types_jest.devdocs.json'; diff --git a/api_docs/kbn_utils.mdx b/api_docs/kbn_utils.mdx index 7f72aab302700..174ded7ec8099 100644 --- a/api_docs/kbn_utils.mdx +++ b/api_docs/kbn_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-utils title: "@kbn/utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/utils plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/utils'] --- import kbnUtilsObj from './kbn_utils.devdocs.json'; diff --git a/api_docs/kbn_visualization_ui_components.mdx b/api_docs/kbn_visualization_ui_components.mdx index 1d2d2588f7977..23800d57ce4d0 100644 --- a/api_docs/kbn_visualization_ui_components.mdx +++ b/api_docs/kbn_visualization_ui_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-visualization-ui-components title: "@kbn/visualization-ui-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/visualization-ui-components plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/visualization-ui-components'] --- import kbnVisualizationUiComponentsObj from './kbn_visualization_ui_components.devdocs.json'; diff --git a/api_docs/kbn_visualization_utils.mdx b/api_docs/kbn_visualization_utils.mdx index 0f42694b405e4..01acb6a94c05f 100644 --- a/api_docs/kbn_visualization_utils.mdx +++ b/api_docs/kbn_visualization_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-visualization-utils title: "@kbn/visualization-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/visualization-utils plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/visualization-utils'] --- import kbnVisualizationUtilsObj from './kbn_visualization_utils.devdocs.json'; diff --git a/api_docs/kbn_xstate_utils.mdx b/api_docs/kbn_xstate_utils.mdx index 5440240bb1d8e..0777233051c78 100644 --- a/api_docs/kbn_xstate_utils.mdx +++ b/api_docs/kbn_xstate_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-xstate-utils title: "@kbn/xstate-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/xstate-utils plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/xstate-utils'] --- import kbnXstateUtilsObj from './kbn_xstate_utils.devdocs.json'; diff --git a/api_docs/kbn_yarn_lock_validator.mdx b/api_docs/kbn_yarn_lock_validator.mdx index c65c6055af8dd..1ae7f669e3574 100644 --- a/api_docs/kbn_yarn_lock_validator.mdx +++ b/api_docs/kbn_yarn_lock_validator.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-yarn-lock-validator title: "@kbn/yarn-lock-validator" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/yarn-lock-validator plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/yarn-lock-validator'] --- import kbnYarnLockValidatorObj from './kbn_yarn_lock_validator.devdocs.json'; diff --git a/api_docs/kbn_zod.mdx b/api_docs/kbn_zod.mdx index 7082deeb90af4..7023915228e37 100644 --- a/api_docs/kbn_zod.mdx +++ b/api_docs/kbn_zod.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-zod title: "@kbn/zod" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/zod plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/zod'] --- import kbnZodObj from './kbn_zod.devdocs.json'; diff --git a/api_docs/kbn_zod_helpers.mdx b/api_docs/kbn_zod_helpers.mdx index e47efba846000..7f4ac82a37d79 100644 --- a/api_docs/kbn_zod_helpers.mdx +++ b/api_docs/kbn_zod_helpers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-zod-helpers title: "@kbn/zod-helpers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/zod-helpers plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/zod-helpers'] --- import kbnZodHelpersObj from './kbn_zod_helpers.devdocs.json'; diff --git a/api_docs/kibana_overview.mdx b/api_docs/kibana_overview.mdx index da6a925b4096b..3b0d0468983e3 100644 --- a/api_docs/kibana_overview.mdx +++ b/api_docs/kibana_overview.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kibanaOverview title: "kibanaOverview" image: https://source.unsplash.com/400x175/?github description: API docs for the kibanaOverview plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'kibanaOverview'] --- import kibanaOverviewObj from './kibana_overview.devdocs.json'; diff --git a/api_docs/kibana_react.mdx b/api_docs/kibana_react.mdx index ff0c1a3480d8a..fb6a6e486d028 100644 --- a/api_docs/kibana_react.mdx +++ b/api_docs/kibana_react.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kibanaReact title: "kibanaReact" image: https://source.unsplash.com/400x175/?github description: API docs for the kibanaReact plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'kibanaReact'] --- import kibanaReactObj from './kibana_react.devdocs.json'; diff --git a/api_docs/kibana_utils.mdx b/api_docs/kibana_utils.mdx index d3df054125787..7d0087453b7fa 100644 --- a/api_docs/kibana_utils.mdx +++ b/api_docs/kibana_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kibanaUtils title: "kibanaUtils" image: https://source.unsplash.com/400x175/?github description: API docs for the kibanaUtils plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'kibanaUtils'] --- import kibanaUtilsObj from './kibana_utils.devdocs.json'; diff --git a/api_docs/kubernetes_security.mdx b/api_docs/kubernetes_security.mdx index 23fc9afc0afa7..d43812bc3ca8e 100644 --- a/api_docs/kubernetes_security.mdx +++ b/api_docs/kubernetes_security.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kubernetesSecurity title: "kubernetesSecurity" image: https://source.unsplash.com/400x175/?github description: API docs for the kubernetesSecurity plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'kubernetesSecurity'] --- import kubernetesSecurityObj from './kubernetes_security.devdocs.json'; diff --git a/api_docs/lens.mdx b/api_docs/lens.mdx index 13b9ed365f601..c2a7aa647dfca 100644 --- a/api_docs/lens.mdx +++ b/api_docs/lens.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/lens title: "lens" image: https://source.unsplash.com/400x175/?github description: API docs for the lens plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'lens'] --- import lensObj from './lens.devdocs.json'; diff --git a/api_docs/license_api_guard.mdx b/api_docs/license_api_guard.mdx index ae78cda308b34..50f7a1883fc77 100644 --- a/api_docs/license_api_guard.mdx +++ b/api_docs/license_api_guard.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/licenseApiGuard title: "licenseApiGuard" image: https://source.unsplash.com/400x175/?github description: API docs for the licenseApiGuard plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'licenseApiGuard'] --- import licenseApiGuardObj from './license_api_guard.devdocs.json'; diff --git a/api_docs/license_management.mdx b/api_docs/license_management.mdx index 2a2bc40ca80c8..26eebb0b8a67b 100644 --- a/api_docs/license_management.mdx +++ b/api_docs/license_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/licenseManagement title: "licenseManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the licenseManagement plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'licenseManagement'] --- import licenseManagementObj from './license_management.devdocs.json'; diff --git a/api_docs/licensing.mdx b/api_docs/licensing.mdx index b57885c356839..68b680978fc29 100644 --- a/api_docs/licensing.mdx +++ b/api_docs/licensing.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/licensing title: "licensing" image: https://source.unsplash.com/400x175/?github description: API docs for the licensing plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'licensing'] --- import licensingObj from './licensing.devdocs.json'; diff --git a/api_docs/links.mdx b/api_docs/links.mdx index 9d615c30363ec..d8ddbebf3d422 100644 --- a/api_docs/links.mdx +++ b/api_docs/links.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/links title: "links" image: https://source.unsplash.com/400x175/?github description: API docs for the links plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'links'] --- import linksObj from './links.devdocs.json'; diff --git a/api_docs/lists.mdx b/api_docs/lists.mdx index bd91960441fdb..23da626272cd5 100644 --- a/api_docs/lists.mdx +++ b/api_docs/lists.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/lists title: "lists" image: https://source.unsplash.com/400x175/?github description: API docs for the lists plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'lists'] --- import listsObj from './lists.devdocs.json'; diff --git a/api_docs/logs_data_access.mdx b/api_docs/logs_data_access.mdx index 14101c29c1a61..9b860b6314233 100644 --- a/api_docs/logs_data_access.mdx +++ b/api_docs/logs_data_access.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/logsDataAccess title: "logsDataAccess" image: https://source.unsplash.com/400x175/?github description: API docs for the logsDataAccess plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'logsDataAccess'] --- import logsDataAccessObj from './logs_data_access.devdocs.json'; diff --git a/api_docs/logs_explorer.mdx b/api_docs/logs_explorer.mdx index 91500126c025c..5d86695f95d13 100644 --- a/api_docs/logs_explorer.mdx +++ b/api_docs/logs_explorer.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/logsExplorer title: "logsExplorer" image: https://source.unsplash.com/400x175/?github description: API docs for the logsExplorer plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'logsExplorer'] --- import logsExplorerObj from './logs_explorer.devdocs.json'; diff --git a/api_docs/logs_shared.mdx b/api_docs/logs_shared.mdx index aeb00bcad592c..02885f00047be 100644 --- a/api_docs/logs_shared.mdx +++ b/api_docs/logs_shared.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/logsShared title: "logsShared" image: https://source.unsplash.com/400x175/?github description: API docs for the logsShared plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'logsShared'] --- import logsSharedObj from './logs_shared.devdocs.json'; diff --git a/api_docs/management.mdx b/api_docs/management.mdx index 2118f745b3e9f..3bdaa7d059bf8 100644 --- a/api_docs/management.mdx +++ b/api_docs/management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/management title: "management" image: https://source.unsplash.com/400x175/?github description: API docs for the management plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'management'] --- import managementObj from './management.devdocs.json'; diff --git a/api_docs/maps.mdx b/api_docs/maps.mdx index c020b26983ea9..2b01d1d754492 100644 --- a/api_docs/maps.mdx +++ b/api_docs/maps.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/maps title: "maps" image: https://source.unsplash.com/400x175/?github description: API docs for the maps plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'maps'] --- import mapsObj from './maps.devdocs.json'; diff --git a/api_docs/maps_ems.mdx b/api_docs/maps_ems.mdx index 3fb34272703b8..e2ca81392f614 100644 --- a/api_docs/maps_ems.mdx +++ b/api_docs/maps_ems.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/mapsEms title: "mapsEms" image: https://source.unsplash.com/400x175/?github description: API docs for the mapsEms plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'mapsEms'] --- import mapsEmsObj from './maps_ems.devdocs.json'; diff --git a/api_docs/metrics_data_access.mdx b/api_docs/metrics_data_access.mdx index 17b26f148d67c..e40508a750d2b 100644 --- a/api_docs/metrics_data_access.mdx +++ b/api_docs/metrics_data_access.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/metricsDataAccess title: "metricsDataAccess" image: https://source.unsplash.com/400x175/?github description: API docs for the metricsDataAccess plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'metricsDataAccess'] --- import metricsDataAccessObj from './metrics_data_access.devdocs.json'; diff --git a/api_docs/ml.mdx b/api_docs/ml.mdx index 4600295241523..d22a743128665 100644 --- a/api_docs/ml.mdx +++ b/api_docs/ml.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/ml title: "ml" image: https://source.unsplash.com/400x175/?github description: API docs for the ml plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'ml'] --- import mlObj from './ml.devdocs.json'; diff --git a/api_docs/mock_idp_plugin.mdx b/api_docs/mock_idp_plugin.mdx index 9d7cfa9a9acee..222fb69538fb0 100644 --- a/api_docs/mock_idp_plugin.mdx +++ b/api_docs/mock_idp_plugin.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/mockIdpPlugin title: "mockIdpPlugin" image: https://source.unsplash.com/400x175/?github description: API docs for the mockIdpPlugin plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'mockIdpPlugin'] --- import mockIdpPluginObj from './mock_idp_plugin.devdocs.json'; diff --git a/api_docs/monitoring.mdx b/api_docs/monitoring.mdx index fb5cb35807bf8..c55e2a310702e 100644 --- a/api_docs/monitoring.mdx +++ b/api_docs/monitoring.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/monitoring title: "monitoring" image: https://source.unsplash.com/400x175/?github description: API docs for the monitoring plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'monitoring'] --- import monitoringObj from './monitoring.devdocs.json'; diff --git a/api_docs/monitoring_collection.mdx b/api_docs/monitoring_collection.mdx index 9b70f3902bfb7..c401824c47e3c 100644 --- a/api_docs/monitoring_collection.mdx +++ b/api_docs/monitoring_collection.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/monitoringCollection title: "monitoringCollection" image: https://source.unsplash.com/400x175/?github description: API docs for the monitoringCollection plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'monitoringCollection'] --- import monitoringCollectionObj from './monitoring_collection.devdocs.json'; diff --git a/api_docs/navigation.mdx b/api_docs/navigation.mdx index 787cf218d91e7..87c8a304b4914 100644 --- a/api_docs/navigation.mdx +++ b/api_docs/navigation.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/navigation title: "navigation" image: https://source.unsplash.com/400x175/?github description: API docs for the navigation plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'navigation'] --- import navigationObj from './navigation.devdocs.json'; diff --git a/api_docs/newsfeed.mdx b/api_docs/newsfeed.mdx index 60eccbdc7e4e0..1faef5bd18a6d 100644 --- a/api_docs/newsfeed.mdx +++ b/api_docs/newsfeed.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/newsfeed title: "newsfeed" image: https://source.unsplash.com/400x175/?github description: API docs for the newsfeed plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'newsfeed'] --- import newsfeedObj from './newsfeed.devdocs.json'; diff --git a/api_docs/no_data_page.mdx b/api_docs/no_data_page.mdx index 20f22bdd4772f..3ad7d9624e3ed 100644 --- a/api_docs/no_data_page.mdx +++ b/api_docs/no_data_page.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/noDataPage title: "noDataPage" image: https://source.unsplash.com/400x175/?github description: API docs for the noDataPage plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'noDataPage'] --- import noDataPageObj from './no_data_page.devdocs.json'; diff --git a/api_docs/notifications.mdx b/api_docs/notifications.mdx index 4ce8743658e1f..e4942c348380d 100644 --- a/api_docs/notifications.mdx +++ b/api_docs/notifications.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/notifications title: "notifications" image: https://source.unsplash.com/400x175/?github description: API docs for the notifications plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'notifications'] --- import notificationsObj from './notifications.devdocs.json'; diff --git a/api_docs/observability.devdocs.json b/api_docs/observability.devdocs.json index f968d64e80814..14ad014989023 100644 --- a/api_docs/observability.devdocs.json +++ b/api_docs/observability.devdocs.json @@ -3,41 +3,6 @@ "client": { "classes": [], "functions": [ - { - "parentPluginId": "observability", - "id": "def-public.AlertSummary", - "type": "Function", - "tags": [], - "label": "AlertSummary", - "description": [], - "signature": [ - "(props: ", - "AlertSummaryProps", - ") => React.JSX.Element" - ], - "path": "x-pack/plugins/observability_solution/observability/public/pages/alert_details/components/index.tsx", - "deprecated": false, - "trackAdoption": false, - "children": [ - { - "parentPluginId": "observability", - "id": "def-public.AlertSummary.$1", - "type": "Object", - "tags": [], - "label": "props", - "description": [], - "signature": [ - "AlertSummaryProps" - ], - "path": "x-pack/plugins/observability_solution/observability/public/pages/alert_details/components/index.tsx", - "deprecated": false, - "trackAdoption": false, - "isRequired": true - } - ], - "returnComment": [], - "initialIsOpen": false - }, { "parentPluginId": "observability", "id": "def-public.AutocompleteField", @@ -965,6 +930,41 @@ "returnComment": [], "initialIsOpen": false }, + { + "parentPluginId": "observability", + "id": "def-public.Threshold", + "type": "Function", + "tags": [], + "label": "Threshold", + "description": [], + "signature": [ + "({\n chartProps: { theme, baseTheme },\n comparator,\n id,\n threshold,\n title,\n value,\n valueFormatter = (d) => String(d),\n}: ", + "Props", + ") => React.JSX.Element" + ], + "path": "x-pack/plugins/observability_solution/observability/public/components/custom_threshold/components/threshold.tsx", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "observability", + "id": "def-public.Threshold.$1", + "type": "Object", + "tags": [], + "label": "{\n chartProps: { theme, baseTheme },\n comparator,\n id,\n threshold,\n title,\n value,\n valueFormatter = (d) => String(d),\n}", + "description": [], + "signature": [ + "Props" + ], + "path": "x-pack/plugins/observability_solution/observability/public/components/custom_threshold/components/threshold.tsx", + "deprecated": false, + "trackAdoption": false, + "isRequired": true + } + ], + "returnComment": [], + "initialIsOpen": false + }, { "parentPluginId": "observability", "id": "def-public.toQuery", @@ -1273,42 +1273,47 @@ "interfaces": [ { "parentPluginId": "observability", - "id": "def-public.AlertSummaryField", + "id": "def-public.AlertDetailsAppSectionProps", "type": "Interface", "tags": [], - "label": "AlertSummaryField", + "label": "AlertDetailsAppSectionProps", "description": [], - "path": "x-pack/plugins/observability_solution/observability/public/pages/alert_details/components/alert_summary.tsx", + "path": "x-pack/plugins/observability_solution/observability/public/pages/alert_details/types.ts", "deprecated": false, "trackAdoption": false, "children": [ { "parentPluginId": "observability", - "id": "def-public.AlertSummaryField.label", - "type": "CompoundType", - "tags": [], - "label": "label", - "description": [], - "signature": [ - "string | number | boolean | React.ReactElement> | Iterable | React.ReactPortal | null | undefined" - ], - "path": "x-pack/plugins/observability_solution/observability/public/pages/alert_details/components/alert_summary.tsx", - "deprecated": false, - "trackAdoption": false - }, - { - "parentPluginId": "observability", - "id": "def-public.AlertSummaryField.value", - "type": "CompoundType", + "id": "def-public.AlertDetailsAppSectionProps.setSources", + "type": "Function", "tags": [], - "label": "value", + "label": "setSources", "description": [], "signature": [ - "string | number | boolean | React.ReactElement> | Iterable | React.ReactPortal | null | undefined" + "(value: React.SetStateAction<", + "AlertDetailsSource", + "[] | undefined>) => void" ], - "path": "x-pack/plugins/observability_solution/observability/public/pages/alert_details/components/alert_summary.tsx", + "path": "x-pack/plugins/observability_solution/observability/public/pages/alert_details/types.ts", "deprecated": false, - "trackAdoption": false + "trackAdoption": false, + "returnComment": [], + "children": [ + { + "parentPluginId": "observability", + "id": "def-public.AlertDetailsAppSectionProps.setSources.$1", + "type": "Uncategorized", + "tags": [], + "label": "value", + "description": [], + "signature": [ + "A" + ], + "path": "node_modules/@types/react/ts5.0/index.d.ts", + "deprecated": false, + "trackAdoption": false + } + ] } ], "initialIsOpen": false diff --git a/api_docs/observability.mdx b/api_docs/observability.mdx index f097145b91e6a..caea1529d40a1 100644 --- a/api_docs/observability.mdx +++ b/api_docs/observability.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/observability title: "observability" image: https://source.unsplash.com/400x175/?github description: API docs for the observability plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'observability'] --- import observabilityObj from './observability.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/obs-ux-management-team](https://github.com/orgs/elastic/teams/ | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 710 | 2 | 703 | 22 | +| 710 | 2 | 702 | 23 | ## Client diff --git a/api_docs/observability_a_i_assistant.mdx b/api_docs/observability_a_i_assistant.mdx index bdc4a22462ff5..39d911c5b96aa 100644 --- a/api_docs/observability_a_i_assistant.mdx +++ b/api_docs/observability_a_i_assistant.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/observabilityAIAssistant title: "observabilityAIAssistant" image: https://source.unsplash.com/400x175/?github description: API docs for the observabilityAIAssistant plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'observabilityAIAssistant'] --- import observabilityAIAssistantObj from './observability_a_i_assistant.devdocs.json'; diff --git a/api_docs/observability_a_i_assistant_app.mdx b/api_docs/observability_a_i_assistant_app.mdx index 8d11ee439bbc6..fb56c2ba2070b 100644 --- a/api_docs/observability_a_i_assistant_app.mdx +++ b/api_docs/observability_a_i_assistant_app.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/observabilityAIAssistantApp title: "observabilityAIAssistantApp" image: https://source.unsplash.com/400x175/?github description: API docs for the observabilityAIAssistantApp plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'observabilityAIAssistantApp'] --- import observabilityAIAssistantAppObj from './observability_a_i_assistant_app.devdocs.json'; diff --git a/api_docs/observability_ai_assistant_management.mdx b/api_docs/observability_ai_assistant_management.mdx index f9a7d49645d8b..24e7e2102194c 100644 --- a/api_docs/observability_ai_assistant_management.mdx +++ b/api_docs/observability_ai_assistant_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/observabilityAiAssistantManagement title: "observabilityAiAssistantManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the observabilityAiAssistantManagement plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'observabilityAiAssistantManagement'] --- import observabilityAiAssistantManagementObj from './observability_ai_assistant_management.devdocs.json'; diff --git a/api_docs/observability_logs_explorer.mdx b/api_docs/observability_logs_explorer.mdx index c5442987953cc..d4a381ceb7c3d 100644 --- a/api_docs/observability_logs_explorer.mdx +++ b/api_docs/observability_logs_explorer.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/observabilityLogsExplorer title: "observabilityLogsExplorer" image: https://source.unsplash.com/400x175/?github description: API docs for the observabilityLogsExplorer plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'observabilityLogsExplorer'] --- import observabilityLogsExplorerObj from './observability_logs_explorer.devdocs.json'; diff --git a/api_docs/observability_onboarding.mdx b/api_docs/observability_onboarding.mdx index 43df5ec232c88..ee74df58990ed 100644 --- a/api_docs/observability_onboarding.mdx +++ b/api_docs/observability_onboarding.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/observabilityOnboarding title: "observabilityOnboarding" image: https://source.unsplash.com/400x175/?github description: API docs for the observabilityOnboarding plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'observabilityOnboarding'] --- import observabilityOnboardingObj from './observability_onboarding.devdocs.json'; diff --git a/api_docs/observability_shared.devdocs.json b/api_docs/observability_shared.devdocs.json index 434a9184e17e1..e7c4d3eebf266 100644 --- a/api_docs/observability_shared.devdocs.json +++ b/api_docs/observability_shared.devdocs.json @@ -6712,6 +6712,111 @@ "trackAdoption": false, "initialIsOpen": false }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.ENTITY", + "type": "string", + "tags": [], + "label": "ENTITY", + "description": [], + "signature": [ + "\"entity\"" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/field_names/elasticsearch.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.ENTITY_DEFINITION_ID", + "type": "string", + "tags": [], + "label": "ENTITY_DEFINITION_ID", + "description": [], + "signature": [ + "\"entity.definitionId\"" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/field_names/elasticsearch.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.ENTITY_DISPLAY_NAME", + "type": "string", + "tags": [], + "label": "ENTITY_DISPLAY_NAME", + "description": [], + "signature": [ + "\"entity.displayName\"" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/field_names/elasticsearch.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.ENTITY_FIRST_SEEN", + "type": "string", + "tags": [], + "label": "ENTITY_FIRST_SEEN", + "description": [], + "signature": [ + "\"entity.firstSeenTimestamp\"" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/field_names/elasticsearch.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.ENTITY_ID", + "type": "string", + "tags": [], + "label": "ENTITY_ID", + "description": [], + "signature": [ + "\"entity.id\"" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/field_names/elasticsearch.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.ENTITY_LAST_SEEN", + "type": "string", + "tags": [], + "label": "ENTITY_LAST_SEEN", + "description": [], + "signature": [ + "\"entity.lastSeenTimestamp\"" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/field_names/elasticsearch.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.ENTITY_TYPE", + "type": "string", + "tags": [], + "label": "ENTITY_TYPE", + "description": [], + "signature": [ + "\"entity.type\"" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/field_names/elasticsearch.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, { "parentPluginId": "observabilityShared", "id": "def-common.ERROR_CULPRIT", @@ -8044,6 +8149,21 @@ "trackAdoption": false, "initialIsOpen": false }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.SOURCE_DATA_STREAM_TYPE", + "type": "string", + "tags": [], + "label": "SOURCE_DATA_STREAM_TYPE", + "description": [], + "signature": [ + "\"source_data_stream.type\"" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/field_names/elasticsearch.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, { "parentPluginId": "observabilityShared", "id": "def-common.SPAN_ACTION", diff --git a/api_docs/observability_shared.mdx b/api_docs/observability_shared.mdx index db75845db6a09..a8b3a4cc1fd84 100644 --- a/api_docs/observability_shared.mdx +++ b/api_docs/observability_shared.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/observabilityShared title: "observabilityShared" image: https://source.unsplash.com/400x175/?github description: API docs for the observabilityShared plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'observabilityShared'] --- import observabilitySharedObj from './observability_shared.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/observability-ui](https://github.com/orgs/elastic/teams/observ | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 484 | 1 | 479 | 19 | +| 492 | 1 | 487 | 19 | ## Client diff --git a/api_docs/osquery.mdx b/api_docs/osquery.mdx index ab87abd863298..fda26b2a1e38f 100644 --- a/api_docs/osquery.mdx +++ b/api_docs/osquery.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/osquery title: "osquery" image: https://source.unsplash.com/400x175/?github description: API docs for the osquery plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'osquery'] --- import osqueryObj from './osquery.devdocs.json'; diff --git a/api_docs/painless_lab.mdx b/api_docs/painless_lab.mdx index 0c08bcf73d441..bc6a07d86db78 100644 --- a/api_docs/painless_lab.mdx +++ b/api_docs/painless_lab.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/painlessLab title: "painlessLab" image: https://source.unsplash.com/400x175/?github description: API docs for the painlessLab plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'painlessLab'] --- import painlessLabObj from './painless_lab.devdocs.json'; diff --git a/api_docs/plugin_directory.mdx b/api_docs/plugin_directory.mdx index 528b75ef21a17..b6c98e6c765e0 100644 --- a/api_docs/plugin_directory.mdx +++ b/api_docs/plugin_directory.mdx @@ -7,7 +7,7 @@ id: kibDevDocsPluginDirectory slug: /kibana-dev-docs/api-meta/plugin-api-directory title: Directory description: Directory of public APIs available through plugins or packages. -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana'] --- @@ -21,7 +21,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | API Count | Any Count | Missing comments | Missing exports | |--------------|----------|-----------------|--------| -| 53514 | 244 | 40123 | 1983 | +| 53561 | 244 | 40168 | 1985 | ## Plugin Directory @@ -116,7 +116,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/kibana-management](https://github.com/orgs/elastic/teams/kibana-management) | - | 4 | 0 | 4 | 0 | | | [@elastic/kibana-management](https://github.com/orgs/elastic/teams/kibana-management) | - | 246 | 0 | 241 | 1 | | | [@elastic/appex-ai-infra](https://github.com/orgs/elastic/teams/appex-ai-infra) | - | 49 | 0 | 44 | 15 | -| | [@elastic/obs-ux-logs-team](https://github.com/orgs/elastic/teams/obs-ux-logs-team) | This plugin visualizes data from Filebeat and Metricbeat, and integrates with other Observability solutions | 23 | 0 | 23 | 5 | +| | [@elastic/obs-ux-logs-team](https://github.com/orgs/elastic/teams/obs-ux-logs-team) | This plugin visualizes data from Filebeat and Metricbeat, and integrates with other Observability solutions | 24 | 0 | 24 | 5 | | | [@elastic/kibana-management](https://github.com/orgs/elastic/teams/kibana-management) | - | 4 | 0 | 4 | 0 | | inputControlVis | [@elastic/kibana-presentation](https://github.com/orgs/elastic/teams/kibana-presentation) | Adds Input Control visualization to Kibana | 0 | 0 | 0 | 0 | | | [@elastic/kibana-presentation](https://github.com/orgs/elastic/teams/kibana-presentation) | - | 127 | 2 | 100 | 4 | @@ -152,13 +152,13 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 17 | 0 | 17 | 0 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 3 | 0 | 3 | 0 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 2 | 0 | 2 | 1 | -| | [@elastic/obs-ux-management-team](https://github.com/orgs/elastic/teams/obs-ux-management-team) | - | 710 | 2 | 703 | 22 | +| | [@elastic/obs-ux-management-team](https://github.com/orgs/elastic/teams/obs-ux-management-team) | - | 710 | 2 | 702 | 23 | | | [@elastic/obs-ai-assistant](https://github.com/orgs/elastic/teams/obs-ai-assistant) | - | 293 | 1 | 291 | 28 | | | [@elastic/obs-ai-assistant](https://github.com/orgs/elastic/teams/obs-ai-assistant) | - | 4 | 0 | 4 | 0 | | | [@elastic/obs-ai-assistant](https://github.com/orgs/elastic/teams/obs-ai-assistant) | - | 2 | 0 | 2 | 0 | | | [@elastic/obs-ux-logs-team](https://github.com/orgs/elastic/teams/obs-ux-logs-team) | This plugin exposes and registers observability log consumption features. | 19 | 0 | 19 | 1 | | | [@elastic/obs-ux-logs-team](https://github.com/orgs/elastic/teams/obs-ux-logs-team) | - | 24 | 0 | 24 | 0 | -| | [@elastic/observability-ui](https://github.com/orgs/elastic/teams/observability-ui) | - | 484 | 1 | 479 | 19 | +| | [@elastic/observability-ui](https://github.com/orgs/elastic/teams/observability-ui) | - | 492 | 1 | 487 | 19 | | | [@elastic/security-defend-workflows](https://github.com/orgs/elastic/teams/security-defend-workflows) | - | 23 | 0 | 23 | 7 | | | [@elastic/kibana-management](https://github.com/orgs/elastic/teams/kibana-management) | - | 2 | 0 | 2 | 0 | | | [@elastic/kibana-presentation](https://github.com/orgs/elastic/teams/kibana-presentation) | Adds a standardized Presentation panel which allows any forward ref component to interface with various Kibana systems. | 11 | 0 | 11 | 4 | @@ -253,7 +253,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/response-ops](https://github.com/orgs/elastic/teams/response-ops) | - | 222 | 0 | 219 | 0 | | | [@elastic/response-ops](https://github.com/orgs/elastic/teams/response-ops) | - | 33 | 0 | 33 | 0 | | | [@elastic/response-ops](https://github.com/orgs/elastic/teams/response-ops) | - | 31 | 0 | 15 | 1 | -| | [@elastic/response-ops](https://github.com/orgs/elastic/teams/response-ops) | - | 317 | 0 | 301 | 8 | +| | [@elastic/response-ops](https://github.com/orgs/elastic/teams/response-ops) | - | 318 | 0 | 302 | 8 | | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 73 | 0 | 73 | 2 | | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 1 | 0 | 0 | 0 | | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 18 | 0 | 18 | 0 | @@ -276,8 +276,8 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 3 | 0 | 3 | 0 | | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 62 | 0 | 17 | 1 | | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 2 | 0 | 2 | 0 | -| | [@elastic/kibana-cloud-security-posture](https://github.com/orgs/elastic/teams/kibana-cloud-security-posture) | - | 74 | 1 | 74 | 0 | -| | [@elastic/kibana-cloud-security-posture](https://github.com/orgs/elastic/teams/kibana-cloud-security-posture) | - | 74 | 0 | 72 | 0 | +| | [@elastic/kibana-cloud-security-posture](https://github.com/orgs/elastic/teams/kibana-cloud-security-posture) | - | 78 | 1 | 78 | 0 | +| | [@elastic/kibana-cloud-security-posture](https://github.com/orgs/elastic/teams/kibana-cloud-security-posture) | - | 94 | 0 | 92 | 1 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 41 | 0 | 17 | 0 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 2 | 0 | 2 | 0 | | | [@elastic/appex-qa](https://github.com/orgs/elastic/teams/appex-qa) | - | 9 | 0 | 4 | 0 | @@ -489,7 +489,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/fleet](https://github.com/orgs/elastic/teams/fleet) | - | 3 | 0 | 3 | 0 | | | [@elastic/kibana-management](https://github.com/orgs/elastic/teams/kibana-management) | - | 4 | 0 | 4 | 0 | | | [@elastic/ml-ui](https://github.com/orgs/elastic/teams/ml-ui) | - | 3 | 0 | 3 | 0 | -| | [@elastic/obs-ux-management-team](https://github.com/orgs/elastic/teams/obs-ux-management-team) | - | 62 | 0 | 50 | 0 | +| | [@elastic/obs-ux-management-team](https://github.com/orgs/elastic/teams/obs-ux-management-team) | - | 63 | 0 | 51 | 0 | | | [@elastic/search-kibana](https://github.com/orgs/elastic/teams/search-kibana) | - | 17 | 0 | 17 | 0 | | | [@elastic/security-solution](https://github.com/orgs/elastic/teams/security-solution) | - | 5 | 0 | 5 | 0 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 2 | 0 | 2 | 0 | @@ -515,7 +515,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 32 | 0 | 19 | 1 | | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 11 | 0 | 6 | 0 | | | [@elastic/kibana-data-discovery](https://github.com/orgs/elastic/teams/kibana-data-discovery) | - | 269 | 1 | 209 | 15 | -| | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 27 | 0 | 27 | 1 | +| | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 28 | 0 | 28 | 1 | | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 2 | 0 | 1 | 0 | | | [@elastic/kibana-esql](https://github.com/orgs/elastic/teams/kibana-esql) | - | 266 | 1 | 208 | 34 | | | [@elastic/kibana-esql](https://github.com/orgs/elastic/teams/kibana-esql) | - | 29 | 0 | 12 | 0 | @@ -548,7 +548,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/ml-ui](https://github.com/orgs/elastic/teams/ml-ui) | - | 7 | 1 | 7 | 1 | | | [@elastic/obs-ux-management-team](https://github.com/orgs/elastic/teams/obs-ux-management-team) | - | 9 | 0 | 9 | 0 | | | [@elastic/kibana-visualizations](https://github.com/orgs/elastic/teams/kibana-visualizations) | - | 52 | 12 | 43 | 0 | -| | [@elastic/obs-ux-management-team](https://github.com/orgs/elastic/teams/obs-ux-management-team) | - | 73 | 0 | 73 | 0 | +| | [@elastic/obs-ux-management-team](https://github.com/orgs/elastic/teams/obs-ux-management-team) | - | 81 | 0 | 81 | 0 | | | [@elastic/obs-knowledge-team](https://github.com/orgs/elastic/teams/obs-knowledge-team) | - | 60 | 0 | 60 | 4 | | | [@elastic/search-kibana](https://github.com/orgs/elastic/teams/search-kibana) | - | 44 | 0 | 44 | 0 | | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 13 | 0 | 13 | 0 | @@ -691,7 +691,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/security-threat-hunting-investigations](https://github.com/orgs/elastic/teams/security-threat-hunting-investigations) | - | 92 | 0 | 70 | 6 | | | [@elastic/security-threat-hunting-explore](https://github.com/orgs/elastic/teams/security-threat-hunting-explore) | - | 341 | 1 | 337 | 32 | | | [@elastic/security-detection-engine](https://github.com/orgs/elastic/teams/security-detection-engine) | - | 87 | 0 | 76 | 1 | -| | [@elastic/security-detection-engine](https://github.com/orgs/elastic/teams/security-detection-engine) | - | 106 | 0 | 95 | 1 | +| | [@elastic/security-detection-engine](https://github.com/orgs/elastic/teams/security-detection-engine) | - | 107 | 0 | 96 | 1 | | | [@elastic/security-detection-engine](https://github.com/orgs/elastic/teams/security-detection-engine) | - | 15 | 0 | 7 | 0 | | | [@elastic/security-detection-engine](https://github.com/orgs/elastic/teams/security-detection-engine) | - | 147 | 0 | 125 | 0 | | | [@elastic/security-detection-engine](https://github.com/orgs/elastic/teams/security-detection-engine) | - | 534 | 0 | 521 | 0 | @@ -700,7 +700,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/security-detection-engine](https://github.com/orgs/elastic/teams/security-detection-engine) | - | 103 | 0 | 99 | 0 | | | [@elastic/security-detection-engine](https://github.com/orgs/elastic/teams/security-detection-engine) | - | 35 | 0 | 23 | 0 | | | [@elastic/security-detection-engine](https://github.com/orgs/elastic/teams/security-detection-engine) | - | 94 | 0 | 81 | 0 | -| | [@elastic/security-detection-engine](https://github.com/orgs/elastic/teams/security-detection-engine) | - | 209 | 0 | 161 | 0 | +| | [@elastic/security-detection-engine](https://github.com/orgs/elastic/teams/security-detection-engine) | - | 211 | 0 | 162 | 0 | | | [@elastic/security-detection-engine](https://github.com/orgs/elastic/teams/security-detection-engine) | - | 28 | 0 | 25 | 0 | | | [@elastic/security-detection-engine](https://github.com/orgs/elastic/teams/security-detection-engine) | - | 120 | 0 | 116 | 0 | | | [@elastic/security-detection-engine](https://github.com/orgs/elastic/teams/security-detection-engine) | - | 60 | 0 | 54 | 0 | diff --git a/api_docs/presentation_panel.mdx b/api_docs/presentation_panel.mdx index c90d1ca14638d..54bb7c491f7d6 100644 --- a/api_docs/presentation_panel.mdx +++ b/api_docs/presentation_panel.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/presentationPanel title: "presentationPanel" image: https://source.unsplash.com/400x175/?github description: API docs for the presentationPanel plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'presentationPanel'] --- import presentationPanelObj from './presentation_panel.devdocs.json'; diff --git a/api_docs/presentation_util.mdx b/api_docs/presentation_util.mdx index c751f6aedc3c1..ab6b065fa84e3 100644 --- a/api_docs/presentation_util.mdx +++ b/api_docs/presentation_util.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/presentationUtil title: "presentationUtil" image: https://source.unsplash.com/400x175/?github description: API docs for the presentationUtil plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'presentationUtil'] --- import presentationUtilObj from './presentation_util.devdocs.json'; diff --git a/api_docs/profiling.mdx b/api_docs/profiling.mdx index 32a05f3c5ab11..850e4eb3cc179 100644 --- a/api_docs/profiling.mdx +++ b/api_docs/profiling.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/profiling title: "profiling" image: https://source.unsplash.com/400x175/?github description: API docs for the profiling plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'profiling'] --- import profilingObj from './profiling.devdocs.json'; diff --git a/api_docs/profiling_data_access.mdx b/api_docs/profiling_data_access.mdx index 3eb04a7fc1adc..4903d345a39af 100644 --- a/api_docs/profiling_data_access.mdx +++ b/api_docs/profiling_data_access.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/profilingDataAccess title: "profilingDataAccess" image: https://source.unsplash.com/400x175/?github description: API docs for the profilingDataAccess plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'profilingDataAccess'] --- import profilingDataAccessObj from './profiling_data_access.devdocs.json'; diff --git a/api_docs/remote_clusters.mdx b/api_docs/remote_clusters.mdx index 245462649583e..7b3cd965b88f6 100644 --- a/api_docs/remote_clusters.mdx +++ b/api_docs/remote_clusters.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/remoteClusters title: "remoteClusters" image: https://source.unsplash.com/400x175/?github description: API docs for the remoteClusters plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'remoteClusters'] --- import remoteClustersObj from './remote_clusters.devdocs.json'; diff --git a/api_docs/reporting.mdx b/api_docs/reporting.mdx index 493715b6009b9..a6c115da41ccb 100644 --- a/api_docs/reporting.mdx +++ b/api_docs/reporting.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/reporting title: "reporting" image: https://source.unsplash.com/400x175/?github description: API docs for the reporting plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'reporting'] --- import reportingObj from './reporting.devdocs.json'; diff --git a/api_docs/rollup.mdx b/api_docs/rollup.mdx index 06f71dfecd84b..736cbd1473b7a 100644 --- a/api_docs/rollup.mdx +++ b/api_docs/rollup.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/rollup title: "rollup" image: https://source.unsplash.com/400x175/?github description: API docs for the rollup plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'rollup'] --- import rollupObj from './rollup.devdocs.json'; diff --git a/api_docs/rule_registry.mdx b/api_docs/rule_registry.mdx index d8d4c541d3267..972865691b3e5 100644 --- a/api_docs/rule_registry.mdx +++ b/api_docs/rule_registry.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/ruleRegistry title: "ruleRegistry" image: https://source.unsplash.com/400x175/?github description: API docs for the ruleRegistry plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'ruleRegistry'] --- import ruleRegistryObj from './rule_registry.devdocs.json'; diff --git a/api_docs/runtime_fields.mdx b/api_docs/runtime_fields.mdx index d0cd29e15f160..f471e2b93b018 100644 --- a/api_docs/runtime_fields.mdx +++ b/api_docs/runtime_fields.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/runtimeFields title: "runtimeFields" image: https://source.unsplash.com/400x175/?github description: API docs for the runtimeFields plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'runtimeFields'] --- import runtimeFieldsObj from './runtime_fields.devdocs.json'; diff --git a/api_docs/saved_objects.mdx b/api_docs/saved_objects.mdx index 3e849acff1163..6f92688d18140 100644 --- a/api_docs/saved_objects.mdx +++ b/api_docs/saved_objects.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/savedObjects title: "savedObjects" image: https://source.unsplash.com/400x175/?github description: API docs for the savedObjects plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'savedObjects'] --- import savedObjectsObj from './saved_objects.devdocs.json'; diff --git a/api_docs/saved_objects_finder.mdx b/api_docs/saved_objects_finder.mdx index f193a22d50369..ebb98fbe08f20 100644 --- a/api_docs/saved_objects_finder.mdx +++ b/api_docs/saved_objects_finder.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/savedObjectsFinder title: "savedObjectsFinder" image: https://source.unsplash.com/400x175/?github description: API docs for the savedObjectsFinder plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'savedObjectsFinder'] --- import savedObjectsFinderObj from './saved_objects_finder.devdocs.json'; diff --git a/api_docs/saved_objects_management.mdx b/api_docs/saved_objects_management.mdx index 843a7f976b376..0d5b1817cde3b 100644 --- a/api_docs/saved_objects_management.mdx +++ b/api_docs/saved_objects_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/savedObjectsManagement title: "savedObjectsManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the savedObjectsManagement plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'savedObjectsManagement'] --- import savedObjectsManagementObj from './saved_objects_management.devdocs.json'; diff --git a/api_docs/saved_objects_tagging.mdx b/api_docs/saved_objects_tagging.mdx index 034c7656b25d4..a8f10bec508c0 100644 --- a/api_docs/saved_objects_tagging.mdx +++ b/api_docs/saved_objects_tagging.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/savedObjectsTagging title: "savedObjectsTagging" image: https://source.unsplash.com/400x175/?github description: API docs for the savedObjectsTagging plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'savedObjectsTagging'] --- import savedObjectsTaggingObj from './saved_objects_tagging.devdocs.json'; diff --git a/api_docs/saved_objects_tagging_oss.mdx b/api_docs/saved_objects_tagging_oss.mdx index d0e2437b387dc..5c4992788dd15 100644 --- a/api_docs/saved_objects_tagging_oss.mdx +++ b/api_docs/saved_objects_tagging_oss.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/savedObjectsTaggingOss title: "savedObjectsTaggingOss" image: https://source.unsplash.com/400x175/?github description: API docs for the savedObjectsTaggingOss plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'savedObjectsTaggingOss'] --- import savedObjectsTaggingOssObj from './saved_objects_tagging_oss.devdocs.json'; diff --git a/api_docs/saved_search.mdx b/api_docs/saved_search.mdx index ff56f59bbb8f3..57d595f4c4d64 100644 --- a/api_docs/saved_search.mdx +++ b/api_docs/saved_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/savedSearch title: "savedSearch" image: https://source.unsplash.com/400x175/?github description: API docs for the savedSearch plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'savedSearch'] --- import savedSearchObj from './saved_search.devdocs.json'; diff --git a/api_docs/screenshot_mode.mdx b/api_docs/screenshot_mode.mdx index 27f56758731b4..70cf58f782471 100644 --- a/api_docs/screenshot_mode.mdx +++ b/api_docs/screenshot_mode.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/screenshotMode title: "screenshotMode" image: https://source.unsplash.com/400x175/?github description: API docs for the screenshotMode plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'screenshotMode'] --- import screenshotModeObj from './screenshot_mode.devdocs.json'; diff --git a/api_docs/screenshotting.mdx b/api_docs/screenshotting.mdx index 67e02604041d5..20f535f6b4b44 100644 --- a/api_docs/screenshotting.mdx +++ b/api_docs/screenshotting.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/screenshotting title: "screenshotting" image: https://source.unsplash.com/400x175/?github description: API docs for the screenshotting plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'screenshotting'] --- import screenshottingObj from './screenshotting.devdocs.json'; diff --git a/api_docs/search_assistant.mdx b/api_docs/search_assistant.mdx index da9fa89cb38ca..3dbcaccffa451 100644 --- a/api_docs/search_assistant.mdx +++ b/api_docs/search_assistant.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/searchAssistant title: "searchAssistant" image: https://source.unsplash.com/400x175/?github description: API docs for the searchAssistant plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'searchAssistant'] --- import searchAssistantObj from './search_assistant.devdocs.json'; diff --git a/api_docs/search_connectors.mdx b/api_docs/search_connectors.mdx index 06048aceda3d5..cd3883a2dac9f 100644 --- a/api_docs/search_connectors.mdx +++ b/api_docs/search_connectors.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/searchConnectors title: "searchConnectors" image: https://source.unsplash.com/400x175/?github description: API docs for the searchConnectors plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'searchConnectors'] --- import searchConnectorsObj from './search_connectors.devdocs.json'; diff --git a/api_docs/search_homepage.mdx b/api_docs/search_homepage.mdx index d4347200904fd..8f8c201c787ac 100644 --- a/api_docs/search_homepage.mdx +++ b/api_docs/search_homepage.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/searchHomepage title: "searchHomepage" image: https://source.unsplash.com/400x175/?github description: API docs for the searchHomepage plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'searchHomepage'] --- import searchHomepageObj from './search_homepage.devdocs.json'; diff --git a/api_docs/search_indices.mdx b/api_docs/search_indices.mdx index 076027c948374..a38e24001f4d1 100644 --- a/api_docs/search_indices.mdx +++ b/api_docs/search_indices.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/searchIndices title: "searchIndices" image: https://source.unsplash.com/400x175/?github description: API docs for the searchIndices plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'searchIndices'] --- import searchIndicesObj from './search_indices.devdocs.json'; diff --git a/api_docs/search_inference_endpoints.mdx b/api_docs/search_inference_endpoints.mdx index 72b34127b9183..fb40794b5f4e4 100644 --- a/api_docs/search_inference_endpoints.mdx +++ b/api_docs/search_inference_endpoints.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/searchInferenceEndpoints title: "searchInferenceEndpoints" image: https://source.unsplash.com/400x175/?github description: API docs for the searchInferenceEndpoints plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'searchInferenceEndpoints'] --- import searchInferenceEndpointsObj from './search_inference_endpoints.devdocs.json'; diff --git a/api_docs/search_notebooks.mdx b/api_docs/search_notebooks.mdx index dd21ba3727993..afeb0ac3c10b1 100644 --- a/api_docs/search_notebooks.mdx +++ b/api_docs/search_notebooks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/searchNotebooks title: "searchNotebooks" image: https://source.unsplash.com/400x175/?github description: API docs for the searchNotebooks plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'searchNotebooks'] --- import searchNotebooksObj from './search_notebooks.devdocs.json'; diff --git a/api_docs/search_playground.mdx b/api_docs/search_playground.mdx index 0b09a0365b5b4..d1bf8f80b5a3c 100644 --- a/api_docs/search_playground.mdx +++ b/api_docs/search_playground.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/searchPlayground title: "searchPlayground" image: https://source.unsplash.com/400x175/?github description: API docs for the searchPlayground plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'searchPlayground'] --- import searchPlaygroundObj from './search_playground.devdocs.json'; diff --git a/api_docs/security.mdx b/api_docs/security.mdx index 5b200441c670c..a10daf5f5742b 100644 --- a/api_docs/security.mdx +++ b/api_docs/security.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/security title: "security" image: https://source.unsplash.com/400x175/?github description: API docs for the security plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'security'] --- import securityObj from './security.devdocs.json'; diff --git a/api_docs/security_solution.mdx b/api_docs/security_solution.mdx index f9993520acf1f..aa636fb2d1a20 100644 --- a/api_docs/security_solution.mdx +++ b/api_docs/security_solution.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/securitySolution title: "securitySolution" image: https://source.unsplash.com/400x175/?github description: API docs for the securitySolution plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'securitySolution'] --- import securitySolutionObj from './security_solution.devdocs.json'; diff --git a/api_docs/security_solution_ess.mdx b/api_docs/security_solution_ess.mdx index c8d309e407d50..957dfc82ed3dc 100644 --- a/api_docs/security_solution_ess.mdx +++ b/api_docs/security_solution_ess.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/securitySolutionEss title: "securitySolutionEss" image: https://source.unsplash.com/400x175/?github description: API docs for the securitySolutionEss plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'securitySolutionEss'] --- import securitySolutionEssObj from './security_solution_ess.devdocs.json'; diff --git a/api_docs/security_solution_serverless.mdx b/api_docs/security_solution_serverless.mdx index 16f7480d2a797..367914a3536d8 100644 --- a/api_docs/security_solution_serverless.mdx +++ b/api_docs/security_solution_serverless.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/securitySolutionServerless title: "securitySolutionServerless" image: https://source.unsplash.com/400x175/?github description: API docs for the securitySolutionServerless plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'securitySolutionServerless'] --- import securitySolutionServerlessObj from './security_solution_serverless.devdocs.json'; diff --git a/api_docs/serverless.mdx b/api_docs/serverless.mdx index 5e65ee617f190..cb021e1d571d0 100644 --- a/api_docs/serverless.mdx +++ b/api_docs/serverless.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/serverless title: "serverless" image: https://source.unsplash.com/400x175/?github description: API docs for the serverless plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'serverless'] --- import serverlessObj from './serverless.devdocs.json'; diff --git a/api_docs/serverless_observability.mdx b/api_docs/serverless_observability.mdx index f2b303b734eb3..5be9318ea89dd 100644 --- a/api_docs/serverless_observability.mdx +++ b/api_docs/serverless_observability.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/serverlessObservability title: "serverlessObservability" image: https://source.unsplash.com/400x175/?github description: API docs for the serverlessObservability plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'serverlessObservability'] --- import serverlessObservabilityObj from './serverless_observability.devdocs.json'; diff --git a/api_docs/serverless_search.mdx b/api_docs/serverless_search.mdx index 815b7b50a549f..67159bea0c565 100644 --- a/api_docs/serverless_search.mdx +++ b/api_docs/serverless_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/serverlessSearch title: "serverlessSearch" image: https://source.unsplash.com/400x175/?github description: API docs for the serverlessSearch plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'serverlessSearch'] --- import serverlessSearchObj from './serverless_search.devdocs.json'; diff --git a/api_docs/session_view.mdx b/api_docs/session_view.mdx index b9ab3f23c661e..ddeb35b344820 100644 --- a/api_docs/session_view.mdx +++ b/api_docs/session_view.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/sessionView title: "sessionView" image: https://source.unsplash.com/400x175/?github description: API docs for the sessionView plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'sessionView'] --- import sessionViewObj from './session_view.devdocs.json'; diff --git a/api_docs/share.mdx b/api_docs/share.mdx index 00d1f67d8a76e..96e2a75a76b3f 100644 --- a/api_docs/share.mdx +++ b/api_docs/share.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/share title: "share" image: https://source.unsplash.com/400x175/?github description: API docs for the share plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'share'] --- import shareObj from './share.devdocs.json'; diff --git a/api_docs/slo.mdx b/api_docs/slo.mdx index 6fb26a74cacbf..f1015cde50a71 100644 --- a/api_docs/slo.mdx +++ b/api_docs/slo.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/slo title: "slo" image: https://source.unsplash.com/400x175/?github description: API docs for the slo plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'slo'] --- import sloObj from './slo.devdocs.json'; diff --git a/api_docs/snapshot_restore.mdx b/api_docs/snapshot_restore.mdx index 086ad0df859bc..e3e7382a9eec4 100644 --- a/api_docs/snapshot_restore.mdx +++ b/api_docs/snapshot_restore.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/snapshotRestore title: "snapshotRestore" image: https://source.unsplash.com/400x175/?github description: API docs for the snapshotRestore plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'snapshotRestore'] --- import snapshotRestoreObj from './snapshot_restore.devdocs.json'; diff --git a/api_docs/spaces.mdx b/api_docs/spaces.mdx index 75c8c1665687a..1bfd13a590d3f 100644 --- a/api_docs/spaces.mdx +++ b/api_docs/spaces.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/spaces title: "spaces" image: https://source.unsplash.com/400x175/?github description: API docs for the spaces plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'spaces'] --- import spacesObj from './spaces.devdocs.json'; diff --git a/api_docs/stack_alerts.mdx b/api_docs/stack_alerts.mdx index df33a1460ccf1..8dc70f65907af 100644 --- a/api_docs/stack_alerts.mdx +++ b/api_docs/stack_alerts.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/stackAlerts title: "stackAlerts" image: https://source.unsplash.com/400x175/?github description: API docs for the stackAlerts plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'stackAlerts'] --- import stackAlertsObj from './stack_alerts.devdocs.json'; diff --git a/api_docs/stack_connectors.mdx b/api_docs/stack_connectors.mdx index 90f2484852d2a..57ad065d2d8f0 100644 --- a/api_docs/stack_connectors.mdx +++ b/api_docs/stack_connectors.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/stackConnectors title: "stackConnectors" image: https://source.unsplash.com/400x175/?github description: API docs for the stackConnectors plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'stackConnectors'] --- import stackConnectorsObj from './stack_connectors.devdocs.json'; diff --git a/api_docs/task_manager.mdx b/api_docs/task_manager.mdx index 09bb5723991ce..e64a4b0c4a4ee 100644 --- a/api_docs/task_manager.mdx +++ b/api_docs/task_manager.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/taskManager title: "taskManager" image: https://source.unsplash.com/400x175/?github description: API docs for the taskManager plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'taskManager'] --- import taskManagerObj from './task_manager.devdocs.json'; diff --git a/api_docs/telemetry.mdx b/api_docs/telemetry.mdx index 9842163e93838..b07c42468d94f 100644 --- a/api_docs/telemetry.mdx +++ b/api_docs/telemetry.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/telemetry title: "telemetry" image: https://source.unsplash.com/400x175/?github description: API docs for the telemetry plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'telemetry'] --- import telemetryObj from './telemetry.devdocs.json'; diff --git a/api_docs/telemetry_collection_manager.mdx b/api_docs/telemetry_collection_manager.mdx index 179f0a53328ff..a019592d3d0a6 100644 --- a/api_docs/telemetry_collection_manager.mdx +++ b/api_docs/telemetry_collection_manager.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/telemetryCollectionManager title: "telemetryCollectionManager" image: https://source.unsplash.com/400x175/?github description: API docs for the telemetryCollectionManager plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'telemetryCollectionManager'] --- import telemetryCollectionManagerObj from './telemetry_collection_manager.devdocs.json'; diff --git a/api_docs/telemetry_collection_xpack.mdx b/api_docs/telemetry_collection_xpack.mdx index 0da3ad410f3a3..9d8c666c94b98 100644 --- a/api_docs/telemetry_collection_xpack.mdx +++ b/api_docs/telemetry_collection_xpack.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/telemetryCollectionXpack title: "telemetryCollectionXpack" image: https://source.unsplash.com/400x175/?github description: API docs for the telemetryCollectionXpack plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'telemetryCollectionXpack'] --- import telemetryCollectionXpackObj from './telemetry_collection_xpack.devdocs.json'; diff --git a/api_docs/telemetry_management_section.mdx b/api_docs/telemetry_management_section.mdx index 9231888cfed4e..c4a175c3ddb9b 100644 --- a/api_docs/telemetry_management_section.mdx +++ b/api_docs/telemetry_management_section.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/telemetryManagementSection title: "telemetryManagementSection" image: https://source.unsplash.com/400x175/?github description: API docs for the telemetryManagementSection plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'telemetryManagementSection'] --- import telemetryManagementSectionObj from './telemetry_management_section.devdocs.json'; diff --git a/api_docs/threat_intelligence.mdx b/api_docs/threat_intelligence.mdx index dda1be6fa05ad..46cb59bee1b1e 100644 --- a/api_docs/threat_intelligence.mdx +++ b/api_docs/threat_intelligence.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/threatIntelligence title: "threatIntelligence" image: https://source.unsplash.com/400x175/?github description: API docs for the threatIntelligence plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'threatIntelligence'] --- import threatIntelligenceObj from './threat_intelligence.devdocs.json'; diff --git a/api_docs/timelines.mdx b/api_docs/timelines.mdx index 9bea4815cb4dc..b7e9d3a92f746 100644 --- a/api_docs/timelines.mdx +++ b/api_docs/timelines.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/timelines title: "timelines" image: https://source.unsplash.com/400x175/?github description: API docs for the timelines plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'timelines'] --- import timelinesObj from './timelines.devdocs.json'; diff --git a/api_docs/transform.mdx b/api_docs/transform.mdx index b82f34994b900..9efcdefd34378 100644 --- a/api_docs/transform.mdx +++ b/api_docs/transform.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/transform title: "transform" image: https://source.unsplash.com/400x175/?github description: API docs for the transform plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'transform'] --- import transformObj from './transform.devdocs.json'; diff --git a/api_docs/triggers_actions_ui.mdx b/api_docs/triggers_actions_ui.mdx index 81fb79a4591c3..f8f74023a5913 100644 --- a/api_docs/triggers_actions_ui.mdx +++ b/api_docs/triggers_actions_ui.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/triggersActionsUi title: "triggersActionsUi" image: https://source.unsplash.com/400x175/?github description: API docs for the triggersActionsUi plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'triggersActionsUi'] --- import triggersActionsUiObj from './triggers_actions_ui.devdocs.json'; diff --git a/api_docs/ui_actions.mdx b/api_docs/ui_actions.mdx index 3ca9c9eeb7b6d..6dc712060ab82 100644 --- a/api_docs/ui_actions.mdx +++ b/api_docs/ui_actions.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/uiActions title: "uiActions" image: https://source.unsplash.com/400x175/?github description: API docs for the uiActions plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'uiActions'] --- import uiActionsObj from './ui_actions.devdocs.json'; diff --git a/api_docs/ui_actions_enhanced.mdx b/api_docs/ui_actions_enhanced.mdx index 9c5a173988c21..63ba12f0c9c18 100644 --- a/api_docs/ui_actions_enhanced.mdx +++ b/api_docs/ui_actions_enhanced.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/uiActionsEnhanced title: "uiActionsEnhanced" image: https://source.unsplash.com/400x175/?github description: API docs for the uiActionsEnhanced plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'uiActionsEnhanced'] --- import uiActionsEnhancedObj from './ui_actions_enhanced.devdocs.json'; diff --git a/api_docs/unified_doc_viewer.mdx b/api_docs/unified_doc_viewer.mdx index 7b567e1004a72..cb82fef0da728 100644 --- a/api_docs/unified_doc_viewer.mdx +++ b/api_docs/unified_doc_viewer.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/unifiedDocViewer title: "unifiedDocViewer" image: https://source.unsplash.com/400x175/?github description: API docs for the unifiedDocViewer plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'unifiedDocViewer'] --- import unifiedDocViewerObj from './unified_doc_viewer.devdocs.json'; diff --git a/api_docs/unified_histogram.mdx b/api_docs/unified_histogram.mdx index a69f581d0c638..dd183a47bea81 100644 --- a/api_docs/unified_histogram.mdx +++ b/api_docs/unified_histogram.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/unifiedHistogram title: "unifiedHistogram" image: https://source.unsplash.com/400x175/?github description: API docs for the unifiedHistogram plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'unifiedHistogram'] --- import unifiedHistogramObj from './unified_histogram.devdocs.json'; diff --git a/api_docs/unified_search.mdx b/api_docs/unified_search.mdx index c2eed2290024e..fc30a164cd31f 100644 --- a/api_docs/unified_search.mdx +++ b/api_docs/unified_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/unifiedSearch title: "unifiedSearch" image: https://source.unsplash.com/400x175/?github description: API docs for the unifiedSearch plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'unifiedSearch'] --- import unifiedSearchObj from './unified_search.devdocs.json'; diff --git a/api_docs/unified_search_autocomplete.mdx b/api_docs/unified_search_autocomplete.mdx index 4fbddf6030aaa..2e62d3a54fc0f 100644 --- a/api_docs/unified_search_autocomplete.mdx +++ b/api_docs/unified_search_autocomplete.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/unifiedSearch-autocomplete title: "unifiedSearch.autocomplete" image: https://source.unsplash.com/400x175/?github description: API docs for the unifiedSearch.autocomplete plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'unifiedSearch.autocomplete'] --- import unifiedSearchAutocompleteObj from './unified_search_autocomplete.devdocs.json'; diff --git a/api_docs/uptime.mdx b/api_docs/uptime.mdx index 7921a94b09f13..368d63093da91 100644 --- a/api_docs/uptime.mdx +++ b/api_docs/uptime.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/uptime title: "uptime" image: https://source.unsplash.com/400x175/?github description: API docs for the uptime plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'uptime'] --- import uptimeObj from './uptime.devdocs.json'; diff --git a/api_docs/url_forwarding.mdx b/api_docs/url_forwarding.mdx index 7dc4cdc8e12a2..2bab27c9b983f 100644 --- a/api_docs/url_forwarding.mdx +++ b/api_docs/url_forwarding.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/urlForwarding title: "urlForwarding" image: https://source.unsplash.com/400x175/?github description: API docs for the urlForwarding plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'urlForwarding'] --- import urlForwardingObj from './url_forwarding.devdocs.json'; diff --git a/api_docs/usage_collection.mdx b/api_docs/usage_collection.mdx index 0a2e7e2531e61..5c8d83f830fb1 100644 --- a/api_docs/usage_collection.mdx +++ b/api_docs/usage_collection.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/usageCollection title: "usageCollection" image: https://source.unsplash.com/400x175/?github description: API docs for the usageCollection plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'usageCollection'] --- import usageCollectionObj from './usage_collection.devdocs.json'; diff --git a/api_docs/ux.mdx b/api_docs/ux.mdx index 56434449ca9cd..d78388e7e68f9 100644 --- a/api_docs/ux.mdx +++ b/api_docs/ux.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/ux title: "ux" image: https://source.unsplash.com/400x175/?github description: API docs for the ux plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'ux'] --- import uxObj from './ux.devdocs.json'; diff --git a/api_docs/vis_default_editor.mdx b/api_docs/vis_default_editor.mdx index 009cc700934da..3ee18ecc0d7ed 100644 --- a/api_docs/vis_default_editor.mdx +++ b/api_docs/vis_default_editor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visDefaultEditor title: "visDefaultEditor" image: https://source.unsplash.com/400x175/?github description: API docs for the visDefaultEditor plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visDefaultEditor'] --- import visDefaultEditorObj from './vis_default_editor.devdocs.json'; diff --git a/api_docs/vis_type_gauge.mdx b/api_docs/vis_type_gauge.mdx index e23f89f72e8d5..b5e63a9fced4d 100644 --- a/api_docs/vis_type_gauge.mdx +++ b/api_docs/vis_type_gauge.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeGauge title: "visTypeGauge" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeGauge plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeGauge'] --- import visTypeGaugeObj from './vis_type_gauge.devdocs.json'; diff --git a/api_docs/vis_type_heatmap.mdx b/api_docs/vis_type_heatmap.mdx index 2fb0ceb4b43d5..3fd13265c4b13 100644 --- a/api_docs/vis_type_heatmap.mdx +++ b/api_docs/vis_type_heatmap.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeHeatmap title: "visTypeHeatmap" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeHeatmap plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeHeatmap'] --- import visTypeHeatmapObj from './vis_type_heatmap.devdocs.json'; diff --git a/api_docs/vis_type_pie.mdx b/api_docs/vis_type_pie.mdx index 7b7d32e86025e..a7dd330e02dde 100644 --- a/api_docs/vis_type_pie.mdx +++ b/api_docs/vis_type_pie.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypePie title: "visTypePie" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypePie plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypePie'] --- import visTypePieObj from './vis_type_pie.devdocs.json'; diff --git a/api_docs/vis_type_table.mdx b/api_docs/vis_type_table.mdx index 78944f963586b..075499ced0859 100644 --- a/api_docs/vis_type_table.mdx +++ b/api_docs/vis_type_table.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeTable title: "visTypeTable" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeTable plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeTable'] --- import visTypeTableObj from './vis_type_table.devdocs.json'; diff --git a/api_docs/vis_type_timelion.mdx b/api_docs/vis_type_timelion.mdx index e3e586460e740..bf938c465c13f 100644 --- a/api_docs/vis_type_timelion.mdx +++ b/api_docs/vis_type_timelion.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeTimelion title: "visTypeTimelion" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeTimelion plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeTimelion'] --- import visTypeTimelionObj from './vis_type_timelion.devdocs.json'; diff --git a/api_docs/vis_type_timeseries.mdx b/api_docs/vis_type_timeseries.mdx index ce7ff654bea4b..f4cbc7b82aef7 100644 --- a/api_docs/vis_type_timeseries.mdx +++ b/api_docs/vis_type_timeseries.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeTimeseries title: "visTypeTimeseries" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeTimeseries plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeTimeseries'] --- import visTypeTimeseriesObj from './vis_type_timeseries.devdocs.json'; diff --git a/api_docs/vis_type_vega.mdx b/api_docs/vis_type_vega.mdx index 959a78ce9afdf..07340d98ac8d3 100644 --- a/api_docs/vis_type_vega.mdx +++ b/api_docs/vis_type_vega.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeVega title: "visTypeVega" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeVega plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeVega'] --- import visTypeVegaObj from './vis_type_vega.devdocs.json'; diff --git a/api_docs/vis_type_vislib.mdx b/api_docs/vis_type_vislib.mdx index 61d181fb1e54d..5e16317e61dd7 100644 --- a/api_docs/vis_type_vislib.mdx +++ b/api_docs/vis_type_vislib.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeVislib title: "visTypeVislib" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeVislib plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeVislib'] --- import visTypeVislibObj from './vis_type_vislib.devdocs.json'; diff --git a/api_docs/vis_type_xy.mdx b/api_docs/vis_type_xy.mdx index 556bb799c7d6f..603cc452cdf57 100644 --- a/api_docs/vis_type_xy.mdx +++ b/api_docs/vis_type_xy.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeXy title: "visTypeXy" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeXy plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeXy'] --- import visTypeXyObj from './vis_type_xy.devdocs.json'; diff --git a/api_docs/visualizations.mdx b/api_docs/visualizations.mdx index 2719c5fb6ea4a..9c26dfbd6ea1f 100644 --- a/api_docs/visualizations.mdx +++ b/api_docs/visualizations.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visualizations title: "visualizations" image: https://source.unsplash.com/400x175/?github description: API docs for the visualizations plugin -date: 2024-10-04 +date: 2024-10-07 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visualizations'] --- import visualizationsObj from './visualizations.devdocs.json'; diff --git a/config/serverless.es.yml b/config/serverless.es.yml index 62e201955d9c8..4261f29488002 100644 --- a/config/serverless.es.yml +++ b/config/serverless.es.yml @@ -70,8 +70,5 @@ xpack.searchInferenceEndpoints.ui.enabled: false # Search Notebooks xpack.search.notebooks.catalog.url: https://elastic-enterprise-search.s3.us-east-2.amazonaws.com/serverless/catalog.json -# Search Homepage -xpack.search.homepage.ui.enabled: true - # Semantic text UI xpack.index_management.dev.enableSemanticText: false diff --git a/docs/CHANGELOG.asciidoc b/docs/CHANGELOG.asciidoc index 03bc26d3824ca..b88939fdfdc84 100644 --- a/docs/CHANGELOG.asciidoc +++ b/docs/CHANGELOG.asciidoc @@ -73,6 +73,9 @@ Review important information about the {kib} 8.x releases. -- + +include::upgrade-notes.asciidoc[] + [[release-notes-8.15.2]] == {kib} 8.15.2 @@ -119,6 +122,7 @@ Machine Learning:: * Fixes link to anomaly detection wizard from pattern analysis in Discover ({kibana-pull}192375[#192375]). * Fixes an issue with the `http_endpoint` input config loading incorrectly in an Automatic Import workflow ({kibana-pull}191964[#191964]). + [[release-notes-8.15.1]] == {kib} 8.15.1 @@ -241,7 +245,6 @@ Breaking changes can prevent your application from optimal operation and perform Before you upgrade to 8.15.0, review the breaking changes, then mitigate the impact to your application. [discrete] -[[breaking-184036]] .Adds rate limiting to install by upload endpoint. [%collapsible] ==== @@ -660,7 +663,6 @@ Breaking changes can prevent your application from optimal operation and perform Before you upgrade to 8.14.0, review the breaking changes, then mitigate the impact to your application. [discrete] -[[breaking-182074]] .Renamed an advanced setting to enable {esql}. [%collapsible] ==== @@ -1111,7 +1113,6 @@ Breaking changes can prevent your application from optimal operation and perform Before you upgrade to 8.13.0, review the breaking changes, then mitigate the impact to your application. [discrete] -[[breaking-176879]] .Removes conditional topics for Kafka outputs [%collapsible] ==== @@ -1120,7 +1121,6 @@ The Kafka output no longer supports conditional topics. For more information, re ==== [discrete] -[[breaking-176443]] .Most Fleet installed integrations are now read-only and labelled with a *Managed* tag in the Kibana UI [%collapsible] ==== @@ -1136,7 +1136,6 @@ For more information, refer to ({kibana-pull}172393[#172393]). ==== [discrete] -[[breaking-174674]] .Removes `is_nan`, `is_finite`, and `is_infinite` functions from {esql} [%collapsible] ==== @@ -1512,7 +1511,6 @@ Breaking changes can prevent your application from optimal operation and perform Before you upgrade to 8.12.0, review the breaking changes, then mitigate the impact to your application. [discrete] -[[breaking-172224]] .New SLO architecture [%collapsible] ==== @@ -1536,7 +1534,6 @@ Be aware that when installing a new SLO (or after resetting an SLO), we install ==== [discrete] -[[breaking-170635]] .A new sub-feature privilege to control user access to the cases settings [%collapsible] ==== @@ -1920,21 +1917,21 @@ Before you upgrade to 8.11.0, review the breaking changes, then mitigate the imp [discrete] -[[breaking-167085]] .Improve config output validation for default output. [%collapsible] ==== *Details* + Improve config output validation to not allow to defining multiple default outputs in {kib} configuration. For more information, refer to ({kibana-pull}167085[#167085]). ==== + [discrete] -[[breaking-161806]] .Convert filterQuery to KQL. [%collapsible] ==== *Details* + Converts `filterQuery` to a KQL query string. For more information, refer to ({kibana-pull}161806[#161806]). ==== + [float] [[deprecations-8.11.0]] === Deprecations @@ -2264,7 +2261,6 @@ Breaking changes can prevent your application from optimal operation and perform Before you upgrade to 8.10.0, review the breaking changes, then mitigate the impact to your application. [discrete] -[[breaking-162665]] .New summary search capabilities cause existing SLOs to stop working [%collapsible] ==== @@ -2342,7 +2338,6 @@ DELETE .slo-observability.sli-v1* ==== [discrete] -[[breaking-162506]] .Get case metrics APIs now internal [%collapsible] ==== @@ -2351,7 +2346,6 @@ The get case metrics APIs are now internal. For more information, refer to ({kib ==== [discrete] -[[breaking-162492]] .Case limits [%collapsible] ==== @@ -2373,7 +2367,6 @@ For the full list, refer to {kib-issue}146945[#146945]. ==== [discrete] -[[breaking-159041]] .`addProcessorDefinition` is removed [%collapsible] ==== @@ -2382,7 +2375,6 @@ The function `addProcessorDefinition` is removed from the Console plugin start c ==== [discrete] -[[breaking-162288]] .The Download CSV endpoint has changed. [%collapsible] ==== @@ -2699,7 +2691,6 @@ Breaking changes can prevent your application from optimal operation and perform Before you upgrade to 8.9.0, review the breaking changes, then mitigate the impact to your application. [discrete] -[[breaking-159118]] .Hide Uptime app if no data is available [%collapsible] ==== @@ -2709,7 +2700,6 @@ For synthetic monitoring, we now recommend to use the new Synthetics app. For mo ==== [discrete] -[[breaking-159012]] .Remove synthetics pattern from Uptime settings [%collapsible] ==== @@ -3282,7 +3272,6 @@ Breaking changes can prevent your application from optimal operation and perform Before you upgrade to 8.8.0, review the breaking changes, then mitigate the impact to your application. [discrete] -[[breaking-155470]] .Removes legacy project monitor API [%collapsible] ==== @@ -3294,7 +3283,6 @@ In 8.8.0 and later, an error appears when you use the project monitor API. ==== [discrete] -[[breaking-147985]] .Changes the privileges for alerts and cases [%collapsible] ==== @@ -3799,7 +3787,6 @@ Breaking changes can prevent your application from optimal operation and perform Before you upgrade to 8.7.0, review the breaking changes, then mitigate the impact to your application. [discrete] -[[breaking-149482]] .Removes the fields list sampling setting [%collapsible] ==== @@ -3811,7 +3798,6 @@ In 8.1.0 and later, {kib} uses the field caps API, by default, to determine the ==== [discrete] -[[breaking-146990]] .Removes the legacy pie chart visualization setting [%collapsible] ==== @@ -3823,7 +3809,6 @@ In 7.14.0 and later, the new aggregation-based pie chart visualization is availa ==== [discrete] -[[breaking-147616]] .Removes the current_upgrades endpoint [%collapsible] ==== @@ -3835,7 +3820,6 @@ When you upgrade to 8.7.0, use the `/action_status` endpoint. ==== [discrete] -[[breaking-147199]] .Removes the preconfiguration API route [%collapsible] ==== @@ -4298,7 +4282,6 @@ Breaking changes can prevent your application from optimal operation and perform Before you upgrade to 8.6.0, review the breaking changes, then mitigate the impact to your application. [discrete] -[[breaking-143081]] .Changes the `histogram:maxBars` default setting [%collapsible] ==== @@ -4314,7 +4297,6 @@ For each {kibana-ref}/xpack-spaces.html[space], complete the following to change ==== [discrete] -[[breaking-158338]] .CSV reports use PIT instead of Scroll [%collapsible] ==== @@ -4742,7 +4724,6 @@ Breaking changes can prevent your application from optimal operation and perform Before you upgrade to 8.5.0, review the breaking changes, then mitigate the impact to your application. [discrete] -[[breaking-141757]] .Updates bulk action API to return actionId instead of agent success [%collapsible] ==== @@ -4754,7 +4735,6 @@ When you use `FleetBulkResponse`, you now receive only `actionId` responses. ==== [discrete] -[[breaking-139431]] .Removes filter validation for ad-hoc data views [%collapsible] ==== @@ -4766,7 +4746,6 @@ Filters associated with unknown data views now display a warning message instead ==== [discrete] -[[breaking-138677]] .Removes the `package_policies` field from the agent policy saved object [%collapsible] ==== @@ -5240,7 +5219,6 @@ Breaking changes can prevent your application from optimal operation and perform Before you upgrade to 8.4.0, review the breaking changes, then mitigate the impact to your application. [discrete] -[[breaking-135669]] .xpack.agents.* are uneditable in UI when defined in kibana.yml [%collapsible] ==== @@ -5254,7 +5232,6 @@ To configure `setxpack.fleet.agents.fleet_server.hosts` and `xpack.fleet.agents. ==== [discrete] -[[breaking-134336]] .Removes the legacy charts library [%collapsible] ==== @@ -5831,7 +5808,6 @@ Breaking changes can prevent your application from optimal operation and perform Before you upgrade, review the breaking change, then mitigate the impact to your application. [discrete] -[[breaking-129581]] .Removes Quandl and Graphite integrations [%collapsible] ==== @@ -5845,7 +5821,6 @@ To leave your feedback about the removal of `.quandl` and `.graphite`, go to the ==== [discrete] -[[breaking-134855]] .Makes Osquery All with All base privilege [%collapsible] ==== @@ -6822,7 +6797,6 @@ Breaking changes can prevent your application from optimal operation and perform Before you upgrade to 8.1.0, review the breaking changes, then mitigate the impact to your application. [discrete] -[[breaking-121435]] .Removes legacy CSV export type [%collapsible] ==== @@ -6834,7 +6808,6 @@ If you are using 7.13.0 and earlier, {kibana-ref-all}/8.1/automating-report-gene ==== [discrete] -[[breaking-121369]] .Removes legacy PDF shim [%collapsible] ==== @@ -7186,7 +7159,6 @@ Breaking changes can prevent your application from optimal operation and perform Before you upgrade to 8.0.0, review the breaking change, then mitigate the impact to your application. [discrete] -[[breaking-123754]] .Removes the `console.ssl` setting [%collapsible] ==== @@ -7314,7 +7286,6 @@ Breaking changes can prevent your application from optimal operation and perform Before you upgrade, review the breaking change, then mitigate the impact to your application. [discrete] -[[breaking-122722]] .Removes the ability to use `elasticsearch.username: elastic` in production [%collapsible] ==== @@ -7396,7 +7367,6 @@ Breaking changes can prevent your application from optimal operation and perform Before you upgrade, review the breaking changes, then mitigate the impact to your application. [discrete] -[[breaking-118854]] .Splits package policy `upgrade` endpoint for Fleet [%collapsible] ==== @@ -7432,7 +7402,6 @@ The endpoint is now split into two separate endpoints: ==== [discrete] -[[breaking-119945]] .Removes APM jobs from Machine Learning [%collapsible] ==== @@ -7444,7 +7413,6 @@ When you upgrade to 8.0.0, you are unable to create and view the APM Node.js and ==== [discrete] -[[breaking-118300]] .Fails migrations for unknown types [%collapsible] ==== @@ -7456,7 +7424,6 @@ To complete the migration, re enable plugins or delete documents from the index ==== [discrete] -[[breaking-116821]] .Removes deprecated config fields from Logs and Metrics APIs and saved objects [%collapsible] ==== @@ -7487,7 +7454,6 @@ To review the breaking changes in previous versions, refer to the following: Deprecated functionality does not have an immediate impact on your application, but we strongly recommend you make the necessary updates after you complete the upgrade. [discrete] -[[deprecation-120689]] .Renames the `autocreate` data view APM setting [%collapsible] ==== @@ -7499,7 +7465,6 @@ To automatically create data views in APM, use `xpack.apm.autoCreateApmDataView` ==== [discrete] -[[deprecation-119494]] .Updates Fleet API to improve consistency [%collapsible] ==== @@ -7696,7 +7661,6 @@ To review the breaking changes in previous versions, refer to the following: ==== Alerting [discrete] -[[breaking-114558]] .Removes `xpack.task_manager.index` [%collapsible] ==== @@ -7708,7 +7672,6 @@ Before you upgrade to 8.0.0, remove `xpack.task_manager.index` from kibana.yml. ==== [discrete] -[[breaking-113461]] .Removes ability to remove plugins [%collapsible] ==== @@ -7724,7 +7687,6 @@ Before you upgrade to 8.0.0, remove `xpack.actions.enabled` from kibana.yml. ==== Lens & visualizations [discrete] -[[breaking-113516]] .Removes display options from legacy gauge [%collapsible] ==== @@ -7736,7 +7698,6 @@ When you create aggregation-based gauge visualizations, the *Display warnings* o ==== [discrete] -[[breaking-112643]] .Removes settings from visEditors plugins [%collapsible] ==== @@ -7781,7 +7742,6 @@ Before you upgrade, make the following changes in kibana.yml: ==== [discrete] -[[breaking-111704]] .Removes dimming opacity setting [%collapsible] ==== @@ -7793,7 +7753,6 @@ When you upgrade to 8.0.0, you are no longer able to configure the dimming opact ==== [discrete] -[[breaking-110985]] .Removes Less stylesheet support [%collapsible] ==== @@ -7805,7 +7764,6 @@ Existing less stylesheets are automatically converted to CSS stylesheets. ==== [discrete] -[[breaking-110571]] .Disables the input string mode [%collapsible] ==== @@ -7827,7 +7785,6 @@ To use index patterns and {es} indices in *TSVB* visualizations: ==== Logs [discrete] -[[breaking-115974]] .Removes deprecated alias config entries [%collapsible] ==== @@ -7839,7 +7796,6 @@ Before you upgrade, remove the settings from kibana.yml, then configure the sett ==== [discrete] -[[breaking-61302]] .Removes configurable fields in settings [%collapsible] ==== @@ -7855,7 +7811,6 @@ Configure the settings in https://www.elastic.co/guide/en/ecs/current/ecs-refere ==== Machine learning [discrete] -[[breaking-115444]] .Grants access to machine learning features when base privileges are used [%collapsible] ==== @@ -7871,7 +7826,6 @@ If you do not want to grant users privileges to machine learning features, updat ==== Maps [discrete] -[[breaking-116184]] .Removes proxyElasticMapsServiceInMaps [%collapsible] ==== @@ -7887,7 +7841,6 @@ Install the on-prem version of the <>, ==== Operations [discrete] -[[breaking-111535]] .Removes environment variables [%collapsible] ==== @@ -7903,7 +7856,6 @@ Replace the `CONFIG_PATH` environment variable with `KBN_PATH_CONF`, and replace ==== Platform [discrete] -[[breaking-114379]] .Removes supports for csp.rules configuration [%collapsible] ==== @@ -7915,7 +7867,6 @@ Configuring the default `csp.script_src`, `csp.workers_src`, and `csp.style_src` ==== [discrete] -[[breaking-113653]] .Changes and removes deprecated core settings and deprecated settings from core plugins [%collapsible] ==== @@ -7949,7 +7900,6 @@ For more information, refer to {kibana-pull}113653[#113653]. ==== [discrete] -[[breaking-113495]] .Removes `enabled` settings from plugins [%collapsible] ==== @@ -7966,7 +7916,6 @@ Before you upgrade to 8.0.0: ==== [discrete] -[[breaking-113367]] .Removes `--plugin-dir` cli option [%collapsible] ==== @@ -7978,7 +7927,6 @@ Before you upgrade to 8.0.0, remove `plugins.scanDirs` from kibana.yml. ==== [discrete] -[[breaking-113296]] .Removes support for `optimize.*` settings [%collapsible] ==== @@ -8012,7 +7960,6 @@ To run the `@kbn/optimizer` separately in development, pass `--no-optimizer` to ==== [discrete] -[[breaking-113173]] .Removes `so/server/es` settings [%collapsible] ==== @@ -8031,7 +7978,6 @@ Before you upgrade to 8.0.0., remove these settings from kibana.yml. ==== [discrete] -[[breaking-113068]] .Adds requirement for inline scripting [%collapsible] ==== @@ -8043,7 +7989,6 @@ Enable {ref}/modules-scripting-security.html[inline scripting]. ==== [discrete] -[[breaking-112773]] .Removes `kibana.index` settings [%collapsible] ==== @@ -8055,7 +8000,6 @@ Use spaces, cross-cluster replication, or cross-cluster search. To migrate to << ==== [discrete] -[[breaking-112305]] .Removes legacy logging [%collapsible] ==== @@ -8071,7 +8015,6 @@ Use the new <>. ==== Reporting [discrete] -[[breaking-114216]] .Removes reporting settings [%collapsible] ==== @@ -8097,7 +8040,6 @@ Before you upgrade to 8.0.0, remove the settings from kibana.yml. ==== REST API [discrete] -[[breaking-114730]] .Removes `/api/settings` [%collapsible] ==== @@ -8113,7 +8055,6 @@ Use `/api/stats`. ==== Security [discrete] -[[breaking-116191]] .Removes legacy audit logger [%collapsible] ==== @@ -8200,7 +8141,6 @@ Breaking changes can prevent your application from optimal operation and perform To review the breaking changes in the previous version, refer to <>. [discrete] -[[breaking-110830]] .Changes the `GET /api/status` default behavior [%collapsible] ==== @@ -8212,7 +8152,6 @@ To retrieve the {kib} status in the previous format, use `GET /api/status?v7form ==== [discrete] -[[breaking-110738]] .Removes support for legacy exports [%collapsible] ==== @@ -8224,7 +8163,6 @@ Using the user interface to import saved objects is restricted to `.ndjson` form ==== [discrete] -[[breaking-109896]] .Removes `map.regionmap.*` [%collapsible] ==== @@ -8242,7 +8180,6 @@ If you have maps that use `map.regionmap` layers: ==== [discrete] -[[breaking-109798]] .Removes `kibana.defaultAppId` [%collapsible] ==== @@ -8254,7 +8191,6 @@ When you upgrade, remove `kibana.defaultAppId` from your kibana.yml file. To con ==== [discrete] -[[breaking-109350]] .Removes `courier:batchSearches` [%collapsible] ==== @@ -8266,7 +8202,6 @@ When you upgrade, the `courier:batchSearches` setting will no longer be availabl ==== [discrete] -[[breaking-108111]] .Removes `xpack.task_manager.index` [%collapsible] ==== @@ -8278,7 +8213,6 @@ When you upgrade, remove `xpack.task_manager.index` from your kibana.yml file. ==== [discrete] -[[breaking-108103]] .Removes dashboard-only mode [%collapsible] ==== @@ -8290,7 +8224,6 @@ To grant users access to only dashboards, create a new role, then assign only th ==== [discrete] -[[breaking-105979]] .Removes `xpack.maps.showMapVisualizationTypes` [%collapsible] ==== @@ -8343,7 +8276,6 @@ Breaking changes can prevent your application from optimal operation and perform ==== Enterprise Search changes [discrete] -[[breaking-106307]] .Required security plugin in 8.0 [%collapsible] ==== @@ -8359,7 +8291,6 @@ Enable X-Pack Security. ==== Index pattern changes [discrete] -[[breaking-35173]] .Removed support for time-based interval index patterns [%collapsible] ==== @@ -8375,7 +8306,6 @@ You must migrate your time_based index patterns to a wildcard pattern. For examp ==== Operations changes [discrete] -[[breaking-93835]] .Removed platform from archive root directory [%collapsible] ==== @@ -8387,7 +8317,6 @@ To use the new folder, update the configuration management tools and automation. ==== [discrete] -[[breaking-90511]] .Removed default support for TLS v1.0 and v1.1 [%collapsible] ==== @@ -8399,7 +8328,6 @@ To enable support, set `--tls-min-1.0` in the `node.options` configuration file. ==== [discrete] -[[breaking-74424]] .Removed support for sysv init [%collapsible] ==== @@ -8411,7 +8339,6 @@ If your installation uses .deb or .rpm packages with SysV, migrate to systemd. ==== [discrete] -[[breaking-42353]] .Disabled response logging as a default [%collapsible] ==== @@ -8447,7 +8374,6 @@ logging: ==== Reporting changes [discrete] -[[breaking-52539]] .Legacy job parameters are no longer supported [%collapsible] ==== @@ -8463,7 +8389,6 @@ If you use POST URL snippets to automatically generate PDF reports, regenerate t ==== Security changes [discrete] -[[breaking-47929]] .Removed `/api/security/v1/saml` route [%collapsible] ==== @@ -8475,7 +8400,6 @@ Use the `/api/security/saml/callback` route, or wait to upgrade to 8.0.0-alpha2 ==== [discrete] -[[breaking-41700]] .Reject legacy browsers by default [%collapsible] ==== @@ -8491,7 +8415,6 @@ To enable support for legacy browsers, set `csp.strict: false` in kibana.yml. To ==== Settings changes [discrete] -[[breaking-106061]] .Use new session timeout defaults [%collapsible] ==== @@ -8506,7 +8429,6 @@ Use the following default values: ==== [discrete] -[[breaking-87114]] .Removed support for setting `server.host` to '0' [%collapsible] ==== @@ -8518,7 +8440,6 @@ You are now unable to use `0` as the `server.host`. ==== [discrete] -[[breaking-38657]] .Removed `xpack.security.public` and `xpack.security.authProviders` [%collapsible] ==== @@ -8530,7 +8451,6 @@ Use the `xpack.security.authc.saml.realm` and `xpack.security.authc.providers` s ==== [discrete] -[[breaking-22696]] .Removed useUTC deprecation [%collapsible] ==== @@ -8542,7 +8462,6 @@ The default timezone is UTC. To change the timezone, set `logging.timezone: fals ==== [discrete] -[[breaking-32049]] .Removed environment variables `CONFIG_PATH` and `DATA_PATH` [%collapsible] ==== @@ -8560,7 +8479,6 @@ Use the environment variable `KBN_PATH_CONF` instead of `CONFIG_PATH`. Use the The following functionality is deprecated in 8.0.0, and will be removed in 9.0.0. Deprecated functionality does not have an immediate impact on your application, but we strongly recommend you make the necessary updates after you complete the upgrade. [discrete] -[[deprecation-74424]] .Removed support for SysV init [%collapsible] ==== @@ -8572,7 +8490,6 @@ If your system doesn't have `service` aliased to use kibana.service, use `system ==== [discrete] -[[deprecation-33603]] .Removed `xpack:defaultAdminEmail` setting [%collapsible] ==== diff --git a/docs/management/connectors/action-types/servicenow-sir.asciidoc b/docs/management/connectors/action-types/servicenow-sir.asciidoc index 164fe70a6d55b..4c3b6d15bf59e 100644 --- a/docs/management/connectors/action-types/servicenow-sir.asciidoc +++ b/docs/management/connectors/action-types/servicenow-sir.asciidoc @@ -64,12 +64,28 @@ The username for HTTP basic authentication. You can test connectors as you're creating or editing the connector in {kib}. For example: [role="screenshot"] -image::management/connectors/images/servicenow-sir-params-test.png[{sn-sir} params test] +image::management/connectors/images/servicenow-sir-params-test.png[{sn-sir} params test, width=75%] {sn-sir} actions have the following configuration properties. Additional comments:: Additional information for the client, such as how to troubleshoot the issue. +Additional fields:: +An object that contains custom field identifiers and their values. +These fields must exist in the Elastic ServiceNow application and must be specified in JSON format. ++ +-- +For example: +[source,sh] +---- +{ + "u_cmdb_ci": "host-a", + "u_company": "My company", + "u_assignment_group": "Testing" +} +---- +Note that the default source field names in the Elastic ServiceNow application are prefixed with "u_". +-- Category:: The category of the incident. Correlation display:: diff --git a/docs/management/connectors/action-types/servicenow.asciidoc b/docs/management/connectors/action-types/servicenow.asciidoc index 11fe55ade7f95..83f8bd050d044 100644 --- a/docs/management/connectors/action-types/servicenow.asciidoc +++ b/docs/management/connectors/action-types/servicenow.asciidoc @@ -64,12 +64,28 @@ The username for HTTP basic authentication. When you create or edit a connector, use the *Test* tab to test its actions: [role="screenshot"] -image::management/connectors/images/servicenow-params-test.png[ServiceNow params test] +image::management/connectors/images/servicenow-params-test.png[ServiceNow params test, width=75%] {sn-itsm} actions have the following configuration properties. Additional comments:: Additional information for the client, such as how to troubleshoot the issue. +Additional fields:: +An object that contains custom field identifiers and their values. ++ +-- +These fields must exist in the Elastic ServiceNow application and must be specified in JSON format. +For example: +[source,sh] +---- +{ + "u_cmdb_ci": "host-a", + "u_company": "My company", + "u_assignment_group": "Testing" +} +---- +Note that the default source field names in the Elastic ServiceNow application are prefixed with "u_". +-- Category:: The category of the incident. Correlation display:: @@ -86,6 +102,9 @@ NOTE: Using the default configuration of `{{ruleID}}:{{alert ID}}` ensures that Description:: The details about the incident. +Event action:: +The type of action to test: resolve or trigger. +When you test a resolve action, you must provide a correlation identifier. Impact:: The effect an incident has on business. It can be measured by the number of affected users or by how critical it is to the business in question. @@ -94,7 +113,7 @@ The severity of the incident. Short description:: A short description for the incident, used for searching the contents of the knowledge base. Subcategory:: -The category of the incident. +The subcategory of the incident. Urgency:: The extent to which the incident resolution can delay. diff --git a/docs/management/connectors/images/servicenow-connector-basic.png b/docs/management/connectors/images/servicenow-connector-basic.png index 4cf1f19fe8173..2897b7e80cae5 100644 Binary files a/docs/management/connectors/images/servicenow-connector-basic.png and b/docs/management/connectors/images/servicenow-connector-basic.png differ diff --git a/docs/management/connectors/images/servicenow-connector-oauth.png b/docs/management/connectors/images/servicenow-connector-oauth.png index 8f818185f686b..9b553ae97fc84 100644 Binary files a/docs/management/connectors/images/servicenow-connector-oauth.png and b/docs/management/connectors/images/servicenow-connector-oauth.png differ diff --git a/docs/management/connectors/images/servicenow-params-test.png b/docs/management/connectors/images/servicenow-params-test.png index 5615744973c35..84de4a20b5af5 100644 Binary files a/docs/management/connectors/images/servicenow-params-test.png and b/docs/management/connectors/images/servicenow-params-test.png differ diff --git a/docs/management/connectors/images/servicenow-sir-connector-basic.png b/docs/management/connectors/images/servicenow-sir-connector-basic.png index 1404526f6418d..7a49daaeb6289 100644 Binary files a/docs/management/connectors/images/servicenow-sir-connector-basic.png and b/docs/management/connectors/images/servicenow-sir-connector-basic.png differ diff --git a/docs/management/connectors/images/servicenow-sir-connector-oauth.png b/docs/management/connectors/images/servicenow-sir-connector-oauth.png index 8cac0f7361890..cf94022287157 100644 Binary files a/docs/management/connectors/images/servicenow-sir-connector-oauth.png and b/docs/management/connectors/images/servicenow-sir-connector-oauth.png differ diff --git a/docs/management/connectors/images/servicenow-sir-params-test.png b/docs/management/connectors/images/servicenow-sir-params-test.png index a2bf8761a8824..c56b8a9dafe23 100644 Binary files a/docs/management/connectors/images/servicenow-sir-params-test.png and b/docs/management/connectors/images/servicenow-sir-params-test.png differ diff --git a/docs/setup/upgrade.asciidoc b/docs/setup/upgrade.asciidoc index 686e10265df7b..818898e804b7c 100644 --- a/docs/setup/upgrade.asciidoc +++ b/docs/setup/upgrade.asciidoc @@ -6,6 +6,8 @@ To upgrade from 7.16.0 or earlier to {version}, {stack-ref}/upgrading-elastic-stack.html#prepare-to-upgrade[prepare for the upgrade]. Before you upgrade, you must resolve all critical issues identified by the *Upgrade Assistant*. +In addition, we recommend to carefully review the <> and to take any necessary actions to mitigate their impact on the upgrade. + Rolling upgrades are unsupported in {kib}. To upgrade, you must shut down all {kib} instances, install the new software, and restart {kib}. Upgrading while older {kib} instances are running can cause data loss or upgrade failures. diff --git a/docs/upgrade-notes.asciidoc b/docs/upgrade-notes.asciidoc new file mode 100644 index 0000000000000..d8ed74d367d86 --- /dev/null +++ b/docs/upgrade-notes.asciidoc @@ -0,0 +1,1738 @@ +[[breaking-changes-summary]] +== Upgrade notes + +//// +USE THE FOLLOWING TEMPLATE to add entries to this document, from "[discrete]" to the last "====" included. + +[discrete] +[[REPO-PR]] +.[FEATURE] TITLE TO DESCRIBE THE CHANGE. (VERSION) +[%collapsible] +==== +*Details* + +ADD MORE DETAILS ON WHAT IS CHANGING AND A LINK TO THE PR INTRODUCING THE CHANGE + +*Impact* + +ADD INFORMATION ABOUT WHAT THIS CHANGE WILL BREAK FOR USERS + +*Action* + +ADD INSTRUCTIONS FOR USERS LOOKING TO UPGRADE. HOW CAN THEY WORK AROUND THIS? +==== + + +1. Copy and edit the template in the right section of this file. Most recent entries should be at the top of the section, search for sections using the text "[float]". +2. Edit the anchor ID [[REPO-PR]] of the template with proper values. +3. Don't hardcode the link to the new entry. Instead, make it available through the doc link service files: + - https://github.com/elastic/kibana/blob/main/packages/kbn-doc-links/src/get_doc_links.ts + - https://github.com/elastic/kibana/blob/main/packages/kbn-doc-links/src/types.ts + +The entry in the main links file should look like this: + +id: `${KIBANA_DOCS}breaking-changes-summary.html#REPO-PR` + +Where: + - `id` is the ID of your choice. + - `REPO-PR` is the anchor ID that you assigned to the entry in this upgrade document. + +4. You can then call the link from any Kibana code. For example: `href: docLinks.links.upgradeAssistant.id` +Check https://docs.elastic.dev/docs/kibana-doc-links (internal) for more details about the Doc links service. + +//// + +Before you upgrade, review the breaking changes and deprecations introduced in {kib} 8.x, then mitigate the impact. + +For Elastic Security release information, refer to {security-guide}/release-notes.html[_Elastic Security Solution Release Notes_]. + +[float] +=== Breaking changes + +[float] +==== Kibana APIs + +[discrete] +[[breaking-193792]] +.Access to all internal APIs is blocked (9.0.0) +[%collapsible] +==== +*Details* + +Access to internal Kibana HTTP APIs is restricted from version 9.0.0. This is to ensure +that HTTP API integrations with Kibana avoid unexpected breaking changes. +Refer to {kibana-pull}193792[#193792]. + +*Impact* + +Any HTTP API calls to internal Kibana endpoints will fail with a 400 status code starting +from version 9.0.0. + +*Action* + +**Do not integrate with internal HTTP APIs**. They may change or be removed without notice, +and lead to unexpected behaviors. If you would like some capability to be exposed over an +HTTP API, https://github.com/elastic/kibana/issues/new/choose[create an issue]. +We would love to discuss your use case. + +==== + +[discrete] +[[breaking-162506]] +.Get case metrics APIs became internal. (8.10) +[%collapsible] +==== +*Details* + +The get case metrics APIs are now internal. For more information, refer to ({kibana-pull}162506[#162506]). +==== + +[discrete] +[[breaking-155470]] +.Removed legacy project monitor API. (8.8) +[%collapsible] +==== +*Details* + +The project monitor API for Synthetics in Elastic Observability has been removed. For more information, refer to {kibana-pull}155470[#155470]. + +*Impact* + +In 8.8.0 and later, an error appears when you use the project monitor API. +==== + +[discrete] +[[breaking-147616]] +.Removed the `current_upgrades` endpoint. (8.7) +[%collapsible] +==== +*Details* + +The `/api/fleet/current_upgrades` endpoint has been removed. For more information, refer to {kibana-pull}147616[#147616]. + +*Impact* + +When you upgrade to 8.7.0, use the `api/fleet/agents/action_status` endpoint. +==== + +[discrete] +[[breaking-147199]] +.Removed the `preconfiguration` API route. (8.7) +[%collapsible] +==== +*Details* + +The `/api/fleet/setup/preconfiguration` API, which was released as generally available by error, has been removed. For more information, refer to {kibana-pull}147199[#147199]. + +*Impact* + +Do not use `/api/fleet/setup/preconfiguration`. To manage preconfigured agent policies, use kibana.yml. For more information, check link:https://www.elastic.co/guide/en/kibana/current/fleet-settings-kb.html#_preconfiguration_settings_for_advanced_use_cases[Preconfigured settings]. +==== + +[discrete] +[[breaking-141757]] +.Updated bulk action API to return actionId instead of agent success. (8.5) +[%collapsible] +==== +*Details* + +To make bulk action responses consistent, returns `actionId` instead of agent ids with `success: True` or `success: False` results. For more information, refer to {kibana-pull}141757[#141757]. + +*Impact* + +When you use `FleetBulkResponse`, you now receive only `actionId` responses. +==== + +[discrete] +[[breaking-116821]] +.Removed deprecated config fields from Logs and Metrics APIs and saved objects. (8.0) +[%collapsible] +==== +*Details* + +On the Logs and Metrics UIs, references to the following API and saved object deprecated fields have been removed: + +* `timestamp` +* `tiebreaker` +* `container` +* `pod` +* `host` + +For more information, refer to {kibana-pull}116821[#116821] and {kibana-pull}115874[#115874]. + +*Impact* + +When you upgrade to 8.0.0, you are unable to use references to the deprecated fields. +==== + +[discrete] +[[breaking-114730]] +.Removed `/api/settings`. (8.0) +[%collapsible] +==== +*Details* + +The `/api/settings` REST API has been removed. For more information, refer to {kibana-pull}114730[#114730]. + +*Impact* + +Use `/api/stats`. +==== + +[discrete] +[[breaking-110830]] +.Changed the `GET /api/status` default behavior. (8.0) +[%collapsible] +==== +*Details* + +`GET /api/status` reports a new and more verbose payload. For more information, refer to {kibana-pull}110830[#110830]. + +*Impact* + +To retrieve the {kib} status in the previous format, use `GET /api/status?v7format=true`. +==== + +[float] +==== Kibana platform + +// Alerting +[discrete] +[[breaking-170635]] +.[Alerting] A new sub-feature privilege to control user access to the cases settings. (8.12) +[%collapsible] +==== +*Details* + +Roles with at least a sub-feature privilege configured will not have access to the cases setting like they had previously. All roles without a sub-feature privilege configured will not be affected. For more information, refer to ({kibana-pull}170635[#170635]). +==== + +[discrete] +[[breaking-162492]] +.[Alerting] New case limits. (8.10) +[%collapsible] +==== +*Details* + +Limits are now imposed on the number of objects cases can process or the amount of data those objects can store. +//// +For example: +* Updating a case comment is now included in the 10000 user actions restriction. ({kibana-pull}163150[#163150]) +* Updating a case now fails if the operation makes it reach more than 10000 user actions. ({kibana-pull}161848[#161848]) +* The total number of characters per comment is limited to 30000. ({kibana-pull}161357[#161357]) +* The getConnectors API now limits the number of supported connectors returned to 1000. ({kibana-pull}161282[#161282]) +* There are new limits and restrictions when retrieving cases. ({kibana-pull}162411[#162411]), ({kibana-pull}162245[#162245]), ({kibana-pull}161111[#161111]), ({kibana-pull}160705[#160705]) +* A case can now only have 100 external references and persistable state(excluding files) attachments combined. ({kibana-pull}162071[#162071]). +* New limits on titles, descriptions, tags and category. ({kibana-pull}160844[#160844]). +* The maximum number of cases that can be updated simultaneously is now 100. The minimum is 1. ({kibana-pull}161076[#161076]). +* The Delete cases API now limits the number of cases to be deleted to 100.({kibana-pull}160846[#160846]). +//// +For the full list, refer to {kib-issue}146945[#146945]. +==== + +[discrete] +[[breaking-147985]] +.[Alerting] Changed privileges for alerts and cases. (8.8) +[%collapsible] +==== +*Details* + +The privileges for attaching alerts to cases has changed. For more information, refer to {kibana-pull}147985[#147985]. + +*Impact* + +To attach alerts to cases, you must have `Read` access to an {observability} or Security feature that has alerts and `All` access to the **Cases** feature. For detailed information, check link:https://www.elastic.co/guide/en/kibana/current/kibana-privileges.html[{kib} privileges] and link:https://www.elastic.co/guide/en/kibana/current/setup-cases.html[Configure access to cases]. +==== + +[discrete] +.[Alerting] Removed support for `monitoring.cluster_alerts.allowedSpaces`. (8.0) +[%collapsible] +==== +*Details* + +The `monitoring.cluster_alerts.allowedSpaces` setting, which {kib} uses to create Stack Monitoring alerts, has been removed. For more information, refer to {kibana-pull}123229[#123229]. + +*Impact* + +Before you upgrade to 8.0.0, remove `monitoring.cluster_alerts.allowedSpaces` from kibana.yml. +==== + +[discrete] +[[breaking-114558]] +.[Alerting] Removed `xpack.task_manager.index` setting. (8.0) +[%collapsible] +==== +*Details* + +The `xpack.task_manager.index` setting has been removed. For more information, refer to {kibana-pull}114558[#114558]. + +*Impact* + +Before you upgrade to 8.0.0, remove `xpack.task_manager.index` from kibana.yml. +==== + +[discrete] +[[breaking-113461]] +.[Alerting] Removed ability to remove Elastic-managed plugins. (8.0) +[%collapsible] +==== +*Details* + +The `xpack.actions.enabled` setting has been removed. For more information, refer to {kibana-pull}113461[#113461]. + +*Impact* + +Before you upgrade to 8.0.0, remove `xpack.actions.enabled` from kibana.yml. +==== + + +// Data views + +[discrete] +[[breaking-139431]] +.[Data views] Removed filter validation for ad-hoc data views (8.5) +[%collapsible] +==== +*Details* + +Filters associated with unknown data views, such as deleted data views, are no longer automatically disabled. For more information, refer to {kibana-pull}139431[#139431]. + +*Impact* + +Filters associated with unknown data views now display a warning message instead of being automatically disabled. +==== + +// Dev tools + +[discrete] +[[breaking-159041]] +.[Dev tools] The `addProcessorDefinition` function was removed from Console. (8.10) +[%collapsible] +==== +*Details* + +The function `addProcessorDefinition` is removed from the Console plugin start contract (server side). For more information, refer to ({kibana-pull}159041[#159041]). +==== + +[discrete] +[[breaking-123754]] +.[Dev tools] Removed the `console.ssl` setting. (8.0) +[%collapsible] +==== +*Details* + +The `console.ssl` setting has been removed. For more information, refer to {kibana-pull}123754[#123754]. + +*Impact* + +Before you upgrade to 8.0.0, remove `console.ssl` from kibana.yml. +==== + +// ECS + +[discrete] +.[Elastic Common Schema] Moved `doc_root.vulnerability.package` to doc_root.package (ECS). (8.11) +[%collapsible] +==== +*Details* + +This change updates all instances of `vulnerability.package` to the ECS standard package fieldset. For more information, refer to ({kibana-pull}164651[#164651]). +==== + +// ESQL +[discrete] +[[breaking-182074]] +.[ES|QL] Renamed an advanced setting to enable {esql}. (8.14) +[%collapsible] +==== +*Details* + +The advanced setting which hides {esql} from the UI has been renamed from `discover:enableESQL` to `enableESQL`. It is enabled by default and must be switched off to disable {esql} features from your {kib} applications. For more information, refer to ({kibana-pull}182074[#182074]). +==== + +[discrete] +[[breaking-174674]] +.[ES|QL] Removed `is_nan`, `is_finite`, and `is_infinite` functions from {esql}. (8.13) +[%collapsible] +==== +*Details* + +These functions have been removed from {esql} queries as they are not supported. Errors would be thrown when trying to use them. For more information, refer to ({kibana-pull}174674[#174674]). +==== + +// Fleet +[discrete] +[[breaking-184036]] +.[Fleet] Added rate limiting to install by upload endpoint. (8.15) +[%collapsible] +==== +*Details* + +Rate limiting was added to the upload `api/fleet/epm/packages` endpoint. For more information, refer to {kibana-pull}184036[#184036]. + +*Impact* + +If you do two or more requests in less than 10 seconds, the subsequent requests fail with `429 Too Many Requests`. +Wait 10 seconds before uploading again. +This change could potentially break automations for users that rely on frequent package uploads. +==== + +[discrete] +[[breaking-176879]] +.[Fleet]Removed conditional topics for Kafka outputs. (8.13) +[%collapsible] +==== +*Details* + +The Kafka output no longer supports conditional topics. For more information, refer to ({kibana-pull}176879[#176879]). +==== + +[discrete] +[[breaking-176443]] +.[Fleet]Most Fleet installed integrations are now read-only and labelled with a *Managed* tag in the Kibana UI. (8.13) +[%collapsible] +==== +*Details* + + +Integration content installed by {fleet} is no longer editable. This content is tagged with *Managed* in the {kib} UI, and is Elastic managed. This content cannot be edited or deleted. However, managed visualizations, dashboards, and saved searches can be cloned. The clones can be customized. + +When cloning a dashboard the cloned panels become entirely independent copies that are unlinked from the original configurations and dependencies. + +For managed content relating to specific visualization editors such as Lens, TSVB, and Maps, the clones retain the original reference configurations. The same applies to editing any saved searches in a managed visualization. + +For more information, refer to ({kibana-pull}172393[#172393]). +==== + +[discrete] +[[breaking-167085]] +.[Fleet] Improved config output validation for default output. (8.11) +[%collapsible] +==== +*Details* + +Improve config output validation to not allow to defining multiple default outputs in {kib} configuration. For more information, refer to ({kibana-pull}167085[#167085]). +==== + +[discrete] +[[breaking-138677]] +.[Fleet] Removed the `package_policies` field from the agent policy saved object. (8.5) +[%collapsible] +==== +*Details* + +The bidirectional foreign key between agent policy and package policy has been removed. For more information, refer to {kibana-pull}138677[#138677]. + +*Impact* + +The agent policy saved object no longer includes the `package_policies` field. +==== + +[discrete] +[[breaking-135669]] +.[Fleet] xpack.agents.* are now uneditable in UI when defined in kibana.yml. (8.4) +[%collapsible] +==== +*Details* + +When you configure `xpack.fleet.agents.fleet_server.hosts` and `xpack.fleet.agents.elasticsearch.hosts` in kibana.yml, you are unable to update the fields on the Fleet UI. + +For more information, refer to {kibana-pull}135669[#135669]. + +*Impact* + +To configure `xpack.fleet.agents.fleet_server.hosts` and `xpack.fleet.agents.elasticsearch.hosts` on the Fleet UI, avoid configuring the settings in kibana.yml. +==== + +[discrete] +[[breaking-118854]] +.[Fleet] Split package policy `upgrade` endpoint for Fleet. (8.0) +[%collapsible] +==== +*Details* + +For package policy upgrades, the packagePolicy `upgrade` endpoint format supports a mutative upgrade operation (when `dryRun: false`) and a read-only dry run operation (when `dryRun: true`): + +[source,text] +-- + POST /package_policies/upgrade + { + packagePolicyIds: [...], + dryRun: false + } +-- + +For more information, refer to {kibana-pull}118854[#118854]. + +*Impact* + +The endpoint is now split into two separate endpoints: + +[source,text] +-- + POST /package_policies/upgrade + { + packagePolicyIds: [...] + } + + POST /package_policies/upgrade/dry_run + { + packagePolicyIds: [...] + } +-- +==== + +// General settings + +[discrete] +[[breaking-111535]] +.[General settings] Removed `CONFIG_PATH` and `DATA_PATH` environment variables. (8.0) +[%collapsible] +==== +*Details* + +The `CONFIG_PATH` and `DATA_PATH` environment variables have been removed. For more information, refer to {kibana-pull}111535[#111535]. + +*Impact* + +Replace the `CONFIG_PATH` environment variable with `KBN_PATH_CONF`, and replace `DATA_PATH` with the `path.data` setting. +==== + +[discrete] +[[breaking-114379]] +.[General settings] Removed support for csp.rules configuration. (8.0) +[%collapsible] +==== +*Details* + +Support for the `csp.rules` configuration property has been removed. For more information, refer to {kibana-pull}114379[#114379]. + +*Impact* + +Configuring the default `csp.script_src`, `csp.workers_src`, and `csp.style_src` values is not required. +==== + +[discrete] +[[breaking-113653]] +.[General settings] Changed and removed deprecated core settings and deprecated settings from core plugins. (8.0) +[%collapsible] +==== +*Details* + +The deprecation notice for `server.cors` has changed from `level:critical` to `level:warning`. + +The following settings have changed: + +* The `xpack.banners.placement` value of `header` has been renamed to `top` + +Support for the following configuration settings has been removed: + +* `newsfeed.defaultLanguage` +* `cpu.cgroup.path.override` +* `cpuacct.cgroup.path.override` +* `server.xsrf.whitelist` +* `xpack.xpack_main.xpack_api_polling_frequency_millis` +* `KIBANA_PATH_CONF` + +For more information, refer to {kibana-pull}113653[#113653]. + +*Impact* + +* The `header` value provided to the `xpack.banners.placement` configuration has been renamed to 'top' +* The `newsfeed.defaultLanguage` newsfeed items are retrieved based on the browser locale and default to English +* Replace `cpu.cgroup.path.override` with `ops.cGroupOverrides.cpuPath` +* Replace `cpuacct.cgroup.path.override` with `ops.cGroupOverrides.cpuAcctPath` +* Replace `server.xsrf.whitelist` with `server.xsrf.allowlist` +* Replace `xpack.xpack_main.xpack_api_polling_frequency_millis` with `xpack.licensing.api_polling_frequency` +* Replace `KIBANA_PATH_CONF` path to the {kib} configuration file using the `KBN_PATH_CONF` environment variable +==== + +[discrete] +[[breaking-113495]] +.[General settings] Removed `enabled` settings from plugins. (8.0) +[%collapsible] +==== +*Details* + +Using `{plugin_name}.enabled` to disable plugins has been removed. Some plugins, such as `telemetry`, `newsfeed`, `reporting`, and the various `vis_type` plugins will continue to support this setting. All other {kib} plugins will not support this setting. Any new plugin will support this setting only when specified in the `configSchema`. For more information, refer to {kibana-pull}113495[#113495]. + +The `xpack.security.enabled` setting has been removed. For more information, refer to {kibana-pull}111681[#111681]. + +*Impact* + +Before you upgrade to 8.0.0: + +* Remove `{plugin_name}.enabled` from kibana.yml. If you use the setting to control user access to {kib} applications, use <> instead. +* Replace `xpack.security.enabled` with {ref}/security-settings.html#general-security-settings[`xpack.security.enabled`] in elasticsearch.yml. +==== + +[discrete] +[[breaking-113367]] +.[General settings] Removed `--plugin-dir` cli option. (8.0) +[%collapsible] +==== +*Details* + +The `plugins.scanDirs` setting and `--plugin-dir` cli option have been removed. For more information, refer to {kibana-pull}113367[#113367]. + +*Impact* + +Before you upgrade to 8.0.0, remove `plugins.scanDirs` from kibana.yml. +==== + +[discrete] +[[breaking-113296]] +.[General settings] Removed support for `optimize.*` settings. (8.0) +[%collapsible] +==== +*Details* + +The legacy `optimize.*` settings have been removed. If your configuration uses the following legacy `optimize.*` settings, {kib} fails to start: + +* `optimize.lazy` +* `optimize.lazyPort` +* `optimize.lazyHost` +* `optimize.lazyPrebuild` +* `optimize.lazyProxyTimeout` +* `optimize.enabled` +* `optimize.bundleFilter` +* `optimize.bundleDir` +* `optimize.viewCaching` +* `optimize.watch` +* `optimize.watchPort` +* `optimize.watchHost` +* `optimize.watchPrebuild` +* `optimize.watchProxyTimeout` +* `optimize.useBundleCache` +* `optimize.sourceMaps` +* `optimize.workers` +* `optimize.profile` +* `optimize.validateSyntaxOfNodeModules` + +For more information, refer to {kibana-pull}113296[#113296]. + +*Impact* + +To run the `@kbn/optimizer` separately in development, pass `--no-optimizer` to `yarn start`. For more details, refer to {kibana-pull}73154[#73154]. +==== + +[discrete] +[[breaking-113173]] +.[General settings] Removed `so/server/es` settings. (8.0) +[%collapsible] +==== +*Details* + +Some of the `savedObjects`, `server`, and `elasticsearch` settings have been removed. If your configuration uses the following settings, {kib} fails to start: + +* `savedObjects.indexCheckTimeout` +* `server.xsrf.token` +* `elasticsearch.preserveHost` +* `elasticsearch.startupTimeout` + +For more information, refer to {kibana-pull}113173[#113173]. + +*Impact* + +Before you upgrade to 8.0.0., remove these settings from kibana.yml. +==== + +[discrete] +[[breaking-113068]] +.[General settings] Added requirement for inline scripting. (8.0) +[%collapsible] +==== +*Details* + +To start {kib}, you must enable inline scripting in {es}. For more information, refer to {kibana-pull}113068[#113068]. + +*Impact* + +Enable {ref}/modules-scripting-security.html[inline scripting]. +==== + +[discrete] +[[breaking-112773]] +.[General settings] Removed `kibana.index` settings. (8.0) +[%collapsible] +==== +*Details* + +The `kibana.index`, `xpack.reporting.index`, and `xpack.task_manager.index` settings have been removed. For more information, refer to {kibana-pull}112773[#112773]. + +*Impact* + +Use spaces, cross-cluster replication, or cross-cluster search. To migrate to <>, export your <> from a tenant into the default space. For more details, refer to link:https://github.com/elastic/kibana/issues/82020[#82020]. +==== + +[discrete] +[[breaking-112305]] +.[General settings] Removed legacy logging. (8.0) +[%collapsible] +==== +*Details* + +The logging configuration and log output format has changed. For more information, refer to {kibana-pull}112305[#112305]. + +*Impact* + +Use the new <>. +==== + +[discrete] +[[breaking-109798]] +.[General settings] Removed `kibana.defaultAppId` setting. (8.0) +[%collapsible] +==== +*Details* + +The deprecated `kibana.defaultAppId` setting in kibana.yml, which is also available as `kibana_legacy.defaultAppId`, has been removed. For more information, refer to {kibana-pull}109798[#109798]. + +*Impact* + +When you upgrade, remove `kibana.defaultAppId` from your kibana.yml file. To configure the default route for users when they enter a space, use the <> in *Advanced Settings*. +==== + +[discrete] +[[breaking-109350]] +.[General settings] Removed `courier:batchSearches` setting. (8.0) +[%collapsible] +==== +*Details* + +The deprecated `courier:batchSearches` setting in *Advanced Settings* has been removed. For more information, refer to {kibana-pull}109350[#109350]. + +*Impact* + +When you upgrade, the `courier:batchSearches` setting will no longer be available. +==== + + +[discrete] +[[breaking-106061]] +.[General settings] New session timeout defaults. (8.0) +[%collapsible] +==== +*Details* + +The default values for the session timeout `xpack.security.session.{lifespan|idleTimeout}` settings have changed. For more information, refer to {kibana-pull}106061[#106061] + +*Impact* + +The new default values are as follows: + +* `xpack.security.session.idleTimeout: 3d` +* `xpack.security.session.lifespan: 30d` +==== + +[discrete] +[[breaking-87114]] +.[General settings] Removed support for setting `server.host` to '0'. (8.0) +[%collapsible] +==== +*Details* + +Support for configuring {kib} with `0` as the `server.host` has been removed. Please use `0.0.0.0` instead. For more information, refer to {kibana-pull}87114[#87114] + +*Impact* + +You are now unable to use `0` as the `server.host`. +==== + +[discrete] +[[breaking-38657]] +.[General settings] Removed `xpack.security.public` and `xpack.security.authProviders` settings. (8.0) +[%collapsible] +==== +*Details* + +The `xpack.security.public` and `xpack.security.authProviders` settings have been removed. For more information, refer to {kibana-pull}38657[#38657] + +*Impact* + +Use the `xpack.security.authc.saml.realm` and `xpack.security.authc.providers` settings. +==== + +[discrete] +[[breaking-22696]] +.[General settings] Removed `logging.useUTC` setting. (8.0) +[%collapsible] +==== +*Details* + +The `logging.useUTC` setting has been removed. For more information, refer to {kibana-pull}22696[#22696] + +*Impact* + +The default timezone is UTC. To change the timezone, set `logging.timezone: false` in kibana.yml. Change the timezone when the system, such as a docker container, is configured for a nonlocal timezone. +==== + +// Index management + +[discrete] +[[breaking-35173]] +.[Index management] Removed support for time-based interval index patterns. (8.0) +[%collapsible] +==== +*Details* + +Time-based interval index patterns were deprecated in 5.x. In 6.x, you could no longer create time-based interval index patterns, but they continued to function as expected. Support for these index patterns has been removed in 8.0. For more information, refer to {kibana-pull}35173[#35173] + +*Impact* + +You must migrate your time_based index patterns to a wildcard pattern. For example, logstash-*. +==== + +// Logs + +[discrete] +[[breaking-115974]] +.[Logs] Removed deprecated alias config entries. (8.0) +[%collapsible] +==== +*Details* + +The deprecated `xpack.infra.sources.default.logAlias` and `xpack.infra.sources.default.logAlias` settings have been removed. For more information, refer to {kibana-pull}115974[#115974]. + +*Impact* + +Before you upgrade, remove the settings from kibana.yml, then configure the settings in <>. +==== + +[discrete] +[[breaking-61302]] +.[Logs] Removed configurable fields in settings. (8.0) +[%collapsible] +==== +*Details* + +The *Logs* and *Metrics* configurable fields settings have been removed. For more information, refer to {kibana-pull}61302[#61302]. + +*Impact* + +Configure the settings in https://www.elastic.co/guide/en/ecs/current/ecs-reference.html[ECS]. +==== + +// Machine Learning + +[discrete] +[[breaking-119945]] +.[Machine learning] Removed APM jobs from Machine Learning. (8.0) +[%collapsible] +==== +*Details* + +APM Node.js and RUM JavaScript anomaly detection job modules have been removed. For more information, refer to {kibana-pull}119945[#119945]. + +*Impact* + +When you upgrade to 8.0.0, you are unable to create and view the APM Node.js and RUM JavaScript jobs in Machine Learning. +==== + +[discrete] +[[breaking-115444]] +.[Machine learning] Granted access to machine learning features when base privileges are used. (8.0) +[%collapsible] +==== +*Details* + +Machine learning features are included as base privileges. For more information, refer to {kibana-pull}115444[#115444]. + +*Impact* + +If you do not want to grant users privileges to machine learning features, update <>. +==== + +// Osquery + +[discrete] +[[breaking-134855]] +.[Osquery] "All" base privilege option now also applies to Osquery. (8.3) +[%collapsible] +==== +*Details* + +The Osquery {kib} privilege has been updated, so that when the *Privileges for all features level* is set to *All*, this now applies *All* to Osquery privileges as well. Previously, users had to choose the *Customize* option to grant any access to Osquery. For more information, refer to {kibana-pull}130523[#130523]. + +*Impact* + +This impacts user roles that have *Privileges for all features* set to *All*. After this update, users with this role will have access to the Osquery page in {kib}. However, to use the Osquery feature fully, these requirements remain the same: users also need Read access to the logs-osquery_manager.result* index and the Osquery Manager integration must be deployed to Elastic Agents. +==== + +// Saved objects + +[discrete] +[[breaking-118300]] +.[Saved objects] Fail migrations for saved objects with unknown types. (8.0) +[%collapsible] +==== +*Details* + +Unknown saved object types now cause {kib} migrations to fail. For more information, refer to {kibana-issue}107678[#107678]. + +*Impact* + +To complete the migration, re-enable plugins or delete documents from the index in the previous version. +==== + +[discrete] +[[breaking-110738]] +.[Saved objects] Removed support for legacy exports. (8.0) +[%collapsible] +==== +*Details* + +In {kib} 8.0.0 and later, the legacy format from {kib} 6.x is unsupported. For more information, refer to {kibana-pull}110738[#110738] + +*Impact* + +Using the user interface to import saved objects is restricted to `.ndjson` format imports. +==== + +// Security + +[discrete] +[[breaking-116191]] +.[Security] Removed legacy audit logger. (8.0) +[%collapsible] +==== +*Details* + +The legacy audit logger has been removed. For more information, refer to {kibana-pull}116191[#116191]. + +*Impact* + +Audit logs will be written to the default location in the new ECS format. To change the output file, filter events, and more, use the <>. +==== + +[discrete] +[[breaking-47929]] +.[Security] Removed `/api/security/v1/saml` route. (8.0) +[%collapsible] +==== +*Details* + +The `/api/security/v1/saml` route has been removed and is reflected in the kibana.yml `server.xsrf.whitelist` setting, {es}, and the Identity Provider SAML settings. For more information, refer to {kibana-pull}47929[#47929] + +*Impact* + +Use the `/api/security/saml/callback` route, or wait to upgrade to 8.0.0-alpha2 when the `/api/security/saml/callback` route breaking change is reverted. +==== + +[discrete] +[[breaking-41700]] +.[Security] Legacy browsers rejected by default. (8.0) +[%collapsible] +==== +*Details* + +To provide the maximum level of protection for most installations, the csp.strict config is now enabled by default. Legacy browsers not supported by Kibana, such as Internet Explorer 11, are unable to access {kib} unless explicitly enabled. All browsers officially supported by Kibana do not have this issue. For more information, refer to {kibana-pull}41700[#41700] + +*Impact* + +To enable support for legacy browsers, set `csp.strict: false` in kibana.yml. To effectively enforce the security protocol, we strongly discourage disabling `csp.strict` unless it is critical that you support Internet Explorer 11. +==== + +// Setup + +[discrete] +[[breaking-93835]] +.[Setup] Removed platform from archive root directory. (8.0) +[%collapsible] +==== +*Details* + +After you extract an archive, the output directory no longer includes the target platform. For example, `kibana-8.0.0-linux-aarch64.tar.gz` produces a `kibana-8.0.0` folder. For more information, refer to {kibana-pull}93835[#93835]. + +*Impact* + +To use the new folder, update the configuration management tools and automation. +==== + +[discrete] +[[breaking-90511]] +.[Setup] Removed default support for TLS v1.0 and v1.1. (8.0) +[%collapsible] +==== +*Details* + +The default support for TLS v1.0 and v1.1 has been removed. For more information, refer to {kibana-pull}90511[#90511]. + +*Impact* + +To enable support, set `--tls-min-1.0` in the `node.options` configuration file. To locate the configuration file, go to the kibana/config folder or any other configuration with the `KBN_PATH_CONF` environment variable. For example, if you are using a Debian-based system, the configuration file is located in /etc/kibana. +==== + +[discrete] +[[breaking-74424]] +.[Setup] Removed support for sysv init. (8.0) +[%collapsible] +==== +*Details* + +All supported operating systems use systemd service files. Any system that doesn’t have `service` aliased to use kibana.service should use `systemctl start kibana.service` instead of `service start kibana`. For more information, refer to {kibana-pull}74424[#74424]. + +*Impact* + +If your installation uses .deb or .rpm packages with SysV, migrate to systemd. +==== + +[discrete] +[[breaking-42353]] +.[Setup] Disabled response logging as a default. (8.0) +[%collapsible] +==== +*Details* + +In previous versions, all events are logged in `json` when `logging.json:true`. With the new logging configuration, you can choose the `json` and pattern output formats with layouts. For more information, refer to {kibana-pull}42353[#42353]. + +*Impact* + +To restore the previous behavior, configure the logging format for each custom appender with the `appender.layout property` in kibana.yml. There is no default for custom appenders, and each appender must be configured explicitly. +//// +[source,yaml] +---- +logging: + appenders: + custom_console: + type: console + layout: + type: pattern + custom_json: + type: console + layout: + type: json + loggers: + - name: plugins.myPlugin + appenders: [custom_console] + root: + appenders: [default, custom_json] + level: warn +---- +//// +==== + +// Sharing and reporting + +[discrete] +[[breaking-162288]] +.[Sharing & Reporting] The Download CSV endpoint has changed. (8.10) +[%collapsible] +==== +*Details* + +The API endpoint for downloading a CSV file from a saved search in the Dashboard application has changed to reflect the fact that this is an internal API. The previous API path of +`/api/reporting/v1/generate/immediate/csv_searchsource` has been changed to `/internal/reporting/generate/immediate/csv_searchsource`. For more information, refer to {kibana-pull}162288[#162288]. +==== + +[discrete] +[[breaking-158338]] +.[Sharing & Reporting] CSV reports now use PIT instead of Scroll. (8.6) +[%collapsible] +==== +*Details* + +CSV reports now use PIT instead of Scroll. Previously generated CSV reports that used an index alias with alias-only privileges, but without privileges on the alias referenced-indices will no longer generate. For more information, refer to {kibana-pull}158338[#158338]. + +*Impact* + +To generate CSV reports, grant `read` privileges to the underlying indices. +==== + +[discrete] +[[breaking-121435]] +.[Sharing & Reporting] Removed legacy CSV export type. (8.1) +[%collapsible] +==== +*Details* + +The `/api/reporting/generate/csv` endpoint has been removed. For more information, refer to {kibana-pull}121435[#121435]. + +*Impact* + +If you are using 7.13.0 and earlier, {kibana-ref-all}/8.1/automating-report-generation.html[regenerate the POST URLs] that you use to automatically generate CSV reports. +==== + +[discrete] +[[breaking-121369]] +.[Sharing & Reporting]Removed legacy PDF shim. (8.1) +[%collapsible] +==== +*Details* + +The POST URLs that you generated in {kib} 6.2.0 no longer work. For more information, refer to {kibana-pull}121369[#121369]. + +*Impact* + +{kibana-ref-all}/8.1/automating-report-generation.html[Regenerate the POST URLs] that you use to automatatically generate PDF reports. +==== + +[discrete] +[[breaking-114216]] +.[Sharing & Reporting] Removed reporting settings. (8.0) +[%collapsible] +==== +*Details* + +The following settings have been removed: + +* `xpack.reporting.capture.concurrency` + +* `xpack.reporting.capture.settleTime` + +* `xpack.reporting.capture.timeout` + +* `xpack.reporting.kibanaApp` + +For more information, refer to {kibana-pull}114216[#114216]. + +*Impact* + +Before you upgrade to 8.0.0, remove the settings from kibana.yml. +==== + +[discrete] +[[breaking-52539]] +.[Sharing & Reporting] Legacy job parameters are no longer supported. (8.0) +[%collapsible] +==== +*Details* + +*Reporting* is no longer compatible with POST URL snippets generated with {kib} 6.2.0 and earlier. For more information, refer to {kibana-pull}52539[#52539] + +*Impact* + +If you use POST URL snippets to automatically generate PDF reports, regenerate the POST URL strings. +==== + +// User management + +[discrete] +[[breaking-122722]] +.[User management] Removed the ability to use `elasticsearch.username: elastic` in production. (8.0) +[%collapsible] +==== +*Details* + +In production, you are no longer able to use the `elastic` superuser to authenticate to {es}. For more information, refer to {kibana-pull}122722[#122722]. + +*Impact* + +When you configure `elasticsearch.username: elastic`, {kib} fails. +==== + +// Visualizations and dashboards + +[discrete] +[[breaking-149482]] +.[Visualizations] Removed the fields list sampling setting from Lens. (8.7) +[%collapsible] +==== +*Details* + +`lens:useFieldExistenceSampling` has been removed from *Advanced Settings*. The setting allowed you to enable document sampling to determine the fields that are displayed in *Lens*. For more information, refer to {kibana-pull}149482[#149482]. + +*Impact* + +In 8.1.0 and later, {kib} uses the field caps API, by default, to determine the fields that are displayed in *Lens*. +==== + +[discrete] +[[breaking-146990]] +.[Visualizations] Removed legacy pie chart visualization setting. (8.7) +[%collapsible] +==== +*Details* + +`visualization:visualize:legacyPieChartsLibrary` has been removed from *Advanced Settings*. The setting allowed you to create aggregation-based pie chart visualizations using the legacy charts library. For more information, refer to {kibana-pull}146990[#146990]. + +*Impact* + +In 7.14.0 and later, the new aggregation-based pie chart visualization is available by default. For more information, check link:https://www.elastic.co/guide/en/kibana/current/add-aggregation-based-visualization-panels.html[Aggregation-based]. +==== + +[discrete] +[[breaking-143081]] +.[Visualizations] Changed the `histogram:maxBars` default setting. (8.6) +[%collapsible] +==== +*Details* + +To configure higher resolution data histogram aggregations without changing the *Advanced Settings*, the default histogram:maxBars setting is now 1000 instead of 100. For more information, refer to {kibana-pull}143081[#143081]. + +*Impact* + +For each {kibana-ref}/xpack-spaces.html[space], complete the following to change *histogram:maxBars* to the previous default setting: + +. Open the main menu, then click *Stack Management > Advanced Settings*. +. Scroll or search for *histogram:maxBars*. +. Enter `100`, then click *Save changes*. +==== + +[discrete] +[[breaking-134336]] +.[Visualizations] Removed the legacy Timelion charts library. (8.4) +[%collapsible] +==== +*Details* + +The legacy implementation of the *Timelion* visualization charts library has been removed. All *Timelion* visualizations now use the elastic-charts library, which was introduced in 7.15.0. + +For more information, refer to {kibana-pull}134336[#134336]. + +*Impact* + +In 8.4.0 and later, you are unable to configure the *Timelion* legacy charts library advanced setting. For information about visualization Advanced Settings, check link:https://www.elastic.co/guide/en/kibana/8.4/advanced-options.html#kibana-visualization-settings[Visualization]. +==== + +[discrete] +[[breaking-129581]] +.[Visualizations] Removed Quandl and Graphite integrations. (8.3) +[%collapsible] +==== +*Details* + +The experimental `.quandl` and `.graphite` functions and advanced settings are removed from *Timelion*. For more information, check {kibana-pull}129581[#129581]. + +*Impact* + +When you use the `vis_type_timelion.graphiteUrls` kibana.yml setting, {kib} successfully starts, but logs a `[WARN ][config.deprecation] You no longer need to configure "vis_type_timelion.graphiteUrls".` warning. + +To leave your feedback about the removal of `.quandl` and `.graphite`, go to the link:https://discuss.elastic.co/c/elastic-stack/kibana/7[discuss forum]. +==== + +[discrete] +[[breaking-113516]] +.[Visualizations] Removed display options from legacy gauge visualizations. (8.0) +[%collapsible] +==== +*Details* + +The *Display warnings* option has been removed from the aggregation-based gauge visualization. For more information, refer to {kibana-pull}113516[#113516]. + +*Impact* + +When you create aggregation-based gauge visualizations, the *Display warnings* option is no longer available in *Options > Labels*. +==== + +[discrete] +[[breaking-112643]] +.[Visualizations] Removed settings from visEditors plugins. (8.0) +[%collapsible] +==== +*Details* + +The following deprecated visEditors plugin settings have been removed: + +* `metric_vis.enabled` +* `table_vis.enabled` +* `tagcloud.enabled` +* `metrics.enabled` +* `metrics.chartResolution` +* `chartResolution` +* `metrics.minimumBucketSize` +* `minimumBucketSize` +* `vega.enabled` +* `vega.enableExternalUrls` +* `vis_type_table.legacyVisEnabled` +* `timelion_vis.enabled` +* `timelion.enabled` +* `timelion.graphiteUrls` +* `timelion.ui.enabled` + +For more information, refer to {kibana-pull}112643[#112643]. + +*Impact* + +Before you upgrade, make the following changes in kibana.yml: + +* Replace `metric_vis.enabled` with `vis_type_metric.enabled` +* Replace `table_vis.enabled` with `vis_type_table.enabled` +* Replace `tagcloud.enabled` with `vis_type_tagcloud.enabled` +* Replace `metrics.enabled` with `vis_type_timeseries.enabled` +* Replace `metrics.chartResolution` and `chartResolution` with `vis_type_timeseries.chartResolution` +* Replace `metrics.minimumBucketSize` and `minimumBucketSize` with `vis_type_timeseries.minimumBucketSize` +* Replace `vega.enabled` with `vis_type_vega.enabled` +* Replace `vega.enableExternalUrls` with `vis_type_vega.enableExternalUrls` +* Remove `vis_type_table.legacyVisEnabled` +* Replace `timelion_vis.enabled` with `vis_type_timelion.enabled` +* Replace `timelion.enabled` with `vis_type_timelion.enabled` +* Replace `timelion.graphiteUrls` with `vis_type_timelion.graphiteUrls` +* Remove `timelion.ui.enabled` + +==== + +[discrete] +[[breaking-111704]] +.[Visualizations] Removed dimming opacity setting. (8.0) +[%collapsible] +==== +*Details* + +The *Dimming opacity* setting in *Advanced Settings* has been removed. For more information, refer to {kibana-pull}111704[#111704]. + +*Impact* + +When you upgrade to 8.0.0, you are no longer able to configure the dimming opactiy for visualizations. +==== + +[discrete] +[[breaking-110985]] +.[Visualizations] Removes Less stylesheet support in TSVB. (8.0) +[%collapsible] +==== +*Details* + +In *TSVB*, custom Less stylesheets have been removed. For more information, refer to {kibana-pull}110985[#110985]. + +*Impact* + +Existing less stylesheets are automatically converted to CSS stylesheets. +==== + +[discrete] +[[breaking-110571]] +.[Visualizations] Disabled the input string mode in TSVB. (8.0) +[%collapsible] +==== +*Details* + +In *TSVB*, the *Index pattern selection mode* option has been removed. For more information, refer to {kibana-pull}110571[#110571]. + +*Impact* + +To use index patterns and {es} indices in *TSVB* visualizations: + +. Open the main menu, then click *Stack Management > Advanced Settings*. + +. Select *Allow string indices in TSVB*. + +. Click *Save changes*. +==== + +[discrete] +[[breaking-116184]] +.[Visualizations] Removed proxyElasticMapsServiceInMaps Maps setting. (8.0) +[%collapsible] +==== +*Details* + +The `map.proxyElasticMapsServiceInMaps` setting has been removed. For more information, refer to {kibana-pull}116184[#116184]. + +*Impact* + +Install the on-prem version of the <>, which is a Docker service that resides in the Elastic Docker registry, in an accessible location on your internal network. When you complete the installation, update kibana.yml to point to the service. +==== + +[discrete] +[[breaking-109896]] +.[Visualizations] Removed `map.regionmap.*`. (8.0) +[%collapsible] +==== +*Details* + +The deprecated `map.regionmap.*` setting in kibana.yml has been removed. For more information, refer to {kibana-pull}109896[#109896]. + +*Impact* + +If you have maps that use `map.regionmap` layers: + +. Remove the `map.regionmap` layer. + +. To recreate the choropleth layer, use <> to index your static vector data into {es}. + +. Create a choropleth layer from the indexed vector data. +==== + + +[discrete] +[[breaking-108103]] +.[Visualizations] Removed dashboard-only mode. (8.0) +[%collapsible] +==== +*Details* + +The legacy dashboard-only mode has been removed. For more information, refer to {kibana-pull}108103[#108103]. + +*Impact* + +To grant users access to only dashboards, create a new role, then assign only the *Dashboard* feature privilege. For more information, refer to <>. +==== + +[discrete] +[[breaking-105979]] +.[Visualizations] Removed `xpack.maps.showMapVisualizationTypes` setting. (8.0) +[%collapsible] +==== +*Details* + +The deprecated `xpack.maps.showMapVisualizationTypes` setting in kibana.yml has been removed. For more information, refer to {kibana-pull}105979[#105979] + +*Impact* + +When you upgrade, remove `xpack.maps.showMapVisualizationTypes` from your kibana.yml file. +==== + +[float] +==== Elastic Observability solution + +[discrete] +[[kibana-132790]] +.[APM] Removed `apm_user`. (8.3) +[%collapsible] +==== +*Details* + +Removes the `apm_user` role. For more information, check {kibana-pull}132790[#132790]. + +*Impact* + +The `apm_user` role is replaced with the `viewer` and `editor` built-in roles. +==== + +[discrete] +[[breaking-172224]] +.[SLOs]New SLO architecture. (8.12) +[%collapsible] +==== +*Details* + +We introduced a breaking change in the SLO features that will break any SLOs created before 8.12. These SLOs have to be manually reset through an API until we provide a UI for it. The data aggregated over time (rollup) is still available in the SLI v2 index, but won't be used for summary calculation when reset. + +The previous summary transforms summarizing every SLOs won't be used anymore and can be stopped and deleted: + +* slo-summary-occurrences-7d-rolling +* slo-summary-occurrences-30d-rolling +* slo-summary-occurrences-90d-rolling +* slo-summary-occurrences-monthly-aligned +* slo-summary-occurrences-weekly-aligned +* slo-summary-timeslices-7d-rolling +* slo-summary-timeslices-30d-rolling +* slo-summary-timeslices-90d-rolling +* slo-summary-timeslices-monthly-aligned +* slo-summary-timeslices-weekly-aligned + +Be aware that when installing a new SLO (or after resetting an SLO), we install two transforms (one for the rollup data and one that summarize the rollup data). Do not delete the new `slo-summary-{slo_id}-{slo_revision}` transforms. For more information, refer to ({kibana-pull}172224[#172224]). +==== + +[discrete] +[[breaking-162665]] +.[SLO] Introduced new summary search capabilities that will cause SLOs created before 8.10 to stop working. (8.10) +[%collapsible] +==== +*Details* + + +* SLO find API body parameters have changed. +* The index mapping used by the rollup data has changed, and we have added a summary index that becomes the new source of truth for search. +* The rollup transforms have been updated, but existing SLO with their transforms won't be updated. + +If some SLOs have been installed in a prior version at 8.10, they won't work after migrating to 8.10. There are two approaches to handle this breaking change. The recommended route is to delete all SLOs before migrating to 8.10. The alternative is to migrate to 8.10 and manually remove the SLOs. + +*Removing SLOs before migrating to 8.10* + +Use the SLO UI or the SLO delete API to delete all existing SLOs. This takes care of the saved object, transform and rollup data. When all SLOs have been deleted, then delete the residual rollup indices: `.slo-observability.sli-v1*`. Note that this is v1. + +*Removing SLOs after migrating to 8.10* + +After migrating to 8.10, the previously created SLOs won’t appear in the UI because the API is using a new index. The previously created SLOs still exist, and associated transforms are still rolling up data into the previous index `.slo-observability.sli-v1*`. The SLO delete API can't be used now, so remove the resources resources manually: + +. Find all existing transforms +All SLO related transforms start with the `slo-` prefix, this request returns them all: ++ +[source, bash] +---- +GET _transform/slo-* +---- ++ +Make a note of all the transforms IDs for later. + +. Stop all transforms ++ +[source, bash] +---- +POST _transform/slo-*/_stop?force=true +---- + +. Remove all transforms ++ +From the list of transforms returned during the first step, now delete them one by one: ++ +[source, bash] +---- +DELETE _transform/{transform_id}?force=true +---- + +. Find the SLO saved objects ++ +This request lists all the SLO saved objects. The SLO IDs and the saved object IDs are not the same. ++ +[source, bash] +---- +GET kbn:/api/saved_objects/_find?type=slo +---- ++ +Make a note of all the saved object IDs from the response. + +. Remove the SLO saved objects ++ +For each saved object ID, run the following: ++ +[source, bash] +---- +DELETE kbn:/api/saved_objects/slo/{Saved_Object_Id} +---- + +. Delete the rollup indices v1 ++ +Note that this is v1. ++ +[source, bash] +---- +DELETE .slo-observability.sli-v1* +---- +==== + +[discrete] +[[breaking-159118]] +.[Uptime] Uptime app now hidden when no data is available. (8.9) +[%collapsible] +==== +*Details* + +The Uptime app now gets hidden from the interface when it doesn't have any data for more than a week. If you have a standalone Heartbeat pushing data to Elasticsearch, the Uptime app is considered active. You can disable this automatic behavior from the advanced settings in Kibana using the **Always show legacy Uptime app** option. +For synthetic monitoring, we now recommend to use the new Synthetics app. For more information, refer to {kibana-pull}159118[#159118] +==== + +[discrete] +[[breaking-159012]] +.[Uptime] Removed synthetics pattern from Uptime settings. (8.9) +[%collapsible] +==== +*Details* + +Data from browser monitors and monitors of all types created within the Synthetics App or via the Elastic Synthetics Fleet Integration will no longer appear in Uptime. For more information, refer to {kibana-pull}159012[#159012] +==== + + + +[float] +==== Elastic Search solution + +[discrete] +[[breaking-106307]] +.Required security plugin. (8.0) +[%collapsible] +==== +*Details* + +Enterprise Search now requires that you enable X-Pack Security. For more information, refer to {kibana-pull}106307[#106307] + +*Impact* + +Enable X-Pack Security. +==== + + +[float] +==== Elastic Security solution + +NOTE: For the complete Elastic Security solution release information, refer to {security-guide}/release-notes.html[_Elastic Security Solution Release Notes_]. + +[discrete] +[[breaking-161806]] +.[Elastic Defend] Converted filterQuery to KQL.(8.11) +[%collapsible] +==== +*Details* + +Converts `filterQuery` to a KQL query string. For more information, refer to ({kibana-pull}161806[#161806]). +==== + + + +[float] +=== Deprecation notices + +The following functionality is deprecated and will be removed at a future date. Deprecated functionality +does not have an immediate impact on your application, but we strongly recommend you make the necessary +updates to avoid use of deprecated features. + +Use the **Kibana Upgrade Assistant** to prepare for your upgrade to the next version of the Elastic Stack. +The assistant identifies deprecated settings in your configuration and guides you through the process of +resolving issues if any deprecated features are enabled. +To access the assistant, go to **Stack Management** > **Upgrade Assistant**. + + +[float] +==== Kibana APIs + +[discrete] +[[kibana-152236]] +.Deprecated Agent reassign API PUT endpoint. (8.8) +[%collapsible] +==== +*Details* + +The PUT endpoint for the agent reassign API is deprecated. For more information, refer to {kibana-pull}152236[#152236]. + +*Impact* + +Use the POST endpoint for the agent reassign API. +==== + +[discrete] +[[kibana-151564]] +.Deprecated `total` in `/agent_status` Fleet API. (8.8) +[%collapsible] +==== +*Details* + +The `total` field in `/agent_status` Fleet API responses is deprecated. For more information, refer to {kibana-pull}151564[#151564]. + +*Impact* + +The `/agent_status` Fleet API now returns the following statuses: + +* `all` — All active and inactive +* `active` — All active +==== + +[discrete] +[[deprecation-119494]] +.Updates Fleet API to improve consistency. (8.0) +[%collapsible] +==== +*Details* + +The Fleet API has been updated to improve consistency: + +* Hyphens are changed to underscores in some names. +* The `pkgkey` path parameter in the packages endpoint is split. +* The `response` and `list` properties are renamed to `items` or `item` in some +responses. + +For more information, refer to {kibana-pull}119494[#119494]. + +*Impact* + +When you upgrade to 8.0.0, use the following API changes: + +* Use `enrollment_api_keys` instead of `enrollment-api-keys`. + +* Use `agent_status` instead of `agent-status`. + +* Use `service_tokens` instead of `service-tokens`. + +* Use `/epm/packages/{packageName}/{version}` instead of `/epm/packages/{pkgkey}`. + +* Use `items[]` instead of `response[]` in: ++ +[source,text] +-- +/api/fleet/enrollment_api_keys +/api/fleet/agents +/epm/packages/ +/epm/categories +/epm/packages/_bulk +/epm/packages/limited +/epm/packages/{packageName}/{version} <1> +-- +<1> Use `items[]` when the verb is `POST` or `DELETE`. Use `item` when the verb +is `GET` or `PUT`. + +For more information, refer to {fleet-guide}/fleet-api-docs.html[Fleet APIs]. + +==== + +[float] +==== Kibana platform + +// Alerting + +[discrete] +[[kibana-161136]] +.[Alerting] Action variables in the UI and in tests that were no longer used have been replaced. (8.10) +[%collapsible] +==== +*Details* + +The following rule action variables have been deprecated. Use the recommended variables (in parentheses) instead: + +* alertActionGroup (alert.actionGroup) +* alertActionGroupName (alert.actionGroupName) +* alertActionSubgroup (alert.actionSubgroup) +* alertId (rule.id) +* alertInstanceId (alert.id) +* alertName (rule.name) +* params (rule.params) +* spaceId (rule.spaceId) +* tags (rule.tags) + +For more information, refer to ({kibana-pull}161136[#161136]). +==== + +// General settings + +[discrete] +[[kibana-154275]] +.[General settings] Deprecated ephemeral Task Manager settings (8.8) +[%collapsible] +==== +*Details* + +The following Task Manager settings are deprecated: + +* `xpack.task_manager.ephemeral_tasks.enabled` +* `xpack.task_manager.ephemeral_tasks.request_capacity` +* `xpack.alerting.maxEphemeralActionsPerAlert` + +For more information, refer to {kibana-pull}154275[#154275]. + +*Impact* + +To improve task execution resiliency, remove the deprecated settings from the `kibana.yml` file. For detailed information, check link:https://www.elastic.co/guide/en/kibana/current/task-manager-settings-kb.html[Task Manager settings in {kib}]. +==== + +[discrete] +[[kibana-122075]] +.[General settings] Deprecated `xpack.data_enhanced.*` setting. (8.3) +[%collapsible] +==== +*Details* + +In kibana.yml, the `xpack.data_enhanced.*` setting is deprecated. For more information, check {kibana-pull}122075[#122075]. + +*Impact* + +Use the `data.*` configuration parameters instead. +==== + +[discrete] +[[deprecation-33603]] +.[General settings] Removed `xpack:defaultAdminEmail` setting. (8.0) +[%collapsible] +==== +*Details* + +The `xpack:default_admin_email` setting for monitoring use has been removed. For more information, refer to {kibana-pull}33603[#33603] + +*Impact* + +Use the `xpack.monitoring.clusterAlertsEmail` in kibana.yml. +==== + +// Security + +[discrete] +[[kibana-136422]] +.[Security] Deprecated ApiKey authentication for interactive users. (8.4) +[%collapsible] +==== +*Details* + +The ability to authenticate interactive users with ApiKey via a web browser has been deprecated, and will be removed in a future version. + +For more information, refer to {kibana-pull}136422[#136422]. + +*Impact* + +To authenticate interactive users via a web browser, use <>. Use API keys only for programmatic access to {kib} and {es}. +==== + +[discrete] +[[kibana-131636]] +.[Security] Deprecated anonymous authentication credentials. (8.3) +[%collapsible] +==== +*Details* + +The apiKey, including key and ID/key pair, and `elasticsearch_anonymous_user` credential types for anonymous authentication providers are deprecated. For more information, check {kibana-pull}131636[#131636]. + +*Impact* + +If you have anonymous authentication provider configured with apiKey or `elasticsearch_anonymous_user` credential types, a deprecation warning appears, even when the provider is not enabled. +==== + +[discrete] +[[kibana-131166]] +.[Security] Deprecated v1 and v2 security_linux and security_windows jobs. (8.3) +[%collapsible] +==== +*Details* + +The v1 and v2 job configurations for security_linux and security_windows are deprecated. For more information, check {kibana-pull}131166[#131166]. + +*Impact* + +The following security_linux and security_windows job configurations are updated to v3: + +* security_linux: + +** v3_linux_anomalous_network_activity +** v3_linux_anomalous_network_port_activity_ecs +** v3_linux_anomalous_process_all_hosts_ecs +** v3_linux_anomalous_user_name_ecs +** v3_linux_network_configuration_discovery +** v3_linux_network_connection_discovery +** v3_linux_rare_metadata_process +** v3_linux_rare_metadata_user +** v3_linux_rare_sudo_user +** v3_linux_rare_user_compiler +** v3_linux_system_information_discovery +** v3_linux_system_process_discovery +** v3_linux_system_user_discovery +** v3_rare_process_by_host_linux_ecs + +* security_windows: + +** v3_rare_process_by_host_windows_ecs +** v3_windows_anomalous_network_activity_ecs +** v3_windows_anomalous_path_activity_ecs +** v3_windows_anomalous_process_all_hosts_ecs +** v3_windows_anomalous_process_creation +** v3_windows_anomalous_script +** v3_windows_anomalous_service +** v3_windows_anomalous_user_name_ecs +** v3_windows_rare_metadata_process +** v3_windows_rare_metadata_user +** v3_windows_rare_user_runas_event +** v3_windows_rare_user_type10_remote_login +==== + + +// Sharing & Reporting + +[discrete] +[[kibana-178159]] +.[Sharing & Reporting] Downloading a CSV file from a saved search panel in a dashboard has become deprecated in favor of generating a CSV report. (8.14) +[%collapsible] +==== +*Details* + +The mechanism of exporting CSV data from a saved search panel in a dashboard has been changed to generate a CSV report, rather than allowing the CSV data to be downloaded +without creating a report. To preserve the original behavior, it is necessary to update `kibana.yml` with the setting of `xpack.reporting.csv.enablePanelActionDownload: +true`. The scope of this breaking change is limited to downloading CSV files from saved search panels only; downloading CSV files from other types of dashboard panels is +unchanged. For more information, refer to {kibana-pull}178159[#178159]. +==== + + + +// Visualizations + +[discrete] +[[kibana-156455]] +.[Visualizations] The ability to create legacy input controls was hidden. (8.9) +[%collapsible] +==== +*Details* + +The option to create legacy input controls when creating a new visualization is hidden. For more information, refer to {kibana-pull}156455[#156455] +==== + +[discrete] +[[kibana-155503]] +.[Visualizations] Removed legacy field stats. (8.9) +[%collapsible] +==== +*Details* + +Legacy felid stats that were previously shown within a popover have been removed. For more information, refer to {kibana-pull}155503[#155503] +==== + +[discrete] +.[Visualizations] Deprecated input control panels in dashboards. (8.3) +[%collapsible] +==== +*Details* + +The input control panels, which allow you to add interactive filters to dashboards, are deprecated. For more information, check {kibana-pull}132562[#132562]. + +*Impact* + +To add interactive filters to your dashboards, use the link:https://www.elastic.co/guide/en/kibana/8.3/add-controls.html[new controls]. +==== + +[discrete] +[[kibana-130336]] +.[Visualizations] Deprecated the `Auto` default legend size in Lens. (8.3) +[%collapsible] +==== +*Details* + +In the *Lens* visualization editor, the *Auto* default for *Legend width* has been deprecated. For more information, check {kibana-pull}130336[#130336]. + +*Impact* + +When you create *Lens* visualization, the default for the *Legend width* is now *Medium*. +==== + +[float] +==== Elastic Observability solution + + +[discrete] +[[deprecation-120689]] +.[APM] Renamed the `autocreate` data view APM setting. (8.0) +[%collapsible] +==== +*Details* + +The `xpack.apm.autocreateApmIndexPattern` APM setting has been removed. For more information, refer to {kibana-pull}120689[#120689]. + +*Impact* + +To automatically create data views in APM, use `xpack.apm.autoCreateApmDataView`. +==== + +[discrete] +[[kibana-uptime-deprecation]] +.[Uptime] Uptime is deprecated in 8.15.0. (8.15) +[%collapsible] +==== +*Details* + +The Uptime app is already hidden from Kibana when there is no recent Heartbeat data. Migrate to Synthetics as an alternative. For more details, refer to the {observability-guide}/uptime-intro.html[Uptime documentation]. +==== + +[discrete] +[[kibana-154010]] +.[Uptime] Deprecated Synthetics and Uptime monitor schedules (8.8) +[%collapsible] +==== +*Details* + +Synthetics and Uptime monitor schedules and zip URL fields are deprecated. For more information, refer to {kibana-pull}154010[#154010] and {kibana-pull}154952[#154952]. + +*Impact* + +When you create monitors in Uptime Monitor Management and the Synthetics app, unsupported schedules are automatically transferred to the nearest supported schedule. To use zip URLs, use project monitors. +==== + +[discrete] +[[kibana-149506]] +.[Uptime] Deprecated Elastic Synthetics integration. (8.8) +[%collapsible] +==== +*Details* + +The Elastic Synthetics integration is deprecated. For more information, refer to {kibana-pull}149506[#149506]. + +*Impact* + +To monitor endpoints, pages, and user journeys, go to **{observability}** -> **Synthetics (beta)**. +==== + +[float] +==== Elastic Security solution + +NOTE: For the complete Elastic Security solution release information, refer to {security-guide}/release-notes.html[_Elastic Security Solution Release Notes_]. + + + + diff --git a/docs/user/dashboard/images/lens_layerVisualizationTypeMenu_7.16.png b/docs/user/dashboard/images/lens_layerVisualizationTypeMenu_7.16.png deleted file mode 100644 index 6ee73e9a67662..0000000000000 Binary files a/docs/user/dashboard/images/lens_layerVisualizationTypeMenu_7.16.png and /dev/null differ diff --git a/docs/user/dashboard/images/tutorial-top-values-of-field-8.16.0.png b/docs/user/dashboard/images/tutorial-top-values-of-field-8.16.0.png new file mode 100644 index 0000000000000..de7b40554d736 Binary files /dev/null and b/docs/user/dashboard/images/tutorial-top-values-of-field-8.16.0.png differ diff --git a/docs/user/dashboard/images/view-details-dashboards-8.16.0.png b/docs/user/dashboard/images/view-details-dashboards-8.16.0.png new file mode 100644 index 0000000000000..2c1494d5e5ad6 Binary files /dev/null and b/docs/user/dashboard/images/view-details-dashboards-8.16.0.png differ diff --git a/docs/user/dashboard/lens-advanced.asciidoc b/docs/user/dashboard/lens-advanced.asciidoc index 2d57ee2741b3f..88dbe958b146a 100644 --- a/docs/user/dashboard/lens-advanced.asciidoc +++ b/docs/user/dashboard/lens-advanced.asciidoc @@ -6,7 +6,7 @@ In this tutorial, you'll use the ecommerce sample data to analyze sales trends, When you're done, you'll have a complete overview of the sample web logs data. [role="screenshot"] -image::images/lens_timeSeriesDataTutorialDashboard_8.3.png[Final dashboard with ecommerce sample data] +image::images/lens_timeSeriesDataTutorialDashboard_8.3.png[Final dashboard with eCommerce sample data] Before you begin, you should be familiar with the <>. @@ -14,17 +14,17 @@ Before you begin, you should be familiar with the <>. [[add-the-data-and-create-the-dashboard-advanced]] === Add the data and create the dashboard -Add the sample ecommerce data, and create and set up the dashboard. +Add the sample eCommerce data, and create and set up the dashboard. . On the home page, click *Try sample data*. -. Click *Other sample data sets*. +. Expand *Other sample data sets*. . On the *Sample eCommerce orders* card, click *Add data*. Create the dashboard where you'll display the visualization panels. -. Open the main menu, then click *Dashboard*. +. Open the main menu, then click *Dashboards*. . On the *Dashboards* page, click *Create dashboard*. @@ -42,7 +42,7 @@ Open the visualization editor, then make sure the correct fields appear. [[custom-time-interval]] === Create visualizations with custom time intervals -When you create visualizations with time series data, you can use the default time interval, or increase and decrease the interval. For performance reasons, the visualization editor allows you to choose the minimum time interval, but not the exact time interval. The interval limit is controlled by the <> setting and <>. +When you create visualizations with time series data, you can use the default time interval or increase and decrease the interval. For performance reasons, the visualization editor allows you to choose the minimum time interval, but not the exact time interval. The interval limit is controlled by the <> setting and <>. To analyze the data with a custom time interval, create a bar chart that shows you how many orders were made at your store every hour: @@ -55,13 +55,13 @@ The visualization editor creates a bar chart. [role="screenshot"] image::images/lens_clickAndDragZoom_7.16.gif[Cursor clicking and dragging across the bars to zoom in on the data] -. In the layer pane, click *Count of Records*. +. In the layer pane, click *Count of records*. .. Click *Advanced*. .. From the *Normalize by unit* dropdown, select *per hour*, then click *Close*. + -*Normalize by unit* converts `Count of Records` into `Count of records per hour` by dividing by 24. +*Normalize by unit* converts `Count of records` into `Count of records per hour` by dividing by 24. .. In the *Name* field, enter `Number of orders`. @@ -87,7 +87,7 @@ To identify the 75th percentile of orders, add a reference line: .. To display the name, select *Name* from *Text decoration*. -.. From the *Icon* dropdown, select *Tag*. +.. From the *Icon decoration* dropdown, select *Tag*. .. In the *Color* field, enter `#E7664C`. @@ -120,12 +120,12 @@ Create the 95th price distribution percentile: . In the *Name* field, enter `95th`, then click *Close*. -To copy a function, you drag it to the *Drop a field or click to add* field within the same group. To create the 90th percentile, duplicate the `95th` percentile: +To copy a function, you drag it to the *Add or drag-and-drop a field* area within the same group. To create the 90th percentile, duplicate the `95th` percentile: . Drag the *95th* field to *Add or drag-and-drop a field* for *Vertical axis*. + [role="screenshot"] -image::images/lens_advanced_2_2.gif[Easily duplicate the items with drag and drop] +image::https://images.contentstack.io/v3/assets/bltefdd0b53724fa2ce/blt8fb6969daa820faf/6700642c363a96bb08f48bee/drag-and-drop-a-field-8.16.0.gif[Easily duplicate the items with drag and drop] . Click *95th [1]*, then enter `90` in the *Percentile* field. @@ -162,7 +162,7 @@ To analyze multiple visualization types, create an area chart that displays the Add a layer to display the customer traffic: -. In the layer pane, click *Add layer > Visualization*. +. In the layer pane, click *Add layer > Visualization > Line*. . From the *Available fields* list, drag *customer_id* to the *Vertical Axis* field in the second layer. @@ -178,11 +178,6 @@ image::images/lens_advancedTutorial_numberOfCustomers_8.5.0.png[Number of custom . From the *Available fields* list, drag *order_date* to the *Horizontal Axis* field in the second layer. -. In the second layer, open the *Layer visualization type* menu, then click *Line*. -+ -[role="screenshot"] -image::images/lens_layerVisualizationTypeMenu_7.16.png[Layer visualization type menu] - . To change the position of the legend, open the *Legend* menu, then select the *Alignment* arrow that points up. + [role="screenshot"] @@ -251,7 +246,7 @@ Configure the cumulative sum of store orders: . From the *Available fields* list, drag *Records* to the workspace. -. In the layer pane, click *Count of Records*. +. In the layer pane, click *Count of records*. . Click the *Cumulative sum* function. @@ -271,6 +266,8 @@ Filter the results to display the data for only Saturday and Sunday: + The <> displays all documents where `day_of_week` matches `Saturday` or `Sunday`. +. Click *Close*. + . Open the *Legend* menu, then click *Hide* next to *Display*. + [role="screenshot"] @@ -282,7 +279,7 @@ image::images/lens_areaChartCumulativeNumberOfSalesOnWeekend_7.16.png[Area chart [[compare-time-ranges]] === Compare time ranges -With *Time shift*, you can compare the data from different time ranges. To make sure the data correctly displays, choose a multiple of the date histogram interval when you use multiple time shifts. For example, you are unable to use a *36h* time shift for one series, and a *1d* time shift for the second series if the interval is *days*. +With *Time shift*, you can compare the data from different time ranges. To make sure the data displays correctly, choose a multiple of the date histogram interval when you use multiple time shifts. For example, you are unable to use a *36h* time shift for one series, and a *1d* time shift for the second series if the interval is *days*. To compare two time ranges, create a line chart that compares the sales in the current week with sales from the previous week: @@ -292,11 +289,11 @@ To compare two time ranges, create a line chart that compares the sales in the c . From the *Available fields* list, drag *Records* to the workspace. -. To duplicate *Count of Records*, drag *Count of Records* to *Add or drag-and-drop a field* for *Vertical axis* in the layer pane. +. To duplicate *Count of records*, drag *Count of records* to *Add or drag-and-drop a field* for *Vertical axis* in the layer pane. -To create a week-over-week comparison, shift *Count of Records [1]* by one week: +To create a week-over-week comparison, shift *Count of records [1]* by one week: -. In the layer pane, click *Count of Records [1]*. +. In the layer pane, click *Count of records [1]*. . Click *Advanced*, select *1 week ago* from the *Time shift* dropdown, then click *Close*. + @@ -322,9 +319,9 @@ To compare time range changes as a percent, create a bar chart that compares the . From the *Available fields* list, drag *Records* to the workspace. -. In the layer pane, click *Count of Records*. +. In the layer pane, click *Count of records*. -. Click *Formula*, then enter `count() / count(shift='1w') - 1`. +. Click *Formula*, then enter `count() / count(shift='1w') - 1` in the *Formula* field. . In the *Name* field, enter `Percent of change`. @@ -375,15 +372,15 @@ image::images/lens_table_over_time.png[Date histogram table with groups for the [discrete] === Save the dashboard -Now that you have a complete overview of your ecommerce sales data, save the dashboard. +Now that you have a complete overview of your eCommerce sales data, save the dashboard. . In the toolbar, click *Save*. -. On the *Save dashboard* window, enter `Ecommerce sales`, then click *Save*. +. On the *Save dashboard* window, enter `eCommerce sales`. . Select *Store time with dashboard*. . Click *Save*. [role="screenshot"] -image::images/lens_timeSeriesDataTutorialDashboard_8.3.png[Final dashboard with ecommerce sample data] +image::images/lens_timeSeriesDataTutorialDashboard_8.3.png[Final dashboard with eCommerce sample data] diff --git a/docs/user/dashboard/share-dashboards.asciidoc b/docs/user/dashboard/share-dashboards.asciidoc index 60b802821eef8..4e8f1839ae9b2 100644 --- a/docs/user/dashboard/share-dashboards.asciidoc +++ b/docs/user/dashboard/share-dashboards.asciidoc @@ -4,7 +4,9 @@ [[share-the-dashboard]] == Share dashboards -To share the dashboard with a larger audience, click *Share* in the toolbar. For detailed information about the sharing options, refer to <>. +To share a dashboard with a larger audience, click *Share* in the toolbar. For detailed information about the sharing options, refer to <>. + +image::https://images.contentstack.io/v3/assets/bltefdd0b53724fa2ce/blt49f2b5a80ec89a34/66b9e919af508f4ac182c194/share-dashboard.gif[getting a shareable link for a dashboard] TIP: When sharing a dashboard with a link while a panel is in maximized view, the generated link will also open the dashboard on the same maximized panel view. diff --git a/docs/user/dashboard/tutorial-create-a-dashboard-of-lens-panels.asciidoc b/docs/user/dashboard/tutorial-create-a-dashboard-of-lens-panels.asciidoc index 7ad4b5848f4e0..eef89b6448e7a 100644 --- a/docs/user/dashboard/tutorial-create-a-dashboard-of-lens-panels.asciidoc +++ b/docs/user/dashboard/tutorial-create-a-dashboard-of-lens-panels.asciidoc @@ -20,13 +20,13 @@ Add the sample web logs data, and create and set up the dashboard. . On the home page, click *Try sample data*. -. Click *Other sample data sets*. +. Expand *Other sample data sets*. . On the *Sample web logs* card, click *Add data*. Create the dashboard where you'll display the visualization panels. -. Open the main menu, then click *Dashboard*. +. Open the main menu, then click *Dashboards*. . Click *Create dashboard*. @@ -57,7 +57,10 @@ To create the visualizations in this tutorial, you'll use the following fields: * *referer.keyword* -To see the most frequent values in a field, hover over the field name, then click *i*. +Click a field name to view more details, such as its top values and distribution. + +[role="screenshot"] +image::https://images.contentstack.io/v3/assets/bltefdd0b53724fa2ce/bltff29bc11413cc5d8/66fdc386762d3a15135abec4/tutorial-field-top-values-distribution.gif[Clicking a field name to view more details] [discrete] [[view-the-number-of-website-visitors]] @@ -141,9 +144,9 @@ image::images/lens_lineChartMetricOverTimeBottomAxis_8.7.png[Bottom axis menu] Since you removed the axis labels, add a panel title: -. Open the panel menu, then select *Panel settings*. +. Open the panel menu, then select *Settings*. -. In the *Title* field, enter `Median of bytes`, then click *Save*. +. In the *Title* field, enter `Median of bytes`, then click *Apply*. + [role="screenshot"] image::images/lens_lineChartMetricOverTime_8.4.0.png[Line chart that displays metric data over time] @@ -167,7 +170,7 @@ The visualization editor automatically applies the *Unique count* function. If y . Drag *request.keyword* to the workspace. + [role="screenshot"] -image::images/lens_end_to_end_2_1_1.png[Vertical bar chart with top values of request.keyword by most unique visitors] +image::images/tutorial-top-values-of-field-8.16.0.png[Vertical bar chart with top values of request.keyword by most unique visitors] + When you drag a text or IP address field to the workspace, the editor adds the *Top values* function ranked by *Count of records* to show the most frequent values. @@ -208,7 +211,7 @@ Create a proportional visualization that helps you determine if your users trans . Click the *Sum* quick function, then click *Close*. -. From the *Available fields* list, drag *bytes* to the *Break down by* field in the layer pane. +. From the *Available fields* list, drag *bytes* to the *Breakdown* field in the layer pane. To select documents based on the number range of a field, use the *Intervals* function. When the ranges are non numeric, or the query requires multiple clauses, you could use the *Filters* function. @@ -245,9 +248,9 @@ image::images/lens_pieChartCompareSubsetOfDocs_7.16.png[Pie chart that compares Add a panel title: -. Open the panel menu, then select *Panel settings*. +. Open the panel menu, then select *Settings*. -. In the *Title* field, enter `Sum of bytes from large requests`, then click *Save*. +. In the *Title* field, enter `Sum of bytes from large requests`, then click *Apply*. [discrete] [[histogram]] @@ -278,9 +281,9 @@ image::images/lens_barChartDistributionOfNumberField_7.16.png[Bar chart that dis Add a panel title: -. Open the panel menu, then select *Panel settings*. +. Open the panel menu, then select *Settings*. -. In the *Title* field, enter `Website traffic`, then click *Save*. +. In the *Title* field, enter `Website traffic`, then click *Apply*. [discrete] [[treemap]] @@ -342,9 +345,9 @@ image::images/lens_treemapMultiLevelChart_7.16.png[Treemap visualization] Add a panel title: -. Open the panel menu, then select *Panel settings*. +. Open the panel menu, then select *Settings*. -. In the *Title* field, enter `Page views by location and referrer`, then click *Save*. +. In the *Title* field, enter `Page views by location and referrer`, then click *Apply*. [float] [[arrange-the-lens-panels]] diff --git a/docs/user/dashboard/view-dashboard-usage.asciidoc b/docs/user/dashboard/view-dashboard-usage.asciidoc index 0bb35fe0ba4de..5ac7e72c3e246 100644 --- a/docs/user/dashboard/view-dashboard-usage.asciidoc +++ b/docs/user/dashboard/view-dashboard-usage.asciidoc @@ -1,7 +1,9 @@ = View dashboard usage -You can check how much a dashboard is being used from its details, with a graph showing the total number of views during the last 90 days. +You can check how much a dashboard is being used by clicking its *View details* icon in your list of dashboards. -You can access a dashboard details by clicking its associated information icon from your list of dashboards. +image:images/view-details-dashboards-8.16.0.png[View details icon in the list of dashboards, width=105%] + +These details include a graph showing the total number of views during the last 90 days. image:images/dashboard-usage-count.png[Graph showing the number of views during the last 90 days] \ No newline at end of file diff --git a/oas_docs/bundle.json b/oas_docs/bundle.json index 7c27f050640ec..4597c6a6043c0 100644 --- a/oas_docs/bundle.json +++ b/oas_docs/bundle.json @@ -6263,6 +6263,34414 @@ ] } }, + "/api/fleet/agent-status": { + "get": { + "deprecated": true, + "operationId": "%2Fapi%2Ffleet%2Fagent-status#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "policyId", + "required": false, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "policyIds", + "required": false, + "schema": { + "anyOf": [ + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "type": "string" + } + ] + } + }, + { + "in": "query", + "name": "kuery", + "required": false, + "schema": { + "deprecated": true, + "type": "string" + } + } + ], + "responses": {}, + "summary": "", + "tags": [] + } + }, + "/api/fleet/agent_download_sources": { + "get": { + "description": "List agent binary download sources", + "operationId": "%2Fapi%2Ffleet%2Fagent_download_sources#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "additionalProperties": false, + "properties": { + "host": { + "format": "uri", + "type": "string" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_id": { + "description": "The ID of the proxy to use for this download source. See the proxies API for more information.", + "nullable": true, + "type": "string" + } + }, + "required": [ + "id", + "name", + "host" + ], + "type": "object" + }, + "type": "array" + }, + "page": { + "type": "number" + }, + "perPage": { + "type": "number" + }, + "total": { + "type": "number" + } + }, + "required": [ + "items", + "total", + "page", + "perPage" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent binary download sources" + ] + }, + "post": { + "description": "Create agent binary download source", + "operationId": "%2Fapi%2Ffleet%2Fagent_download_sources#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "host": { + "format": "uri", + "type": "string" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_id": { + "description": "The ID of the proxy to use for this download source. See the proxies API for more information.", + "nullable": true, + "type": "string" + } + }, + "required": [ + "name", + "host" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "host": { + "format": "uri", + "type": "string" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_id": { + "description": "The ID of the proxy to use for this download source. See the proxies API for more information.", + "nullable": true, + "type": "string" + } + }, + "required": [ + "id", + "name", + "host" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent binary download sources" + ] + } + }, + "/api/fleet/agent_download_sources/{sourceId}": { + "delete": { + "description": "Delete agent binary download source by ID", + "operationId": "%2Fapi%2Ffleet%2Fagent_download_sources%2F%7BsourceId%7D#2", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "sourceId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent binary download sources" + ] + }, + "get": { + "description": "Get agent binary download source by ID", + "operationId": "%2Fapi%2Ffleet%2Fagent_download_sources%2F%7BsourceId%7D#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "path", + "name": "sourceId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "host": { + "format": "uri", + "type": "string" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_id": { + "description": "The ID of the proxy to use for this download source. See the proxies API for more information.", + "nullable": true, + "type": "string" + } + }, + "required": [ + "id", + "name", + "host" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent binary download sources" + ] + }, + "put": { + "description": "Update agent binary download source by ID", + "operationId": "%2Fapi%2Ffleet%2Fagent_download_sources%2F%7BsourceId%7D#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "sourceId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "host": { + "format": "uri", + "type": "string" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_id": { + "description": "The ID of the proxy to use for this download source. See the proxies API for more information.", + "nullable": true, + "type": "string" + } + }, + "required": [ + "name", + "host" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "host": { + "format": "uri", + "type": "string" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_id": { + "description": "The ID of the proxy to use for this download source. See the proxies API for more information.", + "nullable": true, + "type": "string" + } + }, + "required": [ + "id", + "name", + "host" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent binary download sources" + ] + } + }, + "/api/fleet/agent_policies": { + "get": { + "description": "List agent policies", + "operationId": "%2Fapi%2Ffleet%2Fagent_policies#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "page", + "required": false, + "schema": { + "type": "number" + } + }, + { + "in": "query", + "name": "perPage", + "required": false, + "schema": { + "type": "number" + } + }, + { + "in": "query", + "name": "sortField", + "required": false, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "sortOrder", + "required": false, + "schema": { + "enum": [ + "desc", + "asc" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "showUpgradeable", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "kuery", + "required": false, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "noAgentCount", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "full", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "format", + "required": false, + "schema": { + "enum": [ + "simplified", + "legacy" + ], + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "additionalProperties": false, + "properties": { + "advanced_settings": { + "additionalProperties": false, + "properties": { + "agent_download_target_directory": { + "nullable": true + }, + "agent_download_timeout": { + "default": "2h", + "nullable": true + }, + "agent_limits_go_max_procs": { + "nullable": true + }, + "agent_logging_level": { + "default": "info", + "nullable": true + }, + "agent_logging_metrics_period": { + "default": "30s", + "nullable": true + } + }, + "type": "object" + }, + "agent_features": { + "items": { + "additionalProperties": false, + "properties": { + "enabled": { + "type": "boolean" + }, + "name": { + "type": "string" + } + }, + "required": [ + "name", + "enabled" + ], + "type": "object" + }, + "type": "array" + }, + "agents": { + "type": "number" + }, + "data_output_id": { + "nullable": true, + "type": "string" + }, + "description": { + "type": "string" + }, + "download_source_id": { + "nullable": true, + "type": "string" + }, + "fleet_server_host_id": { + "nullable": true, + "type": "string" + }, + "global_data_tags": { + "description": "User defined data tags that are added to all of the inputs. The values can be strings or numbers.", + "items": { + "additionalProperties": false, + "properties": { + "name": { + "type": "string" + }, + "value": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "number" + } + ] + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "has_fleet_server": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inactivity_timeout": { + "default": 1209600, + "minimum": 0, + "type": "number" + }, + "is_default": { + "type": "boolean" + }, + "is_default_fleet_server": { + "type": "boolean" + }, + "is_managed": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "is_protected": { + "description": "Indicates whether the agent policy has tamper protection enabled. Default false.", + "type": "boolean" + }, + "keep_monitoring_alive": { + "default": false, + "description": "When set to true, monitoring will be enabled but logs/metrics collection will be disabled", + "nullable": true, + "type": "boolean" + }, + "monitoring_diagnostics": { + "additionalProperties": false, + "properties": { + "limit": { + "additionalProperties": false, + "properties": { + "burst": { + "type": "number" + }, + "interval": { + "type": "string" + } + }, + "type": "object" + }, + "uploader": { + "additionalProperties": false, + "properties": { + "init_dur": { + "type": "string" + }, + "max_dur": { + "type": "string" + }, + "max_retries": { + "type": "number" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "monitoring_enabled": { + "items": { + "enum": [ + "logs", + "metrics", + "traces" + ], + "type": "string" + }, + "type": "array" + }, + "monitoring_http": { + "additionalProperties": false, + "properties": { + "buffer": { + "additionalProperties": false, + "properties": { + "enabled": { + "default": false, + "type": "boolean" + } + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "host": { + "type": "string" + }, + "port": { + "maximum": 65353, + "minimum": 0, + "type": "number" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "monitoring_output_id": { + "nullable": true, + "type": "string" + }, + "monitoring_pprof_enabled": { + "type": "boolean" + }, + "name": { + "minLength": 1, + "type": "string" + }, + "namespace": { + "minLength": 1, + "type": "string" + }, + "overrides": { + "additionalProperties": {}, + "description": "Override settings that are defined in the agent policy. Input settings cannot be overridden. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "type": "object" + }, + "package_policies": { + "anyOf": [ + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "description": "This field is present only when retrieving a single agent policy, or when retrieving a list of agent policies with the ?full=true parameter", + "items": { + "additionalProperties": false, + "properties": { + "created_at": { + "type": "string" + }, + "created_by": { + "type": "string" + }, + "description": { + "description": "Package policy description", + "type": "string" + }, + "elasticsearch": { + "additionalProperties": true, + "properties": { + "privileges": { + "additionalProperties": true, + "properties": { + "cluster": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inputs": { + "items": { + "additionalProperties": false, + "properties": { + "compiled_input": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "policy_template": { + "type": "string" + }, + "streams": { + "items": { + "additionalProperties": false, + "properties": { + "compiled_stream": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "data_stream": { + "additionalProperties": false, + "properties": { + "dataset": { + "type": "string" + }, + "elasticsearch": { + "additionalProperties": false, + "properties": { + "dynamic_dataset": { + "type": "boolean" + }, + "dynamic_namespace": { + "type": "boolean" + }, + "privileges": { + "additionalProperties": false, + "properties": { + "indices": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": { + "type": "string" + } + }, + "required": [ + "dataset", + "type" + ], + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "release": { + "enum": [ + "ga", + "beta", + "experimental" + ], + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "enabled", + "data_stream", + "compiled_stream" + ], + "type": "object" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "type", + "enabled", + "streams", + "compiled_input" + ], + "type": "object" + }, + "type": "array" + }, + "is_managed": { + "type": "boolean" + }, + "name": { + "description": "Package policy name (should be unique)", + "type": "string" + }, + "namespace": { + "description": "The package policy namespace. Leave blank to inherit the agent policy's namespace.", + "type": "string" + }, + "output_id": { + "nullable": true, + "type": "string" + }, + "overrides": { + "additionalProperties": false, + "description": "Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "properties": { + "inputs": { + "additionalProperties": {}, + "type": "object" + } + }, + "type": "object" + }, + "package": { + "additionalProperties": false, + "properties": { + "experimental_data_stream_features": { + "items": { + "additionalProperties": false, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": false, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Package name", + "type": "string" + }, + "requires_root": { + "type": "boolean" + }, + "title": { + "type": "string" + }, + "version": { + "description": "Package version", + "type": "string" + } + }, + "required": [ + "name", + "version" + ], + "type": "object" + }, + "policy_id": { + "deprecated": true, + "description": "Agent policy ID where that package policy will be added", + "nullable": true, + "type": "string" + }, + "policy_ids": { + "items": { + "description": "Agent policy IDs where that package policy will be added", + "type": "string" + }, + "type": "array" + }, + "revision": { + "type": "number" + }, + "secret_references": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + "type": "array" + }, + "updated_at": { + "type": "string" + }, + "updated_by": { + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "enabled", + "inputs", + "id", + "revision", + "updated_at", + "updated_by", + "created_at", + "created_by" + ], + "type": "object" + }, + "type": "array" + } + ] + }, + "revision": { + "type": "number" + }, + "schema_version": { + "type": "string" + }, + "space_ids": { + "items": { + "type": "string" + }, + "type": "array" + }, + "status": { + "enum": [ + "active", + "inactive" + ], + "type": "string" + }, + "supports_agentless": { + "default": false, + "description": "Indicates whether the agent policy supports agentless integrations.", + "nullable": true, + "type": "boolean" + }, + "unenroll_timeout": { + "minimum": 0, + "type": "number" + }, + "unprivileged_agents": { + "type": "number" + }, + "updated_at": { + "type": "string" + }, + "updated_by": { + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "name", + "namespace", + "is_managed", + "is_protected", + "status", + "updated_at", + "updated_by", + "revision" + ], + "type": "object" + }, + "type": "array" + }, + "page": { + "type": "number" + }, + "perPage": { + "type": "number" + }, + "total": { + "type": "number" + } + }, + "required": [ + "items", + "total", + "page", + "perPage" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent policies" + ] + }, + "post": { + "description": "Create an agent policy", + "operationId": "%2Fapi%2Ffleet%2Fagent_policies#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "query", + "name": "sys_monitoring", + "required": false, + "schema": { + "type": "boolean" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "advanced_settings": { + "additionalProperties": false, + "properties": { + "agent_download_target_directory": { + "nullable": true + }, + "agent_download_timeout": { + "default": "2h", + "nullable": true + }, + "agent_limits_go_max_procs": { + "nullable": true + }, + "agent_logging_level": { + "default": "info", + "nullable": true + }, + "agent_logging_metrics_period": { + "default": "30s", + "nullable": true + } + }, + "type": "object" + }, + "agent_features": { + "items": { + "additionalProperties": false, + "properties": { + "enabled": { + "type": "boolean" + }, + "name": { + "type": "string" + } + }, + "required": [ + "name", + "enabled" + ], + "type": "object" + }, + "type": "array" + }, + "data_output_id": { + "nullable": true, + "type": "string" + }, + "description": { + "type": "string" + }, + "download_source_id": { + "nullable": true, + "type": "string" + }, + "fleet_server_host_id": { + "nullable": true, + "type": "string" + }, + "force": { + "type": "boolean" + }, + "global_data_tags": { + "description": "User defined data tags that are added to all of the inputs. The values can be strings or numbers.", + "items": { + "additionalProperties": false, + "properties": { + "name": { + "type": "string" + }, + "value": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "number" + } + ] + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "has_fleet_server": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inactivity_timeout": { + "default": 1209600, + "minimum": 0, + "type": "number" + }, + "is_default": { + "type": "boolean" + }, + "is_default_fleet_server": { + "type": "boolean" + }, + "is_managed": { + "type": "boolean" + }, + "is_protected": { + "type": "boolean" + }, + "keep_monitoring_alive": { + "default": false, + "description": "When set to true, monitoring will be enabled but logs/metrics collection will be disabled", + "nullable": true, + "type": "boolean" + }, + "monitoring_diagnostics": { + "additionalProperties": false, + "properties": { + "limit": { + "additionalProperties": false, + "properties": { + "burst": { + "type": "number" + }, + "interval": { + "type": "string" + } + }, + "type": "object" + }, + "uploader": { + "additionalProperties": false, + "properties": { + "init_dur": { + "type": "string" + }, + "max_dur": { + "type": "string" + }, + "max_retries": { + "type": "number" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "monitoring_enabled": { + "items": { + "enum": [ + "logs", + "metrics", + "traces" + ], + "type": "string" + }, + "type": "array" + }, + "monitoring_http": { + "additionalProperties": false, + "properties": { + "buffer": { + "additionalProperties": false, + "properties": { + "enabled": { + "default": false, + "type": "boolean" + } + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "host": { + "type": "string" + }, + "port": { + "maximum": 65353, + "minimum": 0, + "type": "number" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "monitoring_output_id": { + "nullable": true, + "type": "string" + }, + "monitoring_pprof_enabled": { + "type": "boolean" + }, + "name": { + "minLength": 1, + "type": "string" + }, + "namespace": { + "minLength": 1, + "type": "string" + }, + "overrides": { + "additionalProperties": {}, + "description": "Override settings that are defined in the agent policy. Input settings cannot be overridden. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "type": "object" + }, + "space_ids": { + "items": { + "type": "string" + }, + "type": "array" + }, + "supports_agentless": { + "default": false, + "description": "Indicates whether the agent policy supports agentless integrations.", + "nullable": true, + "type": "boolean" + }, + "unenroll_timeout": { + "minimum": 0, + "type": "number" + } + }, + "required": [ + "name", + "namespace" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "advanced_settings": { + "additionalProperties": false, + "properties": { + "agent_download_target_directory": { + "nullable": true + }, + "agent_download_timeout": { + "default": "2h", + "nullable": true + }, + "agent_limits_go_max_procs": { + "nullable": true + }, + "agent_logging_level": { + "default": "info", + "nullable": true + }, + "agent_logging_metrics_period": { + "default": "30s", + "nullable": true + } + }, + "type": "object" + }, + "agent_features": { + "items": { + "additionalProperties": false, + "properties": { + "enabled": { + "type": "boolean" + }, + "name": { + "type": "string" + } + }, + "required": [ + "name", + "enabled" + ], + "type": "object" + }, + "type": "array" + }, + "agents": { + "type": "number" + }, + "data_output_id": { + "nullable": true, + "type": "string" + }, + "description": { + "type": "string" + }, + "download_source_id": { + "nullable": true, + "type": "string" + }, + "fleet_server_host_id": { + "nullable": true, + "type": "string" + }, + "global_data_tags": { + "description": "User defined data tags that are added to all of the inputs. The values can be strings or numbers.", + "items": { + "additionalProperties": false, + "properties": { + "name": { + "type": "string" + }, + "value": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "number" + } + ] + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "has_fleet_server": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inactivity_timeout": { + "default": 1209600, + "minimum": 0, + "type": "number" + }, + "is_default": { + "type": "boolean" + }, + "is_default_fleet_server": { + "type": "boolean" + }, + "is_managed": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "is_protected": { + "description": "Indicates whether the agent policy has tamper protection enabled. Default false.", + "type": "boolean" + }, + "keep_monitoring_alive": { + "default": false, + "description": "When set to true, monitoring will be enabled but logs/metrics collection will be disabled", + "nullable": true, + "type": "boolean" + }, + "monitoring_diagnostics": { + "additionalProperties": false, + "properties": { + "limit": { + "additionalProperties": false, + "properties": { + "burst": { + "type": "number" + }, + "interval": { + "type": "string" + } + }, + "type": "object" + }, + "uploader": { + "additionalProperties": false, + "properties": { + "init_dur": { + "type": "string" + }, + "max_dur": { + "type": "string" + }, + "max_retries": { + "type": "number" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "monitoring_enabled": { + "items": { + "enum": [ + "logs", + "metrics", + "traces" + ], + "type": "string" + }, + "type": "array" + }, + "monitoring_http": { + "additionalProperties": false, + "properties": { + "buffer": { + "additionalProperties": false, + "properties": { + "enabled": { + "default": false, + "type": "boolean" + } + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "host": { + "type": "string" + }, + "port": { + "maximum": 65353, + "minimum": 0, + "type": "number" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "monitoring_output_id": { + "nullable": true, + "type": "string" + }, + "monitoring_pprof_enabled": { + "type": "boolean" + }, + "name": { + "minLength": 1, + "type": "string" + }, + "namespace": { + "minLength": 1, + "type": "string" + }, + "overrides": { + "additionalProperties": {}, + "description": "Override settings that are defined in the agent policy. Input settings cannot be overridden. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "type": "object" + }, + "package_policies": { + "anyOf": [ + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "description": "This field is present only when retrieving a single agent policy, or when retrieving a list of agent policies with the ?full=true parameter", + "items": { + "additionalProperties": false, + "properties": { + "created_at": { + "type": "string" + }, + "created_by": { + "type": "string" + }, + "description": { + "description": "Package policy description", + "type": "string" + }, + "elasticsearch": { + "additionalProperties": true, + "properties": { + "privileges": { + "additionalProperties": true, + "properties": { + "cluster": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inputs": { + "items": { + "additionalProperties": false, + "properties": { + "compiled_input": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "policy_template": { + "type": "string" + }, + "streams": { + "items": { + "additionalProperties": false, + "properties": { + "compiled_stream": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "data_stream": { + "additionalProperties": false, + "properties": { + "dataset": { + "type": "string" + }, + "elasticsearch": { + "additionalProperties": false, + "properties": { + "dynamic_dataset": { + "type": "boolean" + }, + "dynamic_namespace": { + "type": "boolean" + }, + "privileges": { + "additionalProperties": false, + "properties": { + "indices": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": { + "type": "string" + } + }, + "required": [ + "dataset", + "type" + ], + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "release": { + "enum": [ + "ga", + "beta", + "experimental" + ], + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "enabled", + "data_stream", + "compiled_stream" + ], + "type": "object" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "type", + "enabled", + "streams", + "compiled_input" + ], + "type": "object" + }, + "type": "array" + }, + "is_managed": { + "type": "boolean" + }, + "name": { + "description": "Package policy name (should be unique)", + "type": "string" + }, + "namespace": { + "description": "The package policy namespace. Leave blank to inherit the agent policy's namespace.", + "type": "string" + }, + "output_id": { + "nullable": true, + "type": "string" + }, + "overrides": { + "additionalProperties": false, + "description": "Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "properties": { + "inputs": { + "additionalProperties": {}, + "type": "object" + } + }, + "type": "object" + }, + "package": { + "additionalProperties": false, + "properties": { + "experimental_data_stream_features": { + "items": { + "additionalProperties": false, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": false, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Package name", + "type": "string" + }, + "requires_root": { + "type": "boolean" + }, + "title": { + "type": "string" + }, + "version": { + "description": "Package version", + "type": "string" + } + }, + "required": [ + "name", + "version" + ], + "type": "object" + }, + "policy_id": { + "deprecated": true, + "description": "Agent policy ID where that package policy will be added", + "nullable": true, + "type": "string" + }, + "policy_ids": { + "items": { + "description": "Agent policy IDs where that package policy will be added", + "type": "string" + }, + "type": "array" + }, + "revision": { + "type": "number" + }, + "secret_references": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + "type": "array" + }, + "updated_at": { + "type": "string" + }, + "updated_by": { + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "enabled", + "inputs", + "id", + "revision", + "updated_at", + "updated_by", + "created_at", + "created_by" + ], + "type": "object" + }, + "type": "array" + } + ] + }, + "revision": { + "type": "number" + }, + "schema_version": { + "type": "string" + }, + "space_ids": { + "items": { + "type": "string" + }, + "type": "array" + }, + "status": { + "enum": [ + "active", + "inactive" + ], + "type": "string" + }, + "supports_agentless": { + "default": false, + "description": "Indicates whether the agent policy supports agentless integrations.", + "nullable": true, + "type": "boolean" + }, + "unenroll_timeout": { + "minimum": 0, + "type": "number" + }, + "unprivileged_agents": { + "type": "number" + }, + "updated_at": { + "type": "string" + }, + "updated_by": { + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "name", + "namespace", + "is_managed", + "is_protected", + "status", + "updated_at", + "updated_by", + "revision" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent policies" + ] + } + }, + "/api/fleet/agent_policies/_bulk_get": { + "post": { + "description": "Bulk get agent policies", + "operationId": "%2Fapi%2Ffleet%2Fagent_policies%2F_bulk_get#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "query", + "name": "format", + "required": false, + "schema": { + "enum": [ + "simplified", + "legacy" + ], + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "full": { + "description": "get full policies with package policies populated", + "type": "boolean" + }, + "ids": { + "description": "list of package policy ids", + "items": { + "type": "string" + }, + "type": "array" + }, + "ignoreMissing": { + "type": "boolean" + } + }, + "required": [ + "ids" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "additionalProperties": false, + "properties": { + "advanced_settings": { + "additionalProperties": false, + "properties": { + "agent_download_target_directory": { + "nullable": true + }, + "agent_download_timeout": { + "default": "2h", + "nullable": true + }, + "agent_limits_go_max_procs": { + "nullable": true + }, + "agent_logging_level": { + "default": "info", + "nullable": true + }, + "agent_logging_metrics_period": { + "default": "30s", + "nullable": true + } + }, + "type": "object" + }, + "agent_features": { + "items": { + "additionalProperties": false, + "properties": { + "enabled": { + "type": "boolean" + }, + "name": { + "type": "string" + } + }, + "required": [ + "name", + "enabled" + ], + "type": "object" + }, + "type": "array" + }, + "agents": { + "type": "number" + }, + "data_output_id": { + "nullable": true, + "type": "string" + }, + "description": { + "type": "string" + }, + "download_source_id": { + "nullable": true, + "type": "string" + }, + "fleet_server_host_id": { + "nullable": true, + "type": "string" + }, + "global_data_tags": { + "description": "User defined data tags that are added to all of the inputs. The values can be strings or numbers.", + "items": { + "additionalProperties": false, + "properties": { + "name": { + "type": "string" + }, + "value": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "number" + } + ] + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "has_fleet_server": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inactivity_timeout": { + "default": 1209600, + "minimum": 0, + "type": "number" + }, + "is_default": { + "type": "boolean" + }, + "is_default_fleet_server": { + "type": "boolean" + }, + "is_managed": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "is_protected": { + "description": "Indicates whether the agent policy has tamper protection enabled. Default false.", + "type": "boolean" + }, + "keep_monitoring_alive": { + "default": false, + "description": "When set to true, monitoring will be enabled but logs/metrics collection will be disabled", + "nullable": true, + "type": "boolean" + }, + "monitoring_diagnostics": { + "additionalProperties": false, + "properties": { + "limit": { + "additionalProperties": false, + "properties": { + "burst": { + "type": "number" + }, + "interval": { + "type": "string" + } + }, + "type": "object" + }, + "uploader": { + "additionalProperties": false, + "properties": { + "init_dur": { + "type": "string" + }, + "max_dur": { + "type": "string" + }, + "max_retries": { + "type": "number" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "monitoring_enabled": { + "items": { + "enum": [ + "logs", + "metrics", + "traces" + ], + "type": "string" + }, + "type": "array" + }, + "monitoring_http": { + "additionalProperties": false, + "properties": { + "buffer": { + "additionalProperties": false, + "properties": { + "enabled": { + "default": false, + "type": "boolean" + } + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "host": { + "type": "string" + }, + "port": { + "maximum": 65353, + "minimum": 0, + "type": "number" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "monitoring_output_id": { + "nullable": true, + "type": "string" + }, + "monitoring_pprof_enabled": { + "type": "boolean" + }, + "name": { + "minLength": 1, + "type": "string" + }, + "namespace": { + "minLength": 1, + "type": "string" + }, + "overrides": { + "additionalProperties": {}, + "description": "Override settings that are defined in the agent policy. Input settings cannot be overridden. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "type": "object" + }, + "package_policies": { + "anyOf": [ + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "description": "This field is present only when retrieving a single agent policy, or when retrieving a list of agent policies with the ?full=true parameter", + "items": { + "additionalProperties": false, + "properties": { + "created_at": { + "type": "string" + }, + "created_by": { + "type": "string" + }, + "description": { + "description": "Package policy description", + "type": "string" + }, + "elasticsearch": { + "additionalProperties": true, + "properties": { + "privileges": { + "additionalProperties": true, + "properties": { + "cluster": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inputs": { + "items": { + "additionalProperties": false, + "properties": { + "compiled_input": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "policy_template": { + "type": "string" + }, + "streams": { + "items": { + "additionalProperties": false, + "properties": { + "compiled_stream": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "data_stream": { + "additionalProperties": false, + "properties": { + "dataset": { + "type": "string" + }, + "elasticsearch": { + "additionalProperties": false, + "properties": { + "dynamic_dataset": { + "type": "boolean" + }, + "dynamic_namespace": { + "type": "boolean" + }, + "privileges": { + "additionalProperties": false, + "properties": { + "indices": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": { + "type": "string" + } + }, + "required": [ + "dataset", + "type" + ], + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "release": { + "enum": [ + "ga", + "beta", + "experimental" + ], + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "enabled", + "data_stream", + "compiled_stream" + ], + "type": "object" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "type", + "enabled", + "streams", + "compiled_input" + ], + "type": "object" + }, + "type": "array" + }, + "is_managed": { + "type": "boolean" + }, + "name": { + "description": "Package policy name (should be unique)", + "type": "string" + }, + "namespace": { + "description": "The package policy namespace. Leave blank to inherit the agent policy's namespace.", + "type": "string" + }, + "output_id": { + "nullable": true, + "type": "string" + }, + "overrides": { + "additionalProperties": false, + "description": "Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "properties": { + "inputs": { + "additionalProperties": {}, + "type": "object" + } + }, + "type": "object" + }, + "package": { + "additionalProperties": false, + "properties": { + "experimental_data_stream_features": { + "items": { + "additionalProperties": false, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": false, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Package name", + "type": "string" + }, + "requires_root": { + "type": "boolean" + }, + "title": { + "type": "string" + }, + "version": { + "description": "Package version", + "type": "string" + } + }, + "required": [ + "name", + "version" + ], + "type": "object" + }, + "policy_id": { + "deprecated": true, + "description": "Agent policy ID where that package policy will be added", + "nullable": true, + "type": "string" + }, + "policy_ids": { + "items": { + "description": "Agent policy IDs where that package policy will be added", + "type": "string" + }, + "type": "array" + }, + "revision": { + "type": "number" + }, + "secret_references": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + "type": "array" + }, + "updated_at": { + "type": "string" + }, + "updated_by": { + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "enabled", + "inputs", + "id", + "revision", + "updated_at", + "updated_by", + "created_at", + "created_by" + ], + "type": "object" + }, + "type": "array" + } + ] + }, + "revision": { + "type": "number" + }, + "schema_version": { + "type": "string" + }, + "space_ids": { + "items": { + "type": "string" + }, + "type": "array" + }, + "status": { + "enum": [ + "active", + "inactive" + ], + "type": "string" + }, + "supports_agentless": { + "default": false, + "description": "Indicates whether the agent policy supports agentless integrations.", + "nullable": true, + "type": "boolean" + }, + "unenroll_timeout": { + "minimum": 0, + "type": "number" + }, + "unprivileged_agents": { + "type": "number" + }, + "updated_at": { + "type": "string" + }, + "updated_by": { + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "name", + "namespace", + "is_managed", + "is_protected", + "status", + "updated_at", + "updated_by", + "revision" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "items" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent policies" + ] + } + }, + "/api/fleet/agent_policies/delete": { + "post": { + "description": "Delete agent policy by ID", + "operationId": "%2Fapi%2Ffleet%2Fagent_policies%2Fdelete#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "agentPolicyId": { + "type": "string" + }, + "force": { + "description": "bypass validation checks that can prevent agent policy deletion", + "type": "boolean" + } + }, + "required": [ + "agentPolicyId" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "name": { + "type": "string" + } + }, + "required": [ + "id", + "name" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent policies" + ] + } + }, + "/api/fleet/agent_policies/{agentPolicyId}": { + "get": { + "description": "Get an agent policy by ID", + "operationId": "%2Fapi%2Ffleet%2Fagent_policies%2F%7BagentPolicyId%7D#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "path", + "name": "agentPolicyId", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "format", + "required": false, + "schema": { + "enum": [ + "simplified", + "legacy" + ], + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "advanced_settings": { + "additionalProperties": false, + "properties": { + "agent_download_target_directory": { + "nullable": true + }, + "agent_download_timeout": { + "default": "2h", + "nullable": true + }, + "agent_limits_go_max_procs": { + "nullable": true + }, + "agent_logging_level": { + "default": "info", + "nullable": true + }, + "agent_logging_metrics_period": { + "default": "30s", + "nullable": true + } + }, + "type": "object" + }, + "agent_features": { + "items": { + "additionalProperties": false, + "properties": { + "enabled": { + "type": "boolean" + }, + "name": { + "type": "string" + } + }, + "required": [ + "name", + "enabled" + ], + "type": "object" + }, + "type": "array" + }, + "agents": { + "type": "number" + }, + "data_output_id": { + "nullable": true, + "type": "string" + }, + "description": { + "type": "string" + }, + "download_source_id": { + "nullable": true, + "type": "string" + }, + "fleet_server_host_id": { + "nullable": true, + "type": "string" + }, + "global_data_tags": { + "description": "User defined data tags that are added to all of the inputs. The values can be strings or numbers.", + "items": { + "additionalProperties": false, + "properties": { + "name": { + "type": "string" + }, + "value": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "number" + } + ] + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "has_fleet_server": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inactivity_timeout": { + "default": 1209600, + "minimum": 0, + "type": "number" + }, + "is_default": { + "type": "boolean" + }, + "is_default_fleet_server": { + "type": "boolean" + }, + "is_managed": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "is_protected": { + "description": "Indicates whether the agent policy has tamper protection enabled. Default false.", + "type": "boolean" + }, + "keep_monitoring_alive": { + "default": false, + "description": "When set to true, monitoring will be enabled but logs/metrics collection will be disabled", + "nullable": true, + "type": "boolean" + }, + "monitoring_diagnostics": { + "additionalProperties": false, + "properties": { + "limit": { + "additionalProperties": false, + "properties": { + "burst": { + "type": "number" + }, + "interval": { + "type": "string" + } + }, + "type": "object" + }, + "uploader": { + "additionalProperties": false, + "properties": { + "init_dur": { + "type": "string" + }, + "max_dur": { + "type": "string" + }, + "max_retries": { + "type": "number" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "monitoring_enabled": { + "items": { + "enum": [ + "logs", + "metrics", + "traces" + ], + "type": "string" + }, + "type": "array" + }, + "monitoring_http": { + "additionalProperties": false, + "properties": { + "buffer": { + "additionalProperties": false, + "properties": { + "enabled": { + "default": false, + "type": "boolean" + } + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "host": { + "type": "string" + }, + "port": { + "maximum": 65353, + "minimum": 0, + "type": "number" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "monitoring_output_id": { + "nullable": true, + "type": "string" + }, + "monitoring_pprof_enabled": { + "type": "boolean" + }, + "name": { + "minLength": 1, + "type": "string" + }, + "namespace": { + "minLength": 1, + "type": "string" + }, + "overrides": { + "additionalProperties": {}, + "description": "Override settings that are defined in the agent policy. Input settings cannot be overridden. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "type": "object" + }, + "package_policies": { + "anyOf": [ + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "description": "This field is present only when retrieving a single agent policy, or when retrieving a list of agent policies with the ?full=true parameter", + "items": { + "additionalProperties": false, + "properties": { + "created_at": { + "type": "string" + }, + "created_by": { + "type": "string" + }, + "description": { + "description": "Package policy description", + "type": "string" + }, + "elasticsearch": { + "additionalProperties": true, + "properties": { + "privileges": { + "additionalProperties": true, + "properties": { + "cluster": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inputs": { + "items": { + "additionalProperties": false, + "properties": { + "compiled_input": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "policy_template": { + "type": "string" + }, + "streams": { + "items": { + "additionalProperties": false, + "properties": { + "compiled_stream": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "data_stream": { + "additionalProperties": false, + "properties": { + "dataset": { + "type": "string" + }, + "elasticsearch": { + "additionalProperties": false, + "properties": { + "dynamic_dataset": { + "type": "boolean" + }, + "dynamic_namespace": { + "type": "boolean" + }, + "privileges": { + "additionalProperties": false, + "properties": { + "indices": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": { + "type": "string" + } + }, + "required": [ + "dataset", + "type" + ], + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "release": { + "enum": [ + "ga", + "beta", + "experimental" + ], + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "enabled", + "data_stream", + "compiled_stream" + ], + "type": "object" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "type", + "enabled", + "streams", + "compiled_input" + ], + "type": "object" + }, + "type": "array" + }, + "is_managed": { + "type": "boolean" + }, + "name": { + "description": "Package policy name (should be unique)", + "type": "string" + }, + "namespace": { + "description": "The package policy namespace. Leave blank to inherit the agent policy's namespace.", + "type": "string" + }, + "output_id": { + "nullable": true, + "type": "string" + }, + "overrides": { + "additionalProperties": false, + "description": "Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "properties": { + "inputs": { + "additionalProperties": {}, + "type": "object" + } + }, + "type": "object" + }, + "package": { + "additionalProperties": false, + "properties": { + "experimental_data_stream_features": { + "items": { + "additionalProperties": false, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": false, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Package name", + "type": "string" + }, + "requires_root": { + "type": "boolean" + }, + "title": { + "type": "string" + }, + "version": { + "description": "Package version", + "type": "string" + } + }, + "required": [ + "name", + "version" + ], + "type": "object" + }, + "policy_id": { + "deprecated": true, + "description": "Agent policy ID where that package policy will be added", + "nullable": true, + "type": "string" + }, + "policy_ids": { + "items": { + "description": "Agent policy IDs where that package policy will be added", + "type": "string" + }, + "type": "array" + }, + "revision": { + "type": "number" + }, + "secret_references": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + "type": "array" + }, + "updated_at": { + "type": "string" + }, + "updated_by": { + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "enabled", + "inputs", + "id", + "revision", + "updated_at", + "updated_by", + "created_at", + "created_by" + ], + "type": "object" + }, + "type": "array" + } + ] + }, + "revision": { + "type": "number" + }, + "schema_version": { + "type": "string" + }, + "space_ids": { + "items": { + "type": "string" + }, + "type": "array" + }, + "status": { + "enum": [ + "active", + "inactive" + ], + "type": "string" + }, + "supports_agentless": { + "default": false, + "description": "Indicates whether the agent policy supports agentless integrations.", + "nullable": true, + "type": "boolean" + }, + "unenroll_timeout": { + "minimum": 0, + "type": "number" + }, + "unprivileged_agents": { + "type": "number" + }, + "updated_at": { + "type": "string" + }, + "updated_by": { + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "name", + "namespace", + "is_managed", + "is_protected", + "status", + "updated_at", + "updated_by", + "revision" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent policies" + ] + }, + "put": { + "description": "Update an agent policy by ID", + "operationId": "%2Fapi%2Ffleet%2Fagent_policies%2F%7BagentPolicyId%7D#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "agentPolicyId", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "format", + "required": false, + "schema": { + "enum": [ + "simplified", + "legacy" + ], + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "advanced_settings": { + "additionalProperties": false, + "properties": { + "agent_download_target_directory": { + "nullable": true + }, + "agent_download_timeout": { + "default": "2h", + "nullable": true + }, + "agent_limits_go_max_procs": { + "nullable": true + }, + "agent_logging_level": { + "default": "info", + "nullable": true + }, + "agent_logging_metrics_period": { + "default": "30s", + "nullable": true + } + }, + "type": "object" + }, + "agent_features": { + "items": { + "additionalProperties": false, + "properties": { + "enabled": { + "type": "boolean" + }, + "name": { + "type": "string" + } + }, + "required": [ + "name", + "enabled" + ], + "type": "object" + }, + "type": "array" + }, + "data_output_id": { + "nullable": true, + "type": "string" + }, + "description": { + "type": "string" + }, + "download_source_id": { + "nullable": true, + "type": "string" + }, + "fleet_server_host_id": { + "nullable": true, + "type": "string" + }, + "force": { + "type": "boolean" + }, + "global_data_tags": { + "description": "User defined data tags that are added to all of the inputs. The values can be strings or numbers.", + "items": { + "additionalProperties": false, + "properties": { + "name": { + "type": "string" + }, + "value": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "number" + } + ] + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "has_fleet_server": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inactivity_timeout": { + "default": 1209600, + "minimum": 0, + "type": "number" + }, + "is_default": { + "type": "boolean" + }, + "is_default_fleet_server": { + "type": "boolean" + }, + "is_managed": { + "type": "boolean" + }, + "is_protected": { + "type": "boolean" + }, + "keep_monitoring_alive": { + "default": false, + "description": "When set to true, monitoring will be enabled but logs/metrics collection will be disabled", + "nullable": true, + "type": "boolean" + }, + "monitoring_diagnostics": { + "additionalProperties": false, + "properties": { + "limit": { + "additionalProperties": false, + "properties": { + "burst": { + "type": "number" + }, + "interval": { + "type": "string" + } + }, + "type": "object" + }, + "uploader": { + "additionalProperties": false, + "properties": { + "init_dur": { + "type": "string" + }, + "max_dur": { + "type": "string" + }, + "max_retries": { + "type": "number" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "monitoring_enabled": { + "items": { + "enum": [ + "logs", + "metrics", + "traces" + ], + "type": "string" + }, + "type": "array" + }, + "monitoring_http": { + "additionalProperties": false, + "properties": { + "buffer": { + "additionalProperties": false, + "properties": { + "enabled": { + "default": false, + "type": "boolean" + } + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "host": { + "type": "string" + }, + "port": { + "maximum": 65353, + "minimum": 0, + "type": "number" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "monitoring_output_id": { + "nullable": true, + "type": "string" + }, + "monitoring_pprof_enabled": { + "type": "boolean" + }, + "name": { + "minLength": 1, + "type": "string" + }, + "namespace": { + "minLength": 1, + "type": "string" + }, + "overrides": { + "additionalProperties": {}, + "description": "Override settings that are defined in the agent policy. Input settings cannot be overridden. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "type": "object" + }, + "space_ids": { + "items": { + "type": "string" + }, + "type": "array" + }, + "supports_agentless": { + "default": false, + "description": "Indicates whether the agent policy supports agentless integrations.", + "nullable": true, + "type": "boolean" + }, + "unenroll_timeout": { + "minimum": 0, + "type": "number" + } + }, + "required": [ + "name", + "namespace" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "advanced_settings": { + "additionalProperties": false, + "properties": { + "agent_download_target_directory": { + "nullable": true + }, + "agent_download_timeout": { + "default": "2h", + "nullable": true + }, + "agent_limits_go_max_procs": { + "nullable": true + }, + "agent_logging_level": { + "default": "info", + "nullable": true + }, + "agent_logging_metrics_period": { + "default": "30s", + "nullable": true + } + }, + "type": "object" + }, + "agent_features": { + "items": { + "additionalProperties": false, + "properties": { + "enabled": { + "type": "boolean" + }, + "name": { + "type": "string" + } + }, + "required": [ + "name", + "enabled" + ], + "type": "object" + }, + "type": "array" + }, + "agents": { + "type": "number" + }, + "data_output_id": { + "nullable": true, + "type": "string" + }, + "description": { + "type": "string" + }, + "download_source_id": { + "nullable": true, + "type": "string" + }, + "fleet_server_host_id": { + "nullable": true, + "type": "string" + }, + "global_data_tags": { + "description": "User defined data tags that are added to all of the inputs. The values can be strings or numbers.", + "items": { + "additionalProperties": false, + "properties": { + "name": { + "type": "string" + }, + "value": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "number" + } + ] + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "has_fleet_server": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inactivity_timeout": { + "default": 1209600, + "minimum": 0, + "type": "number" + }, + "is_default": { + "type": "boolean" + }, + "is_default_fleet_server": { + "type": "boolean" + }, + "is_managed": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "is_protected": { + "description": "Indicates whether the agent policy has tamper protection enabled. Default false.", + "type": "boolean" + }, + "keep_monitoring_alive": { + "default": false, + "description": "When set to true, monitoring will be enabled but logs/metrics collection will be disabled", + "nullable": true, + "type": "boolean" + }, + "monitoring_diagnostics": { + "additionalProperties": false, + "properties": { + "limit": { + "additionalProperties": false, + "properties": { + "burst": { + "type": "number" + }, + "interval": { + "type": "string" + } + }, + "type": "object" + }, + "uploader": { + "additionalProperties": false, + "properties": { + "init_dur": { + "type": "string" + }, + "max_dur": { + "type": "string" + }, + "max_retries": { + "type": "number" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "monitoring_enabled": { + "items": { + "enum": [ + "logs", + "metrics", + "traces" + ], + "type": "string" + }, + "type": "array" + }, + "monitoring_http": { + "additionalProperties": false, + "properties": { + "buffer": { + "additionalProperties": false, + "properties": { + "enabled": { + "default": false, + "type": "boolean" + } + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "host": { + "type": "string" + }, + "port": { + "maximum": 65353, + "minimum": 0, + "type": "number" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "monitoring_output_id": { + "nullable": true, + "type": "string" + }, + "monitoring_pprof_enabled": { + "type": "boolean" + }, + "name": { + "minLength": 1, + "type": "string" + }, + "namespace": { + "minLength": 1, + "type": "string" + }, + "overrides": { + "additionalProperties": {}, + "description": "Override settings that are defined in the agent policy. Input settings cannot be overridden. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "type": "object" + }, + "package_policies": { + "anyOf": [ + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "description": "This field is present only when retrieving a single agent policy, or when retrieving a list of agent policies with the ?full=true parameter", + "items": { + "additionalProperties": false, + "properties": { + "created_at": { + "type": "string" + }, + "created_by": { + "type": "string" + }, + "description": { + "description": "Package policy description", + "type": "string" + }, + "elasticsearch": { + "additionalProperties": true, + "properties": { + "privileges": { + "additionalProperties": true, + "properties": { + "cluster": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inputs": { + "items": { + "additionalProperties": false, + "properties": { + "compiled_input": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "policy_template": { + "type": "string" + }, + "streams": { + "items": { + "additionalProperties": false, + "properties": { + "compiled_stream": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "data_stream": { + "additionalProperties": false, + "properties": { + "dataset": { + "type": "string" + }, + "elasticsearch": { + "additionalProperties": false, + "properties": { + "dynamic_dataset": { + "type": "boolean" + }, + "dynamic_namespace": { + "type": "boolean" + }, + "privileges": { + "additionalProperties": false, + "properties": { + "indices": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": { + "type": "string" + } + }, + "required": [ + "dataset", + "type" + ], + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "release": { + "enum": [ + "ga", + "beta", + "experimental" + ], + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "enabled", + "data_stream", + "compiled_stream" + ], + "type": "object" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "type", + "enabled", + "streams", + "compiled_input" + ], + "type": "object" + }, + "type": "array" + }, + "is_managed": { + "type": "boolean" + }, + "name": { + "description": "Package policy name (should be unique)", + "type": "string" + }, + "namespace": { + "description": "The package policy namespace. Leave blank to inherit the agent policy's namespace.", + "type": "string" + }, + "output_id": { + "nullable": true, + "type": "string" + }, + "overrides": { + "additionalProperties": false, + "description": "Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "properties": { + "inputs": { + "additionalProperties": {}, + "type": "object" + } + }, + "type": "object" + }, + "package": { + "additionalProperties": false, + "properties": { + "experimental_data_stream_features": { + "items": { + "additionalProperties": false, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": false, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Package name", + "type": "string" + }, + "requires_root": { + "type": "boolean" + }, + "title": { + "type": "string" + }, + "version": { + "description": "Package version", + "type": "string" + } + }, + "required": [ + "name", + "version" + ], + "type": "object" + }, + "policy_id": { + "deprecated": true, + "description": "Agent policy ID where that package policy will be added", + "nullable": true, + "type": "string" + }, + "policy_ids": { + "items": { + "description": "Agent policy IDs where that package policy will be added", + "type": "string" + }, + "type": "array" + }, + "revision": { + "type": "number" + }, + "secret_references": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + "type": "array" + }, + "updated_at": { + "type": "string" + }, + "updated_by": { + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "enabled", + "inputs", + "id", + "revision", + "updated_at", + "updated_by", + "created_at", + "created_by" + ], + "type": "object" + }, + "type": "array" + } + ] + }, + "revision": { + "type": "number" + }, + "schema_version": { + "type": "string" + }, + "space_ids": { + "items": { + "type": "string" + }, + "type": "array" + }, + "status": { + "enum": [ + "active", + "inactive" + ], + "type": "string" + }, + "supports_agentless": { + "default": false, + "description": "Indicates whether the agent policy supports agentless integrations.", + "nullable": true, + "type": "boolean" + }, + "unenroll_timeout": { + "minimum": 0, + "type": "number" + }, + "unprivileged_agents": { + "type": "number" + }, + "updated_at": { + "type": "string" + }, + "updated_by": { + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "name", + "namespace", + "is_managed", + "is_protected", + "status", + "updated_at", + "updated_by", + "revision" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent policies" + ] + } + }, + "/api/fleet/agent_policies/{agentPolicyId}/copy": { + "post": { + "description": "Copy an agent policy by ID", + "operationId": "%2Fapi%2Ffleet%2Fagent_policies%2F%7BagentPolicyId%7D%2Fcopy#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "agentPolicyId", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "format", + "required": false, + "schema": { + "enum": [ + "simplified", + "legacy" + ], + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "description": { + "type": "string" + }, + "name": { + "minLength": 1, + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "advanced_settings": { + "additionalProperties": false, + "properties": { + "agent_download_target_directory": { + "nullable": true + }, + "agent_download_timeout": { + "default": "2h", + "nullable": true + }, + "agent_limits_go_max_procs": { + "nullable": true + }, + "agent_logging_level": { + "default": "info", + "nullable": true + }, + "agent_logging_metrics_period": { + "default": "30s", + "nullable": true + } + }, + "type": "object" + }, + "agent_features": { + "items": { + "additionalProperties": false, + "properties": { + "enabled": { + "type": "boolean" + }, + "name": { + "type": "string" + } + }, + "required": [ + "name", + "enabled" + ], + "type": "object" + }, + "type": "array" + }, + "agents": { + "type": "number" + }, + "data_output_id": { + "nullable": true, + "type": "string" + }, + "description": { + "type": "string" + }, + "download_source_id": { + "nullable": true, + "type": "string" + }, + "fleet_server_host_id": { + "nullable": true, + "type": "string" + }, + "global_data_tags": { + "description": "User defined data tags that are added to all of the inputs. The values can be strings or numbers.", + "items": { + "additionalProperties": false, + "properties": { + "name": { + "type": "string" + }, + "value": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "number" + } + ] + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "has_fleet_server": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inactivity_timeout": { + "default": 1209600, + "minimum": 0, + "type": "number" + }, + "is_default": { + "type": "boolean" + }, + "is_default_fleet_server": { + "type": "boolean" + }, + "is_managed": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "is_protected": { + "description": "Indicates whether the agent policy has tamper protection enabled. Default false.", + "type": "boolean" + }, + "keep_monitoring_alive": { + "default": false, + "description": "When set to true, monitoring will be enabled but logs/metrics collection will be disabled", + "nullable": true, + "type": "boolean" + }, + "monitoring_diagnostics": { + "additionalProperties": false, + "properties": { + "limit": { + "additionalProperties": false, + "properties": { + "burst": { + "type": "number" + }, + "interval": { + "type": "string" + } + }, + "type": "object" + }, + "uploader": { + "additionalProperties": false, + "properties": { + "init_dur": { + "type": "string" + }, + "max_dur": { + "type": "string" + }, + "max_retries": { + "type": "number" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "monitoring_enabled": { + "items": { + "enum": [ + "logs", + "metrics", + "traces" + ], + "type": "string" + }, + "type": "array" + }, + "monitoring_http": { + "additionalProperties": false, + "properties": { + "buffer": { + "additionalProperties": false, + "properties": { + "enabled": { + "default": false, + "type": "boolean" + } + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "host": { + "type": "string" + }, + "port": { + "maximum": 65353, + "minimum": 0, + "type": "number" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "monitoring_output_id": { + "nullable": true, + "type": "string" + }, + "monitoring_pprof_enabled": { + "type": "boolean" + }, + "name": { + "minLength": 1, + "type": "string" + }, + "namespace": { + "minLength": 1, + "type": "string" + }, + "overrides": { + "additionalProperties": {}, + "description": "Override settings that are defined in the agent policy. Input settings cannot be overridden. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "type": "object" + }, + "package_policies": { + "anyOf": [ + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "description": "This field is present only when retrieving a single agent policy, or when retrieving a list of agent policies with the ?full=true parameter", + "items": { + "additionalProperties": false, + "properties": { + "created_at": { + "type": "string" + }, + "created_by": { + "type": "string" + }, + "description": { + "description": "Package policy description", + "type": "string" + }, + "elasticsearch": { + "additionalProperties": true, + "properties": { + "privileges": { + "additionalProperties": true, + "properties": { + "cluster": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inputs": { + "items": { + "additionalProperties": false, + "properties": { + "compiled_input": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "policy_template": { + "type": "string" + }, + "streams": { + "items": { + "additionalProperties": false, + "properties": { + "compiled_stream": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "data_stream": { + "additionalProperties": false, + "properties": { + "dataset": { + "type": "string" + }, + "elasticsearch": { + "additionalProperties": false, + "properties": { + "dynamic_dataset": { + "type": "boolean" + }, + "dynamic_namespace": { + "type": "boolean" + }, + "privileges": { + "additionalProperties": false, + "properties": { + "indices": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": { + "type": "string" + } + }, + "required": [ + "dataset", + "type" + ], + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "release": { + "enum": [ + "ga", + "beta", + "experimental" + ], + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "enabled", + "data_stream", + "compiled_stream" + ], + "type": "object" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "type", + "enabled", + "streams", + "compiled_input" + ], + "type": "object" + }, + "type": "array" + }, + "is_managed": { + "type": "boolean" + }, + "name": { + "description": "Package policy name (should be unique)", + "type": "string" + }, + "namespace": { + "description": "The package policy namespace. Leave blank to inherit the agent policy's namespace.", + "type": "string" + }, + "output_id": { + "nullable": true, + "type": "string" + }, + "overrides": { + "additionalProperties": false, + "description": "Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "properties": { + "inputs": { + "additionalProperties": {}, + "type": "object" + } + }, + "type": "object" + }, + "package": { + "additionalProperties": false, + "properties": { + "experimental_data_stream_features": { + "items": { + "additionalProperties": false, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": false, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Package name", + "type": "string" + }, + "requires_root": { + "type": "boolean" + }, + "title": { + "type": "string" + }, + "version": { + "description": "Package version", + "type": "string" + } + }, + "required": [ + "name", + "version" + ], + "type": "object" + }, + "policy_id": { + "deprecated": true, + "description": "Agent policy ID where that package policy will be added", + "nullable": true, + "type": "string" + }, + "policy_ids": { + "items": { + "description": "Agent policy IDs where that package policy will be added", + "type": "string" + }, + "type": "array" + }, + "revision": { + "type": "number" + }, + "secret_references": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + "type": "array" + }, + "updated_at": { + "type": "string" + }, + "updated_by": { + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "enabled", + "inputs", + "id", + "revision", + "updated_at", + "updated_by", + "created_at", + "created_by" + ], + "type": "object" + }, + "type": "array" + } + ] + }, + "revision": { + "type": "number" + }, + "schema_version": { + "type": "string" + }, + "space_ids": { + "items": { + "type": "string" + }, + "type": "array" + }, + "status": { + "enum": [ + "active", + "inactive" + ], + "type": "string" + }, + "supports_agentless": { + "default": false, + "description": "Indicates whether the agent policy supports agentless integrations.", + "nullable": true, + "type": "boolean" + }, + "unenroll_timeout": { + "minimum": 0, + "type": "number" + }, + "unprivileged_agents": { + "type": "number" + }, + "updated_at": { + "type": "string" + }, + "updated_by": { + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "name", + "namespace", + "is_managed", + "is_protected", + "status", + "updated_at", + "updated_by", + "revision" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent policies" + ] + } + }, + "/api/fleet/agent_policies/{agentPolicyId}/download": { + "get": { + "description": "Download an agent policy by ID", + "operationId": "%2Fapi%2Ffleet%2Fagent_policies%2F%7BagentPolicyId%7D%2Fdownload#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "path", + "name": "agentPolicyId", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "download", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "standalone", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "kubernetes", + "required": false, + "schema": { + "type": "boolean" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "type": "string" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + }, + "404": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent policies" + ] + } + }, + "/api/fleet/agent_policies/{agentPolicyId}/full": { + "get": { + "description": "Get a full agent policy by ID", + "operationId": "%2Fapi%2Ffleet%2Fagent_policies%2F%7BagentPolicyId%7D%2Ffull#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "path", + "name": "agentPolicyId", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "download", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "standalone", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "kubernetes", + "required": false, + "schema": { + "type": "boolean" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "anyOf": [ + { + "type": "string" + }, + { + "additionalProperties": false, + "properties": { + "agent": { + "additionalProperties": false, + "properties": { + "download": { + "additionalProperties": false, + "properties": { + "sourceURI": { + "type": "string" + } + }, + "required": [ + "sourceURI" + ], + "type": "object" + }, + "features": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "enabled": { + "type": "boolean" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "type": "object" + }, + "monitoring": { + "additionalProperties": false, + "properties": { + "enabled": { + "type": "boolean" + }, + "logs": { + "type": "boolean" + }, + "metrics": { + "type": "boolean" + }, + "namespace": { + "type": "string" + }, + "traces": { + "type": "boolean" + }, + "use_output": { + "type": "string" + } + }, + "required": [ + "enabled", + "metrics", + "logs", + "traces" + ], + "type": "object" + }, + "protection": { + "additionalProperties": false, + "properties": { + "enabled": { + "type": "boolean" + }, + "signing_key": { + "type": "string" + }, + "uninstall_token_hash": { + "type": "string" + } + }, + "required": [ + "enabled", + "uninstall_token_hash", + "signing_key" + ], + "type": "object" + } + }, + "required": [ + "monitoring", + "download", + "features" + ], + "type": "object" + }, + "fleet": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "hosts": { + "items": { + "type": "string" + }, + "type": "array" + }, + "proxy_headers": {}, + "proxy_url": { + "type": "string" + }, + "ssl": { + "additionalProperties": false, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "renegotiation": { + "type": "string" + }, + "verification_mode": { + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "hosts", + "proxy_headers" + ], + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "kibana": { + "additionalProperties": false, + "properties": { + "hosts": { + "items": { + "type": "string" + }, + "type": "array" + }, + "path": { + "type": "string" + }, + "protocol": { + "type": "string" + } + }, + "required": [ + "hosts", + "protocol" + ], + "type": "object" + } + }, + "required": [ + "kibana" + ], + "type": "object" + } + ] + }, + "id": { + "type": "string" + }, + "inputs": { + "items": { + "additionalProperties": true, + "properties": { + "data_stream": { + "additionalProperties": true, + "properties": { + "namespace": { + "type": "string" + } + }, + "required": [ + "namespace" + ], + "type": "object" + }, + "id": { + "type": "string" + }, + "meta": { + "additionalProperties": true, + "properties": { + "package": { + "additionalProperties": true, + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "version" + ], + "type": "object" + } + }, + "type": "object" + }, + "name": { + "type": "string" + }, + "package_policy_id": { + "type": "string" + }, + "processors": { + "items": { + "additionalProperties": true, + "properties": { + "add_fields": { + "additionalProperties": true, + "properties": { + "fields": { + "additionalProperties": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "number" + } + ] + }, + "type": "object" + }, + "target": { + "type": "string" + } + }, + "required": [ + "target", + "fields" + ], + "type": "object" + } + }, + "required": [ + "add_fields" + ], + "type": "object" + }, + "type": "array" + }, + "revision": { + "type": "number" + }, + "streams": { + "items": { + "additionalProperties": true, + "properties": { + "data_stream": { + "additionalProperties": true, + "properties": { + "dataset": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "dataset" + ], + "type": "object" + }, + "id": { + "type": "string" + } + }, + "required": [ + "id", + "data_stream" + ], + "type": "object" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "use_output": { + "type": "string" + } + }, + "required": [ + "id", + "name", + "revision", + "type", + "data_stream", + "use_output", + "package_policy_id" + ], + "type": "object" + }, + "type": "array" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "output_permissions": { + "additionalProperties": { + "additionalProperties": {}, + "type": "object" + }, + "type": "object" + }, + "outputs": { + "additionalProperties": { + "additionalProperties": true, + "properties": { + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "hosts": { + "items": { + "type": "string" + }, + "type": "array" + }, + "proxy_headers": {}, + "proxy_url": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "type", + "proxy_headers" + ], + "type": "object" + }, + "type": "object" + }, + "revision": { + "type": "number" + }, + "secret_references": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + "type": "array" + }, + "signed": { + "additionalProperties": false, + "properties": { + "data": { + "type": "string" + }, + "signature": { + "type": "string" + } + }, + "required": [ + "data", + "signature" + ], + "type": "object" + } + }, + "required": [ + "id", + "outputs", + "inputs" + ], + "type": "object" + } + ] + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent policies" + ] + } + }, + "/api/fleet/agent_status": { + "get": { + "description": "Get agent status summary", + "operationId": "%2Fapi%2Ffleet%2Fagent_status#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "policyId", + "required": false, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "policyIds", + "required": false, + "schema": { + "anyOf": [ + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "type": "string" + } + ] + } + }, + { + "in": "query", + "name": "kuery", + "required": false, + "schema": { + "deprecated": true, + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "results": { + "additionalProperties": false, + "properties": { + "active": { + "type": "number" + }, + "all": { + "type": "number" + }, + "error": { + "type": "number" + }, + "events": { + "type": "number" + }, + "inactive": { + "type": "number" + }, + "offline": { + "type": "number" + }, + "online": { + "type": "number" + }, + "other": { + "type": "number" + }, + "total": { + "deprecated": true, + "type": "number" + }, + "unenrolled": { + "type": "number" + }, + "updating": { + "type": "number" + } + }, + "required": [ + "events", + "total", + "online", + "error", + "offline", + "other", + "updating", + "inactive", + "unenrolled", + "all", + "active" + ], + "type": "object" + } + }, + "required": [ + "results" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent status" + ] + } + }, + "/api/fleet/agent_status/data": { + "get": { + "description": "Get incoming agent data", + "operationId": "%2Fapi%2Ffleet%2Fagent_status%2Fdata#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "agentsIds", + "required": true, + "schema": { + "anyOf": [ + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "type": "string" + } + ] + } + }, + { + "in": "query", + "name": "previewData", + "required": false, + "schema": { + "default": false, + "type": "boolean" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "dataPreview": { + "items": {}, + "type": "array" + }, + "items": { + "items": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "data": { + "type": "boolean" + } + }, + "required": [ + "data" + ], + "type": "object" + }, + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "items", + "dataPreview" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agents" + ] + } + }, + "/api/fleet/agents": { + "get": { + "description": "List agents", + "operationId": "%2Fapi%2Ffleet%2Fagents#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "page", + "required": false, + "schema": { + "default": 1, + "type": "number" + } + }, + { + "in": "query", + "name": "perPage", + "required": false, + "schema": { + "default": 20, + "type": "number" + } + }, + { + "in": "query", + "name": "kuery", + "required": false, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "showInactive", + "required": false, + "schema": { + "default": false, + "type": "boolean" + } + }, + { + "in": "query", + "name": "withMetrics", + "required": false, + "schema": { + "default": false, + "type": "boolean" + } + }, + { + "in": "query", + "name": "showUpgradeable", + "required": false, + "schema": { + "default": false, + "type": "boolean" + } + }, + { + "in": "query", + "name": "getStatusSummary", + "required": false, + "schema": { + "default": false, + "type": "boolean" + } + }, + { + "in": "query", + "name": "sortField", + "required": false, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "sortOrder", + "required": false, + "schema": { + "enum": [ + "asc", + "desc" + ], + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "additionalProperties": false, + "properties": { + "access_api_key": { + "type": "string" + }, + "access_api_key_id": { + "type": "string" + }, + "active": { + "type": "boolean" + }, + "agent": { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "version" + ], + "type": "object" + }, + "components": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "message": { + "type": "string" + }, + "status": { + "enum": [ + "STARTING", + "CONFIGURING", + "HEALTHY", + "DEGRADED", + "FAILED", + "STOPPING", + "STOPPED" + ], + "type": "string" + }, + "type": { + "type": "string" + }, + "units": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "message": { + "type": "string" + }, + "payload": { + "additionalProperties": {}, + "type": "object" + }, + "status": { + "enum": [ + "STARTING", + "CONFIGURING", + "HEALTHY", + "DEGRADED", + "FAILED", + "STOPPING", + "STOPPED" + ], + "type": "string" + }, + "type": { + "enum": [ + "input", + "output" + ], + "type": "string" + } + }, + "required": [ + "id", + "type", + "status", + "message" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "id", + "type", + "status", + "message" + ], + "type": "object" + }, + "type": "array" + }, + "default_api_key": { + "type": "string" + }, + "default_api_key_history": { + "items": { + "additionalProperties": false, + "deprecated": true, + "properties": { + "id": { + "type": "string" + }, + "retired_at": { + "type": "string" + } + }, + "required": [ + "id", + "retired_at" + ], + "type": "object" + }, + "type": "array" + }, + "default_api_key_id": { + "type": "string" + }, + "enrolled_at": { + "type": "string" + }, + "id": { + "type": "string" + }, + "last_checkin": { + "type": "string" + }, + "last_checkin_message": { + "type": "string" + }, + "last_checkin_status": { + "enum": [ + "error", + "online", + "degraded", + "updating", + "starting" + ], + "type": "string" + }, + "local_metadata": { + "additionalProperties": {}, + "type": "object" + }, + "metrics": { + "additionalProperties": false, + "properties": { + "cpu_avg": { + "type": "number" + }, + "memory_size_byte_avg": { + "type": "number" + } + }, + "type": "object" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "outputs": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "api_key_id": { + "type": "string" + }, + "to_retire_api_key_ids": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "retired_at": { + "type": "string" + } + }, + "required": [ + "id", + "retired_at" + ], + "type": "object" + }, + "type": "array" + }, + "type": { + "type": "string" + } + }, + "required": [ + "api_key_id", + "type" + ], + "type": "object" + }, + "type": "object" + }, + "packages": { + "items": { + "type": "string" + }, + "type": "array" + }, + "policy_id": { + "type": "string" + }, + "policy_revision": { + "nullable": true, + "type": "number" + }, + "sort": { + "items": { + "anyOf": [ + { + "type": "number" + }, + { + "type": "string" + }, + { + "enum": [], + "nullable": true + } + ] + }, + "type": "array" + }, + "status": { + "enum": [ + "offline", + "error", + "online", + "inactive", + "enrolling", + "unenrolling", + "unenrolled", + "updating", + "degraded" + ], + "type": "string" + }, + "tags": { + "items": { + "type": "string" + }, + "type": "array" + }, + "type": { + "enum": [ + "PERMANENT", + "EPHEMERAL", + "TEMPORARY" + ], + "type": "string" + }, + "unenrolled_at": { + "type": "string" + }, + "unenrollment_started_at": { + "type": "string" + }, + "unhealthy_reason": { + "items": { + "enum": [ + "input", + "output", + "other" + ], + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "upgrade_details": { + "additionalProperties": false, + "properties": { + "action_id": { + "type": "string" + }, + "metadata": { + "additionalProperties": false, + "properties": { + "download_percent": { + "type": "number" + }, + "download_rate": { + "type": "number" + }, + "error_msg": { + "type": "string" + }, + "failed_state": { + "enum": [ + "UPG_REQUESTED", + "UPG_SCHEDULED", + "UPG_DOWNLOADING", + "UPG_EXTRACTING", + "UPG_REPLACING", + "UPG_RESTARTING", + "UPG_FAILED", + "UPG_WATCHING", + "UPG_ROLLBACK" + ], + "type": "string" + }, + "retry_error_msg": { + "type": "string" + }, + "retry_until": { + "type": "string" + }, + "scheduled_at": { + "type": "string" + } + }, + "type": "object" + }, + "state": { + "enum": [ + "UPG_REQUESTED", + "UPG_SCHEDULED", + "UPG_DOWNLOADING", + "UPG_EXTRACTING", + "UPG_REPLACING", + "UPG_RESTARTING", + "UPG_FAILED", + "UPG_WATCHING", + "UPG_ROLLBACK" + ], + "type": "string" + }, + "target_version": { + "type": "string" + } + }, + "required": [ + "target_version", + "action_id", + "state" + ], + "type": "object" + }, + "upgrade_started_at": { + "nullable": true, + "type": "string" + }, + "upgraded_at": { + "nullable": true, + "type": "string" + }, + "user_provided_metadata": { + "additionalProperties": {}, + "type": "object" + } + }, + "required": [ + "id", + "packages", + "type", + "active", + "enrolled_at", + "local_metadata" + ], + "type": "object" + }, + "type": "array" + }, + "list": { + "deprecated": true, + "items": { + "additionalProperties": false, + "properties": { + "access_api_key": { + "type": "string" + }, + "access_api_key_id": { + "type": "string" + }, + "active": { + "type": "boolean" + }, + "agent": { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "version" + ], + "type": "object" + }, + "components": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "message": { + "type": "string" + }, + "status": { + "enum": [ + "STARTING", + "CONFIGURING", + "HEALTHY", + "DEGRADED", + "FAILED", + "STOPPING", + "STOPPED" + ], + "type": "string" + }, + "type": { + "type": "string" + }, + "units": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "message": { + "type": "string" + }, + "payload": { + "additionalProperties": {}, + "type": "object" + }, + "status": { + "enum": [ + "STARTING", + "CONFIGURING", + "HEALTHY", + "DEGRADED", + "FAILED", + "STOPPING", + "STOPPED" + ], + "type": "string" + }, + "type": { + "enum": [ + "input", + "output" + ], + "type": "string" + } + }, + "required": [ + "id", + "type", + "status", + "message" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "id", + "type", + "status", + "message" + ], + "type": "object" + }, + "type": "array" + }, + "default_api_key": { + "type": "string" + }, + "default_api_key_history": { + "items": { + "additionalProperties": false, + "deprecated": true, + "properties": { + "id": { + "type": "string" + }, + "retired_at": { + "type": "string" + } + }, + "required": [ + "id", + "retired_at" + ], + "type": "object" + }, + "type": "array" + }, + "default_api_key_id": { + "type": "string" + }, + "enrolled_at": { + "type": "string" + }, + "id": { + "type": "string" + }, + "last_checkin": { + "type": "string" + }, + "last_checkin_message": { + "type": "string" + }, + "last_checkin_status": { + "enum": [ + "error", + "online", + "degraded", + "updating", + "starting" + ], + "type": "string" + }, + "local_metadata": { + "additionalProperties": {}, + "type": "object" + }, + "metrics": { + "additionalProperties": false, + "properties": { + "cpu_avg": { + "type": "number" + }, + "memory_size_byte_avg": { + "type": "number" + } + }, + "type": "object" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "outputs": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "api_key_id": { + "type": "string" + }, + "to_retire_api_key_ids": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "retired_at": { + "type": "string" + } + }, + "required": [ + "id", + "retired_at" + ], + "type": "object" + }, + "type": "array" + }, + "type": { + "type": "string" + } + }, + "required": [ + "api_key_id", + "type" + ], + "type": "object" + }, + "type": "object" + }, + "packages": { + "items": { + "type": "string" + }, + "type": "array" + }, + "policy_id": { + "type": "string" + }, + "policy_revision": { + "nullable": true, + "type": "number" + }, + "sort": { + "items": { + "anyOf": [ + { + "type": "number" + }, + { + "type": "string" + }, + { + "enum": [], + "nullable": true + } + ] + }, + "type": "array" + }, + "status": { + "enum": [ + "offline", + "error", + "online", + "inactive", + "enrolling", + "unenrolling", + "unenrolled", + "updating", + "degraded" + ], + "type": "string" + }, + "tags": { + "items": { + "type": "string" + }, + "type": "array" + }, + "type": { + "enum": [ + "PERMANENT", + "EPHEMERAL", + "TEMPORARY" + ], + "type": "string" + }, + "unenrolled_at": { + "type": "string" + }, + "unenrollment_started_at": { + "type": "string" + }, + "unhealthy_reason": { + "items": { + "enum": [ + "input", + "output", + "other" + ], + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "upgrade_details": { + "additionalProperties": false, + "properties": { + "action_id": { + "type": "string" + }, + "metadata": { + "additionalProperties": false, + "properties": { + "download_percent": { + "type": "number" + }, + "download_rate": { + "type": "number" + }, + "error_msg": { + "type": "string" + }, + "failed_state": { + "enum": [ + "UPG_REQUESTED", + "UPG_SCHEDULED", + "UPG_DOWNLOADING", + "UPG_EXTRACTING", + "UPG_REPLACING", + "UPG_RESTARTING", + "UPG_FAILED", + "UPG_WATCHING", + "UPG_ROLLBACK" + ], + "type": "string" + }, + "retry_error_msg": { + "type": "string" + }, + "retry_until": { + "type": "string" + }, + "scheduled_at": { + "type": "string" + } + }, + "type": "object" + }, + "state": { + "enum": [ + "UPG_REQUESTED", + "UPG_SCHEDULED", + "UPG_DOWNLOADING", + "UPG_EXTRACTING", + "UPG_REPLACING", + "UPG_RESTARTING", + "UPG_FAILED", + "UPG_WATCHING", + "UPG_ROLLBACK" + ], + "type": "string" + }, + "target_version": { + "type": "string" + } + }, + "required": [ + "target_version", + "action_id", + "state" + ], + "type": "object" + }, + "upgrade_started_at": { + "nullable": true, + "type": "string" + }, + "upgraded_at": { + "nullable": true, + "type": "string" + }, + "user_provided_metadata": { + "additionalProperties": {}, + "type": "object" + } + }, + "required": [ + "id", + "packages", + "type", + "active", + "enrolled_at", + "local_metadata" + ], + "type": "object" + }, + "type": "array" + }, + "page": { + "type": "number" + }, + "perPage": { + "type": "number" + }, + "statusSummary": { + "additionalProperties": { + "type": "number" + }, + "type": "object" + }, + "total": { + "type": "number" + } + }, + "required": [ + "items", + "total", + "page", + "perPage" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agents" + ] + }, + "post": { + "description": "List agents by action ids", + "operationId": "%2Fapi%2Ffleet%2Fagents#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "actionIds": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "actionIds" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "items" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agents" + ] + } + }, + "/api/fleet/agents/action_status": { + "get": { + "description": "Get agent action status", + "operationId": "%2Fapi%2Ffleet%2Fagents%2Faction_status#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "page", + "required": false, + "schema": { + "default": 0, + "type": "number" + } + }, + { + "in": "query", + "name": "perPage", + "required": false, + "schema": { + "default": 20, + "type": "number" + } + }, + { + "in": "query", + "name": "date", + "required": false, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "latest", + "required": false, + "schema": { + "type": "number" + } + }, + { + "in": "query", + "name": "errorSize", + "required": false, + "schema": { + "default": 5, + "type": "number" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "additionalProperties": false, + "properties": { + "actionId": { + "type": "string" + }, + "cancellationTime": { + "type": "string" + }, + "completionTime": { + "type": "string" + }, + "creationTime": { + "description": "creation time of action", + "type": "string" + }, + "expiration": { + "type": "string" + }, + "hasRolloutPeriod": { + "type": "boolean" + }, + "latestErrors": { + "items": { + "additionalProperties": false, + "description": "latest errors that happened when the agents executed the action", + "properties": { + "agentId": { + "type": "string" + }, + "error": { + "type": "string" + }, + "hostname": { + "type": "string" + }, + "timestamp": { + "type": "string" + } + }, + "required": [ + "agentId", + "error", + "timestamp" + ], + "type": "object" + }, + "type": "array" + }, + "nbAgentsAck": { + "description": "number of agents that acknowledged the action", + "type": "number" + }, + "nbAgentsActionCreated": { + "description": "number of agents included in action from kibana", + "type": "number" + }, + "nbAgentsActioned": { + "description": "number of agents actioned", + "type": "number" + }, + "nbAgentsFailed": { + "description": "number of agents that failed to execute the action", + "type": "number" + }, + "newPolicyId": { + "description": "new policy id (POLICY_REASSIGN action)", + "type": "string" + }, + "policyId": { + "description": "policy id (POLICY_CHANGE action)", + "type": "string" + }, + "revision": { + "description": "new policy revision (POLICY_CHANGE action)", + "type": "number" + }, + "startTime": { + "description": "start time of action (scheduled actions)", + "type": "string" + }, + "status": { + "enum": [ + "COMPLETE", + "EXPIRED", + "CANCELLED", + "FAILED", + "IN_PROGRESS", + "ROLLOUT_PASSED" + ], + "type": "string" + }, + "type": { + "enum": [ + "UPGRADE", + "UNENROLL", + "SETTINGS", + "POLICY_REASSIGN", + "CANCEL", + "FORCE_UNENROLL", + "REQUEST_DIAGNOSTICS", + "UPDATE_TAGS", + "POLICY_CHANGE", + "INPUT_ACTION" + ], + "type": "string" + }, + "version": { + "description": "agent version number (UPGRADE action)", + "type": "string" + } + }, + "required": [ + "actionId", + "nbAgentsActionCreated", + "nbAgentsAck", + "nbAgentsFailed", + "type", + "nbAgentsActioned", + "status", + "creationTime" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "items" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent actions" + ] + } + }, + "/api/fleet/agents/actions/{actionId}/cancel": { + "post": { + "description": "Cancel agent action", + "operationId": "%2Fapi%2Ffleet%2Fagents%2Factions%2F%7BactionId%7D%2Fcancel#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "actionId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "ack_data": {}, + "agents": { + "items": { + "type": "string" + }, + "type": "array" + }, + "created_at": { + "type": "string" + }, + "data": {}, + "expiration": { + "type": "string" + }, + "id": { + "type": "string" + }, + "minimum_execution_duration": { + "type": "number" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "rollout_duration_seconds": { + "type": "number" + }, + "sent_at": { + "type": "string" + }, + "source_uri": { + "type": "string" + }, + "start_time": { + "type": "string" + }, + "total": { + "type": "number" + }, + "type": { + "type": "string" + } + }, + "required": [ + "id", + "type", + "data", + "created_at", + "ack_data", + "agents" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent actions" + ] + } + }, + "/api/fleet/agents/available_versions": { + "get": { + "description": "Get available agent versions", + "operationId": "%2Fapi%2Ffleet%2Fagents%2Favailable_versions#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "items" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agents" + ] + } + }, + "/api/fleet/agents/bulk_reassign": { + "post": { + "description": "Bulk reassign agents", + "operationId": "%2Fapi%2Ffleet%2Fagents%2Fbulk_reassign#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "agents": { + "anyOf": [ + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "type": "string" + } + ] + }, + "batchSize": { + "type": "number" + }, + "includeInactive": { + "default": false, + "type": "boolean" + }, + "policy_id": { + "type": "string" + } + }, + "required": [ + "policy_id", + "agents" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "actionId": { + "type": "string" + } + }, + "required": [ + "actionId" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent actions" + ] + } + }, + "/api/fleet/agents/bulk_request_diagnostics": { + "post": { + "description": "Bulk request diagnostics from agents", + "operationId": "%2Fapi%2Ffleet%2Fagents%2Fbulk_request_diagnostics#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "additional_metrics": { + "items": { + "enum": [ + "CPU" + ], + "type": "string" + }, + "type": "array" + }, + "agents": { + "anyOf": [ + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "type": "string" + } + ] + }, + "batchSize": { + "type": "number" + } + }, + "required": [ + "agents" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "actionId": { + "type": "string" + } + }, + "required": [ + "actionId" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent actions" + ] + } + }, + "/api/fleet/agents/bulk_unenroll": { + "post": { + "description": "Bulk unenroll agents", + "operationId": "%2Fapi%2Ffleet%2Fagents%2Fbulk_unenroll#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "agents": { + "anyOf": [ + { + "items": { + "description": "KQL query string, leave empty to action all agents", + "type": "string" + }, + "type": "array" + }, + { + "description": "list of agent IDs", + "type": "string" + } + ] + }, + "batchSize": { + "type": "number" + }, + "force": { + "description": "Unenrolls hosted agents too", + "type": "boolean" + }, + "includeInactive": { + "description": "When passing agents by KQL query, unenrolls inactive agents too", + "type": "boolean" + }, + "revoke": { + "description": "Revokes API keys of agents", + "type": "boolean" + } + }, + "required": [ + "agents" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "actionId": { + "type": "string" + } + }, + "required": [ + "actionId" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent actions" + ] + } + }, + "/api/fleet/agents/bulk_update_agent_tags": { + "post": { + "description": "Bulk update agent tags", + "operationId": "%2Fapi%2Ffleet%2Fagents%2Fbulk_update_agent_tags#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "agents": { + "anyOf": [ + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "type": "string" + } + ] + }, + "batchSize": { + "type": "number" + }, + "includeInactive": { + "default": false, + "type": "boolean" + }, + "tagsToAdd": { + "items": { + "type": "string" + }, + "type": "array" + }, + "tagsToRemove": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "agents" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "actionId": { + "type": "string" + } + }, + "required": [ + "actionId" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent actions" + ] + } + }, + "/api/fleet/agents/bulk_upgrade": { + "post": { + "description": "Bulk upgrade agents", + "operationId": "%2Fapi%2Ffleet%2Fagents%2Fbulk_upgrade#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "agents": { + "anyOf": [ + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "type": "string" + } + ] + }, + "batchSize": { + "type": "number" + }, + "force": { + "type": "boolean" + }, + "includeInactive": { + "default": false, + "type": "boolean" + }, + "rollout_duration_seconds": { + "minimum": 600, + "type": "number" + }, + "skipRateLimitCheck": { + "type": "boolean" + }, + "source_uri": { + "type": "string" + }, + "start_time": { + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "agents", + "version" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "actionId": { + "type": "string" + } + }, + "required": [ + "actionId" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent actions" + ] + } + }, + "/api/fleet/agents/files/{fileId}": { + "delete": { + "description": "Delete file uploaded by agent", + "operationId": "%2Fapi%2Ffleet%2Fagents%2Ffiles%2F%7BfileId%7D#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "fileId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "deleted": { + "type": "boolean" + }, + "id": { + "type": "string" + } + }, + "required": [ + "id", + "deleted" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agents" + ] + } + }, + "/api/fleet/agents/files/{fileId}/{fileName}": { + "get": { + "description": "Get file uploaded by agent", + "operationId": "%2Fapi%2Ffleet%2Fagents%2Ffiles%2F%7BfileId%7D%2F%7BfileName%7D#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "path", + "name": "fileId", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "path", + "name": "fileName", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agents" + ] + } + }, + "/api/fleet/agents/setup": { + "get": { + "description": "Get agent setup info", + "operationId": "%2Fapi%2Ffleet%2Fagents%2Fsetup#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "A summary of the agent setup status. `isReady` indicates whether the setup is ready. If the setup is not ready, `missing_requirements` lists which requirements are missing.", + "properties": { + "isReady": { + "type": "boolean" + }, + "is_secrets_storage_enabled": { + "type": "boolean" + }, + "is_space_awareness_enabled": { + "type": "boolean" + }, + "missing_optional_features": { + "items": { + "enum": [ + "encrypted_saved_object_encryption_key_required" + ], + "type": "string" + }, + "type": "array" + }, + "missing_requirements": { + "items": { + "enum": [ + "security_required", + "tls_required", + "api_keys", + "fleet_admin_user", + "fleet_server" + ], + "type": "string" + }, + "type": "array" + }, + "package_verification_key_id": { + "type": "string" + } + }, + "required": [ + "isReady", + "missing_requirements", + "missing_optional_features" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agents" + ] + }, + "post": { + "description": "Initiate agent setup", + "operationId": "%2Fapi%2Ffleet%2Fagents%2Fsetup#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "A summary of the result of Fleet's `setup` lifecycle. If `isInitialized` is true, Fleet is ready to accept agent enrollment. `nonFatalErrors` may include useful insight into non-blocking issues with Fleet setup.", + "properties": { + "isInitialized": { + "type": "boolean" + }, + "nonFatalErrors": { + "items": { + "additionalProperties": false, + "properties": { + "message": { + "type": "string" + }, + "name": { + "type": "string" + } + }, + "required": [ + "name", + "message" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "isInitialized", + "nonFatalErrors" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agents" + ] + } + }, + "/api/fleet/agents/tags": { + "get": { + "description": "List agent tags", + "operationId": "%2Fapi%2Ffleet%2Fagents%2Ftags#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "kuery", + "required": false, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "showInactive", + "required": false, + "schema": { + "default": false, + "type": "boolean" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "items" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agents" + ] + } + }, + "/api/fleet/agents/{agentId}": { + "delete": { + "description": "Delete agent by ID", + "operationId": "%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D#2", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "agentId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "action": { + "enum": [ + "deleted" + ], + "type": "string" + } + }, + "required": [ + "action" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agents" + ] + }, + "get": { + "description": "Get agent by ID", + "operationId": "%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "path", + "name": "agentId", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "withMetrics", + "required": false, + "schema": { + "default": false, + "type": "boolean" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "access_api_key": { + "type": "string" + }, + "access_api_key_id": { + "type": "string" + }, + "active": { + "type": "boolean" + }, + "agent": { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "version" + ], + "type": "object" + }, + "components": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "message": { + "type": "string" + }, + "status": { + "enum": [ + "STARTING", + "CONFIGURING", + "HEALTHY", + "DEGRADED", + "FAILED", + "STOPPING", + "STOPPED" + ], + "type": "string" + }, + "type": { + "type": "string" + }, + "units": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "message": { + "type": "string" + }, + "payload": { + "additionalProperties": {}, + "type": "object" + }, + "status": { + "enum": [ + "STARTING", + "CONFIGURING", + "HEALTHY", + "DEGRADED", + "FAILED", + "STOPPING", + "STOPPED" + ], + "type": "string" + }, + "type": { + "enum": [ + "input", + "output" + ], + "type": "string" + } + }, + "required": [ + "id", + "type", + "status", + "message" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "id", + "type", + "status", + "message" + ], + "type": "object" + }, + "type": "array" + }, + "default_api_key": { + "type": "string" + }, + "default_api_key_history": { + "items": { + "additionalProperties": false, + "deprecated": true, + "properties": { + "id": { + "type": "string" + }, + "retired_at": { + "type": "string" + } + }, + "required": [ + "id", + "retired_at" + ], + "type": "object" + }, + "type": "array" + }, + "default_api_key_id": { + "type": "string" + }, + "enrolled_at": { + "type": "string" + }, + "id": { + "type": "string" + }, + "last_checkin": { + "type": "string" + }, + "last_checkin_message": { + "type": "string" + }, + "last_checkin_status": { + "enum": [ + "error", + "online", + "degraded", + "updating", + "starting" + ], + "type": "string" + }, + "local_metadata": { + "additionalProperties": {}, + "type": "object" + }, + "metrics": { + "additionalProperties": false, + "properties": { + "cpu_avg": { + "type": "number" + }, + "memory_size_byte_avg": { + "type": "number" + } + }, + "type": "object" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "outputs": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "api_key_id": { + "type": "string" + }, + "to_retire_api_key_ids": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "retired_at": { + "type": "string" + } + }, + "required": [ + "id", + "retired_at" + ], + "type": "object" + }, + "type": "array" + }, + "type": { + "type": "string" + } + }, + "required": [ + "api_key_id", + "type" + ], + "type": "object" + }, + "type": "object" + }, + "packages": { + "items": { + "type": "string" + }, + "type": "array" + }, + "policy_id": { + "type": "string" + }, + "policy_revision": { + "nullable": true, + "type": "number" + }, + "sort": { + "items": { + "anyOf": [ + { + "type": "number" + }, + { + "type": "string" + }, + { + "enum": [], + "nullable": true + } + ] + }, + "type": "array" + }, + "status": { + "enum": [ + "offline", + "error", + "online", + "inactive", + "enrolling", + "unenrolling", + "unenrolled", + "updating", + "degraded" + ], + "type": "string" + }, + "tags": { + "items": { + "type": "string" + }, + "type": "array" + }, + "type": { + "enum": [ + "PERMANENT", + "EPHEMERAL", + "TEMPORARY" + ], + "type": "string" + }, + "unenrolled_at": { + "type": "string" + }, + "unenrollment_started_at": { + "type": "string" + }, + "unhealthy_reason": { + "items": { + "enum": [ + "input", + "output", + "other" + ], + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "upgrade_details": { + "additionalProperties": false, + "properties": { + "action_id": { + "type": "string" + }, + "metadata": { + "additionalProperties": false, + "properties": { + "download_percent": { + "type": "number" + }, + "download_rate": { + "type": "number" + }, + "error_msg": { + "type": "string" + }, + "failed_state": { + "enum": [ + "UPG_REQUESTED", + "UPG_SCHEDULED", + "UPG_DOWNLOADING", + "UPG_EXTRACTING", + "UPG_REPLACING", + "UPG_RESTARTING", + "UPG_FAILED", + "UPG_WATCHING", + "UPG_ROLLBACK" + ], + "type": "string" + }, + "retry_error_msg": { + "type": "string" + }, + "retry_until": { + "type": "string" + }, + "scheduled_at": { + "type": "string" + } + }, + "type": "object" + }, + "state": { + "enum": [ + "UPG_REQUESTED", + "UPG_SCHEDULED", + "UPG_DOWNLOADING", + "UPG_EXTRACTING", + "UPG_REPLACING", + "UPG_RESTARTING", + "UPG_FAILED", + "UPG_WATCHING", + "UPG_ROLLBACK" + ], + "type": "string" + }, + "target_version": { + "type": "string" + } + }, + "required": [ + "target_version", + "action_id", + "state" + ], + "type": "object" + }, + "upgrade_started_at": { + "nullable": true, + "type": "string" + }, + "upgraded_at": { + "nullable": true, + "type": "string" + }, + "user_provided_metadata": { + "additionalProperties": {}, + "type": "object" + } + }, + "required": [ + "id", + "packages", + "type", + "active", + "enrolled_at", + "local_metadata" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agents" + ] + }, + "put": { + "description": "Update agent by ID", + "operationId": "%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "agentId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "tags": { + "items": { + "type": "string" + }, + "type": "array" + }, + "user_provided_metadata": { + "additionalProperties": {}, + "type": "object" + } + }, + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "access_api_key": { + "type": "string" + }, + "access_api_key_id": { + "type": "string" + }, + "active": { + "type": "boolean" + }, + "agent": { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "version" + ], + "type": "object" + }, + "components": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "message": { + "type": "string" + }, + "status": { + "enum": [ + "STARTING", + "CONFIGURING", + "HEALTHY", + "DEGRADED", + "FAILED", + "STOPPING", + "STOPPED" + ], + "type": "string" + }, + "type": { + "type": "string" + }, + "units": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "message": { + "type": "string" + }, + "payload": { + "additionalProperties": {}, + "type": "object" + }, + "status": { + "enum": [ + "STARTING", + "CONFIGURING", + "HEALTHY", + "DEGRADED", + "FAILED", + "STOPPING", + "STOPPED" + ], + "type": "string" + }, + "type": { + "enum": [ + "input", + "output" + ], + "type": "string" + } + }, + "required": [ + "id", + "type", + "status", + "message" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "id", + "type", + "status", + "message" + ], + "type": "object" + }, + "type": "array" + }, + "default_api_key": { + "type": "string" + }, + "default_api_key_history": { + "items": { + "additionalProperties": false, + "deprecated": true, + "properties": { + "id": { + "type": "string" + }, + "retired_at": { + "type": "string" + } + }, + "required": [ + "id", + "retired_at" + ], + "type": "object" + }, + "type": "array" + }, + "default_api_key_id": { + "type": "string" + }, + "enrolled_at": { + "type": "string" + }, + "id": { + "type": "string" + }, + "last_checkin": { + "type": "string" + }, + "last_checkin_message": { + "type": "string" + }, + "last_checkin_status": { + "enum": [ + "error", + "online", + "degraded", + "updating", + "starting" + ], + "type": "string" + }, + "local_metadata": { + "additionalProperties": {}, + "type": "object" + }, + "metrics": { + "additionalProperties": false, + "properties": { + "cpu_avg": { + "type": "number" + }, + "memory_size_byte_avg": { + "type": "number" + } + }, + "type": "object" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "outputs": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "api_key_id": { + "type": "string" + }, + "to_retire_api_key_ids": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "retired_at": { + "type": "string" + } + }, + "required": [ + "id", + "retired_at" + ], + "type": "object" + }, + "type": "array" + }, + "type": { + "type": "string" + } + }, + "required": [ + "api_key_id", + "type" + ], + "type": "object" + }, + "type": "object" + }, + "packages": { + "items": { + "type": "string" + }, + "type": "array" + }, + "policy_id": { + "type": "string" + }, + "policy_revision": { + "nullable": true, + "type": "number" + }, + "sort": { + "items": { + "anyOf": [ + { + "type": "number" + }, + { + "type": "string" + }, + { + "enum": [], + "nullable": true + } + ] + }, + "type": "array" + }, + "status": { + "enum": [ + "offline", + "error", + "online", + "inactive", + "enrolling", + "unenrolling", + "unenrolled", + "updating", + "degraded" + ], + "type": "string" + }, + "tags": { + "items": { + "type": "string" + }, + "type": "array" + }, + "type": { + "enum": [ + "PERMANENT", + "EPHEMERAL", + "TEMPORARY" + ], + "type": "string" + }, + "unenrolled_at": { + "type": "string" + }, + "unenrollment_started_at": { + "type": "string" + }, + "unhealthy_reason": { + "items": { + "enum": [ + "input", + "output", + "other" + ], + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "upgrade_details": { + "additionalProperties": false, + "properties": { + "action_id": { + "type": "string" + }, + "metadata": { + "additionalProperties": false, + "properties": { + "download_percent": { + "type": "number" + }, + "download_rate": { + "type": "number" + }, + "error_msg": { + "type": "string" + }, + "failed_state": { + "enum": [ + "UPG_REQUESTED", + "UPG_SCHEDULED", + "UPG_DOWNLOADING", + "UPG_EXTRACTING", + "UPG_REPLACING", + "UPG_RESTARTING", + "UPG_FAILED", + "UPG_WATCHING", + "UPG_ROLLBACK" + ], + "type": "string" + }, + "retry_error_msg": { + "type": "string" + }, + "retry_until": { + "type": "string" + }, + "scheduled_at": { + "type": "string" + } + }, + "type": "object" + }, + "state": { + "enum": [ + "UPG_REQUESTED", + "UPG_SCHEDULED", + "UPG_DOWNLOADING", + "UPG_EXTRACTING", + "UPG_REPLACING", + "UPG_RESTARTING", + "UPG_FAILED", + "UPG_WATCHING", + "UPG_ROLLBACK" + ], + "type": "string" + }, + "target_version": { + "type": "string" + } + }, + "required": [ + "target_version", + "action_id", + "state" + ], + "type": "object" + }, + "upgrade_started_at": { + "nullable": true, + "type": "string" + }, + "upgraded_at": { + "nullable": true, + "type": "string" + }, + "user_provided_metadata": { + "additionalProperties": {}, + "type": "object" + } + }, + "required": [ + "id", + "packages", + "type", + "active", + "enrolled_at", + "local_metadata" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agents" + ] + } + }, + "/api/fleet/agents/{agentId}/actions": { + "post": { + "description": "Create agent action", + "operationId": "%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Factions#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "agentId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "action": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "ack_data": {}, + "data": {}, + "type": { + "enum": [ + "UNENROLL", + "UPGRADE", + "POLICY_REASSIGN" + ], + "type": "string" + } + }, + "required": [ + "type", + "data", + "ack_data" + ], + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "data": { + "additionalProperties": false, + "properties": { + "log_level": { + "enum": [ + "debug", + "info", + "warning", + "error" + ], + "nullable": true, + "type": "string" + } + }, + "required": [ + "log_level" + ], + "type": "object" + }, + "type": { + "enum": [ + "SETTINGS" + ], + "type": "string" + } + }, + "required": [ + "type", + "data" + ], + "type": "object" + } + ] + } + }, + "required": [ + "action" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "ack_data": {}, + "agents": { + "items": { + "type": "string" + }, + "type": "array" + }, + "created_at": { + "type": "string" + }, + "data": {}, + "expiration": { + "type": "string" + }, + "id": { + "type": "string" + }, + "minimum_execution_duration": { + "type": "number" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "rollout_duration_seconds": { + "type": "number" + }, + "sent_at": { + "type": "string" + }, + "source_uri": { + "type": "string" + }, + "start_time": { + "type": "string" + }, + "total": { + "type": "number" + }, + "type": { + "type": "string" + } + }, + "required": [ + "id", + "type", + "data", + "created_at", + "ack_data", + "agents" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent actions" + ] + } + }, + "/api/fleet/agents/{agentId}/reassign": { + "post": { + "description": "Reassign agent", + "operationId": "%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Freassign#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "agentId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "policy_id": { + "type": "string" + } + }, + "required": [ + "policy_id" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": {}, + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent actions" + ] + }, + "put": { + "deprecated": true, + "operationId": "%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Freassign#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "agentId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "policy_id": { + "type": "string" + } + }, + "required": [ + "policy_id" + ], + "type": "object" + } + } + } + }, + "responses": {}, + "summary": "", + "tags": [] + } + }, + "/api/fleet/agents/{agentId}/request_diagnostics": { + "post": { + "description": "Request agent diagnostics", + "operationId": "%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Frequest_diagnostics#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "agentId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "nullable": true, + "properties": { + "additional_metrics": { + "items": { + "enum": [ + "CPU" + ], + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "actionId": { + "type": "string" + } + }, + "required": [ + "actionId" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent actions" + ] + } + }, + "/api/fleet/agents/{agentId}/unenroll": { + "post": { + "description": "Unenroll agent", + "operationId": "%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Funenroll#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "agentId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "nullable": true, + "properties": { + "force": { + "type": "boolean" + }, + "revoke": { + "type": "boolean" + } + }, + "type": "object" + } + } + } + }, + "responses": {}, + "summary": "", + "tags": [ + "Elastic Agent actions" + ] + } + }, + "/api/fleet/agents/{agentId}/upgrade": { + "post": { + "description": "Upgrade agent", + "operationId": "%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Fupgrade#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "agentId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "force": { + "type": "boolean" + }, + "skipRateLimitCheck": { + "type": "boolean" + }, + "source_uri": { + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "version" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": {}, + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent actions" + ] + } + }, + "/api/fleet/agents/{agentId}/uploads": { + "get": { + "description": "List agent uploads", + "operationId": "%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Fuploads#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "path", + "name": "agentId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "additionalProperties": false, + "properties": { + "actionId": { + "type": "string" + }, + "createTime": { + "type": "string" + }, + "error": { + "type": "string" + }, + "filePath": { + "type": "string" + }, + "id": { + "type": "string" + }, + "name": { + "type": "string" + }, + "status": { + "enum": [ + "READY", + "AWAITING_UPLOAD", + "DELETED", + "EXPIRED", + "IN_PROGRESS", + "FAILED" + ], + "type": "string" + } + }, + "required": [ + "id", + "name", + "filePath", + "createTime", + "status", + "actionId" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "items" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agents" + ] + } + }, + "/api/fleet/check-permissions": { + "get": { + "description": "Check permissions", + "operationId": "%2Fapi%2Ffleet%2Fcheck-permissions#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "fleetServerSetup", + "required": false, + "schema": { + "type": "boolean" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "error": { + "enum": [ + "MISSING_SECURITY", + "MISSING_PRIVILEGES", + "MISSING_FLEET_SERVER_SETUP_PRIVILEGES" + ], + "type": "string" + }, + "success": { + "type": "boolean" + } + }, + "required": [ + "success" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet internals" + ] + } + }, + "/api/fleet/data_streams": { + "get": { + "description": "List data streams", + "operationId": "%2Fapi%2Ffleet%2Fdata_streams#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "data_streams": { + "items": { + "additionalProperties": false, + "properties": { + "dashboards": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "title": { + "type": "string" + } + }, + "required": [ + "id", + "title" + ], + "type": "object" + }, + "type": "array" + }, + "dataset": { + "type": "string" + }, + "index": { + "type": "string" + }, + "last_activity_ms": { + "type": "number" + }, + "namespace": { + "type": "string" + }, + "package": { + "type": "string" + }, + "package_version": { + "type": "string" + }, + "serviceDetails": { + "additionalProperties": false, + "nullable": true, + "properties": { + "environment": { + "type": "string" + }, + "serviceName": { + "type": "string" + } + }, + "required": [ + "environment", + "serviceName" + ], + "type": "object" + }, + "size_in_bytes": { + "type": "number" + }, + "size_in_bytes_formatted": { + "anyOf": [ + { + "type": "number" + }, + { + "type": "string" + } + ] + }, + "type": { + "type": "string" + } + }, + "required": [ + "index", + "dataset", + "namespace", + "type", + "package", + "package_version", + "last_activity_ms", + "size_in_bytes", + "size_in_bytes_formatted", + "dashboards", + "serviceDetails" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "data_streams" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Data streams" + ] + } + }, + "/api/fleet/enrollment-api-keys": { + "get": { + "deprecated": true, + "operationId": "%2Fapi%2Ffleet%2Fenrollment-api-keys#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "page", + "required": false, + "schema": { + "default": 1, + "type": "number" + } + }, + { + "in": "query", + "name": "perPage", + "required": false, + "schema": { + "default": 20, + "type": "number" + } + }, + { + "in": "query", + "name": "kuery", + "required": false, + "schema": { + "type": "string" + } + } + ], + "responses": {}, + "summary": "", + "tags": [] + }, + "post": { + "deprecated": true, + "operationId": "%2Fapi%2Ffleet%2Fenrollment-api-keys#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "expiration": { + "type": "string" + }, + "name": { + "type": "string" + }, + "policy_id": { + "type": "string" + } + }, + "required": [ + "policy_id" + ], + "type": "object" + } + } + } + }, + "responses": {}, + "summary": "", + "tags": [] + } + }, + "/api/fleet/enrollment-api-keys/{keyId}": { + "delete": { + "deprecated": true, + "operationId": "%2Fapi%2Ffleet%2Fenrollment-api-keys%2F%7BkeyId%7D#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "keyId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": {}, + "summary": "", + "tags": [] + }, + "get": { + "deprecated": true, + "operationId": "%2Fapi%2Ffleet%2Fenrollment-api-keys%2F%7BkeyId%7D#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "path", + "name": "keyId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": {}, + "summary": "", + "tags": [] + } + }, + "/api/fleet/enrollment_api_keys": { + "get": { + "description": "List enrollment API keys", + "operationId": "%2Fapi%2Ffleet%2Fenrollment_api_keys#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "page", + "required": false, + "schema": { + "default": 1, + "type": "number" + } + }, + { + "in": "query", + "name": "perPage", + "required": false, + "schema": { + "default": 20, + "type": "number" + } + }, + { + "in": "query", + "name": "kuery", + "required": false, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "additionalProperties": false, + "properties": { + "active": { + "description": "When false, the enrollment API key is revoked and cannot be used for enrolling Elastic Agents.", + "type": "boolean" + }, + "api_key": { + "description": "The enrollment API key (token) used for enrolling Elastic Agents.", + "type": "string" + }, + "api_key_id": { + "description": "The ID of the API key in the Security API.", + "type": "string" + }, + "created_at": { + "type": "string" + }, + "id": { + "type": "string" + }, + "name": { + "description": "The name of the enrollment API key.", + "type": "string" + }, + "policy_id": { + "description": "The ID of the agent policy the Elastic Agent will be enrolled in.", + "type": "string" + } + }, + "required": [ + "id", + "api_key_id", + "api_key", + "active", + "created_at" + ], + "type": "object" + }, + "type": "array" + }, + "list": { + "deprecated": true, + "items": { + "additionalProperties": false, + "properties": { + "active": { + "description": "When false, the enrollment API key is revoked and cannot be used for enrolling Elastic Agents.", + "type": "boolean" + }, + "api_key": { + "description": "The enrollment API key (token) used for enrolling Elastic Agents.", + "type": "string" + }, + "api_key_id": { + "description": "The ID of the API key in the Security API.", + "type": "string" + }, + "created_at": { + "type": "string" + }, + "id": { + "type": "string" + }, + "name": { + "description": "The name of the enrollment API key.", + "type": "string" + }, + "policy_id": { + "description": "The ID of the agent policy the Elastic Agent will be enrolled in.", + "type": "string" + } + }, + "required": [ + "id", + "api_key_id", + "api_key", + "active", + "created_at" + ], + "type": "object" + }, + "type": "array" + }, + "page": { + "type": "number" + }, + "perPage": { + "type": "number" + }, + "total": { + "type": "number" + } + }, + "required": [ + "items", + "total", + "page", + "perPage", + "list" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet enrollment API keys" + ] + }, + "post": { + "description": "Create enrollment API key", + "operationId": "%2Fapi%2Ffleet%2Fenrollment_api_keys#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "expiration": { + "type": "string" + }, + "name": { + "type": "string" + }, + "policy_id": { + "type": "string" + } + }, + "required": [ + "policy_id" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "action": { + "enum": [ + "created" + ], + "type": "string" + }, + "item": { + "additionalProperties": false, + "properties": { + "active": { + "description": "When false, the enrollment API key is revoked and cannot be used for enrolling Elastic Agents.", + "type": "boolean" + }, + "api_key": { + "description": "The enrollment API key (token) used for enrolling Elastic Agents.", + "type": "string" + }, + "api_key_id": { + "description": "The ID of the API key in the Security API.", + "type": "string" + }, + "created_at": { + "type": "string" + }, + "id": { + "type": "string" + }, + "name": { + "description": "The name of the enrollment API key.", + "type": "string" + }, + "policy_id": { + "description": "The ID of the agent policy the Elastic Agent will be enrolled in.", + "type": "string" + } + }, + "required": [ + "id", + "api_key_id", + "api_key", + "active", + "created_at" + ], + "type": "object" + } + }, + "required": [ + "item", + "action" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet enrollment API keys" + ] + } + }, + "/api/fleet/enrollment_api_keys/{keyId}": { + "delete": { + "description": "Revoke enrollment API key by ID by marking it as inactive", + "operationId": "%2Fapi%2Ffleet%2Fenrollment_api_keys%2F%7BkeyId%7D#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "keyId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "action": { + "enum": [ + "deleted" + ], + "type": "string" + } + }, + "required": [ + "action" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet enrollment API keys" + ] + }, + "get": { + "description": "Get enrollment API key by ID", + "operationId": "%2Fapi%2Ffleet%2Fenrollment_api_keys%2F%7BkeyId%7D#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "path", + "name": "keyId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "active": { + "description": "When false, the enrollment API key is revoked and cannot be used for enrolling Elastic Agents.", + "type": "boolean" + }, + "api_key": { + "description": "The enrollment API key (token) used for enrolling Elastic Agents.", + "type": "string" + }, + "api_key_id": { + "description": "The ID of the API key in the Security API.", + "type": "string" + }, + "created_at": { + "type": "string" + }, + "id": { + "type": "string" + }, + "name": { + "description": "The name of the enrollment API key.", + "type": "string" + }, + "policy_id": { + "description": "The ID of the agent policy the Elastic Agent will be enrolled in.", + "type": "string" + } + }, + "required": [ + "id", + "api_key_id", + "api_key", + "active", + "created_at" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet enrollment API keys" + ] + } + }, + "/api/fleet/epm/bulk_assets": { + "post": { + "description": "Bulk get assets", + "operationId": "%2Fapi%2Ffleet%2Fepm%2Fbulk_assets#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "assetIds": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "assetIds" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "additionalProperties": false, + "properties": { + "appLink": { + "type": "string" + }, + "attributes": { + "additionalProperties": false, + "properties": { + "description": { + "type": "string" + }, + "service": { + "type": "string" + }, + "title": { + "type": "string" + } + }, + "type": "object" + }, + "id": { + "type": "string" + }, + "type": { + "type": "string" + }, + "updatedAt": { + "type": "string" + } + }, + "required": [ + "id", + "type", + "attributes" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "items" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Package Manager (EPM)" + ] + } + }, + "/api/fleet/epm/categories": { + "get": { + "description": "List package categories", + "operationId": "%2Fapi%2Ffleet%2Fepm%2Fcategories#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "prerelease", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "experimental", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "include_policy_templates", + "required": false, + "schema": { + "type": "boolean" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "additionalProperties": false, + "properties": { + "count": { + "type": "number" + }, + "id": { + "type": "string" + }, + "parent_id": { + "type": "string" + }, + "parent_title": { + "type": "string" + }, + "title": { + "type": "string" + } + }, + "required": [ + "id", + "title", + "count" + ], + "type": "object" + }, + "type": "array" + }, + "response": { + "items": { + "additionalProperties": false, + "deprecated": true, + "properties": { + "count": { + "type": "number" + }, + "id": { + "type": "string" + }, + "parent_id": { + "type": "string" + }, + "parent_title": { + "type": "string" + }, + "title": { + "type": "string" + } + }, + "required": [ + "id", + "title", + "count" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "items" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Package Manager (EPM)" + ] + } + }, + "/api/fleet/epm/custom_integrations": { + "post": { + "description": "Create custom integration", + "operationId": "%2Fapi%2Ffleet%2Fepm%2Fcustom_integrations#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "datasets": { + "items": { + "additionalProperties": false, + "properties": { + "name": { + "type": "string" + }, + "type": { + "enum": [ + "logs", + "metrics", + "traces", + "synthetics", + "profiling" + ], + "type": "string" + } + }, + "required": [ + "name", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "force": { + "type": "boolean" + }, + "integrationName": { + "type": "string" + } + }, + "required": [ + "integrationName", + "datasets" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "_meta": { + "additionalProperties": false, + "properties": { + "install_source": { + "type": "string" + } + }, + "required": [ + "install_source" + ], + "type": "object" + }, + "items": { + "items": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "originId": { + "type": "string" + }, + "type": { + "enum": [ + "dashboard", + "lens", + "visualization", + "search", + "index-pattern", + "map", + "ml-module", + "security-rule", + "csp-rule-template", + "osquery-pack-asset", + "osquery-saved-query", + "tag" + ], + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "deferred": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "type": { + "enum": [ + "index", + "index_template", + "component_template", + "ingest_pipeline", + "ilm_policy", + "data_stream_ilm_policy", + "transform", + "ml_model" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + } + ] + }, + "type": "array" + }, + "response": { + "deprecated": true, + "items": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "originId": { + "type": "string" + }, + "type": { + "enum": [ + "dashboard", + "lens", + "visualization", + "search", + "index-pattern", + "map", + "ml-module", + "security-rule", + "csp-rule-template", + "osquery-pack-asset", + "osquery-saved-query", + "tag" + ], + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "deferred": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "type": { + "enum": [ + "index", + "index_template", + "component_template", + "ingest_pipeline", + "ilm_policy", + "data_stream_ilm_policy", + "transform", + "ml_model" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + } + ] + }, + "type": "array" + } + }, + "required": [ + "items", + "_meta" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Package Manager (EPM)" + ] + } + }, + "/api/fleet/epm/data_streams": { + "get": { + "description": "List data streams", + "operationId": "%2Fapi%2Ffleet%2Fepm%2Fdata_streams#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "type", + "required": false, + "schema": { + "enum": [ + "logs", + "metrics", + "traces", + "synthetics", + "profiling" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "datasetQuery", + "required": false, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "sortOrder", + "required": false, + "schema": { + "default": "asc", + "enum": [ + "asc", + "desc" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "uncategorisedOnly", + "required": false, + "schema": { + "default": false, + "type": "boolean" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "additionalProperties": false, + "properties": { + "name": { + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "items" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Data streams" + ] + } + }, + "/api/fleet/epm/packages": { + "get": { + "description": "List packages", + "operationId": "%2Fapi%2Ffleet%2Fepm%2Fpackages#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "category", + "required": false, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "prerelease", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "experimental", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "excludeInstallStatus", + "required": false, + "schema": { + "type": "boolean" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "additionalProperties": true, + "properties": { + "categories": { + "items": { + "type": "string" + }, + "type": "array" + }, + "conditions": { + "additionalProperties": true, + "properties": { + "elastic": { + "additionalProperties": true, + "properties": { + "capabilities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "subscription": { + "type": "string" + } + }, + "type": "object" + }, + "kibana": { + "additionalProperties": true, + "properties": { + "version": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "data_streams": { + "items": { + "additionalProperties": {}, + "type": "object" + }, + "type": "array" + }, + "description": { + "type": "string" + }, + "download": { + "type": "string" + }, + "format_version": { + "type": "string" + }, + "icons": { + "items": { + "additionalProperties": true, + "properties": { + "dark_mode": { + "type": "boolean" + }, + "path": { + "type": "string" + }, + "size": { + "type": "string" + }, + "src": { + "type": "string" + }, + "title": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "src" + ], + "type": "object" + }, + "type": "array" + }, + "id": { + "type": "string" + }, + "installationInfo": { + "additionalProperties": true, + "properties": { + "additional_spaces_installed_kibana": { + "additionalProperties": { + "items": { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + }, + "originId": { + "type": "string" + }, + "type": { + "enum": [ + "dashboard", + "lens", + "visualization", + "search", + "index-pattern", + "map", + "ml-module", + "security-rule", + "csp-rule-template", + "osquery-pack-asset", + "osquery-saved-query", + "tag" + ], + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "type": "object" + }, + "created_at": { + "type": "string" + }, + "experimental_data_stream_features": { + "items": { + "additionalProperties": true, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": true, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "install_format_schema_version": { + "type": "string" + }, + "install_source": { + "enum": [ + "registry", + "upload", + "bundled", + "custom" + ], + "type": "string" + }, + "install_status": { + "enum": [ + "installed", + "installing", + "install_failed" + ], + "type": "string" + }, + "installed_es": { + "items": { + "additionalProperties": true, + "properties": { + "deferred": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "type": { + "enum": [ + "index", + "index_template", + "component_template", + "ingest_pipeline", + "ilm_policy", + "data_stream_ilm_policy", + "transform", + "ml_model" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "installed_kibana": { + "items": { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + }, + "originId": { + "type": "string" + }, + "type": { + "enum": [ + "dashboard", + "lens", + "visualization", + "search", + "index-pattern", + "map", + "ml-module", + "security-rule", + "csp-rule-template", + "osquery-pack-asset", + "osquery-saved-query", + "tag" + ], + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "installed_kibana_space_id": { + "type": "string" + }, + "latest_executed_state": { + "additionalProperties": true, + "properties": { + "error": { + "type": "string" + }, + "name": { + "type": "string" + }, + "started_at": { + "type": "string" + } + }, + "required": [ + "name", + "started_at" + ], + "type": "object" + }, + "latest_install_failed_attempts": { + "items": { + "additionalProperties": true, + "properties": { + "created_at": { + "type": "string" + }, + "error": { + "additionalProperties": true, + "properties": { + "message": { + "type": "string" + }, + "name": { + "type": "string" + }, + "stack": { + "type": "string" + } + }, + "required": [ + "name", + "message" + ], + "type": "object" + }, + "target_version": { + "type": "string" + } + }, + "required": [ + "created_at", + "target_version", + "error" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "type": "string" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "updated_at": { + "type": "string" + }, + "verification_key_id": { + "nullable": true, + "type": "string" + }, + "verification_status": { + "enum": [ + "unverified", + "verified", + "unknown" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "type", + "installed_kibana", + "installed_es", + "name", + "version", + "install_status", + "install_source", + "verification_status" + ], + "type": "object" + }, + "integration": { + "type": "string" + }, + "internal": { + "type": "boolean" + }, + "latestVersion": { + "type": "string" + }, + "name": { + "type": "string" + }, + "owner": { + "additionalProperties": true, + "properties": { + "github": { + "type": "string" + }, + "type": { + "enum": [ + "elastic", + "partner", + "community" + ], + "type": "string" + } + }, + "type": "object" + }, + "path": { + "type": "string" + }, + "policy_templates": { + "items": { + "additionalProperties": {}, + "type": "object" + }, + "type": "array" + }, + "readme": { + "type": "string" + }, + "release": { + "enum": [ + "ga", + "beta", + "experimental" + ], + "type": "string" + }, + "savedObject": {}, + "signature_path": { + "type": "string" + }, + "source": { + "additionalProperties": true, + "properties": { + "license": { + "type": "string" + } + }, + "required": [ + "license" + ], + "type": "object" + }, + "status": { + "type": "string" + }, + "title": { + "type": "string" + }, + "type": { + "enum": [ + "integration", + "input" + ], + "type": "string" + }, + "vars": { + "items": { + "additionalProperties": {}, + "type": "object" + }, + "type": "array" + }, + "version": { + "type": "string" + } + }, + "required": [ + "savedObject", + "name", + "version", + "title", + "id" + ], + "type": "object" + }, + "type": "array" + }, + "response": { + "items": { + "additionalProperties": true, + "deprecated": true, + "properties": { + "categories": { + "items": { + "type": "string" + }, + "type": "array" + }, + "conditions": { + "additionalProperties": true, + "properties": { + "elastic": { + "additionalProperties": true, + "properties": { + "capabilities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "subscription": { + "type": "string" + } + }, + "type": "object" + }, + "kibana": { + "additionalProperties": true, + "properties": { + "version": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "data_streams": { + "items": { + "additionalProperties": {}, + "type": "object" + }, + "type": "array" + }, + "description": { + "type": "string" + }, + "download": { + "type": "string" + }, + "format_version": { + "type": "string" + }, + "icons": { + "items": { + "additionalProperties": true, + "properties": { + "dark_mode": { + "type": "boolean" + }, + "path": { + "type": "string" + }, + "size": { + "type": "string" + }, + "src": { + "type": "string" + }, + "title": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "src" + ], + "type": "object" + }, + "type": "array" + }, + "id": { + "type": "string" + }, + "installationInfo": { + "additionalProperties": true, + "properties": { + "additional_spaces_installed_kibana": { + "additionalProperties": { + "items": { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + }, + "originId": { + "type": "string" + }, + "type": { + "enum": [ + "dashboard", + "lens", + "visualization", + "search", + "index-pattern", + "map", + "ml-module", + "security-rule", + "csp-rule-template", + "osquery-pack-asset", + "osquery-saved-query", + "tag" + ], + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "type": "object" + }, + "created_at": { + "type": "string" + }, + "experimental_data_stream_features": { + "items": { + "additionalProperties": true, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": true, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "install_format_schema_version": { + "type": "string" + }, + "install_source": { + "enum": [ + "registry", + "upload", + "bundled", + "custom" + ], + "type": "string" + }, + "install_status": { + "enum": [ + "installed", + "installing", + "install_failed" + ], + "type": "string" + }, + "installed_es": { + "items": { + "additionalProperties": true, + "properties": { + "deferred": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "type": { + "enum": [ + "index", + "index_template", + "component_template", + "ingest_pipeline", + "ilm_policy", + "data_stream_ilm_policy", + "transform", + "ml_model" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "installed_kibana": { + "items": { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + }, + "originId": { + "type": "string" + }, + "type": { + "enum": [ + "dashboard", + "lens", + "visualization", + "search", + "index-pattern", + "map", + "ml-module", + "security-rule", + "csp-rule-template", + "osquery-pack-asset", + "osquery-saved-query", + "tag" + ], + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "installed_kibana_space_id": { + "type": "string" + }, + "latest_executed_state": { + "additionalProperties": true, + "properties": { + "error": { + "type": "string" + }, + "name": { + "type": "string" + }, + "started_at": { + "type": "string" + } + }, + "required": [ + "name", + "started_at" + ], + "type": "object" + }, + "latest_install_failed_attempts": { + "items": { + "additionalProperties": true, + "properties": { + "created_at": { + "type": "string" + }, + "error": { + "additionalProperties": true, + "properties": { + "message": { + "type": "string" + }, + "name": { + "type": "string" + }, + "stack": { + "type": "string" + } + }, + "required": [ + "name", + "message" + ], + "type": "object" + }, + "target_version": { + "type": "string" + } + }, + "required": [ + "created_at", + "target_version", + "error" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "type": "string" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "updated_at": { + "type": "string" + }, + "verification_key_id": { + "nullable": true, + "type": "string" + }, + "verification_status": { + "enum": [ + "unverified", + "verified", + "unknown" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "type", + "installed_kibana", + "installed_es", + "name", + "version", + "install_status", + "install_source", + "verification_status" + ], + "type": "object" + }, + "integration": { + "type": "string" + }, + "internal": { + "type": "boolean" + }, + "latestVersion": { + "type": "string" + }, + "name": { + "type": "string" + }, + "owner": { + "additionalProperties": true, + "properties": { + "github": { + "type": "string" + }, + "type": { + "enum": [ + "elastic", + "partner", + "community" + ], + "type": "string" + } + }, + "type": "object" + }, + "path": { + "type": "string" + }, + "policy_templates": { + "items": { + "additionalProperties": {}, + "type": "object" + }, + "type": "array" + }, + "readme": { + "type": "string" + }, + "release": { + "enum": [ + "ga", + "beta", + "experimental" + ], + "type": "string" + }, + "savedObject": {}, + "signature_path": { + "type": "string" + }, + "source": { + "additionalProperties": true, + "properties": { + "license": { + "type": "string" + } + }, + "required": [ + "license" + ], + "type": "object" + }, + "status": { + "type": "string" + }, + "title": { + "type": "string" + }, + "type": { + "enum": [ + "integration", + "input" + ], + "type": "string" + }, + "vars": { + "items": { + "additionalProperties": {}, + "type": "object" + }, + "type": "array" + }, + "version": { + "type": "string" + } + }, + "required": [ + "savedObject", + "name", + "version", + "title", + "id" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "items" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Package Manager (EPM)" + ] + }, + "post": { + "description": "Install package by upload", + "operationId": "%2Fapi%2Ffleet%2Fepm%2Fpackages#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "query", + "name": "ignoreMappingUpdateErrors", + "required": false, + "schema": { + "default": false, + "type": "boolean" + } + }, + { + "in": "query", + "name": "skipDataStreamRollover", + "required": false, + "schema": { + "default": false, + "type": "boolean" + } + } + ], + "requestBody": { + "content": { + "application/gzip; application/zip; Elastic-Api-Version=2023-10-31": { + "schema": { + "format": "binary", + "type": "string" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/gzip; application/zip; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "_meta": { + "additionalProperties": false, + "properties": { + "install_source": { + "type": "string" + } + }, + "required": [ + "install_source" + ], + "type": "object" + }, + "items": { + "items": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "originId": { + "type": "string" + }, + "type": { + "enum": [ + "dashboard", + "lens", + "visualization", + "search", + "index-pattern", + "map", + "ml-module", + "security-rule", + "csp-rule-template", + "osquery-pack-asset", + "osquery-saved-query", + "tag" + ], + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "deferred": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "type": { + "enum": [ + "index", + "index_template", + "component_template", + "ingest_pipeline", + "ilm_policy", + "data_stream_ilm_policy", + "transform", + "ml_model" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + } + ] + }, + "type": "array" + }, + "response": { + "deprecated": true, + "items": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "originId": { + "type": "string" + }, + "type": { + "enum": [ + "dashboard", + "lens", + "visualization", + "search", + "index-pattern", + "map", + "ml-module", + "security-rule", + "csp-rule-template", + "osquery-pack-asset", + "osquery-saved-query", + "tag" + ], + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "deferred": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "type": { + "enum": [ + "index", + "index_template", + "component_template", + "ingest_pipeline", + "ilm_policy", + "data_stream_ilm_policy", + "transform", + "ml_model" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + } + ] + }, + "type": "array" + } + }, + "required": [ + "items", + "_meta" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/gzip; application/zip; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Package Manager (EPM)" + ] + } + }, + "/api/fleet/epm/packages/_bulk": { + "post": { + "description": "Bulk install packages", + "operationId": "%2Fapi%2Ffleet%2Fepm%2Fpackages%2F_bulk#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "query", + "name": "prerelease", + "required": false, + "schema": { + "type": "boolean" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "force": { + "default": false, + "type": "boolean" + }, + "packages": { + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "additionalProperties": false, + "properties": { + "name": { + "type": "string" + }, + "prerelease": { + "type": "boolean" + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "version" + ], + "type": "object" + } + ] + }, + "minItems": 1, + "type": "array" + } + }, + "required": [ + "packages" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "name": { + "type": "string" + }, + "result": { + "additionalProperties": false, + "properties": { + "assets": { + "items": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "originId": { + "type": "string" + }, + "type": { + "enum": [ + "dashboard", + "lens", + "visualization", + "search", + "index-pattern", + "map", + "ml-module", + "security-rule", + "csp-rule-template", + "osquery-pack-asset", + "osquery-saved-query", + "tag" + ], + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "deferred": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "type": { + "enum": [ + "index", + "index_template", + "component_template", + "ingest_pipeline", + "ilm_policy", + "data_stream_ilm_policy", + "transform", + "ml_model" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + } + ] + }, + "type": "array" + }, + "error": {}, + "installSource": { + "type": "string" + }, + "installType": { + "type": "string" + }, + "status": { + "enum": [ + "installed", + "already_installed" + ], + "type": "string" + } + }, + "required": [ + "error", + "installType" + ], + "type": "object" + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "version", + "result" + ], + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "error": { + "anyOf": [ + { + "type": "string" + }, + {} + ] + }, + "name": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "name", + "statusCode", + "error" + ], + "type": "object" + } + ] + }, + "type": "array" + }, + "response": { + "deprecated": true, + "items": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "name": { + "type": "string" + }, + "result": { + "additionalProperties": false, + "properties": { + "assets": { + "items": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "originId": { + "type": "string" + }, + "type": { + "enum": [ + "dashboard", + "lens", + "visualization", + "search", + "index-pattern", + "map", + "ml-module", + "security-rule", + "csp-rule-template", + "osquery-pack-asset", + "osquery-saved-query", + "tag" + ], + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "deferred": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "type": { + "enum": [ + "index", + "index_template", + "component_template", + "ingest_pipeline", + "ilm_policy", + "data_stream_ilm_policy", + "transform", + "ml_model" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + } + ] + }, + "type": "array" + }, + "error": {}, + "installSource": { + "type": "string" + }, + "installType": { + "type": "string" + }, + "status": { + "enum": [ + "installed", + "already_installed" + ], + "type": "string" + } + }, + "required": [ + "error", + "installType" + ], + "type": "object" + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "version", + "result" + ], + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "error": { + "anyOf": [ + { + "type": "string" + }, + {} + ] + }, + "name": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "name", + "statusCode", + "error" + ], + "type": "object" + } + ] + }, + "type": "array" + } + }, + "required": [ + "items" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Package Manager (EPM)" + ] + } + }, + "/api/fleet/epm/packages/installed": { + "get": { + "description": "Get installed packages", + "operationId": "%2Fapi%2Ffleet%2Fepm%2Fpackages%2Finstalled#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "dataStreamType", + "required": false, + "schema": { + "enum": [ + "logs", + "metrics", + "traces", + "synthetics", + "profiling" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "showOnlyActiveDataStreams", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "nameQuery", + "required": false, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "searchAfter", + "required": false, + "schema": { + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "number" + } + ] + }, + "type": "array" + } + }, + { + "in": "query", + "name": "perPage", + "required": false, + "schema": { + "default": 15, + "type": "number" + } + }, + { + "in": "query", + "name": "sortOrder", + "required": false, + "schema": { + "default": "asc", + "enum": [ + "asc", + "desc" + ], + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "additionalProperties": false, + "properties": { + "dataStreams": { + "items": { + "additionalProperties": false, + "properties": { + "name": { + "type": "string" + }, + "title": { + "type": "string" + } + }, + "required": [ + "name", + "title" + ], + "type": "object" + }, + "type": "array" + }, + "description": { + "type": "string" + }, + "icons": { + "items": { + "additionalProperties": false, + "properties": { + "dark_mode": { + "type": "boolean" + }, + "path": { + "type": "string" + }, + "size": { + "type": "string" + }, + "src": { + "type": "string" + }, + "title": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "src" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "type": "string" + }, + "status": { + "type": "string" + }, + "title": { + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "version", + "status", + "dataStreams" + ], + "type": "object" + }, + "type": "array" + }, + "searchAfter": { + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "number" + }, + { + "type": "boolean" + }, + { + "enum": [], + "nullable": true + }, + {} + ] + }, + "type": "array" + }, + "total": { + "type": "number" + } + }, + "required": [ + "items", + "total" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Package Manager (EPM)" + ] + } + }, + "/api/fleet/epm/packages/limited": { + "get": { + "description": "Get limited package list", + "operationId": "%2Fapi%2Ffleet%2Fepm%2Fpackages%2Flimited#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "type": "string" + }, + "type": "array" + }, + "response": { + "deprecated": true, + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "items" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Package Manager (EPM)" + ] + } + }, + "/api/fleet/epm/packages/{pkgName}/stats": { + "get": { + "description": "Get package stats", + "operationId": "%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2Fstats#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "path", + "name": "pkgName", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "response": { + "additionalProperties": false, + "properties": { + "agent_policy_count": { + "type": "number" + } + }, + "required": [ + "agent_policy_count" + ], + "type": "object" + } + }, + "required": [ + "response" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Package Manager (EPM)" + ] + } + }, + "/api/fleet/epm/packages/{pkgName}/{pkgVersion}": { + "delete": { + "description": "Delete package", + "operationId": "%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D#3", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "pkgName", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "path", + "name": "pkgVersion", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "force", + "required": false, + "schema": { + "type": "boolean" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "nullable": true, + "properties": { + "force": { + "type": "boolean" + } + }, + "required": [ + "force" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "originId": { + "type": "string" + }, + "type": { + "enum": [ + "dashboard", + "lens", + "visualization", + "search", + "index-pattern", + "map", + "ml-module", + "security-rule", + "csp-rule-template", + "osquery-pack-asset", + "osquery-saved-query", + "tag" + ], + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "deferred": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "type": { + "enum": [ + "index", + "index_template", + "component_template", + "ingest_pipeline", + "ilm_policy", + "data_stream_ilm_policy", + "transform", + "ml_model" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + } + ] + }, + "type": "array" + }, + "response": { + "deprecated": true, + "items": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "originId": { + "type": "string" + }, + "type": { + "enum": [ + "dashboard", + "lens", + "visualization", + "search", + "index-pattern", + "map", + "ml-module", + "security-rule", + "csp-rule-template", + "osquery-pack-asset", + "osquery-saved-query", + "tag" + ], + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "deferred": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "type": { + "enum": [ + "index", + "index_template", + "component_template", + "ingest_pipeline", + "ilm_policy", + "data_stream_ilm_policy", + "transform", + "ml_model" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + } + ] + }, + "type": "array" + } + }, + "required": [ + "items" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Package Manager (EPM)" + ] + }, + "get": { + "description": "Get package", + "operationId": "%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "path", + "name": "pkgName", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "path", + "name": "pkgVersion", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "ignoreUnverified", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "prerelease", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "full", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "withMetadata", + "required": false, + "schema": { + "default": false, + "type": "boolean" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": true, + "properties": { + "agent": { + "additionalProperties": false, + "properties": { + "privileges": { + "additionalProperties": false, + "properties": { + "root": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "asset_tags": { + "items": { + "additionalProperties": false, + "properties": { + "asset_ids": { + "items": { + "type": "string" + }, + "type": "array" + }, + "asset_types": { + "items": { + "type": "string" + }, + "type": "array" + }, + "text": { + "type": "string" + } + }, + "required": [ + "text" + ], + "type": "object" + }, + "type": "array" + }, + "assets": { + "additionalProperties": {}, + "type": "object" + }, + "categories": { + "items": { + "type": "string" + }, + "type": "array" + }, + "conditions": { + "additionalProperties": true, + "properties": { + "elastic": { + "additionalProperties": true, + "properties": { + "capabilities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "subscription": { + "type": "string" + } + }, + "type": "object" + }, + "kibana": { + "additionalProperties": true, + "properties": { + "version": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "data_streams": { + "items": { + "additionalProperties": {}, + "type": "object" + }, + "type": "array" + }, + "description": { + "type": "string" + }, + "download": { + "type": "string" + }, + "elasticsearch": { + "additionalProperties": {}, + "type": "object" + }, + "format_version": { + "type": "string" + }, + "icons": { + "items": { + "additionalProperties": true, + "properties": { + "dark_mode": { + "type": "boolean" + }, + "path": { + "type": "string" + }, + "size": { + "type": "string" + }, + "src": { + "type": "string" + }, + "title": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "src" + ], + "type": "object" + }, + "type": "array" + }, + "installationInfo": { + "additionalProperties": true, + "properties": { + "additional_spaces_installed_kibana": { + "additionalProperties": { + "items": { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + }, + "originId": { + "type": "string" + }, + "type": { + "enum": [ + "dashboard", + "lens", + "visualization", + "search", + "index-pattern", + "map", + "ml-module", + "security-rule", + "csp-rule-template", + "osquery-pack-asset", + "osquery-saved-query", + "tag" + ], + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "type": "object" + }, + "created_at": { + "type": "string" + }, + "experimental_data_stream_features": { + "items": { + "additionalProperties": true, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": true, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "install_format_schema_version": { + "type": "string" + }, + "install_source": { + "enum": [ + "registry", + "upload", + "bundled", + "custom" + ], + "type": "string" + }, + "install_status": { + "enum": [ + "installed", + "installing", + "install_failed" + ], + "type": "string" + }, + "installed_es": { + "items": { + "additionalProperties": true, + "properties": { + "deferred": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "type": { + "enum": [ + "index", + "index_template", + "component_template", + "ingest_pipeline", + "ilm_policy", + "data_stream_ilm_policy", + "transform", + "ml_model" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "installed_kibana": { + "items": { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + }, + "originId": { + "type": "string" + }, + "type": { + "enum": [ + "dashboard", + "lens", + "visualization", + "search", + "index-pattern", + "map", + "ml-module", + "security-rule", + "csp-rule-template", + "osquery-pack-asset", + "osquery-saved-query", + "tag" + ], + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "installed_kibana_space_id": { + "type": "string" + }, + "latest_executed_state": { + "additionalProperties": true, + "properties": { + "error": { + "type": "string" + }, + "name": { + "type": "string" + }, + "started_at": { + "type": "string" + } + }, + "required": [ + "name", + "started_at" + ], + "type": "object" + }, + "latest_install_failed_attempts": { + "items": { + "additionalProperties": true, + "properties": { + "created_at": { + "type": "string" + }, + "error": { + "additionalProperties": true, + "properties": { + "message": { + "type": "string" + }, + "name": { + "type": "string" + }, + "stack": { + "type": "string" + } + }, + "required": [ + "name", + "message" + ], + "type": "object" + }, + "target_version": { + "type": "string" + } + }, + "required": [ + "created_at", + "target_version", + "error" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "type": "string" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "updated_at": { + "type": "string" + }, + "verification_key_id": { + "nullable": true, + "type": "string" + }, + "verification_status": { + "enum": [ + "unverified", + "verified", + "unknown" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "type", + "installed_kibana", + "installed_es", + "name", + "version", + "install_status", + "install_source", + "verification_status" + ], + "type": "object" + }, + "internal": { + "type": "boolean" + }, + "keepPoliciesUpToDate": { + "type": "boolean" + }, + "latestVersion": { + "type": "string" + }, + "license": { + "type": "string" + }, + "licensePath": { + "type": "string" + }, + "name": { + "type": "string" + }, + "notice": { + "type": "string" + }, + "owner": { + "additionalProperties": true, + "properties": { + "github": { + "type": "string" + }, + "type": { + "enum": [ + "elastic", + "partner", + "community" + ], + "type": "string" + } + }, + "type": "object" + }, + "path": { + "type": "string" + }, + "policy_templates": { + "items": { + "additionalProperties": {}, + "type": "object" + }, + "type": "array" + }, + "readme": { + "type": "string" + }, + "release": { + "enum": [ + "ga", + "beta", + "experimental" + ], + "type": "string" + }, + "savedObject": {}, + "screenshots": { + "items": { + "additionalProperties": false, + "properties": { + "dark_mode": { + "type": "boolean" + }, + "path": { + "type": "string" + }, + "size": { + "type": "string" + }, + "src": { + "type": "string" + }, + "title": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "src" + ], + "type": "object" + }, + "type": "array" + }, + "signature_path": { + "type": "string" + }, + "source": { + "additionalProperties": true, + "properties": { + "license": { + "type": "string" + } + }, + "required": [ + "license" + ], + "type": "object" + }, + "status": { + "type": "string" + }, + "title": { + "type": "string" + }, + "type": { + "enum": [ + "integration", + "input" + ], + "type": "string" + }, + "vars": { + "items": { + "additionalProperties": {}, + "type": "object" + }, + "type": "array" + }, + "version": { + "type": "string" + } + }, + "required": [ + "savedObject", + "name", + "version", + "title", + "assets" + ], + "type": "object" + }, + "metadata": { + "additionalProperties": false, + "properties": { + "has_policies": { + "type": "boolean" + } + }, + "required": [ + "has_policies" + ], + "type": "object" + }, + "response": { + "additionalProperties": true, + "deprecated": true, + "properties": { + "agent": { + "additionalProperties": false, + "properties": { + "privileges": { + "additionalProperties": false, + "properties": { + "root": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "asset_tags": { + "items": { + "additionalProperties": false, + "properties": { + "asset_ids": { + "items": { + "type": "string" + }, + "type": "array" + }, + "asset_types": { + "items": { + "type": "string" + }, + "type": "array" + }, + "text": { + "type": "string" + } + }, + "required": [ + "text" + ], + "type": "object" + }, + "type": "array" + }, + "assets": { + "additionalProperties": {}, + "type": "object" + }, + "categories": { + "items": { + "type": "string" + }, + "type": "array" + }, + "conditions": { + "additionalProperties": true, + "properties": { + "elastic": { + "additionalProperties": true, + "properties": { + "capabilities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "subscription": { + "type": "string" + } + }, + "type": "object" + }, + "kibana": { + "additionalProperties": true, + "properties": { + "version": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "data_streams": { + "items": { + "additionalProperties": {}, + "type": "object" + }, + "type": "array" + }, + "description": { + "type": "string" + }, + "download": { + "type": "string" + }, + "elasticsearch": { + "additionalProperties": {}, + "type": "object" + }, + "format_version": { + "type": "string" + }, + "icons": { + "items": { + "additionalProperties": true, + "properties": { + "dark_mode": { + "type": "boolean" + }, + "path": { + "type": "string" + }, + "size": { + "type": "string" + }, + "src": { + "type": "string" + }, + "title": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "src" + ], + "type": "object" + }, + "type": "array" + }, + "installationInfo": { + "additionalProperties": true, + "properties": { + "additional_spaces_installed_kibana": { + "additionalProperties": { + "items": { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + }, + "originId": { + "type": "string" + }, + "type": { + "enum": [ + "dashboard", + "lens", + "visualization", + "search", + "index-pattern", + "map", + "ml-module", + "security-rule", + "csp-rule-template", + "osquery-pack-asset", + "osquery-saved-query", + "tag" + ], + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "type": "object" + }, + "created_at": { + "type": "string" + }, + "experimental_data_stream_features": { + "items": { + "additionalProperties": true, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": true, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "install_format_schema_version": { + "type": "string" + }, + "install_source": { + "enum": [ + "registry", + "upload", + "bundled", + "custom" + ], + "type": "string" + }, + "install_status": { + "enum": [ + "installed", + "installing", + "install_failed" + ], + "type": "string" + }, + "installed_es": { + "items": { + "additionalProperties": true, + "properties": { + "deferred": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "type": { + "enum": [ + "index", + "index_template", + "component_template", + "ingest_pipeline", + "ilm_policy", + "data_stream_ilm_policy", + "transform", + "ml_model" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "installed_kibana": { + "items": { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + }, + "originId": { + "type": "string" + }, + "type": { + "enum": [ + "dashboard", + "lens", + "visualization", + "search", + "index-pattern", + "map", + "ml-module", + "security-rule", + "csp-rule-template", + "osquery-pack-asset", + "osquery-saved-query", + "tag" + ], + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "installed_kibana_space_id": { + "type": "string" + }, + "latest_executed_state": { + "additionalProperties": true, + "properties": { + "error": { + "type": "string" + }, + "name": { + "type": "string" + }, + "started_at": { + "type": "string" + } + }, + "required": [ + "name", + "started_at" + ], + "type": "object" + }, + "latest_install_failed_attempts": { + "items": { + "additionalProperties": true, + "properties": { + "created_at": { + "type": "string" + }, + "error": { + "additionalProperties": true, + "properties": { + "message": { + "type": "string" + }, + "name": { + "type": "string" + }, + "stack": { + "type": "string" + } + }, + "required": [ + "name", + "message" + ], + "type": "object" + }, + "target_version": { + "type": "string" + } + }, + "required": [ + "created_at", + "target_version", + "error" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "type": "string" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "updated_at": { + "type": "string" + }, + "verification_key_id": { + "nullable": true, + "type": "string" + }, + "verification_status": { + "enum": [ + "unverified", + "verified", + "unknown" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "type", + "installed_kibana", + "installed_es", + "name", + "version", + "install_status", + "install_source", + "verification_status" + ], + "type": "object" + }, + "internal": { + "type": "boolean" + }, + "keepPoliciesUpToDate": { + "type": "boolean" + }, + "latestVersion": { + "type": "string" + }, + "license": { + "type": "string" + }, + "licensePath": { + "type": "string" + }, + "name": { + "type": "string" + }, + "notice": { + "type": "string" + }, + "owner": { + "additionalProperties": true, + "properties": { + "github": { + "type": "string" + }, + "type": { + "enum": [ + "elastic", + "partner", + "community" + ], + "type": "string" + } + }, + "type": "object" + }, + "path": { + "type": "string" + }, + "policy_templates": { + "items": { + "additionalProperties": {}, + "type": "object" + }, + "type": "array" + }, + "readme": { + "type": "string" + }, + "release": { + "enum": [ + "ga", + "beta", + "experimental" + ], + "type": "string" + }, + "savedObject": {}, + "screenshots": { + "items": { + "additionalProperties": false, + "properties": { + "dark_mode": { + "type": "boolean" + }, + "path": { + "type": "string" + }, + "size": { + "type": "string" + }, + "src": { + "type": "string" + }, + "title": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "src" + ], + "type": "object" + }, + "type": "array" + }, + "signature_path": { + "type": "string" + }, + "source": { + "additionalProperties": true, + "properties": { + "license": { + "type": "string" + } + }, + "required": [ + "license" + ], + "type": "object" + }, + "status": { + "type": "string" + }, + "title": { + "type": "string" + }, + "type": { + "enum": [ + "integration", + "input" + ], + "type": "string" + }, + "vars": { + "items": { + "additionalProperties": {}, + "type": "object" + }, + "type": "array" + }, + "version": { + "type": "string" + } + }, + "required": [ + "savedObject", + "name", + "version", + "title", + "assets" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Package Manager (EPM)" + ] + }, + "post": { + "description": "Install package from registry", + "operationId": "%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D#2", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "pkgName", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "path", + "name": "pkgVersion", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "prerelease", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "ignoreMappingUpdateErrors", + "required": false, + "schema": { + "default": false, + "type": "boolean" + } + }, + { + "in": "query", + "name": "skipDataStreamRollover", + "required": false, + "schema": { + "default": false, + "type": "boolean" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "nullable": true, + "properties": { + "force": { + "default": false, + "type": "boolean" + }, + "ignore_constraints": { + "default": false, + "type": "boolean" + } + }, + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "_meta": { + "additionalProperties": false, + "properties": { + "install_source": { + "type": "string" + } + }, + "required": [ + "install_source" + ], + "type": "object" + }, + "items": { + "items": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "originId": { + "type": "string" + }, + "type": { + "enum": [ + "dashboard", + "lens", + "visualization", + "search", + "index-pattern", + "map", + "ml-module", + "security-rule", + "csp-rule-template", + "osquery-pack-asset", + "osquery-saved-query", + "tag" + ], + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "deferred": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "type": { + "enum": [ + "index", + "index_template", + "component_template", + "ingest_pipeline", + "ilm_policy", + "data_stream_ilm_policy", + "transform", + "ml_model" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + } + ] + }, + "type": "array" + }, + "response": { + "deprecated": true, + "items": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "originId": { + "type": "string" + }, + "type": { + "enum": [ + "dashboard", + "lens", + "visualization", + "search", + "index-pattern", + "map", + "ml-module", + "security-rule", + "csp-rule-template", + "osquery-pack-asset", + "osquery-saved-query", + "tag" + ], + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "deferred": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "type": { + "enum": [ + "index", + "index_template", + "component_template", + "ingest_pipeline", + "ilm_policy", + "data_stream_ilm_policy", + "transform", + "ml_model" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + } + ] + }, + "type": "array" + } + }, + "required": [ + "items", + "_meta" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Package Manager (EPM)" + ] + }, + "put": { + "description": "Update package settings", + "operationId": "%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "pkgName", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "path", + "name": "pkgVersion", + "required": true, + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "keepPoliciesUpToDate": { + "type": "boolean" + } + }, + "required": [ + "keepPoliciesUpToDate" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": true, + "properties": { + "agent": { + "additionalProperties": false, + "properties": { + "privileges": { + "additionalProperties": false, + "properties": { + "root": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "asset_tags": { + "items": { + "additionalProperties": false, + "properties": { + "asset_ids": { + "items": { + "type": "string" + }, + "type": "array" + }, + "asset_types": { + "items": { + "type": "string" + }, + "type": "array" + }, + "text": { + "type": "string" + } + }, + "required": [ + "text" + ], + "type": "object" + }, + "type": "array" + }, + "assets": { + "additionalProperties": {}, + "type": "object" + }, + "categories": { + "items": { + "type": "string" + }, + "type": "array" + }, + "conditions": { + "additionalProperties": true, + "properties": { + "elastic": { + "additionalProperties": true, + "properties": { + "capabilities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "subscription": { + "type": "string" + } + }, + "type": "object" + }, + "kibana": { + "additionalProperties": true, + "properties": { + "version": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "data_streams": { + "items": { + "additionalProperties": {}, + "type": "object" + }, + "type": "array" + }, + "description": { + "type": "string" + }, + "download": { + "type": "string" + }, + "elasticsearch": { + "additionalProperties": {}, + "type": "object" + }, + "format_version": { + "type": "string" + }, + "icons": { + "items": { + "additionalProperties": true, + "properties": { + "dark_mode": { + "type": "boolean" + }, + "path": { + "type": "string" + }, + "size": { + "type": "string" + }, + "src": { + "type": "string" + }, + "title": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "src" + ], + "type": "object" + }, + "type": "array" + }, + "installationInfo": { + "additionalProperties": true, + "properties": { + "additional_spaces_installed_kibana": { + "additionalProperties": { + "items": { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + }, + "originId": { + "type": "string" + }, + "type": { + "enum": [ + "dashboard", + "lens", + "visualization", + "search", + "index-pattern", + "map", + "ml-module", + "security-rule", + "csp-rule-template", + "osquery-pack-asset", + "osquery-saved-query", + "tag" + ], + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "type": "object" + }, + "created_at": { + "type": "string" + }, + "experimental_data_stream_features": { + "items": { + "additionalProperties": true, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": true, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "install_format_schema_version": { + "type": "string" + }, + "install_source": { + "enum": [ + "registry", + "upload", + "bundled", + "custom" + ], + "type": "string" + }, + "install_status": { + "enum": [ + "installed", + "installing", + "install_failed" + ], + "type": "string" + }, + "installed_es": { + "items": { + "additionalProperties": true, + "properties": { + "deferred": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "type": { + "enum": [ + "index", + "index_template", + "component_template", + "ingest_pipeline", + "ilm_policy", + "data_stream_ilm_policy", + "transform", + "ml_model" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "installed_kibana": { + "items": { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + }, + "originId": { + "type": "string" + }, + "type": { + "enum": [ + "dashboard", + "lens", + "visualization", + "search", + "index-pattern", + "map", + "ml-module", + "security-rule", + "csp-rule-template", + "osquery-pack-asset", + "osquery-saved-query", + "tag" + ], + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "installed_kibana_space_id": { + "type": "string" + }, + "latest_executed_state": { + "additionalProperties": true, + "properties": { + "error": { + "type": "string" + }, + "name": { + "type": "string" + }, + "started_at": { + "type": "string" + } + }, + "required": [ + "name", + "started_at" + ], + "type": "object" + }, + "latest_install_failed_attempts": { + "items": { + "additionalProperties": true, + "properties": { + "created_at": { + "type": "string" + }, + "error": { + "additionalProperties": true, + "properties": { + "message": { + "type": "string" + }, + "name": { + "type": "string" + }, + "stack": { + "type": "string" + } + }, + "required": [ + "name", + "message" + ], + "type": "object" + }, + "target_version": { + "type": "string" + } + }, + "required": [ + "created_at", + "target_version", + "error" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "type": "string" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "updated_at": { + "type": "string" + }, + "verification_key_id": { + "nullable": true, + "type": "string" + }, + "verification_status": { + "enum": [ + "unverified", + "verified", + "unknown" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "type", + "installed_kibana", + "installed_es", + "name", + "version", + "install_status", + "install_source", + "verification_status" + ], + "type": "object" + }, + "internal": { + "type": "boolean" + }, + "keepPoliciesUpToDate": { + "type": "boolean" + }, + "latestVersion": { + "type": "string" + }, + "license": { + "type": "string" + }, + "licensePath": { + "type": "string" + }, + "name": { + "type": "string" + }, + "notice": { + "type": "string" + }, + "owner": { + "additionalProperties": true, + "properties": { + "github": { + "type": "string" + }, + "type": { + "enum": [ + "elastic", + "partner", + "community" + ], + "type": "string" + } + }, + "type": "object" + }, + "path": { + "type": "string" + }, + "policy_templates": { + "items": { + "additionalProperties": {}, + "type": "object" + }, + "type": "array" + }, + "readme": { + "type": "string" + }, + "release": { + "enum": [ + "ga", + "beta", + "experimental" + ], + "type": "string" + }, + "savedObject": {}, + "screenshots": { + "items": { + "additionalProperties": false, + "properties": { + "dark_mode": { + "type": "boolean" + }, + "path": { + "type": "string" + }, + "size": { + "type": "string" + }, + "src": { + "type": "string" + }, + "title": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "src" + ], + "type": "object" + }, + "type": "array" + }, + "signature_path": { + "type": "string" + }, + "source": { + "additionalProperties": true, + "properties": { + "license": { + "type": "string" + } + }, + "required": [ + "license" + ], + "type": "object" + }, + "status": { + "type": "string" + }, + "title": { + "type": "string" + }, + "type": { + "enum": [ + "integration", + "input" + ], + "type": "string" + }, + "vars": { + "items": { + "additionalProperties": {}, + "type": "object" + }, + "type": "array" + }, + "version": { + "type": "string" + } + }, + "required": [ + "savedObject", + "name", + "version", + "title", + "assets" + ], + "type": "object" + }, + "response": { + "additionalProperties": true, + "deprecated": true, + "properties": { + "agent": { + "additionalProperties": false, + "properties": { + "privileges": { + "additionalProperties": false, + "properties": { + "root": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "asset_tags": { + "items": { + "additionalProperties": false, + "properties": { + "asset_ids": { + "items": { + "type": "string" + }, + "type": "array" + }, + "asset_types": { + "items": { + "type": "string" + }, + "type": "array" + }, + "text": { + "type": "string" + } + }, + "required": [ + "text" + ], + "type": "object" + }, + "type": "array" + }, + "assets": { + "additionalProperties": {}, + "type": "object" + }, + "categories": { + "items": { + "type": "string" + }, + "type": "array" + }, + "conditions": { + "additionalProperties": true, + "properties": { + "elastic": { + "additionalProperties": true, + "properties": { + "capabilities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "subscription": { + "type": "string" + } + }, + "type": "object" + }, + "kibana": { + "additionalProperties": true, + "properties": { + "version": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "data_streams": { + "items": { + "additionalProperties": {}, + "type": "object" + }, + "type": "array" + }, + "description": { + "type": "string" + }, + "download": { + "type": "string" + }, + "elasticsearch": { + "additionalProperties": {}, + "type": "object" + }, + "format_version": { + "type": "string" + }, + "icons": { + "items": { + "additionalProperties": true, + "properties": { + "dark_mode": { + "type": "boolean" + }, + "path": { + "type": "string" + }, + "size": { + "type": "string" + }, + "src": { + "type": "string" + }, + "title": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "src" + ], + "type": "object" + }, + "type": "array" + }, + "installationInfo": { + "additionalProperties": true, + "properties": { + "additional_spaces_installed_kibana": { + "additionalProperties": { + "items": { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + }, + "originId": { + "type": "string" + }, + "type": { + "enum": [ + "dashboard", + "lens", + "visualization", + "search", + "index-pattern", + "map", + "ml-module", + "security-rule", + "csp-rule-template", + "osquery-pack-asset", + "osquery-saved-query", + "tag" + ], + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "type": "object" + }, + "created_at": { + "type": "string" + }, + "experimental_data_stream_features": { + "items": { + "additionalProperties": true, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": true, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "install_format_schema_version": { + "type": "string" + }, + "install_source": { + "enum": [ + "registry", + "upload", + "bundled", + "custom" + ], + "type": "string" + }, + "install_status": { + "enum": [ + "installed", + "installing", + "install_failed" + ], + "type": "string" + }, + "installed_es": { + "items": { + "additionalProperties": true, + "properties": { + "deferred": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "type": { + "enum": [ + "index", + "index_template", + "component_template", + "ingest_pipeline", + "ilm_policy", + "data_stream_ilm_policy", + "transform", + "ml_model" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "installed_kibana": { + "items": { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + }, + "originId": { + "type": "string" + }, + "type": { + "enum": [ + "dashboard", + "lens", + "visualization", + "search", + "index-pattern", + "map", + "ml-module", + "security-rule", + "csp-rule-template", + "osquery-pack-asset", + "osquery-saved-query", + "tag" + ], + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "installed_kibana_space_id": { + "type": "string" + }, + "latest_executed_state": { + "additionalProperties": true, + "properties": { + "error": { + "type": "string" + }, + "name": { + "type": "string" + }, + "started_at": { + "type": "string" + } + }, + "required": [ + "name", + "started_at" + ], + "type": "object" + }, + "latest_install_failed_attempts": { + "items": { + "additionalProperties": true, + "properties": { + "created_at": { + "type": "string" + }, + "error": { + "additionalProperties": true, + "properties": { + "message": { + "type": "string" + }, + "name": { + "type": "string" + }, + "stack": { + "type": "string" + } + }, + "required": [ + "name", + "message" + ], + "type": "object" + }, + "target_version": { + "type": "string" + } + }, + "required": [ + "created_at", + "target_version", + "error" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "type": "string" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "updated_at": { + "type": "string" + }, + "verification_key_id": { + "nullable": true, + "type": "string" + }, + "verification_status": { + "enum": [ + "unverified", + "verified", + "unknown" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "type", + "installed_kibana", + "installed_es", + "name", + "version", + "install_status", + "install_source", + "verification_status" + ], + "type": "object" + }, + "internal": { + "type": "boolean" + }, + "keepPoliciesUpToDate": { + "type": "boolean" + }, + "latestVersion": { + "type": "string" + }, + "license": { + "type": "string" + }, + "licensePath": { + "type": "string" + }, + "name": { + "type": "string" + }, + "notice": { + "type": "string" + }, + "owner": { + "additionalProperties": true, + "properties": { + "github": { + "type": "string" + }, + "type": { + "enum": [ + "elastic", + "partner", + "community" + ], + "type": "string" + } + }, + "type": "object" + }, + "path": { + "type": "string" + }, + "policy_templates": { + "items": { + "additionalProperties": {}, + "type": "object" + }, + "type": "array" + }, + "readme": { + "type": "string" + }, + "release": { + "enum": [ + "ga", + "beta", + "experimental" + ], + "type": "string" + }, + "savedObject": {}, + "screenshots": { + "items": { + "additionalProperties": false, + "properties": { + "dark_mode": { + "type": "boolean" + }, + "path": { + "type": "string" + }, + "size": { + "type": "string" + }, + "src": { + "type": "string" + }, + "title": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "src" + ], + "type": "object" + }, + "type": "array" + }, + "signature_path": { + "type": "string" + }, + "source": { + "additionalProperties": true, + "properties": { + "license": { + "type": "string" + } + }, + "required": [ + "license" + ], + "type": "object" + }, + "status": { + "type": "string" + }, + "title": { + "type": "string" + }, + "type": { + "enum": [ + "integration", + "input" + ], + "type": "string" + }, + "vars": { + "items": { + "additionalProperties": {}, + "type": "object" + }, + "type": "array" + }, + "version": { + "type": "string" + } + }, + "required": [ + "savedObject", + "name", + "version", + "title", + "assets" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Package Manager (EPM)" + ] + } + }, + "/api/fleet/epm/packages/{pkgName}/{pkgVersion}/transforms/authorize": { + "post": { + "description": "Authorize transforms", + "operationId": "%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D%2Ftransforms%2Fauthorize#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "pkgName", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "path", + "name": "pkgVersion", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "prerelease", + "required": false, + "schema": { + "type": "boolean" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "transforms": { + "items": { + "additionalProperties": false, + "properties": { + "transformId": { + "type": "string" + } + }, + "required": [ + "transformId" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "transforms" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "items": { + "additionalProperties": false, + "properties": { + "error": { + "nullable": true + }, + "success": { + "type": "boolean" + }, + "transformId": { + "type": "string" + } + }, + "required": [ + "transformId", + "success", + "error" + ], + "type": "object" + }, + "type": "array" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Package Manager (EPM)" + ] + } + }, + "/api/fleet/epm/packages/{pkgName}/{pkgVersion}/{filePath*}": { + "get": { + "description": "Get package file", + "operationId": "%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D%2F%7BfilePath*%7D#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "path", + "name": "pkgName", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "path", + "name": "pkgVersion", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "path", + "name": "filePath", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": {} + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Package Manager (EPM)" + ] + } + }, + "/api/fleet/epm/packages/{pkgkey}": { + "delete": { + "deprecated": true, + "operationId": "%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#3", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "pkgkey", + "required": true, + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "nullable": true, + "properties": { + "force": { + "type": "boolean" + } + }, + "required": [ + "force" + ], + "type": "object" + } + } + } + }, + "responses": {}, + "summary": "", + "tags": [] + }, + "get": { + "deprecated": true, + "operationId": "%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "path", + "name": "pkgkey", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "ignoreUnverified", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "prerelease", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "full", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "withMetadata", + "required": false, + "schema": { + "default": false, + "type": "boolean" + } + } + ], + "responses": {}, + "summary": "", + "tags": [] + }, + "post": { + "deprecated": true, + "operationId": "%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#2", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "pkgkey", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "prerelease", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "ignoreMappingUpdateErrors", + "required": false, + "schema": { + "default": false, + "type": "boolean" + } + }, + { + "in": "query", + "name": "skipDataStreamRollover", + "required": false, + "schema": { + "default": false, + "type": "boolean" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "nullable": true, + "properties": { + "force": { + "type": "boolean" + } + }, + "required": [ + "force" + ], + "type": "object" + } + } + } + }, + "responses": {}, + "summary": "", + "tags": [] + }, + "put": { + "deprecated": true, + "operationId": "%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "pkgkey", + "required": true, + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "keepPoliciesUpToDate": { + "type": "boolean" + } + }, + "required": [ + "keepPoliciesUpToDate" + ], + "type": "object" + } + } + } + }, + "responses": {}, + "summary": "", + "tags": [] + } + }, + "/api/fleet/epm/templates/{pkgName}/{pkgVersion}/inputs": { + "get": { + "description": "Get inputs template", + "operationId": "%2Fapi%2Ffleet%2Fepm%2Ftemplates%2F%7BpkgName%7D%2F%7BpkgVersion%7D%2Finputs#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "path", + "name": "pkgName", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "path", + "name": "pkgVersion", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "format", + "required": false, + "schema": { + "default": "json", + "enum": [ + "json", + "yml", + "yaml" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "prerelease", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "ignoreUnverified", + "required": false, + "schema": { + "type": "boolean" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "anyOf": [ + { + "type": "string" + }, + { + "additionalProperties": false, + "properties": { + "inputs": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "streams": { + "items": { + "additionalProperties": true, + "properties": { + "data_stream": { + "additionalProperties": true, + "properties": { + "dataset": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "dataset" + ], + "type": "object" + }, + "id": { + "type": "string" + } + }, + "required": [ + "id", + "data_stream" + ], + "type": "object" + }, + "type": "array" + }, + "type": { + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "inputs" + ], + "type": "object" + } + ] + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Package Manager (EPM)" + ] + } + }, + "/api/fleet/epm/verification_key_id": { + "get": { + "description": "Get a package signature verification key ID", + "operationId": "%2Fapi%2Ffleet%2Fepm%2Fverification_key_id#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "id": { + "nullable": true, + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Package Manager (EPM)" + ] + } + }, + "/api/fleet/fleet_server_hosts": { + "get": { + "description": "List Fleet Server hosts", + "operationId": "%2Fapi%2Ffleet%2Ffleet_server_hosts#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "additionalProperties": false, + "properties": { + "host_urls": { + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "default": false, + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + } + }, + "required": [ + "id", + "name", + "host_urls" + ], + "type": "object" + }, + "type": "array" + }, + "page": { + "type": "number" + }, + "perPage": { + "type": "number" + }, + "total": { + "type": "number" + } + }, + "required": [ + "items", + "total", + "page", + "perPage" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet Server hosts" + ] + }, + "post": { + "description": "Create Fleet Server host", + "operationId": "%2Fapi%2Ffleet%2Ffleet_server_hosts#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "host_urls": { + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "default": false, + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + } + }, + "required": [ + "name", + "host_urls" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "host_urls": { + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "default": false, + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + } + }, + "required": [ + "id", + "name", + "host_urls" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet Server hosts" + ] + } + }, + "/api/fleet/fleet_server_hosts/{itemId}": { + "delete": { + "description": "Delete Fleet Server host by ID", + "operationId": "%2Fapi%2Ffleet%2Ffleet_server_hosts%2F%7BitemId%7D#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "itemId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet Server hosts" + ] + }, + "get": { + "description": "Get Fleet Server host by ID", + "operationId": "%2Fapi%2Ffleet%2Ffleet_server_hosts%2F%7BitemId%7D#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "path", + "name": "itemId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "host_urls": { + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "default": false, + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + } + }, + "required": [ + "id", + "name", + "host_urls" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet Server hosts" + ] + }, + "put": { + "description": "Update Fleet Server host by ID", + "operationId": "%2Fapi%2Ffleet%2Ffleet_server_hosts%2F%7BitemId%7D#2", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "itemId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "host_urls": { + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "is_default": { + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + } + }, + "required": [ + "proxy_id" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "host_urls": { + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "default": false, + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + } + }, + "required": [ + "id", + "name", + "host_urls" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet Server hosts" + ] + } + }, + "/api/fleet/health_check": { + "post": { + "description": "Check Fleet Server health", + "operationId": "%2Fapi%2Ffleet%2Fhealth_check#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "host": { + "format": "uri", + "type": "string" + }, + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "host": { + "deprecated": true, + "type": "string" + }, + "host_id": { + "type": "string" + }, + "name": { + "type": "string" + }, + "status": { + "type": "string" + } + }, + "required": [ + "status" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + }, + "404": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet internals" + ] + } + }, + "/api/fleet/kubernetes": { + "get": { + "description": "Get full K8s agent manifest", + "operationId": "%2Fapi%2Ffleet%2Fkubernetes#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "download", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "fleetServer", + "required": false, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "enrolToken", + "required": false, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "type": "string" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent policies" + ] + } + }, + "/api/fleet/kubernetes/download": { + "get": { + "operationId": "%2Fapi%2Ffleet%2Fkubernetes%2Fdownload#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "download", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "fleetServer", + "required": false, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "enrolToken", + "required": false, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "type": "string" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + }, + "404": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent policies" + ] + } + }, + "/api/fleet/logstash_api_keys": { + "post": { + "description": "Generate Logstash API keyy", + "operationId": "%2Fapi%2Ffleet%2Flogstash_api_keys#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "api_key": { + "type": "string" + } + }, + "required": [ + "api_key" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet outputs" + ] + } + }, + "/api/fleet/message_signing_service/rotate_key_pair": { + "post": { + "description": "Rotate fleet message signing key pair", + "operationId": "%2Fapi%2Ffleet%2Fmessage_signing_service%2Frotate_key_pair#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "query", + "name": "acknowledge", + "required": false, + "schema": { + "default": false, + "type": "boolean" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "message": { + "type": "string" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + }, + "500": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Message Signing Service" + ] + } + }, + "/api/fleet/outputs": { + "get": { + "description": "List outputs", + "operationId": "%2Fapi%2Ffleet%2Foutputs#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "anyOf": [ + { + "additionalProperties": true, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "hosts": { + "items": { + "format": "uri", + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_default_monitoring": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "preset": { + "enum": [ + "balanced", + "custom", + "throughput", + "scale", + "latency" + ], + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "shipper": { + "additionalProperties": true, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": true, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "type": { + "enum": [ + "elasticsearch" + ], + "type": "string" + } + }, + "required": [ + "name", + "type", + "hosts" + ], + "type": "object" + }, + { + "additionalProperties": true, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "hosts": { + "items": { + "format": "uri", + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_default_monitoring": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "preset": { + "enum": [ + "balanced", + "custom", + "throughput", + "scale", + "latency" + ], + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "secrets": { + "additionalProperties": true, + "properties": { + "service_token": { + "anyOf": [ + { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + } + }, + "type": "object" + }, + "service_token": { + "nullable": true, + "type": "string" + }, + "shipper": { + "additionalProperties": true, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": true, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "type": { + "enum": [ + "remote_elasticsearch" + ], + "type": "string" + } + }, + "required": [ + "name", + "type", + "hosts" + ], + "type": "object" + }, + { + "additionalProperties": true, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "hosts": { + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_default_monitoring": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "secrets": { + "additionalProperties": true, + "properties": { + "ssl": { + "additionalProperties": true, + "properties": { + "key": { + "anyOf": [ + { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + } + }, + "type": "object" + } + }, + "type": "object" + }, + "shipper": { + "additionalProperties": true, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": true, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "type": { + "enum": [ + "logstash" + ], + "type": "string" + } + }, + "required": [ + "name", + "type", + "hosts" + ], + "type": "object" + }, + { + "additionalProperties": true, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "auth_type": { + "enum": [ + "none", + "user_pass", + "ssl", + "kerberos" + ], + "type": "string" + }, + "broker_timeout": { + "type": "number" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "client_id": { + "type": "string" + }, + "compression": { + "enum": [ + "gzip", + "snappy", + "lz4", + "none" + ], + "type": "string" + }, + "compression_level": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "type": "number" + }, + { + "not": {} + } + ] + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "connection_type": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "enum": [ + "plaintext", + "encryption" + ], + "type": "string" + }, + { + "not": {} + } + ] + }, + "hash": { + "additionalProperties": true, + "properties": { + "hash": { + "type": "string" + }, + "random": { + "type": "boolean" + } + }, + "type": "object" + }, + "headers": { + "items": { + "additionalProperties": true, + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "required": [ + "key", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "hosts": { + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_default_monitoring": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "partition": { + "enum": [ + "random", + "round_robin", + "hash" + ], + "type": "string" + }, + "password": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "not": {} + }, + { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "type": "string" + }, + { + "not": {} + } + ] + } + ] + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "random": { + "additionalProperties": true, + "properties": { + "group_events": { + "type": "number" + } + }, + "type": "object" + }, + "required_acks": { + "enum": [ + 1, + 0, + -1 + ], + "type": "integer" + }, + "round_robin": { + "additionalProperties": true, + "properties": { + "group_events": { + "type": "number" + } + }, + "type": "object" + }, + "sasl": { + "additionalProperties": true, + "nullable": true, + "properties": { + "mechanism": { + "enum": [ + "PLAIN", + "SCRAM-SHA-256", + "SCRAM-SHA-512" + ], + "type": "string" + } + }, + "type": "object" + }, + "secrets": { + "additionalProperties": true, + "properties": { + "password": { + "anyOf": [ + { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + }, + "ssl": { + "additionalProperties": true, + "properties": { + "key": { + "anyOf": [ + { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + } + }, + "required": [ + "key" + ], + "type": "object" + } + }, + "type": "object" + }, + "shipper": { + "additionalProperties": true, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": true, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "timeout": { + "type": "number" + }, + "topic": { + "type": "string" + }, + "topics": { + "items": { + "additionalProperties": true, + "properties": { + "topic": { + "type": "string" + }, + "when": { + "additionalProperties": true, + "properties": { + "condition": { + "type": "string" + }, + "type": { + "enum": [ + "equals", + "contains", + "regexp" + ], + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "topic" + ], + "type": "object" + }, + "minItems": 1, + "type": "array" + }, + "type": { + "enum": [ + "kafka" + ], + "type": "string" + }, + "username": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "type": "string" + }, + { + "not": {} + } + ] + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "type", + "hosts", + "compression_level", + "auth_type", + "connection_type", + "username", + "password" + ], + "type": "object" + } + ] + }, + "type": "array" + }, + "page": { + "type": "number" + }, + "perPage": { + "type": "number" + }, + "total": { + "type": "number" + } + }, + "required": [ + "items", + "total", + "page", + "perPage" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet outputs" + ] + }, + "post": { + "description": "Create output", + "operationId": "%2Fapi%2Ffleet%2Foutputs#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "hosts": { + "items": { + "format": "uri", + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_default_monitoring": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "preset": { + "enum": [ + "balanced", + "custom", + "throughput", + "scale", + "latency" + ], + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "shipper": { + "additionalProperties": false, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": false, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "type": { + "enum": [ + "elasticsearch" + ], + "type": "string" + } + }, + "required": [ + "name", + "type", + "hosts" + ], + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "hosts": { + "items": { + "format": "uri", + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_default_monitoring": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "preset": { + "enum": [ + "balanced", + "custom", + "throughput", + "scale", + "latency" + ], + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "secrets": { + "additionalProperties": false, + "properties": { + "service_token": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + } + }, + "type": "object" + }, + "service_token": { + "nullable": true, + "type": "string" + }, + "shipper": { + "additionalProperties": false, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": false, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "type": { + "enum": [ + "remote_elasticsearch" + ], + "type": "string" + } + }, + "required": [ + "name", + "type", + "hosts" + ], + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "hosts": { + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_default_monitoring": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "secrets": { + "additionalProperties": false, + "properties": { + "ssl": { + "additionalProperties": false, + "properties": { + "key": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + } + }, + "type": "object" + } + }, + "type": "object" + }, + "shipper": { + "additionalProperties": false, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": false, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "type": { + "enum": [ + "logstash" + ], + "type": "string" + } + }, + "required": [ + "name", + "type", + "hosts" + ], + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "auth_type": { + "enum": [ + "none", + "user_pass", + "ssl", + "kerberos" + ], + "type": "string" + }, + "broker_timeout": { + "type": "number" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "client_id": { + "type": "string" + }, + "compression": { + "enum": [ + "gzip", + "snappy", + "lz4", + "none" + ], + "type": "string" + }, + "compression_level": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "type": "number" + }, + { + "not": {} + } + ] + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "connection_type": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "enum": [ + "plaintext", + "encryption" + ], + "type": "string" + }, + { + "not": {} + } + ] + }, + "hash": { + "additionalProperties": false, + "properties": { + "hash": { + "type": "string" + }, + "random": { + "type": "boolean" + } + }, + "type": "object" + }, + "headers": { + "items": { + "additionalProperties": false, + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "required": [ + "key", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "hosts": { + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_default_monitoring": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "partition": { + "enum": [ + "random", + "round_robin", + "hash" + ], + "type": "string" + }, + "password": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "not": {} + }, + { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "type": "string" + }, + { + "not": {} + } + ] + } + ] + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "random": { + "additionalProperties": false, + "properties": { + "group_events": { + "type": "number" + } + }, + "type": "object" + }, + "required_acks": { + "enum": [ + 1, + 0, + -1 + ], + "type": "integer" + }, + "round_robin": { + "additionalProperties": false, + "properties": { + "group_events": { + "type": "number" + } + }, + "type": "object" + }, + "sasl": { + "additionalProperties": false, + "nullable": true, + "properties": { + "mechanism": { + "enum": [ + "PLAIN", + "SCRAM-SHA-256", + "SCRAM-SHA-512" + ], + "type": "string" + } + }, + "type": "object" + }, + "secrets": { + "additionalProperties": false, + "properties": { + "password": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + }, + "ssl": { + "additionalProperties": false, + "properties": { + "key": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + } + }, + "required": [ + "key" + ], + "type": "object" + } + }, + "type": "object" + }, + "shipper": { + "additionalProperties": false, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": false, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "timeout": { + "type": "number" + }, + "topic": { + "type": "string" + }, + "topics": { + "items": { + "additionalProperties": false, + "properties": { + "topic": { + "type": "string" + }, + "when": { + "additionalProperties": false, + "properties": { + "condition": { + "type": "string" + }, + "type": { + "enum": [ + "equals", + "contains", + "regexp" + ], + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "topic" + ], + "type": "object" + }, + "minItems": 1, + "type": "array" + }, + "type": { + "enum": [ + "kafka" + ], + "type": "string" + }, + "username": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "type": "string" + }, + { + "not": {} + } + ] + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "type", + "hosts", + "compression_level", + "auth_type", + "connection_type", + "username", + "password" + ], + "type": "object" + } + ] + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "anyOf": [ + { + "additionalProperties": true, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "hosts": { + "items": { + "format": "uri", + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_default_monitoring": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "preset": { + "enum": [ + "balanced", + "custom", + "throughput", + "scale", + "latency" + ], + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "shipper": { + "additionalProperties": true, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": true, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "type": { + "enum": [ + "elasticsearch" + ], + "type": "string" + } + }, + "required": [ + "name", + "type", + "hosts" + ], + "type": "object" + }, + { + "additionalProperties": true, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "hosts": { + "items": { + "format": "uri", + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_default_monitoring": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "preset": { + "enum": [ + "balanced", + "custom", + "throughput", + "scale", + "latency" + ], + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "secrets": { + "additionalProperties": true, + "properties": { + "service_token": { + "anyOf": [ + { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + } + }, + "type": "object" + }, + "service_token": { + "nullable": true, + "type": "string" + }, + "shipper": { + "additionalProperties": true, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": true, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "type": { + "enum": [ + "remote_elasticsearch" + ], + "type": "string" + } + }, + "required": [ + "name", + "type", + "hosts" + ], + "type": "object" + }, + { + "additionalProperties": true, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "hosts": { + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_default_monitoring": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "secrets": { + "additionalProperties": true, + "properties": { + "ssl": { + "additionalProperties": true, + "properties": { + "key": { + "anyOf": [ + { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + } + }, + "type": "object" + } + }, + "type": "object" + }, + "shipper": { + "additionalProperties": true, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": true, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "type": { + "enum": [ + "logstash" + ], + "type": "string" + } + }, + "required": [ + "name", + "type", + "hosts" + ], + "type": "object" + }, + { + "additionalProperties": true, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "auth_type": { + "enum": [ + "none", + "user_pass", + "ssl", + "kerberos" + ], + "type": "string" + }, + "broker_timeout": { + "type": "number" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "client_id": { + "type": "string" + }, + "compression": { + "enum": [ + "gzip", + "snappy", + "lz4", + "none" + ], + "type": "string" + }, + "compression_level": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "type": "number" + }, + { + "not": {} + } + ] + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "connection_type": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "enum": [ + "plaintext", + "encryption" + ], + "type": "string" + }, + { + "not": {} + } + ] + }, + "hash": { + "additionalProperties": true, + "properties": { + "hash": { + "type": "string" + }, + "random": { + "type": "boolean" + } + }, + "type": "object" + }, + "headers": { + "items": { + "additionalProperties": true, + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "required": [ + "key", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "hosts": { + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_default_monitoring": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "partition": { + "enum": [ + "random", + "round_robin", + "hash" + ], + "type": "string" + }, + "password": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "not": {} + }, + { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "type": "string" + }, + { + "not": {} + } + ] + } + ] + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "random": { + "additionalProperties": true, + "properties": { + "group_events": { + "type": "number" + } + }, + "type": "object" + }, + "required_acks": { + "enum": [ + 1, + 0, + -1 + ], + "type": "integer" + }, + "round_robin": { + "additionalProperties": true, + "properties": { + "group_events": { + "type": "number" + } + }, + "type": "object" + }, + "sasl": { + "additionalProperties": true, + "nullable": true, + "properties": { + "mechanism": { + "enum": [ + "PLAIN", + "SCRAM-SHA-256", + "SCRAM-SHA-512" + ], + "type": "string" + } + }, + "type": "object" + }, + "secrets": { + "additionalProperties": true, + "properties": { + "password": { + "anyOf": [ + { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + }, + "ssl": { + "additionalProperties": true, + "properties": { + "key": { + "anyOf": [ + { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + } + }, + "required": [ + "key" + ], + "type": "object" + } + }, + "type": "object" + }, + "shipper": { + "additionalProperties": true, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": true, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "timeout": { + "type": "number" + }, + "topic": { + "type": "string" + }, + "topics": { + "items": { + "additionalProperties": true, + "properties": { + "topic": { + "type": "string" + }, + "when": { + "additionalProperties": true, + "properties": { + "condition": { + "type": "string" + }, + "type": { + "enum": [ + "equals", + "contains", + "regexp" + ], + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "topic" + ], + "type": "object" + }, + "minItems": 1, + "type": "array" + }, + "type": { + "enum": [ + "kafka" + ], + "type": "string" + }, + "username": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "type": "string" + }, + { + "not": {} + } + ] + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "type", + "hosts", + "compression_level", + "auth_type", + "connection_type", + "username", + "password" + ], + "type": "object" + } + ] + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet outputs" + ] + } + }, + "/api/fleet/outputs/{outputId}": { + "delete": { + "description": "Delete output by ID", + "operationId": "%2Fapi%2Ffleet%2Foutputs%2F%7BoutputId%7D#2", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "outputId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + }, + "404": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet outputs" + ] + }, + "get": { + "description": "Get output by ID", + "operationId": "%2Fapi%2Ffleet%2Foutputs%2F%7BoutputId%7D#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "path", + "name": "outputId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "anyOf": [ + { + "additionalProperties": true, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "hosts": { + "items": { + "format": "uri", + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_default_monitoring": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "preset": { + "enum": [ + "balanced", + "custom", + "throughput", + "scale", + "latency" + ], + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "shipper": { + "additionalProperties": true, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": true, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "type": { + "enum": [ + "elasticsearch" + ], + "type": "string" + } + }, + "required": [ + "name", + "type", + "hosts" + ], + "type": "object" + }, + { + "additionalProperties": true, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "hosts": { + "items": { + "format": "uri", + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_default_monitoring": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "preset": { + "enum": [ + "balanced", + "custom", + "throughput", + "scale", + "latency" + ], + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "secrets": { + "additionalProperties": true, + "properties": { + "service_token": { + "anyOf": [ + { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + } + }, + "type": "object" + }, + "service_token": { + "nullable": true, + "type": "string" + }, + "shipper": { + "additionalProperties": true, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": true, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "type": { + "enum": [ + "remote_elasticsearch" + ], + "type": "string" + } + }, + "required": [ + "name", + "type", + "hosts" + ], + "type": "object" + }, + { + "additionalProperties": true, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "hosts": { + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_default_monitoring": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "secrets": { + "additionalProperties": true, + "properties": { + "ssl": { + "additionalProperties": true, + "properties": { + "key": { + "anyOf": [ + { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + } + }, + "type": "object" + } + }, + "type": "object" + }, + "shipper": { + "additionalProperties": true, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": true, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "type": { + "enum": [ + "logstash" + ], + "type": "string" + } + }, + "required": [ + "name", + "type", + "hosts" + ], + "type": "object" + }, + { + "additionalProperties": true, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "auth_type": { + "enum": [ + "none", + "user_pass", + "ssl", + "kerberos" + ], + "type": "string" + }, + "broker_timeout": { + "type": "number" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "client_id": { + "type": "string" + }, + "compression": { + "enum": [ + "gzip", + "snappy", + "lz4", + "none" + ], + "type": "string" + }, + "compression_level": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "type": "number" + }, + { + "not": {} + } + ] + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "connection_type": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "enum": [ + "plaintext", + "encryption" + ], + "type": "string" + }, + { + "not": {} + } + ] + }, + "hash": { + "additionalProperties": true, + "properties": { + "hash": { + "type": "string" + }, + "random": { + "type": "boolean" + } + }, + "type": "object" + }, + "headers": { + "items": { + "additionalProperties": true, + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "required": [ + "key", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "hosts": { + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_default_monitoring": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "partition": { + "enum": [ + "random", + "round_robin", + "hash" + ], + "type": "string" + }, + "password": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "not": {} + }, + { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "type": "string" + }, + { + "not": {} + } + ] + } + ] + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "random": { + "additionalProperties": true, + "properties": { + "group_events": { + "type": "number" + } + }, + "type": "object" + }, + "required_acks": { + "enum": [ + 1, + 0, + -1 + ], + "type": "integer" + }, + "round_robin": { + "additionalProperties": true, + "properties": { + "group_events": { + "type": "number" + } + }, + "type": "object" + }, + "sasl": { + "additionalProperties": true, + "nullable": true, + "properties": { + "mechanism": { + "enum": [ + "PLAIN", + "SCRAM-SHA-256", + "SCRAM-SHA-512" + ], + "type": "string" + } + }, + "type": "object" + }, + "secrets": { + "additionalProperties": true, + "properties": { + "password": { + "anyOf": [ + { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + }, + "ssl": { + "additionalProperties": true, + "properties": { + "key": { + "anyOf": [ + { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + } + }, + "required": [ + "key" + ], + "type": "object" + } + }, + "type": "object" + }, + "shipper": { + "additionalProperties": true, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": true, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "timeout": { + "type": "number" + }, + "topic": { + "type": "string" + }, + "topics": { + "items": { + "additionalProperties": true, + "properties": { + "topic": { + "type": "string" + }, + "when": { + "additionalProperties": true, + "properties": { + "condition": { + "type": "string" + }, + "type": { + "enum": [ + "equals", + "contains", + "regexp" + ], + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "topic" + ], + "type": "object" + }, + "minItems": 1, + "type": "array" + }, + "type": { + "enum": [ + "kafka" + ], + "type": "string" + }, + "username": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "type": "string" + }, + { + "not": {} + } + ] + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "type", + "hosts", + "compression_level", + "auth_type", + "connection_type", + "username", + "password" + ], + "type": "object" + } + ] + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet outputs" + ] + }, + "put": { + "description": "Update output by ID", + "operationId": "%2Fapi%2Ffleet%2Foutputs%2F%7BoutputId%7D#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "outputId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "hosts": { + "items": { + "format": "uri", + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "type": "boolean" + }, + "is_default_monitoring": { + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "preset": { + "enum": [ + "balanced", + "custom", + "throughput", + "scale", + "latency" + ], + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "shipper": { + "additionalProperties": false, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": false, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "type": { + "enum": [ + "elasticsearch" + ], + "type": "string" + } + }, + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "hosts": { + "items": { + "format": "uri", + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "type": "boolean" + }, + "is_default_monitoring": { + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "preset": { + "enum": [ + "balanced", + "custom", + "throughput", + "scale", + "latency" + ], + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "secrets": { + "additionalProperties": false, + "properties": { + "service_token": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + } + }, + "type": "object" + }, + "service_token": { + "nullable": true, + "type": "string" + }, + "shipper": { + "additionalProperties": false, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": false, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "type": { + "enum": [ + "remote_elasticsearch" + ], + "type": "string" + } + }, + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "hosts": { + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "type": "boolean" + }, + "is_default_monitoring": { + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "secrets": { + "additionalProperties": false, + "properties": { + "ssl": { + "additionalProperties": false, + "properties": { + "key": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + } + }, + "type": "object" + } + }, + "type": "object" + }, + "shipper": { + "additionalProperties": false, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": false, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "type": { + "enum": [ + "logstash" + ], + "type": "string" + } + }, + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "auth_type": { + "enum": [ + "none", + "user_pass", + "ssl", + "kerberos" + ], + "type": "string" + }, + "broker_timeout": { + "type": "number" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "client_id": { + "type": "string" + }, + "compression": { + "enum": [ + "gzip", + "snappy", + "lz4", + "none" + ], + "type": "string" + }, + "compression_level": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "type": "number" + }, + { + "not": {} + } + ] + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "connection_type": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "enum": [ + "plaintext", + "encryption" + ], + "type": "string" + }, + { + "not": {} + } + ] + }, + "hash": { + "additionalProperties": false, + "properties": { + "hash": { + "type": "string" + }, + "random": { + "type": "boolean" + } + }, + "type": "object" + }, + "headers": { + "items": { + "additionalProperties": false, + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "required": [ + "key", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "hosts": { + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_default_monitoring": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "partition": { + "enum": [ + "random", + "round_robin", + "hash" + ], + "type": "string" + }, + "password": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "not": {} + }, + { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "type": "string" + }, + { + "not": {} + } + ] + } + ] + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "random": { + "additionalProperties": false, + "properties": { + "group_events": { + "type": "number" + } + }, + "type": "object" + }, + "required_acks": { + "enum": [ + 1, + 0, + -1 + ], + "type": "integer" + }, + "round_robin": { + "additionalProperties": false, + "properties": { + "group_events": { + "type": "number" + } + }, + "type": "object" + }, + "sasl": { + "additionalProperties": false, + "nullable": true, + "properties": { + "mechanism": { + "enum": [ + "PLAIN", + "SCRAM-SHA-256", + "SCRAM-SHA-512" + ], + "type": "string" + } + }, + "type": "object" + }, + "secrets": { + "additionalProperties": false, + "properties": { + "password": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + }, + "ssl": { + "additionalProperties": false, + "properties": { + "key": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + } + }, + "required": [ + "key" + ], + "type": "object" + } + }, + "type": "object" + }, + "shipper": { + "additionalProperties": false, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": false, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "timeout": { + "type": "number" + }, + "topic": { + "type": "string" + }, + "topics": { + "items": { + "additionalProperties": false, + "properties": { + "topic": { + "type": "string" + }, + "when": { + "additionalProperties": false, + "properties": { + "condition": { + "type": "string" + }, + "type": { + "enum": [ + "equals", + "contains", + "regexp" + ], + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "topic" + ], + "type": "object" + }, + "minItems": 1, + "type": "array" + }, + "type": { + "enum": [ + "kafka" + ], + "type": "string" + }, + "username": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "type": "string" + }, + { + "not": {} + } + ] + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "compression_level", + "connection_type", + "username", + "password" + ], + "type": "object" + } + ] + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "anyOf": [ + { + "additionalProperties": true, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "hosts": { + "items": { + "format": "uri", + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_default_monitoring": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "preset": { + "enum": [ + "balanced", + "custom", + "throughput", + "scale", + "latency" + ], + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "shipper": { + "additionalProperties": true, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": true, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "type": { + "enum": [ + "elasticsearch" + ], + "type": "string" + } + }, + "required": [ + "name", + "type", + "hosts" + ], + "type": "object" + }, + { + "additionalProperties": true, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "hosts": { + "items": { + "format": "uri", + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_default_monitoring": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "preset": { + "enum": [ + "balanced", + "custom", + "throughput", + "scale", + "latency" + ], + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "secrets": { + "additionalProperties": true, + "properties": { + "service_token": { + "anyOf": [ + { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + } + }, + "type": "object" + }, + "service_token": { + "nullable": true, + "type": "string" + }, + "shipper": { + "additionalProperties": true, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": true, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "type": { + "enum": [ + "remote_elasticsearch" + ], + "type": "string" + } + }, + "required": [ + "name", + "type", + "hosts" + ], + "type": "object" + }, + { + "additionalProperties": true, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "hosts": { + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_default_monitoring": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "secrets": { + "additionalProperties": true, + "properties": { + "ssl": { + "additionalProperties": true, + "properties": { + "key": { + "anyOf": [ + { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + } + }, + "type": "object" + } + }, + "type": "object" + }, + "shipper": { + "additionalProperties": true, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": true, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "type": { + "enum": [ + "logstash" + ], + "type": "string" + } + }, + "required": [ + "name", + "type", + "hosts" + ], + "type": "object" + }, + { + "additionalProperties": true, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "auth_type": { + "enum": [ + "none", + "user_pass", + "ssl", + "kerberos" + ], + "type": "string" + }, + "broker_timeout": { + "type": "number" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "client_id": { + "type": "string" + }, + "compression": { + "enum": [ + "gzip", + "snappy", + "lz4", + "none" + ], + "type": "string" + }, + "compression_level": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "type": "number" + }, + { + "not": {} + } + ] + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "connection_type": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "enum": [ + "plaintext", + "encryption" + ], + "type": "string" + }, + { + "not": {} + } + ] + }, + "hash": { + "additionalProperties": true, + "properties": { + "hash": { + "type": "string" + }, + "random": { + "type": "boolean" + } + }, + "type": "object" + }, + "headers": { + "items": { + "additionalProperties": true, + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "required": [ + "key", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "hosts": { + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_default_monitoring": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "partition": { + "enum": [ + "random", + "round_robin", + "hash" + ], + "type": "string" + }, + "password": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "not": {} + }, + { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "type": "string" + }, + { + "not": {} + } + ] + } + ] + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "random": { + "additionalProperties": true, + "properties": { + "group_events": { + "type": "number" + } + }, + "type": "object" + }, + "required_acks": { + "enum": [ + 1, + 0, + -1 + ], + "type": "integer" + }, + "round_robin": { + "additionalProperties": true, + "properties": { + "group_events": { + "type": "number" + } + }, + "type": "object" + }, + "sasl": { + "additionalProperties": true, + "nullable": true, + "properties": { + "mechanism": { + "enum": [ + "PLAIN", + "SCRAM-SHA-256", + "SCRAM-SHA-512" + ], + "type": "string" + } + }, + "type": "object" + }, + "secrets": { + "additionalProperties": true, + "properties": { + "password": { + "anyOf": [ + { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + }, + "ssl": { + "additionalProperties": true, + "properties": { + "key": { + "anyOf": [ + { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + } + }, + "required": [ + "key" + ], + "type": "object" + } + }, + "type": "object" + }, + "shipper": { + "additionalProperties": true, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": true, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "timeout": { + "type": "number" + }, + "topic": { + "type": "string" + }, + "topics": { + "items": { + "additionalProperties": true, + "properties": { + "topic": { + "type": "string" + }, + "when": { + "additionalProperties": true, + "properties": { + "condition": { + "type": "string" + }, + "type": { + "enum": [ + "equals", + "contains", + "regexp" + ], + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "topic" + ], + "type": "object" + }, + "minItems": 1, + "type": "array" + }, + "type": { + "enum": [ + "kafka" + ], + "type": "string" + }, + "username": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "type": "string" + }, + { + "not": {} + } + ] + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "type", + "hosts", + "compression_level", + "auth_type", + "connection_type", + "username", + "password" + ], + "type": "object" + } + ] + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet outputs" + ] + } + }, + "/api/fleet/outputs/{outputId}/health": { + "get": { + "description": "Get latest output health", + "operationId": "%2Fapi%2Ffleet%2Foutputs%2F%7BoutputId%7D%2Fhealth#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "path", + "name": "outputId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "message": { + "description": "long message if unhealthy", + "type": "string" + }, + "state": { + "description": "state of output, HEALTHY or DEGRADED", + "type": "string" + }, + "timestamp": { + "description": "timestamp of reported state", + "type": "string" + } + }, + "required": [ + "state", + "message", + "timestamp" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet outputs" + ] + } + }, + "/api/fleet/package_policies": { + "get": { + "description": "List package policies", + "operationId": "%2Fapi%2Ffleet%2Fpackage_policies#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "page", + "required": false, + "schema": { + "type": "number" + } + }, + { + "in": "query", + "name": "perPage", + "required": false, + "schema": { + "type": "number" + } + }, + { + "in": "query", + "name": "sortField", + "required": false, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "sortOrder", + "required": false, + "schema": { + "enum": [ + "desc", + "asc" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "showUpgradeable", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "kuery", + "required": false, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "format", + "required": false, + "schema": { + "enum": [ + "simplified", + "legacy" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "withAgentCount", + "required": false, + "schema": { + "type": "boolean" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "additionalProperties": false, + "properties": { + "agents": { + "type": "number" + }, + "created_at": { + "type": "string" + }, + "created_by": { + "type": "string" + }, + "description": { + "description": "Package policy description", + "type": "string" + }, + "elasticsearch": { + "additionalProperties": true, + "properties": { + "privileges": { + "additionalProperties": true, + "properties": { + "cluster": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inputs": { + "anyOf": [ + { + "items": { + "additionalProperties": false, + "properties": { + "compiled_input": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "policy_template": { + "type": "string" + }, + "streams": { + "items": { + "additionalProperties": false, + "properties": { + "compiled_stream": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "data_stream": { + "additionalProperties": false, + "properties": { + "dataset": { + "type": "string" + }, + "elasticsearch": { + "additionalProperties": false, + "properties": { + "dynamic_dataset": { + "type": "boolean" + }, + "dynamic_namespace": { + "type": "boolean" + }, + "privileges": { + "additionalProperties": false, + "properties": { + "indices": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": { + "type": "string" + } + }, + "required": [ + "dataset", + "type" + ], + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "release": { + "enum": [ + "ga", + "beta", + "experimental" + ], + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "enabled", + "data_stream", + "compiled_stream" + ], + "type": "object" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "type", + "enabled", + "streams", + "compiled_input" + ], + "type": "object" + }, + "type": "array" + }, + { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "enabled": { + "description": "enable or disable that input, (default to true)", + "type": "boolean" + }, + "streams": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "enabled": { + "description": "enable or disable that stream, (default to true)", + "type": "boolean" + }, + "vars": { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object" + } + }, + "type": "object" + }, + "description": "Input streams (see integration documentation to know what streams are available)", + "type": "object" + }, + "vars": { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object" + } + }, + "type": "object" + }, + "description": "Package policy inputs (see integration documentation to know what inputs are available)", + "type": "object", + "x-oas-optional": true + } + ] + }, + "is_managed": { + "type": "boolean" + }, + "name": { + "description": "Package policy name (should be unique)", + "type": "string" + }, + "namespace": { + "description": "The package policy namespace. Leave blank to inherit the agent policy's namespace.", + "type": "string" + }, + "output_id": { + "nullable": true, + "type": "string" + }, + "overrides": { + "additionalProperties": false, + "description": "Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "properties": { + "inputs": { + "additionalProperties": {}, + "type": "object" + } + }, + "type": "object" + }, + "package": { + "additionalProperties": false, + "properties": { + "experimental_data_stream_features": { + "items": { + "additionalProperties": false, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": false, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Package name", + "type": "string" + }, + "requires_root": { + "type": "boolean" + }, + "title": { + "type": "string" + }, + "version": { + "description": "Package version", + "type": "string" + } + }, + "required": [ + "name", + "version" + ], + "type": "object" + }, + "policy_id": { + "deprecated": true, + "description": "Agent policy ID where that package policy will be added", + "nullable": true, + "type": "string" + }, + "policy_ids": { + "items": { + "description": "Agent policy IDs where that package policy will be added", + "type": "string" + }, + "type": "array" + }, + "revision": { + "type": "number" + }, + "secret_references": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + "type": "array" + }, + "spaceIds": { + "items": { + "type": "string" + }, + "type": "array" + }, + "updated_at": { + "type": "string" + }, + "updated_by": { + "type": "string" + }, + "vars": { + "anyOf": [ + { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object", + "x-oas-optional": true + } + ] + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "enabled", + "inputs", + "id", + "revision", + "updated_at", + "updated_by", + "created_at", + "created_by" + ], + "type": "object" + }, + "type": "array" + }, + "page": { + "type": "number" + }, + "perPage": { + "type": "number" + }, + "total": { + "type": "number" + } + }, + "required": [ + "items", + "total", + "page", + "perPage" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet package policies" + ] + }, + "post": { + "description": "Create package policy", + "operationId": "%2Fapi%2Ffleet%2Fpackage_policies#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "query", + "name": "format", + "required": false, + "schema": { + "enum": [ + "simplified", + "legacy" + ], + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "description": { + "description": "Package policy description", + "type": "string" + }, + "enabled": { + "type": "boolean" + }, + "force": { + "description": "Force package policy creation even if package is not verified, or if the agent policy is managed.", + "type": "boolean" + }, + "id": { + "description": "Package policy unique identifier", + "type": "string" + }, + "inputs": { + "items": { + "additionalProperties": false, + "properties": { + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "policy_template": { + "type": "string" + }, + "streams": { + "items": { + "additionalProperties": false, + "properties": { + "compiled_stream": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "data_stream": { + "additionalProperties": false, + "properties": { + "dataset": { + "type": "string" + }, + "elasticsearch": { + "additionalProperties": false, + "properties": { + "dynamic_dataset": { + "type": "boolean" + }, + "dynamic_namespace": { + "type": "boolean" + }, + "privileges": { + "additionalProperties": false, + "properties": { + "indices": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": { + "type": "string" + } + }, + "required": [ + "dataset", + "type" + ], + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "release": { + "enum": [ + "ga", + "beta", + "experimental" + ], + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "enabled", + "data_stream", + "compiled_stream" + ], + "type": "object" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "type", + "enabled" + ], + "type": "object" + }, + "type": "array" + }, + "is_managed": { + "type": "boolean" + }, + "name": { + "description": "Package policy name (should be unique)", + "type": "string" + }, + "namespace": { + "description": "The package policy namespace. Leave blank to inherit the agent policy's namespace.", + "type": "string" + }, + "output_id": { + "nullable": true, + "type": "string" + }, + "overrides": { + "additionalProperties": false, + "description": "Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "properties": { + "inputs": { + "additionalProperties": {}, + "type": "object" + } + }, + "type": "object" + }, + "package": { + "additionalProperties": false, + "properties": { + "experimental_data_stream_features": { + "items": { + "additionalProperties": false, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": false, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Package name", + "type": "string" + }, + "requires_root": { + "type": "boolean" + }, + "title": { + "type": "string" + }, + "version": { + "description": "Package version", + "type": "string" + } + }, + "required": [ + "name", + "version" + ], + "type": "object" + }, + "policy_id": { + "deprecated": true, + "description": "Agent policy ID where that package policy will be added", + "nullable": true, + "type": "string" + }, + "policy_ids": { + "items": { + "description": "Agent policy IDs where that package policy will be added", + "type": "string" + }, + "type": "array" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "name", + "inputs" + ], + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "description": { + "type": "string" + }, + "force": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inputs": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "enabled": { + "description": "enable or disable that input, (default to true)", + "type": "boolean" + }, + "streams": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "enabled": { + "description": "enable or disable that stream, (default to true)", + "type": "boolean" + }, + "vars": { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object" + } + }, + "type": "object" + }, + "description": "Input streams (see integration documentation to know what streams are available)", + "type": "object" + }, + "vars": { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object" + } + }, + "type": "object" + }, + "description": "Package policy inputs (see integration documentation to know what inputs are available)", + "type": "object" + }, + "name": { + "type": "string" + }, + "namespace": { + "type": "string" + }, + "output_id": { + "nullable": true, + "type": "string" + }, + "package": { + "additionalProperties": false, + "properties": { + "experimental_data_stream_features": { + "items": { + "additionalProperties": false, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": false, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Package name", + "type": "string" + }, + "requires_root": { + "type": "boolean" + }, + "title": { + "type": "string" + }, + "version": { + "description": "Package version", + "type": "string" + } + }, + "required": [ + "name", + "version" + ], + "type": "object" + }, + "policy_id": { + "nullable": true, + "type": "string" + }, + "policy_ids": { + "items": { + "type": "string" + }, + "type": "array" + }, + "vars": { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "name", + "package" + ], + "type": "object" + } + ], + "description": "You should use inputs as an object and not use the deprecated inputs array." + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "agents": { + "type": "number" + }, + "created_at": { + "type": "string" + }, + "created_by": { + "type": "string" + }, + "description": { + "description": "Package policy description", + "type": "string" + }, + "elasticsearch": { + "additionalProperties": true, + "properties": { + "privileges": { + "additionalProperties": true, + "properties": { + "cluster": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inputs": { + "anyOf": [ + { + "items": { + "additionalProperties": false, + "properties": { + "compiled_input": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "policy_template": { + "type": "string" + }, + "streams": { + "items": { + "additionalProperties": false, + "properties": { + "compiled_stream": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "data_stream": { + "additionalProperties": false, + "properties": { + "dataset": { + "type": "string" + }, + "elasticsearch": { + "additionalProperties": false, + "properties": { + "dynamic_dataset": { + "type": "boolean" + }, + "dynamic_namespace": { + "type": "boolean" + }, + "privileges": { + "additionalProperties": false, + "properties": { + "indices": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": { + "type": "string" + } + }, + "required": [ + "dataset", + "type" + ], + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "release": { + "enum": [ + "ga", + "beta", + "experimental" + ], + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "enabled", + "data_stream", + "compiled_stream" + ], + "type": "object" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "type", + "enabled", + "streams", + "compiled_input" + ], + "type": "object" + }, + "type": "array" + }, + { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "enabled": { + "description": "enable or disable that input, (default to true)", + "type": "boolean" + }, + "streams": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "enabled": { + "description": "enable or disable that stream, (default to true)", + "type": "boolean" + }, + "vars": { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object" + } + }, + "type": "object" + }, + "description": "Input streams (see integration documentation to know what streams are available)", + "type": "object" + }, + "vars": { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object" + } + }, + "type": "object" + }, + "description": "Package policy inputs (see integration documentation to know what inputs are available)", + "type": "object", + "x-oas-optional": true + } + ] + }, + "is_managed": { + "type": "boolean" + }, + "name": { + "description": "Package policy name (should be unique)", + "type": "string" + }, + "namespace": { + "description": "The package policy namespace. Leave blank to inherit the agent policy's namespace.", + "type": "string" + }, + "output_id": { + "nullable": true, + "type": "string" + }, + "overrides": { + "additionalProperties": false, + "description": "Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "properties": { + "inputs": { + "additionalProperties": {}, + "type": "object" + } + }, + "type": "object" + }, + "package": { + "additionalProperties": false, + "properties": { + "experimental_data_stream_features": { + "items": { + "additionalProperties": false, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": false, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Package name", + "type": "string" + }, + "requires_root": { + "type": "boolean" + }, + "title": { + "type": "string" + }, + "version": { + "description": "Package version", + "type": "string" + } + }, + "required": [ + "name", + "version" + ], + "type": "object" + }, + "policy_id": { + "deprecated": true, + "description": "Agent policy ID where that package policy will be added", + "nullable": true, + "type": "string" + }, + "policy_ids": { + "items": { + "description": "Agent policy IDs where that package policy will be added", + "type": "string" + }, + "type": "array" + }, + "revision": { + "type": "number" + }, + "secret_references": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + "type": "array" + }, + "spaceIds": { + "items": { + "type": "string" + }, + "type": "array" + }, + "updated_at": { + "type": "string" + }, + "updated_by": { + "type": "string" + }, + "vars": { + "anyOf": [ + { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object", + "x-oas-optional": true + } + ] + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "enabled", + "inputs", + "id", + "revision", + "updated_at", + "updated_by", + "created_at", + "created_by" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + }, + "409": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet package policies" + ] + } + }, + "/api/fleet/package_policies/_bulk_get": { + "post": { + "description": "Bulk get package policies", + "operationId": "%2Fapi%2Ffleet%2Fpackage_policies%2F_bulk_get#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "query", + "name": "format", + "required": false, + "schema": { + "enum": [ + "simplified", + "legacy" + ], + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "ids": { + "description": "list of package policy ids", + "items": { + "type": "string" + }, + "type": "array" + }, + "ignoreMissing": { + "type": "boolean" + } + }, + "required": [ + "ids" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "additionalProperties": false, + "properties": { + "agents": { + "type": "number" + }, + "created_at": { + "type": "string" + }, + "created_by": { + "type": "string" + }, + "description": { + "description": "Package policy description", + "type": "string" + }, + "elasticsearch": { + "additionalProperties": true, + "properties": { + "privileges": { + "additionalProperties": true, + "properties": { + "cluster": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inputs": { + "anyOf": [ + { + "items": { + "additionalProperties": false, + "properties": { + "compiled_input": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "policy_template": { + "type": "string" + }, + "streams": { + "items": { + "additionalProperties": false, + "properties": { + "compiled_stream": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "data_stream": { + "additionalProperties": false, + "properties": { + "dataset": { + "type": "string" + }, + "elasticsearch": { + "additionalProperties": false, + "properties": { + "dynamic_dataset": { + "type": "boolean" + }, + "dynamic_namespace": { + "type": "boolean" + }, + "privileges": { + "additionalProperties": false, + "properties": { + "indices": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": { + "type": "string" + } + }, + "required": [ + "dataset", + "type" + ], + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "release": { + "enum": [ + "ga", + "beta", + "experimental" + ], + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "enabled", + "data_stream", + "compiled_stream" + ], + "type": "object" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "type", + "enabled", + "streams", + "compiled_input" + ], + "type": "object" + }, + "type": "array" + }, + { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "enabled": { + "description": "enable or disable that input, (default to true)", + "type": "boolean" + }, + "streams": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "enabled": { + "description": "enable or disable that stream, (default to true)", + "type": "boolean" + }, + "vars": { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object" + } + }, + "type": "object" + }, + "description": "Input streams (see integration documentation to know what streams are available)", + "type": "object" + }, + "vars": { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object" + } + }, + "type": "object" + }, + "description": "Package policy inputs (see integration documentation to know what inputs are available)", + "type": "object", + "x-oas-optional": true + } + ] + }, + "is_managed": { + "type": "boolean" + }, + "name": { + "description": "Package policy name (should be unique)", + "type": "string" + }, + "namespace": { + "description": "The package policy namespace. Leave blank to inherit the agent policy's namespace.", + "type": "string" + }, + "output_id": { + "nullable": true, + "type": "string" + }, + "overrides": { + "additionalProperties": false, + "description": "Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "properties": { + "inputs": { + "additionalProperties": {}, + "type": "object" + } + }, + "type": "object" + }, + "package": { + "additionalProperties": false, + "properties": { + "experimental_data_stream_features": { + "items": { + "additionalProperties": false, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": false, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Package name", + "type": "string" + }, + "requires_root": { + "type": "boolean" + }, + "title": { + "type": "string" + }, + "version": { + "description": "Package version", + "type": "string" + } + }, + "required": [ + "name", + "version" + ], + "type": "object" + }, + "policy_id": { + "deprecated": true, + "description": "Agent policy ID where that package policy will be added", + "nullable": true, + "type": "string" + }, + "policy_ids": { + "items": { + "description": "Agent policy IDs where that package policy will be added", + "type": "string" + }, + "type": "array" + }, + "revision": { + "type": "number" + }, + "secret_references": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + "type": "array" + }, + "spaceIds": { + "items": { + "type": "string" + }, + "type": "array" + }, + "updated_at": { + "type": "string" + }, + "updated_by": { + "type": "string" + }, + "vars": { + "anyOf": [ + { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object", + "x-oas-optional": true + } + ] + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "enabled", + "inputs", + "id", + "revision", + "updated_at", + "updated_by", + "created_at", + "created_by" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "items" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + }, + "404": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "message": { + "type": "string" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet package policies" + ] + } + }, + "/api/fleet/package_policies/delete": { + "post": { + "description": "Bulk delete package policies", + "operationId": "%2Fapi%2Ffleet%2Fpackage_policies%2Fdelete#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "force": { + "type": "boolean" + }, + "packagePolicyIds": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "packagePolicyIds" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "items": { + "additionalProperties": false, + "properties": { + "body": { + "additionalProperties": false, + "properties": { + "message": { + "type": "string" + } + }, + "required": [ + "message" + ], + "type": "object" + }, + "id": { + "type": "string" + }, + "name": { + "type": "string" + }, + "output_id": { + "nullable": true, + "type": "string" + }, + "package": { + "additionalProperties": false, + "properties": { + "experimental_data_stream_features": { + "items": { + "additionalProperties": false, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": false, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Package name", + "type": "string" + }, + "requires_root": { + "type": "boolean" + }, + "title": { + "type": "string" + }, + "version": { + "description": "Package version", + "type": "string" + } + }, + "required": [ + "name", + "version" + ], + "type": "object" + }, + "policy_id": { + "deprecated": true, + "description": "Use `policy_ids` instead", + "nullable": true, + "type": "string" + }, + "policy_ids": { + "items": { + "type": "string" + }, + "type": "array" + }, + "statusCode": { + "type": "number" + }, + "success": { + "type": "boolean" + } + }, + "required": [ + "id", + "success", + "policy_ids", + "package" + ], + "type": "object" + }, + "type": "array" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet package policies" + ] + } + }, + "/api/fleet/package_policies/upgrade": { + "post": { + "description": "Upgrade package policy to a newer package version", + "operationId": "%2Fapi%2Ffleet%2Fpackage_policies%2Fupgrade#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "packagePolicyIds": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "packagePolicyIds" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "items": { + "additionalProperties": false, + "properties": { + "body": { + "additionalProperties": false, + "properties": { + "message": { + "type": "string" + } + }, + "required": [ + "message" + ], + "type": "object" + }, + "id": { + "type": "string" + }, + "name": { + "type": "string" + }, + "statusCode": { + "type": "number" + }, + "success": { + "type": "boolean" + } + }, + "required": [ + "id", + "success" + ], + "type": "object" + }, + "type": "array" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet package policies" + ] + } + }, + "/api/fleet/package_policies/upgrade/dryrun": { + "post": { + "description": "Dry run package policy upgrade", + "operationId": "%2Fapi%2Ffleet%2Fpackage_policies%2Fupgrade%2Fdryrun#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "packagePolicyIds": { + "items": { + "type": "string" + }, + "type": "array" + }, + "packageVersion": { + "type": "string" + } + }, + "required": [ + "packagePolicyIds" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "items": { + "additionalProperties": false, + "properties": { + "agent_diff": { + "items": { + "items": { + "additionalProperties": true, + "properties": { + "data_stream": { + "additionalProperties": true, + "properties": { + "namespace": { + "type": "string" + } + }, + "required": [ + "namespace" + ], + "type": "object" + }, + "id": { + "type": "string" + }, + "meta": { + "additionalProperties": true, + "properties": { + "package": { + "additionalProperties": true, + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "version" + ], + "type": "object" + } + }, + "required": [ + "package" + ], + "type": "object" + }, + "name": { + "type": "string" + }, + "package_policy_id": { + "type": "string" + }, + "processors": { + "items": { + "additionalProperties": true, + "properties": { + "add_fields": { + "additionalProperties": true, + "properties": { + "fields": { + "additionalProperties": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "number" + } + ] + }, + "type": "object" + }, + "target": { + "type": "string" + } + }, + "required": [ + "target", + "fields" + ], + "type": "object" + } + }, + "required": [ + "add_fields" + ], + "type": "object" + }, + "type": "array" + }, + "revision": { + "type": "number" + }, + "streams": { + "items": { + "additionalProperties": true, + "properties": { + "data_stream": { + "additionalProperties": true, + "properties": { + "dataset": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "dataset" + ], + "type": "object" + }, + "id": { + "type": "string" + } + }, + "required": [ + "id", + "data_stream" + ], + "type": "object" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "use_output": { + "type": "string" + } + }, + "required": [ + "id", + "name", + "revision", + "type", + "data_stream", + "use_output", + "package_policy_id" + ], + "type": "object" + }, + "type": "array" + }, + "type": "array" + }, + "body": { + "additionalProperties": false, + "properties": { + "message": { + "type": "string" + } + }, + "required": [ + "message" + ], + "type": "object" + }, + "diff": { + "items": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "agents": { + "type": "number" + }, + "created_at": { + "type": "string" + }, + "created_by": { + "type": "string" + }, + "description": { + "description": "Package policy description", + "type": "string" + }, + "elasticsearch": { + "additionalProperties": true, + "properties": { + "privileges": { + "additionalProperties": true, + "properties": { + "cluster": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inputs": { + "anyOf": [ + { + "items": { + "additionalProperties": false, + "properties": { + "compiled_input": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "policy_template": { + "type": "string" + }, + "streams": { + "items": { + "additionalProperties": false, + "properties": { + "compiled_stream": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "data_stream": { + "additionalProperties": false, + "properties": { + "dataset": { + "type": "string" + }, + "elasticsearch": { + "additionalProperties": false, + "properties": { + "dynamic_dataset": { + "type": "boolean" + }, + "dynamic_namespace": { + "type": "boolean" + }, + "privileges": { + "additionalProperties": false, + "properties": { + "indices": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": { + "type": "string" + } + }, + "required": [ + "dataset", + "type" + ], + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "release": { + "enum": [ + "ga", + "beta", + "experimental" + ], + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "enabled", + "data_stream", + "compiled_stream" + ], + "type": "object" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "type", + "enabled", + "streams", + "compiled_input" + ], + "type": "object" + }, + "type": "array" + }, + { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "enabled": { + "description": "enable or disable that input, (default to true)", + "type": "boolean" + }, + "streams": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "enabled": { + "description": "enable or disable that stream, (default to true)", + "type": "boolean" + }, + "vars": { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object" + } + }, + "type": "object" + }, + "description": "Input streams (see integration documentation to know what streams are available)", + "type": "object" + }, + "vars": { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object" + } + }, + "type": "object" + }, + "description": "Package policy inputs (see integration documentation to know what inputs are available)", + "type": "object", + "x-oas-optional": true + } + ] + }, + "is_managed": { + "type": "boolean" + }, + "name": { + "description": "Package policy name (should be unique)", + "type": "string" + }, + "namespace": { + "description": "The package policy namespace. Leave blank to inherit the agent policy's namespace.", + "type": "string" + }, + "output_id": { + "nullable": true, + "type": "string" + }, + "overrides": { + "additionalProperties": false, + "description": "Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "properties": { + "inputs": { + "additionalProperties": {}, + "type": "object" + } + }, + "type": "object" + }, + "package": { + "additionalProperties": false, + "properties": { + "experimental_data_stream_features": { + "items": { + "additionalProperties": false, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": false, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Package name", + "type": "string" + }, + "requires_root": { + "type": "boolean" + }, + "title": { + "type": "string" + }, + "version": { + "description": "Package version", + "type": "string" + } + }, + "required": [ + "name", + "version" + ], + "type": "object" + }, + "policy_id": { + "deprecated": true, + "description": "Agent policy ID where that package policy will be added", + "nullable": true, + "type": "string" + }, + "policy_ids": { + "items": { + "description": "Agent policy IDs where that package policy will be added", + "type": "string" + }, + "type": "array" + }, + "revision": { + "type": "number" + }, + "secret_references": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + "type": "array" + }, + "spaceIds": { + "items": { + "type": "string" + }, + "type": "array" + }, + "updated_at": { + "type": "string" + }, + "updated_by": { + "type": "string" + }, + "vars": { + "anyOf": [ + { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object", + "x-oas-optional": true + } + ] + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "enabled", + "inputs", + "revision", + "updated_at", + "updated_by", + "created_at", + "created_by" + ], + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "description": { + "description": "Package policy description", + "type": "string" + }, + "enabled": { + "type": "boolean" + }, + "errors": { + "items": { + "additionalProperties": false, + "properties": { + "key": { + "type": "string" + }, + "message": { + "type": "string" + } + }, + "required": [ + "message" + ], + "type": "object" + }, + "type": "array" + }, + "force": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inputs": { + "items": { + "additionalProperties": false, + "properties": { + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "policy_template": { + "type": "string" + }, + "streams": { + "items": { + "additionalProperties": false, + "properties": { + "compiled_stream": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "data_stream": { + "additionalProperties": false, + "properties": { + "dataset": { + "type": "string" + }, + "elasticsearch": { + "additionalProperties": false, + "properties": { + "dynamic_dataset": { + "type": "boolean" + }, + "dynamic_namespace": { + "type": "boolean" + }, + "privileges": { + "additionalProperties": false, + "properties": { + "indices": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": { + "type": "string" + } + }, + "required": [ + "dataset", + "type" + ], + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "release": { + "enum": [ + "ga", + "beta", + "experimental" + ], + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "enabled", + "data_stream", + "compiled_stream" + ], + "type": "object" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "type", + "enabled", + "streams" + ], + "type": "object" + }, + "type": "array" + }, + "is_managed": { + "type": "boolean" + }, + "missingVars": { + "items": { + "type": "string" + }, + "type": "array" + }, + "name": { + "description": "Package policy name (should be unique)", + "type": "string" + }, + "namespace": { + "description": "The package policy namespace. Leave blank to inherit the agent policy's namespace.", + "type": "string" + }, + "output_id": { + "nullable": true, + "type": "string" + }, + "overrides": { + "additionalProperties": false, + "description": "Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "properties": { + "inputs": { + "additionalProperties": {}, + "type": "object" + } + }, + "type": "object" + }, + "package": { + "additionalProperties": false, + "properties": { + "experimental_data_stream_features": { + "items": { + "additionalProperties": false, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": false, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Package name", + "type": "string" + }, + "requires_root": { + "type": "boolean" + }, + "title": { + "type": "string" + }, + "version": { + "description": "Package version", + "type": "string" + } + }, + "required": [ + "name", + "version" + ], + "type": "object" + }, + "policy_id": { + "deprecated": true, + "description": "Agent policy ID where that package policy will be added", + "nullable": true, + "type": "string" + }, + "policy_ids": { + "items": { + "description": "Agent policy IDs where that package policy will be added", + "type": "string" + }, + "type": "array" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "name", + "enabled", + "inputs" + ], + "type": "object" + } + ] + }, + "type": "array" + }, + "hasErrors": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "hasErrors" + ], + "type": "object" + }, + "type": "array" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet package policies" + ] + } + }, + "/api/fleet/package_policies/{packagePolicyId}": { + "delete": { + "description": "Delete package policy by ID", + "operationId": "%2Fapi%2Ffleet%2Fpackage_policies%2F%7BpackagePolicyId%7D#2", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "packagePolicyId", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "force", + "required": false, + "schema": { + "type": "boolean" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet package policies" + ] + }, + "get": { + "description": "Get package policy by ID", + "operationId": "%2Fapi%2Ffleet%2Fpackage_policies%2F%7BpackagePolicyId%7D#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "path", + "name": "packagePolicyId", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "format", + "required": false, + "schema": { + "enum": [ + "simplified", + "legacy" + ], + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "agents": { + "type": "number" + }, + "created_at": { + "type": "string" + }, + "created_by": { + "type": "string" + }, + "description": { + "description": "Package policy description", + "type": "string" + }, + "elasticsearch": { + "additionalProperties": true, + "properties": { + "privileges": { + "additionalProperties": true, + "properties": { + "cluster": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inputs": { + "anyOf": [ + { + "items": { + "additionalProperties": false, + "properties": { + "compiled_input": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "policy_template": { + "type": "string" + }, + "streams": { + "items": { + "additionalProperties": false, + "properties": { + "compiled_stream": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "data_stream": { + "additionalProperties": false, + "properties": { + "dataset": { + "type": "string" + }, + "elasticsearch": { + "additionalProperties": false, + "properties": { + "dynamic_dataset": { + "type": "boolean" + }, + "dynamic_namespace": { + "type": "boolean" + }, + "privileges": { + "additionalProperties": false, + "properties": { + "indices": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": { + "type": "string" + } + }, + "required": [ + "dataset", + "type" + ], + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "release": { + "enum": [ + "ga", + "beta", + "experimental" + ], + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "enabled", + "data_stream", + "compiled_stream" + ], + "type": "object" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "type", + "enabled", + "streams", + "compiled_input" + ], + "type": "object" + }, + "type": "array" + }, + { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "enabled": { + "description": "enable or disable that input, (default to true)", + "type": "boolean" + }, + "streams": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "enabled": { + "description": "enable or disable that stream, (default to true)", + "type": "boolean" + }, + "vars": { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object" + } + }, + "type": "object" + }, + "description": "Input streams (see integration documentation to know what streams are available)", + "type": "object" + }, + "vars": { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object" + } + }, + "type": "object" + }, + "description": "Package policy inputs (see integration documentation to know what inputs are available)", + "type": "object", + "x-oas-optional": true + } + ] + }, + "is_managed": { + "type": "boolean" + }, + "name": { + "description": "Package policy name (should be unique)", + "type": "string" + }, + "namespace": { + "description": "The package policy namespace. Leave blank to inherit the agent policy's namespace.", + "type": "string" + }, + "output_id": { + "nullable": true, + "type": "string" + }, + "overrides": { + "additionalProperties": false, + "description": "Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "properties": { + "inputs": { + "additionalProperties": {}, + "type": "object" + } + }, + "type": "object" + }, + "package": { + "additionalProperties": false, + "properties": { + "experimental_data_stream_features": { + "items": { + "additionalProperties": false, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": false, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Package name", + "type": "string" + }, + "requires_root": { + "type": "boolean" + }, + "title": { + "type": "string" + }, + "version": { + "description": "Package version", + "type": "string" + } + }, + "required": [ + "name", + "version" + ], + "type": "object" + }, + "policy_id": { + "deprecated": true, + "description": "Agent policy ID where that package policy will be added", + "nullable": true, + "type": "string" + }, + "policy_ids": { + "items": { + "description": "Agent policy IDs where that package policy will be added", + "type": "string" + }, + "type": "array" + }, + "revision": { + "type": "number" + }, + "secret_references": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + "type": "array" + }, + "spaceIds": { + "items": { + "type": "string" + }, + "type": "array" + }, + "updated_at": { + "type": "string" + }, + "updated_by": { + "type": "string" + }, + "vars": { + "anyOf": [ + { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object", + "x-oas-optional": true + } + ] + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "enabled", + "inputs", + "id", + "revision", + "updated_at", + "updated_by", + "created_at", + "created_by" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + }, + "404": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "message": { + "type": "string" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet package policies" + ] + }, + "put": { + "description": "Update package policy by ID", + "operationId": "%2Fapi%2Ffleet%2Fpackage_policies%2F%7BpackagePolicyId%7D#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "packagePolicyId", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "format", + "required": false, + "schema": { + "enum": [ + "simplified", + "legacy" + ], + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "description": { + "description": "Package policy description", + "type": "string" + }, + "enabled": { + "type": "boolean" + }, + "force": { + "type": "boolean" + }, + "inputs": { + "items": { + "additionalProperties": false, + "properties": { + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "policy_template": { + "type": "string" + }, + "streams": { + "items": { + "additionalProperties": false, + "properties": { + "compiled_stream": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "data_stream": { + "additionalProperties": false, + "properties": { + "dataset": { + "type": "string" + }, + "elasticsearch": { + "additionalProperties": false, + "properties": { + "dynamic_dataset": { + "type": "boolean" + }, + "dynamic_namespace": { + "type": "boolean" + }, + "privileges": { + "additionalProperties": false, + "properties": { + "indices": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": { + "type": "string" + } + }, + "required": [ + "dataset", + "type" + ], + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "release": { + "enum": [ + "ga", + "beta", + "experimental" + ], + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "enabled", + "data_stream", + "compiled_stream" + ], + "type": "object" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "type", + "enabled" + ], + "type": "object" + }, + "type": "array" + }, + "is_managed": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "namespace": { + "description": "The package policy namespace. Leave blank to inherit the agent policy's namespace.", + "type": "string" + }, + "output_id": { + "nullable": true, + "type": "string" + }, + "overrides": { + "additionalProperties": false, + "description": "Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "properties": { + "inputs": { + "additionalProperties": {}, + "type": "object" + } + }, + "type": "object" + }, + "package": { + "additionalProperties": false, + "properties": { + "experimental_data_stream_features": { + "items": { + "additionalProperties": false, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": false, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Package name", + "type": "string" + }, + "requires_root": { + "type": "boolean" + }, + "title": { + "type": "string" + }, + "version": { + "description": "Package version", + "type": "string" + } + }, + "required": [ + "name", + "version" + ], + "type": "object" + }, + "policy_id": { + "deprecated": true, + "description": "Agent policy ID where that package policy will be added", + "nullable": true, + "type": "string" + }, + "policy_ids": { + "items": { + "description": "Agent policy IDs where that package policy will be added", + "type": "string" + }, + "type": "array" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "version": { + "type": "string" + } + }, + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "description": { + "type": "string" + }, + "force": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inputs": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "enabled": { + "description": "enable or disable that input, (default to true)", + "type": "boolean" + }, + "streams": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "enabled": { + "description": "enable or disable that stream, (default to true)", + "type": "boolean" + }, + "vars": { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object" + } + }, + "type": "object" + }, + "description": "Input streams (see integration documentation to know what streams are available)", + "type": "object" + }, + "vars": { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object" + } + }, + "type": "object" + }, + "description": "Package policy inputs (see integration documentation to know what inputs are available)", + "type": "object" + }, + "name": { + "type": "string" + }, + "namespace": { + "type": "string" + }, + "output_id": { + "nullable": true, + "type": "string" + }, + "package": { + "additionalProperties": false, + "properties": { + "experimental_data_stream_features": { + "items": { + "additionalProperties": false, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": false, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Package name", + "type": "string" + }, + "requires_root": { + "type": "boolean" + }, + "title": { + "type": "string" + }, + "version": { + "description": "Package version", + "type": "string" + } + }, + "required": [ + "name", + "version" + ], + "type": "object" + }, + "policy_id": { + "nullable": true, + "type": "string" + }, + "policy_ids": { + "items": { + "type": "string" + }, + "type": "array" + }, + "vars": { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "name", + "package" + ], + "type": "object" + } + ] + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "agents": { + "type": "number" + }, + "created_at": { + "type": "string" + }, + "created_by": { + "type": "string" + }, + "description": { + "description": "Package policy description", + "type": "string" + }, + "elasticsearch": { + "additionalProperties": true, + "properties": { + "privileges": { + "additionalProperties": true, + "properties": { + "cluster": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inputs": { + "anyOf": [ + { + "items": { + "additionalProperties": false, + "properties": { + "compiled_input": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "policy_template": { + "type": "string" + }, + "streams": { + "items": { + "additionalProperties": false, + "properties": { + "compiled_stream": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "data_stream": { + "additionalProperties": false, + "properties": { + "dataset": { + "type": "string" + }, + "elasticsearch": { + "additionalProperties": false, + "properties": { + "dynamic_dataset": { + "type": "boolean" + }, + "dynamic_namespace": { + "type": "boolean" + }, + "privileges": { + "additionalProperties": false, + "properties": { + "indices": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": { + "type": "string" + } + }, + "required": [ + "dataset", + "type" + ], + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "release": { + "enum": [ + "ga", + "beta", + "experimental" + ], + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "enabled", + "data_stream", + "compiled_stream" + ], + "type": "object" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "type", + "enabled", + "streams", + "compiled_input" + ], + "type": "object" + }, + "type": "array" + }, + { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "enabled": { + "description": "enable or disable that input, (default to true)", + "type": "boolean" + }, + "streams": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "enabled": { + "description": "enable or disable that stream, (default to true)", + "type": "boolean" + }, + "vars": { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object" + } + }, + "type": "object" + }, + "description": "Input streams (see integration documentation to know what streams are available)", + "type": "object" + }, + "vars": { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object" + } + }, + "type": "object" + }, + "description": "Package policy inputs (see integration documentation to know what inputs are available)", + "type": "object", + "x-oas-optional": true + } + ] + }, + "is_managed": { + "type": "boolean" + }, + "name": { + "description": "Package policy name (should be unique)", + "type": "string" + }, + "namespace": { + "description": "The package policy namespace. Leave blank to inherit the agent policy's namespace.", + "type": "string" + }, + "output_id": { + "nullable": true, + "type": "string" + }, + "overrides": { + "additionalProperties": false, + "description": "Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "properties": { + "inputs": { + "additionalProperties": {}, + "type": "object" + } + }, + "type": "object" + }, + "package": { + "additionalProperties": false, + "properties": { + "experimental_data_stream_features": { + "items": { + "additionalProperties": false, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": false, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Package name", + "type": "string" + }, + "requires_root": { + "type": "boolean" + }, + "title": { + "type": "string" + }, + "version": { + "description": "Package version", + "type": "string" + } + }, + "required": [ + "name", + "version" + ], + "type": "object" + }, + "policy_id": { + "deprecated": true, + "description": "Agent policy ID where that package policy will be added", + "nullable": true, + "type": "string" + }, + "policy_ids": { + "items": { + "description": "Agent policy IDs where that package policy will be added", + "type": "string" + }, + "type": "array" + }, + "revision": { + "type": "number" + }, + "secret_references": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + "type": "array" + }, + "spaceIds": { + "items": { + "type": "string" + }, + "type": "array" + }, + "updated_at": { + "type": "string" + }, + "updated_by": { + "type": "string" + }, + "vars": { + "anyOf": [ + { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object", + "x-oas-optional": true + } + ] + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "enabled", + "inputs", + "id", + "revision", + "updated_at", + "updated_by", + "created_at", + "created_by" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + }, + "403": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet package policies" + ] + } + }, + "/api/fleet/proxies": { + "get": { + "description": "List proxies", + "operationId": "%2Fapi%2Ffleet%2Fproxies#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "additionalProperties": false, + "properties": { + "certificate": { + "nullable": true, + "type": "string" + }, + "certificate_authorities": { + "nullable": true, + "type": "string" + }, + "certificate_key": { + "nullable": true, + "type": "string" + }, + "id": { + "type": "string" + }, + "is_preconfigured": { + "default": false, + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_headers": { + "additionalProperties": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "boolean" + }, + { + "type": "number" + } + ] + }, + "nullable": true, + "type": "object" + }, + "url": { + "type": "string" + } + }, + "required": [ + "id", + "url", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "page": { + "type": "number" + }, + "perPage": { + "type": "number" + }, + "total": { + "type": "number" + } + }, + "required": [ + "items", + "total", + "page", + "perPage" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet proxies" + ] + }, + "post": { + "description": "Create proxy", + "operationId": "%2Fapi%2Ffleet%2Fproxies#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "certificate": { + "nullable": true, + "type": "string" + }, + "certificate_authorities": { + "nullable": true, + "type": "string" + }, + "certificate_key": { + "nullable": true, + "type": "string" + }, + "id": { + "type": "string" + }, + "is_preconfigured": { + "default": false, + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_headers": { + "additionalProperties": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "boolean" + }, + { + "type": "number" + } + ] + }, + "nullable": true, + "type": "object" + }, + "url": { + "type": "string" + } + }, + "required": [ + "url", + "name" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "certificate": { + "nullable": true, + "type": "string" + }, + "certificate_authorities": { + "nullable": true, + "type": "string" + }, + "certificate_key": { + "nullable": true, + "type": "string" + }, + "id": { + "type": "string" + }, + "is_preconfigured": { + "default": false, + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_headers": { + "additionalProperties": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "boolean" + }, + { + "type": "number" + } + ] + }, + "nullable": true, + "type": "object" + }, + "url": { + "type": "string" + } + }, + "required": [ + "id", + "url", + "name" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet proxies" + ] + } + }, + "/api/fleet/proxies/{itemId}": { + "delete": { + "description": "Delete proxy by ID", + "operationId": "%2Fapi%2Ffleet%2Fproxies%2F%7BitemId%7D#2", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "itemId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet proxies" + ] + }, + "get": { + "description": "Get proxy by ID", + "operationId": "%2Fapi%2Ffleet%2Fproxies%2F%7BitemId%7D#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "path", + "name": "itemId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "certificate": { + "nullable": true, + "type": "string" + }, + "certificate_authorities": { + "nullable": true, + "type": "string" + }, + "certificate_key": { + "nullable": true, + "type": "string" + }, + "id": { + "type": "string" + }, + "is_preconfigured": { + "default": false, + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_headers": { + "additionalProperties": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "boolean" + }, + { + "type": "number" + } + ] + }, + "nullable": true, + "type": "object" + }, + "url": { + "type": "string" + } + }, + "required": [ + "id", + "url", + "name" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet proxies" + ] + }, + "put": { + "description": "Update proxy by ID", + "operationId": "%2Fapi%2Ffleet%2Fproxies%2F%7BitemId%7D#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "itemId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "certificate": { + "nullable": true, + "type": "string" + }, + "certificate_authorities": { + "nullable": true, + "type": "string" + }, + "certificate_key": { + "nullable": true, + "type": "string" + }, + "name": { + "type": "string" + }, + "proxy_headers": { + "additionalProperties": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "boolean" + }, + { + "type": "number" + } + ] + }, + "nullable": true, + "type": "object" + }, + "url": { + "type": "string" + } + }, + "required": [ + "proxy_headers", + "certificate_authorities", + "certificate", + "certificate_key" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "certificate": { + "nullable": true, + "type": "string" + }, + "certificate_authorities": { + "nullable": true, + "type": "string" + }, + "certificate_key": { + "nullable": true, + "type": "string" + }, + "id": { + "type": "string" + }, + "is_preconfigured": { + "default": false, + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_headers": { + "additionalProperties": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "boolean" + }, + { + "type": "number" + } + ] + }, + "nullable": true, + "type": "object" + }, + "url": { + "type": "string" + } + }, + "required": [ + "id", + "url", + "name" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet proxies" + ] + } + }, + "/api/fleet/service-tokens": { + "post": { + "deprecated": true, + "description": "Create a service token", + "operationId": "%2Fapi%2Ffleet%2Fservice-tokens#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "responses": {}, + "summary": "", + "tags": [] + } + }, + "/api/fleet/service_tokens": { + "post": { + "description": "Create a service token", + "operationId": "%2Fapi%2Ffleet%2Fservice_tokens#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "nullable": true, + "properties": { + "remote": { + "default": false, + "type": "boolean" + } + }, + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "name": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet service tokens" + ] + } + }, + "/api/fleet/settings": { + "get": { + "description": "Get settings", + "operationId": "%2Fapi%2Ffleet%2Fsettings#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "fleet_server_hosts": { + "items": { + "type": "string" + }, + "type": "array" + }, + "has_seen_add_data_notice": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "output_secret_storage_requirements_met": { + "type": "boolean" + }, + "preconfigured_fields": { + "items": { + "enum": [ + "fleet_server_hosts" + ], + "type": "string" + }, + "type": "array" + }, + "prerelease_integrations_enabled": { + "type": "boolean" + }, + "secret_storage_requirements_met": { + "type": "boolean" + }, + "use_space_awareness_migration_started_at": { + "type": "string" + }, + "use_space_awareness_migration_status": { + "enum": [ + "pending", + "success", + "error" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "prerelease_integrations_enabled", + "id" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + }, + "404": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "message": { + "type": "string" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet internals" + ] + }, + "put": { + "description": "Update settings", + "operationId": "%2Fapi%2Ffleet%2Fsettings#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "additional_yaml_config": { + "type": "string" + }, + "fleet_server_hosts": { + "items": { + "format": "uri", + "type": "string" + }, + "type": "array" + }, + "has_seen_add_data_notice": { + "type": "boolean" + }, + "kibana_ca_sha256": { + "type": "string" + }, + "kibana_urls": { + "items": { + "format": "uri", + "type": "string" + }, + "type": "array" + }, + "prerelease_integrations_enabled": { + "type": "boolean" + } + }, + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "fleet_server_hosts": { + "items": { + "type": "string" + }, + "type": "array" + }, + "has_seen_add_data_notice": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "output_secret_storage_requirements_met": { + "type": "boolean" + }, + "preconfigured_fields": { + "items": { + "enum": [ + "fleet_server_hosts" + ], + "type": "string" + }, + "type": "array" + }, + "prerelease_integrations_enabled": { + "type": "boolean" + }, + "secret_storage_requirements_met": { + "type": "boolean" + }, + "use_space_awareness_migration_started_at": { + "type": "string" + }, + "use_space_awareness_migration_status": { + "enum": [ + "pending", + "success", + "error" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "prerelease_integrations_enabled", + "id" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + }, + "404": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "message": { + "type": "string" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet internals" + ] + } + }, + "/api/fleet/setup": { + "post": { + "description": "Initiate Fleet setup", + "operationId": "%2Fapi%2Ffleet%2Fsetup#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "A summary of the result of Fleet's `setup` lifecycle. If `isInitialized` is true, Fleet is ready to accept agent enrollment. `nonFatalErrors` may include useful insight into non-blocking issues with Fleet setup.", + "properties": { + "isInitialized": { + "type": "boolean" + }, + "nonFatalErrors": { + "items": { + "additionalProperties": false, + "properties": { + "message": { + "type": "string" + }, + "name": { + "type": "string" + } + }, + "required": [ + "name", + "message" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "isInitialized", + "nonFatalErrors" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + }, + "500": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Internal Server Error", + "properties": { + "message": { + "type": "string" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet internals" + ] + } + }, + "/api/fleet/uninstall_tokens": { + "get": { + "description": "List metadata for latest uninstall tokens per agent policy", + "operationId": "%2Fapi%2Ffleet%2Funinstall_tokens#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "Partial match filtering for policy IDs", + "in": "query", + "name": "policyId", + "required": false, + "schema": { + "maxLength": 50, + "type": "string" + } + }, + { + "in": "query", + "name": "search", + "required": false, + "schema": { + "maxLength": 50, + "type": "string" + } + }, + { + "description": "The number of items to return", + "in": "query", + "name": "perPage", + "required": false, + "schema": { + "minimum": 5, + "type": "number" + } + }, + { + "in": "query", + "name": "page", + "required": false, + "schema": { + "minimum": 1, + "type": "number" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "additionalProperties": false, + "properties": { + "created_at": { + "type": "string" + }, + "id": { + "type": "string" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "policy_id": { + "type": "string" + }, + "policy_name": { + "nullable": true, + "type": "string" + } + }, + "required": [ + "id", + "policy_id", + "created_at" + ], + "type": "object" + }, + "type": "array" + }, + "page": { + "type": "number" + }, + "perPage": { + "type": "number" + }, + "total": { + "type": "number" + } + }, + "required": [ + "items", + "total", + "page", + "perPage" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet uninstall tokens" + ] + } + }, + "/api/fleet/uninstall_tokens/{uninstallTokenId}": { + "get": { + "description": "Get one decrypted uninstall token by its ID", + "operationId": "%2Fapi%2Ffleet%2Funinstall_tokens%2F%7BuninstallTokenId%7D#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "path", + "name": "uninstallTokenId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "created_at": { + "type": "string" + }, + "id": { + "type": "string" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "policy_id": { + "type": "string" + }, + "policy_name": { + "nullable": true, + "type": "string" + }, + "token": { + "type": "string" + } + }, + "required": [ + "id", + "policy_id", + "created_at", + "token" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet uninstall tokens" + ] + } + }, "/api/security/role": { "get": { "operationId": "%2Fapi%2Fsecurity%2Frole#0", @@ -7781,6 +42189,54 @@ { "name": "connectors" }, + { + "name": "Data streams" + }, + { + "name": "Elastic Agent actions" + }, + { + "name": "Elastic Agent binary download sources" + }, + { + "name": "Elastic Agent policies" + }, + { + "name": "Elastic Agent status" + }, + { + "name": "Elastic Agents" + }, + { + "name": "Elastic Package Manager (EPM)" + }, + { + "name": "Fleet enrollment API keys" + }, + { + "name": "Fleet internals" + }, + { + "name": "Fleet outputs" + }, + { + "name": "Fleet package policies" + }, + { + "name": "Fleet proxies" + }, + { + "name": "Fleet Server hosts" + }, + { + "name": "Fleet service tokens" + }, + { + "name": "Fleet uninstall tokens" + }, + { + "name": "Message Signing Service" + }, { "name": "roles" }, diff --git a/oas_docs/bundle.serverless.json b/oas_docs/bundle.serverless.json index c58eef641d6d7..f548497693088 100644 --- a/oas_docs/bundle.serverless.json +++ b/oas_docs/bundle.serverless.json @@ -6263,6 +6263,34414 @@ ] } }, + "/api/fleet/agent-status": { + "get": { + "deprecated": true, + "operationId": "%2Fapi%2Ffleet%2Fagent-status#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "policyId", + "required": false, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "policyIds", + "required": false, + "schema": { + "anyOf": [ + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "type": "string" + } + ] + } + }, + { + "in": "query", + "name": "kuery", + "required": false, + "schema": { + "deprecated": true, + "type": "string" + } + } + ], + "responses": {}, + "summary": "", + "tags": [] + } + }, + "/api/fleet/agent_download_sources": { + "get": { + "description": "List agent binary download sources", + "operationId": "%2Fapi%2Ffleet%2Fagent_download_sources#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "additionalProperties": false, + "properties": { + "host": { + "format": "uri", + "type": "string" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_id": { + "description": "The ID of the proxy to use for this download source. See the proxies API for more information.", + "nullable": true, + "type": "string" + } + }, + "required": [ + "id", + "name", + "host" + ], + "type": "object" + }, + "type": "array" + }, + "page": { + "type": "number" + }, + "perPage": { + "type": "number" + }, + "total": { + "type": "number" + } + }, + "required": [ + "items", + "total", + "page", + "perPage" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent binary download sources" + ] + }, + "post": { + "description": "Create agent binary download source", + "operationId": "%2Fapi%2Ffleet%2Fagent_download_sources#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "host": { + "format": "uri", + "type": "string" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_id": { + "description": "The ID of the proxy to use for this download source. See the proxies API for more information.", + "nullable": true, + "type": "string" + } + }, + "required": [ + "name", + "host" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "host": { + "format": "uri", + "type": "string" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_id": { + "description": "The ID of the proxy to use for this download source. See the proxies API for more information.", + "nullable": true, + "type": "string" + } + }, + "required": [ + "id", + "name", + "host" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent binary download sources" + ] + } + }, + "/api/fleet/agent_download_sources/{sourceId}": { + "delete": { + "description": "Delete agent binary download source by ID", + "operationId": "%2Fapi%2Ffleet%2Fagent_download_sources%2F%7BsourceId%7D#2", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "sourceId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent binary download sources" + ] + }, + "get": { + "description": "Get agent binary download source by ID", + "operationId": "%2Fapi%2Ffleet%2Fagent_download_sources%2F%7BsourceId%7D#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "path", + "name": "sourceId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "host": { + "format": "uri", + "type": "string" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_id": { + "description": "The ID of the proxy to use for this download source. See the proxies API for more information.", + "nullable": true, + "type": "string" + } + }, + "required": [ + "id", + "name", + "host" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent binary download sources" + ] + }, + "put": { + "description": "Update agent binary download source by ID", + "operationId": "%2Fapi%2Ffleet%2Fagent_download_sources%2F%7BsourceId%7D#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "sourceId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "host": { + "format": "uri", + "type": "string" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_id": { + "description": "The ID of the proxy to use for this download source. See the proxies API for more information.", + "nullable": true, + "type": "string" + } + }, + "required": [ + "name", + "host" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "host": { + "format": "uri", + "type": "string" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_id": { + "description": "The ID of the proxy to use for this download source. See the proxies API for more information.", + "nullable": true, + "type": "string" + } + }, + "required": [ + "id", + "name", + "host" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent binary download sources" + ] + } + }, + "/api/fleet/agent_policies": { + "get": { + "description": "List agent policies", + "operationId": "%2Fapi%2Ffleet%2Fagent_policies#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "page", + "required": false, + "schema": { + "type": "number" + } + }, + { + "in": "query", + "name": "perPage", + "required": false, + "schema": { + "type": "number" + } + }, + { + "in": "query", + "name": "sortField", + "required": false, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "sortOrder", + "required": false, + "schema": { + "enum": [ + "desc", + "asc" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "showUpgradeable", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "kuery", + "required": false, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "noAgentCount", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "full", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "format", + "required": false, + "schema": { + "enum": [ + "simplified", + "legacy" + ], + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "additionalProperties": false, + "properties": { + "advanced_settings": { + "additionalProperties": false, + "properties": { + "agent_download_target_directory": { + "nullable": true + }, + "agent_download_timeout": { + "default": "2h", + "nullable": true + }, + "agent_limits_go_max_procs": { + "nullable": true + }, + "agent_logging_level": { + "default": "info", + "nullable": true + }, + "agent_logging_metrics_period": { + "default": "30s", + "nullable": true + } + }, + "type": "object" + }, + "agent_features": { + "items": { + "additionalProperties": false, + "properties": { + "enabled": { + "type": "boolean" + }, + "name": { + "type": "string" + } + }, + "required": [ + "name", + "enabled" + ], + "type": "object" + }, + "type": "array" + }, + "agents": { + "type": "number" + }, + "data_output_id": { + "nullable": true, + "type": "string" + }, + "description": { + "type": "string" + }, + "download_source_id": { + "nullable": true, + "type": "string" + }, + "fleet_server_host_id": { + "nullable": true, + "type": "string" + }, + "global_data_tags": { + "description": "User defined data tags that are added to all of the inputs. The values can be strings or numbers.", + "items": { + "additionalProperties": false, + "properties": { + "name": { + "type": "string" + }, + "value": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "number" + } + ] + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "has_fleet_server": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inactivity_timeout": { + "default": 1209600, + "minimum": 0, + "type": "number" + }, + "is_default": { + "type": "boolean" + }, + "is_default_fleet_server": { + "type": "boolean" + }, + "is_managed": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "is_protected": { + "description": "Indicates whether the agent policy has tamper protection enabled. Default false.", + "type": "boolean" + }, + "keep_monitoring_alive": { + "default": false, + "description": "When set to true, monitoring will be enabled but logs/metrics collection will be disabled", + "nullable": true, + "type": "boolean" + }, + "monitoring_diagnostics": { + "additionalProperties": false, + "properties": { + "limit": { + "additionalProperties": false, + "properties": { + "burst": { + "type": "number" + }, + "interval": { + "type": "string" + } + }, + "type": "object" + }, + "uploader": { + "additionalProperties": false, + "properties": { + "init_dur": { + "type": "string" + }, + "max_dur": { + "type": "string" + }, + "max_retries": { + "type": "number" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "monitoring_enabled": { + "items": { + "enum": [ + "logs", + "metrics", + "traces" + ], + "type": "string" + }, + "type": "array" + }, + "monitoring_http": { + "additionalProperties": false, + "properties": { + "buffer": { + "additionalProperties": false, + "properties": { + "enabled": { + "default": false, + "type": "boolean" + } + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "host": { + "type": "string" + }, + "port": { + "maximum": 65353, + "minimum": 0, + "type": "number" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "monitoring_output_id": { + "nullable": true, + "type": "string" + }, + "monitoring_pprof_enabled": { + "type": "boolean" + }, + "name": { + "minLength": 1, + "type": "string" + }, + "namespace": { + "minLength": 1, + "type": "string" + }, + "overrides": { + "additionalProperties": {}, + "description": "Override settings that are defined in the agent policy. Input settings cannot be overridden. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "type": "object" + }, + "package_policies": { + "anyOf": [ + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "description": "This field is present only when retrieving a single agent policy, or when retrieving a list of agent policies with the ?full=true parameter", + "items": { + "additionalProperties": false, + "properties": { + "created_at": { + "type": "string" + }, + "created_by": { + "type": "string" + }, + "description": { + "description": "Package policy description", + "type": "string" + }, + "elasticsearch": { + "additionalProperties": true, + "properties": { + "privileges": { + "additionalProperties": true, + "properties": { + "cluster": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inputs": { + "items": { + "additionalProperties": false, + "properties": { + "compiled_input": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "policy_template": { + "type": "string" + }, + "streams": { + "items": { + "additionalProperties": false, + "properties": { + "compiled_stream": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "data_stream": { + "additionalProperties": false, + "properties": { + "dataset": { + "type": "string" + }, + "elasticsearch": { + "additionalProperties": false, + "properties": { + "dynamic_dataset": { + "type": "boolean" + }, + "dynamic_namespace": { + "type": "boolean" + }, + "privileges": { + "additionalProperties": false, + "properties": { + "indices": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": { + "type": "string" + } + }, + "required": [ + "dataset", + "type" + ], + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "release": { + "enum": [ + "ga", + "beta", + "experimental" + ], + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "enabled", + "data_stream", + "compiled_stream" + ], + "type": "object" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "type", + "enabled", + "streams", + "compiled_input" + ], + "type": "object" + }, + "type": "array" + }, + "is_managed": { + "type": "boolean" + }, + "name": { + "description": "Package policy name (should be unique)", + "type": "string" + }, + "namespace": { + "description": "The package policy namespace. Leave blank to inherit the agent policy's namespace.", + "type": "string" + }, + "output_id": { + "nullable": true, + "type": "string" + }, + "overrides": { + "additionalProperties": false, + "description": "Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "properties": { + "inputs": { + "additionalProperties": {}, + "type": "object" + } + }, + "type": "object" + }, + "package": { + "additionalProperties": false, + "properties": { + "experimental_data_stream_features": { + "items": { + "additionalProperties": false, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": false, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Package name", + "type": "string" + }, + "requires_root": { + "type": "boolean" + }, + "title": { + "type": "string" + }, + "version": { + "description": "Package version", + "type": "string" + } + }, + "required": [ + "name", + "version" + ], + "type": "object" + }, + "policy_id": { + "deprecated": true, + "description": "Agent policy ID where that package policy will be added", + "nullable": true, + "type": "string" + }, + "policy_ids": { + "items": { + "description": "Agent policy IDs where that package policy will be added", + "type": "string" + }, + "type": "array" + }, + "revision": { + "type": "number" + }, + "secret_references": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + "type": "array" + }, + "updated_at": { + "type": "string" + }, + "updated_by": { + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "enabled", + "inputs", + "id", + "revision", + "updated_at", + "updated_by", + "created_at", + "created_by" + ], + "type": "object" + }, + "type": "array" + } + ] + }, + "revision": { + "type": "number" + }, + "schema_version": { + "type": "string" + }, + "space_ids": { + "items": { + "type": "string" + }, + "type": "array" + }, + "status": { + "enum": [ + "active", + "inactive" + ], + "type": "string" + }, + "supports_agentless": { + "default": false, + "description": "Indicates whether the agent policy supports agentless integrations.", + "nullable": true, + "type": "boolean" + }, + "unenroll_timeout": { + "minimum": 0, + "type": "number" + }, + "unprivileged_agents": { + "type": "number" + }, + "updated_at": { + "type": "string" + }, + "updated_by": { + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "name", + "namespace", + "is_managed", + "is_protected", + "status", + "updated_at", + "updated_by", + "revision" + ], + "type": "object" + }, + "type": "array" + }, + "page": { + "type": "number" + }, + "perPage": { + "type": "number" + }, + "total": { + "type": "number" + } + }, + "required": [ + "items", + "total", + "page", + "perPage" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent policies" + ] + }, + "post": { + "description": "Create an agent policy", + "operationId": "%2Fapi%2Ffleet%2Fagent_policies#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "query", + "name": "sys_monitoring", + "required": false, + "schema": { + "type": "boolean" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "advanced_settings": { + "additionalProperties": false, + "properties": { + "agent_download_target_directory": { + "nullable": true + }, + "agent_download_timeout": { + "default": "2h", + "nullable": true + }, + "agent_limits_go_max_procs": { + "nullable": true + }, + "agent_logging_level": { + "default": "info", + "nullable": true + }, + "agent_logging_metrics_period": { + "default": "30s", + "nullable": true + } + }, + "type": "object" + }, + "agent_features": { + "items": { + "additionalProperties": false, + "properties": { + "enabled": { + "type": "boolean" + }, + "name": { + "type": "string" + } + }, + "required": [ + "name", + "enabled" + ], + "type": "object" + }, + "type": "array" + }, + "data_output_id": { + "nullable": true, + "type": "string" + }, + "description": { + "type": "string" + }, + "download_source_id": { + "nullable": true, + "type": "string" + }, + "fleet_server_host_id": { + "nullable": true, + "type": "string" + }, + "force": { + "type": "boolean" + }, + "global_data_tags": { + "description": "User defined data tags that are added to all of the inputs. The values can be strings or numbers.", + "items": { + "additionalProperties": false, + "properties": { + "name": { + "type": "string" + }, + "value": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "number" + } + ] + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "has_fleet_server": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inactivity_timeout": { + "default": 1209600, + "minimum": 0, + "type": "number" + }, + "is_default": { + "type": "boolean" + }, + "is_default_fleet_server": { + "type": "boolean" + }, + "is_managed": { + "type": "boolean" + }, + "is_protected": { + "type": "boolean" + }, + "keep_monitoring_alive": { + "default": false, + "description": "When set to true, monitoring will be enabled but logs/metrics collection will be disabled", + "nullable": true, + "type": "boolean" + }, + "monitoring_diagnostics": { + "additionalProperties": false, + "properties": { + "limit": { + "additionalProperties": false, + "properties": { + "burst": { + "type": "number" + }, + "interval": { + "type": "string" + } + }, + "type": "object" + }, + "uploader": { + "additionalProperties": false, + "properties": { + "init_dur": { + "type": "string" + }, + "max_dur": { + "type": "string" + }, + "max_retries": { + "type": "number" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "monitoring_enabled": { + "items": { + "enum": [ + "logs", + "metrics", + "traces" + ], + "type": "string" + }, + "type": "array" + }, + "monitoring_http": { + "additionalProperties": false, + "properties": { + "buffer": { + "additionalProperties": false, + "properties": { + "enabled": { + "default": false, + "type": "boolean" + } + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "host": { + "type": "string" + }, + "port": { + "maximum": 65353, + "minimum": 0, + "type": "number" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "monitoring_output_id": { + "nullable": true, + "type": "string" + }, + "monitoring_pprof_enabled": { + "type": "boolean" + }, + "name": { + "minLength": 1, + "type": "string" + }, + "namespace": { + "minLength": 1, + "type": "string" + }, + "overrides": { + "additionalProperties": {}, + "description": "Override settings that are defined in the agent policy. Input settings cannot be overridden. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "type": "object" + }, + "space_ids": { + "items": { + "type": "string" + }, + "type": "array" + }, + "supports_agentless": { + "default": false, + "description": "Indicates whether the agent policy supports agentless integrations.", + "nullable": true, + "type": "boolean" + }, + "unenroll_timeout": { + "minimum": 0, + "type": "number" + } + }, + "required": [ + "name", + "namespace" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "advanced_settings": { + "additionalProperties": false, + "properties": { + "agent_download_target_directory": { + "nullable": true + }, + "agent_download_timeout": { + "default": "2h", + "nullable": true + }, + "agent_limits_go_max_procs": { + "nullable": true + }, + "agent_logging_level": { + "default": "info", + "nullable": true + }, + "agent_logging_metrics_period": { + "default": "30s", + "nullable": true + } + }, + "type": "object" + }, + "agent_features": { + "items": { + "additionalProperties": false, + "properties": { + "enabled": { + "type": "boolean" + }, + "name": { + "type": "string" + } + }, + "required": [ + "name", + "enabled" + ], + "type": "object" + }, + "type": "array" + }, + "agents": { + "type": "number" + }, + "data_output_id": { + "nullable": true, + "type": "string" + }, + "description": { + "type": "string" + }, + "download_source_id": { + "nullable": true, + "type": "string" + }, + "fleet_server_host_id": { + "nullable": true, + "type": "string" + }, + "global_data_tags": { + "description": "User defined data tags that are added to all of the inputs. The values can be strings or numbers.", + "items": { + "additionalProperties": false, + "properties": { + "name": { + "type": "string" + }, + "value": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "number" + } + ] + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "has_fleet_server": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inactivity_timeout": { + "default": 1209600, + "minimum": 0, + "type": "number" + }, + "is_default": { + "type": "boolean" + }, + "is_default_fleet_server": { + "type": "boolean" + }, + "is_managed": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "is_protected": { + "description": "Indicates whether the agent policy has tamper protection enabled. Default false.", + "type": "boolean" + }, + "keep_monitoring_alive": { + "default": false, + "description": "When set to true, monitoring will be enabled but logs/metrics collection will be disabled", + "nullable": true, + "type": "boolean" + }, + "monitoring_diagnostics": { + "additionalProperties": false, + "properties": { + "limit": { + "additionalProperties": false, + "properties": { + "burst": { + "type": "number" + }, + "interval": { + "type": "string" + } + }, + "type": "object" + }, + "uploader": { + "additionalProperties": false, + "properties": { + "init_dur": { + "type": "string" + }, + "max_dur": { + "type": "string" + }, + "max_retries": { + "type": "number" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "monitoring_enabled": { + "items": { + "enum": [ + "logs", + "metrics", + "traces" + ], + "type": "string" + }, + "type": "array" + }, + "monitoring_http": { + "additionalProperties": false, + "properties": { + "buffer": { + "additionalProperties": false, + "properties": { + "enabled": { + "default": false, + "type": "boolean" + } + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "host": { + "type": "string" + }, + "port": { + "maximum": 65353, + "minimum": 0, + "type": "number" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "monitoring_output_id": { + "nullable": true, + "type": "string" + }, + "monitoring_pprof_enabled": { + "type": "boolean" + }, + "name": { + "minLength": 1, + "type": "string" + }, + "namespace": { + "minLength": 1, + "type": "string" + }, + "overrides": { + "additionalProperties": {}, + "description": "Override settings that are defined in the agent policy. Input settings cannot be overridden. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "type": "object" + }, + "package_policies": { + "anyOf": [ + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "description": "This field is present only when retrieving a single agent policy, or when retrieving a list of agent policies with the ?full=true parameter", + "items": { + "additionalProperties": false, + "properties": { + "created_at": { + "type": "string" + }, + "created_by": { + "type": "string" + }, + "description": { + "description": "Package policy description", + "type": "string" + }, + "elasticsearch": { + "additionalProperties": true, + "properties": { + "privileges": { + "additionalProperties": true, + "properties": { + "cluster": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inputs": { + "items": { + "additionalProperties": false, + "properties": { + "compiled_input": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "policy_template": { + "type": "string" + }, + "streams": { + "items": { + "additionalProperties": false, + "properties": { + "compiled_stream": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "data_stream": { + "additionalProperties": false, + "properties": { + "dataset": { + "type": "string" + }, + "elasticsearch": { + "additionalProperties": false, + "properties": { + "dynamic_dataset": { + "type": "boolean" + }, + "dynamic_namespace": { + "type": "boolean" + }, + "privileges": { + "additionalProperties": false, + "properties": { + "indices": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": { + "type": "string" + } + }, + "required": [ + "dataset", + "type" + ], + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "release": { + "enum": [ + "ga", + "beta", + "experimental" + ], + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "enabled", + "data_stream", + "compiled_stream" + ], + "type": "object" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "type", + "enabled", + "streams", + "compiled_input" + ], + "type": "object" + }, + "type": "array" + }, + "is_managed": { + "type": "boolean" + }, + "name": { + "description": "Package policy name (should be unique)", + "type": "string" + }, + "namespace": { + "description": "The package policy namespace. Leave blank to inherit the agent policy's namespace.", + "type": "string" + }, + "output_id": { + "nullable": true, + "type": "string" + }, + "overrides": { + "additionalProperties": false, + "description": "Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "properties": { + "inputs": { + "additionalProperties": {}, + "type": "object" + } + }, + "type": "object" + }, + "package": { + "additionalProperties": false, + "properties": { + "experimental_data_stream_features": { + "items": { + "additionalProperties": false, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": false, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Package name", + "type": "string" + }, + "requires_root": { + "type": "boolean" + }, + "title": { + "type": "string" + }, + "version": { + "description": "Package version", + "type": "string" + } + }, + "required": [ + "name", + "version" + ], + "type": "object" + }, + "policy_id": { + "deprecated": true, + "description": "Agent policy ID where that package policy will be added", + "nullable": true, + "type": "string" + }, + "policy_ids": { + "items": { + "description": "Agent policy IDs where that package policy will be added", + "type": "string" + }, + "type": "array" + }, + "revision": { + "type": "number" + }, + "secret_references": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + "type": "array" + }, + "updated_at": { + "type": "string" + }, + "updated_by": { + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "enabled", + "inputs", + "id", + "revision", + "updated_at", + "updated_by", + "created_at", + "created_by" + ], + "type": "object" + }, + "type": "array" + } + ] + }, + "revision": { + "type": "number" + }, + "schema_version": { + "type": "string" + }, + "space_ids": { + "items": { + "type": "string" + }, + "type": "array" + }, + "status": { + "enum": [ + "active", + "inactive" + ], + "type": "string" + }, + "supports_agentless": { + "default": false, + "description": "Indicates whether the agent policy supports agentless integrations.", + "nullable": true, + "type": "boolean" + }, + "unenroll_timeout": { + "minimum": 0, + "type": "number" + }, + "unprivileged_agents": { + "type": "number" + }, + "updated_at": { + "type": "string" + }, + "updated_by": { + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "name", + "namespace", + "is_managed", + "is_protected", + "status", + "updated_at", + "updated_by", + "revision" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent policies" + ] + } + }, + "/api/fleet/agent_policies/_bulk_get": { + "post": { + "description": "Bulk get agent policies", + "operationId": "%2Fapi%2Ffleet%2Fagent_policies%2F_bulk_get#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "query", + "name": "format", + "required": false, + "schema": { + "enum": [ + "simplified", + "legacy" + ], + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "full": { + "description": "get full policies with package policies populated", + "type": "boolean" + }, + "ids": { + "description": "list of package policy ids", + "items": { + "type": "string" + }, + "type": "array" + }, + "ignoreMissing": { + "type": "boolean" + } + }, + "required": [ + "ids" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "additionalProperties": false, + "properties": { + "advanced_settings": { + "additionalProperties": false, + "properties": { + "agent_download_target_directory": { + "nullable": true + }, + "agent_download_timeout": { + "default": "2h", + "nullable": true + }, + "agent_limits_go_max_procs": { + "nullable": true + }, + "agent_logging_level": { + "default": "info", + "nullable": true + }, + "agent_logging_metrics_period": { + "default": "30s", + "nullable": true + } + }, + "type": "object" + }, + "agent_features": { + "items": { + "additionalProperties": false, + "properties": { + "enabled": { + "type": "boolean" + }, + "name": { + "type": "string" + } + }, + "required": [ + "name", + "enabled" + ], + "type": "object" + }, + "type": "array" + }, + "agents": { + "type": "number" + }, + "data_output_id": { + "nullable": true, + "type": "string" + }, + "description": { + "type": "string" + }, + "download_source_id": { + "nullable": true, + "type": "string" + }, + "fleet_server_host_id": { + "nullable": true, + "type": "string" + }, + "global_data_tags": { + "description": "User defined data tags that are added to all of the inputs. The values can be strings or numbers.", + "items": { + "additionalProperties": false, + "properties": { + "name": { + "type": "string" + }, + "value": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "number" + } + ] + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "has_fleet_server": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inactivity_timeout": { + "default": 1209600, + "minimum": 0, + "type": "number" + }, + "is_default": { + "type": "boolean" + }, + "is_default_fleet_server": { + "type": "boolean" + }, + "is_managed": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "is_protected": { + "description": "Indicates whether the agent policy has tamper protection enabled. Default false.", + "type": "boolean" + }, + "keep_monitoring_alive": { + "default": false, + "description": "When set to true, monitoring will be enabled but logs/metrics collection will be disabled", + "nullable": true, + "type": "boolean" + }, + "monitoring_diagnostics": { + "additionalProperties": false, + "properties": { + "limit": { + "additionalProperties": false, + "properties": { + "burst": { + "type": "number" + }, + "interval": { + "type": "string" + } + }, + "type": "object" + }, + "uploader": { + "additionalProperties": false, + "properties": { + "init_dur": { + "type": "string" + }, + "max_dur": { + "type": "string" + }, + "max_retries": { + "type": "number" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "monitoring_enabled": { + "items": { + "enum": [ + "logs", + "metrics", + "traces" + ], + "type": "string" + }, + "type": "array" + }, + "monitoring_http": { + "additionalProperties": false, + "properties": { + "buffer": { + "additionalProperties": false, + "properties": { + "enabled": { + "default": false, + "type": "boolean" + } + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "host": { + "type": "string" + }, + "port": { + "maximum": 65353, + "minimum": 0, + "type": "number" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "monitoring_output_id": { + "nullable": true, + "type": "string" + }, + "monitoring_pprof_enabled": { + "type": "boolean" + }, + "name": { + "minLength": 1, + "type": "string" + }, + "namespace": { + "minLength": 1, + "type": "string" + }, + "overrides": { + "additionalProperties": {}, + "description": "Override settings that are defined in the agent policy. Input settings cannot be overridden. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "type": "object" + }, + "package_policies": { + "anyOf": [ + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "description": "This field is present only when retrieving a single agent policy, or when retrieving a list of agent policies with the ?full=true parameter", + "items": { + "additionalProperties": false, + "properties": { + "created_at": { + "type": "string" + }, + "created_by": { + "type": "string" + }, + "description": { + "description": "Package policy description", + "type": "string" + }, + "elasticsearch": { + "additionalProperties": true, + "properties": { + "privileges": { + "additionalProperties": true, + "properties": { + "cluster": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inputs": { + "items": { + "additionalProperties": false, + "properties": { + "compiled_input": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "policy_template": { + "type": "string" + }, + "streams": { + "items": { + "additionalProperties": false, + "properties": { + "compiled_stream": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "data_stream": { + "additionalProperties": false, + "properties": { + "dataset": { + "type": "string" + }, + "elasticsearch": { + "additionalProperties": false, + "properties": { + "dynamic_dataset": { + "type": "boolean" + }, + "dynamic_namespace": { + "type": "boolean" + }, + "privileges": { + "additionalProperties": false, + "properties": { + "indices": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": { + "type": "string" + } + }, + "required": [ + "dataset", + "type" + ], + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "release": { + "enum": [ + "ga", + "beta", + "experimental" + ], + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "enabled", + "data_stream", + "compiled_stream" + ], + "type": "object" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "type", + "enabled", + "streams", + "compiled_input" + ], + "type": "object" + }, + "type": "array" + }, + "is_managed": { + "type": "boolean" + }, + "name": { + "description": "Package policy name (should be unique)", + "type": "string" + }, + "namespace": { + "description": "The package policy namespace. Leave blank to inherit the agent policy's namespace.", + "type": "string" + }, + "output_id": { + "nullable": true, + "type": "string" + }, + "overrides": { + "additionalProperties": false, + "description": "Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "properties": { + "inputs": { + "additionalProperties": {}, + "type": "object" + } + }, + "type": "object" + }, + "package": { + "additionalProperties": false, + "properties": { + "experimental_data_stream_features": { + "items": { + "additionalProperties": false, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": false, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Package name", + "type": "string" + }, + "requires_root": { + "type": "boolean" + }, + "title": { + "type": "string" + }, + "version": { + "description": "Package version", + "type": "string" + } + }, + "required": [ + "name", + "version" + ], + "type": "object" + }, + "policy_id": { + "deprecated": true, + "description": "Agent policy ID where that package policy will be added", + "nullable": true, + "type": "string" + }, + "policy_ids": { + "items": { + "description": "Agent policy IDs where that package policy will be added", + "type": "string" + }, + "type": "array" + }, + "revision": { + "type": "number" + }, + "secret_references": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + "type": "array" + }, + "updated_at": { + "type": "string" + }, + "updated_by": { + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "enabled", + "inputs", + "id", + "revision", + "updated_at", + "updated_by", + "created_at", + "created_by" + ], + "type": "object" + }, + "type": "array" + } + ] + }, + "revision": { + "type": "number" + }, + "schema_version": { + "type": "string" + }, + "space_ids": { + "items": { + "type": "string" + }, + "type": "array" + }, + "status": { + "enum": [ + "active", + "inactive" + ], + "type": "string" + }, + "supports_agentless": { + "default": false, + "description": "Indicates whether the agent policy supports agentless integrations.", + "nullable": true, + "type": "boolean" + }, + "unenroll_timeout": { + "minimum": 0, + "type": "number" + }, + "unprivileged_agents": { + "type": "number" + }, + "updated_at": { + "type": "string" + }, + "updated_by": { + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "name", + "namespace", + "is_managed", + "is_protected", + "status", + "updated_at", + "updated_by", + "revision" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "items" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent policies" + ] + } + }, + "/api/fleet/agent_policies/delete": { + "post": { + "description": "Delete agent policy by ID", + "operationId": "%2Fapi%2Ffleet%2Fagent_policies%2Fdelete#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "agentPolicyId": { + "type": "string" + }, + "force": { + "description": "bypass validation checks that can prevent agent policy deletion", + "type": "boolean" + } + }, + "required": [ + "agentPolicyId" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "name": { + "type": "string" + } + }, + "required": [ + "id", + "name" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent policies" + ] + } + }, + "/api/fleet/agent_policies/{agentPolicyId}": { + "get": { + "description": "Get an agent policy by ID", + "operationId": "%2Fapi%2Ffleet%2Fagent_policies%2F%7BagentPolicyId%7D#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "path", + "name": "agentPolicyId", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "format", + "required": false, + "schema": { + "enum": [ + "simplified", + "legacy" + ], + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "advanced_settings": { + "additionalProperties": false, + "properties": { + "agent_download_target_directory": { + "nullable": true + }, + "agent_download_timeout": { + "default": "2h", + "nullable": true + }, + "agent_limits_go_max_procs": { + "nullable": true + }, + "agent_logging_level": { + "default": "info", + "nullable": true + }, + "agent_logging_metrics_period": { + "default": "30s", + "nullable": true + } + }, + "type": "object" + }, + "agent_features": { + "items": { + "additionalProperties": false, + "properties": { + "enabled": { + "type": "boolean" + }, + "name": { + "type": "string" + } + }, + "required": [ + "name", + "enabled" + ], + "type": "object" + }, + "type": "array" + }, + "agents": { + "type": "number" + }, + "data_output_id": { + "nullable": true, + "type": "string" + }, + "description": { + "type": "string" + }, + "download_source_id": { + "nullable": true, + "type": "string" + }, + "fleet_server_host_id": { + "nullable": true, + "type": "string" + }, + "global_data_tags": { + "description": "User defined data tags that are added to all of the inputs. The values can be strings or numbers.", + "items": { + "additionalProperties": false, + "properties": { + "name": { + "type": "string" + }, + "value": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "number" + } + ] + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "has_fleet_server": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inactivity_timeout": { + "default": 1209600, + "minimum": 0, + "type": "number" + }, + "is_default": { + "type": "boolean" + }, + "is_default_fleet_server": { + "type": "boolean" + }, + "is_managed": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "is_protected": { + "description": "Indicates whether the agent policy has tamper protection enabled. Default false.", + "type": "boolean" + }, + "keep_monitoring_alive": { + "default": false, + "description": "When set to true, monitoring will be enabled but logs/metrics collection will be disabled", + "nullable": true, + "type": "boolean" + }, + "monitoring_diagnostics": { + "additionalProperties": false, + "properties": { + "limit": { + "additionalProperties": false, + "properties": { + "burst": { + "type": "number" + }, + "interval": { + "type": "string" + } + }, + "type": "object" + }, + "uploader": { + "additionalProperties": false, + "properties": { + "init_dur": { + "type": "string" + }, + "max_dur": { + "type": "string" + }, + "max_retries": { + "type": "number" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "monitoring_enabled": { + "items": { + "enum": [ + "logs", + "metrics", + "traces" + ], + "type": "string" + }, + "type": "array" + }, + "monitoring_http": { + "additionalProperties": false, + "properties": { + "buffer": { + "additionalProperties": false, + "properties": { + "enabled": { + "default": false, + "type": "boolean" + } + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "host": { + "type": "string" + }, + "port": { + "maximum": 65353, + "minimum": 0, + "type": "number" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "monitoring_output_id": { + "nullable": true, + "type": "string" + }, + "monitoring_pprof_enabled": { + "type": "boolean" + }, + "name": { + "minLength": 1, + "type": "string" + }, + "namespace": { + "minLength": 1, + "type": "string" + }, + "overrides": { + "additionalProperties": {}, + "description": "Override settings that are defined in the agent policy. Input settings cannot be overridden. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "type": "object" + }, + "package_policies": { + "anyOf": [ + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "description": "This field is present only when retrieving a single agent policy, or when retrieving a list of agent policies with the ?full=true parameter", + "items": { + "additionalProperties": false, + "properties": { + "created_at": { + "type": "string" + }, + "created_by": { + "type": "string" + }, + "description": { + "description": "Package policy description", + "type": "string" + }, + "elasticsearch": { + "additionalProperties": true, + "properties": { + "privileges": { + "additionalProperties": true, + "properties": { + "cluster": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inputs": { + "items": { + "additionalProperties": false, + "properties": { + "compiled_input": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "policy_template": { + "type": "string" + }, + "streams": { + "items": { + "additionalProperties": false, + "properties": { + "compiled_stream": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "data_stream": { + "additionalProperties": false, + "properties": { + "dataset": { + "type": "string" + }, + "elasticsearch": { + "additionalProperties": false, + "properties": { + "dynamic_dataset": { + "type": "boolean" + }, + "dynamic_namespace": { + "type": "boolean" + }, + "privileges": { + "additionalProperties": false, + "properties": { + "indices": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": { + "type": "string" + } + }, + "required": [ + "dataset", + "type" + ], + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "release": { + "enum": [ + "ga", + "beta", + "experimental" + ], + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "enabled", + "data_stream", + "compiled_stream" + ], + "type": "object" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "type", + "enabled", + "streams", + "compiled_input" + ], + "type": "object" + }, + "type": "array" + }, + "is_managed": { + "type": "boolean" + }, + "name": { + "description": "Package policy name (should be unique)", + "type": "string" + }, + "namespace": { + "description": "The package policy namespace. Leave blank to inherit the agent policy's namespace.", + "type": "string" + }, + "output_id": { + "nullable": true, + "type": "string" + }, + "overrides": { + "additionalProperties": false, + "description": "Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "properties": { + "inputs": { + "additionalProperties": {}, + "type": "object" + } + }, + "type": "object" + }, + "package": { + "additionalProperties": false, + "properties": { + "experimental_data_stream_features": { + "items": { + "additionalProperties": false, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": false, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Package name", + "type": "string" + }, + "requires_root": { + "type": "boolean" + }, + "title": { + "type": "string" + }, + "version": { + "description": "Package version", + "type": "string" + } + }, + "required": [ + "name", + "version" + ], + "type": "object" + }, + "policy_id": { + "deprecated": true, + "description": "Agent policy ID where that package policy will be added", + "nullable": true, + "type": "string" + }, + "policy_ids": { + "items": { + "description": "Agent policy IDs where that package policy will be added", + "type": "string" + }, + "type": "array" + }, + "revision": { + "type": "number" + }, + "secret_references": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + "type": "array" + }, + "updated_at": { + "type": "string" + }, + "updated_by": { + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "enabled", + "inputs", + "id", + "revision", + "updated_at", + "updated_by", + "created_at", + "created_by" + ], + "type": "object" + }, + "type": "array" + } + ] + }, + "revision": { + "type": "number" + }, + "schema_version": { + "type": "string" + }, + "space_ids": { + "items": { + "type": "string" + }, + "type": "array" + }, + "status": { + "enum": [ + "active", + "inactive" + ], + "type": "string" + }, + "supports_agentless": { + "default": false, + "description": "Indicates whether the agent policy supports agentless integrations.", + "nullable": true, + "type": "boolean" + }, + "unenroll_timeout": { + "minimum": 0, + "type": "number" + }, + "unprivileged_agents": { + "type": "number" + }, + "updated_at": { + "type": "string" + }, + "updated_by": { + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "name", + "namespace", + "is_managed", + "is_protected", + "status", + "updated_at", + "updated_by", + "revision" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent policies" + ] + }, + "put": { + "description": "Update an agent policy by ID", + "operationId": "%2Fapi%2Ffleet%2Fagent_policies%2F%7BagentPolicyId%7D#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "agentPolicyId", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "format", + "required": false, + "schema": { + "enum": [ + "simplified", + "legacy" + ], + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "advanced_settings": { + "additionalProperties": false, + "properties": { + "agent_download_target_directory": { + "nullable": true + }, + "agent_download_timeout": { + "default": "2h", + "nullable": true + }, + "agent_limits_go_max_procs": { + "nullable": true + }, + "agent_logging_level": { + "default": "info", + "nullable": true + }, + "agent_logging_metrics_period": { + "default": "30s", + "nullable": true + } + }, + "type": "object" + }, + "agent_features": { + "items": { + "additionalProperties": false, + "properties": { + "enabled": { + "type": "boolean" + }, + "name": { + "type": "string" + } + }, + "required": [ + "name", + "enabled" + ], + "type": "object" + }, + "type": "array" + }, + "data_output_id": { + "nullable": true, + "type": "string" + }, + "description": { + "type": "string" + }, + "download_source_id": { + "nullable": true, + "type": "string" + }, + "fleet_server_host_id": { + "nullable": true, + "type": "string" + }, + "force": { + "type": "boolean" + }, + "global_data_tags": { + "description": "User defined data tags that are added to all of the inputs. The values can be strings or numbers.", + "items": { + "additionalProperties": false, + "properties": { + "name": { + "type": "string" + }, + "value": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "number" + } + ] + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "has_fleet_server": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inactivity_timeout": { + "default": 1209600, + "minimum": 0, + "type": "number" + }, + "is_default": { + "type": "boolean" + }, + "is_default_fleet_server": { + "type": "boolean" + }, + "is_managed": { + "type": "boolean" + }, + "is_protected": { + "type": "boolean" + }, + "keep_monitoring_alive": { + "default": false, + "description": "When set to true, monitoring will be enabled but logs/metrics collection will be disabled", + "nullable": true, + "type": "boolean" + }, + "monitoring_diagnostics": { + "additionalProperties": false, + "properties": { + "limit": { + "additionalProperties": false, + "properties": { + "burst": { + "type": "number" + }, + "interval": { + "type": "string" + } + }, + "type": "object" + }, + "uploader": { + "additionalProperties": false, + "properties": { + "init_dur": { + "type": "string" + }, + "max_dur": { + "type": "string" + }, + "max_retries": { + "type": "number" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "monitoring_enabled": { + "items": { + "enum": [ + "logs", + "metrics", + "traces" + ], + "type": "string" + }, + "type": "array" + }, + "monitoring_http": { + "additionalProperties": false, + "properties": { + "buffer": { + "additionalProperties": false, + "properties": { + "enabled": { + "default": false, + "type": "boolean" + } + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "host": { + "type": "string" + }, + "port": { + "maximum": 65353, + "minimum": 0, + "type": "number" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "monitoring_output_id": { + "nullable": true, + "type": "string" + }, + "monitoring_pprof_enabled": { + "type": "boolean" + }, + "name": { + "minLength": 1, + "type": "string" + }, + "namespace": { + "minLength": 1, + "type": "string" + }, + "overrides": { + "additionalProperties": {}, + "description": "Override settings that are defined in the agent policy. Input settings cannot be overridden. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "type": "object" + }, + "space_ids": { + "items": { + "type": "string" + }, + "type": "array" + }, + "supports_agentless": { + "default": false, + "description": "Indicates whether the agent policy supports agentless integrations.", + "nullable": true, + "type": "boolean" + }, + "unenroll_timeout": { + "minimum": 0, + "type": "number" + } + }, + "required": [ + "name", + "namespace" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "advanced_settings": { + "additionalProperties": false, + "properties": { + "agent_download_target_directory": { + "nullable": true + }, + "agent_download_timeout": { + "default": "2h", + "nullable": true + }, + "agent_limits_go_max_procs": { + "nullable": true + }, + "agent_logging_level": { + "default": "info", + "nullable": true + }, + "agent_logging_metrics_period": { + "default": "30s", + "nullable": true + } + }, + "type": "object" + }, + "agent_features": { + "items": { + "additionalProperties": false, + "properties": { + "enabled": { + "type": "boolean" + }, + "name": { + "type": "string" + } + }, + "required": [ + "name", + "enabled" + ], + "type": "object" + }, + "type": "array" + }, + "agents": { + "type": "number" + }, + "data_output_id": { + "nullable": true, + "type": "string" + }, + "description": { + "type": "string" + }, + "download_source_id": { + "nullable": true, + "type": "string" + }, + "fleet_server_host_id": { + "nullable": true, + "type": "string" + }, + "global_data_tags": { + "description": "User defined data tags that are added to all of the inputs. The values can be strings or numbers.", + "items": { + "additionalProperties": false, + "properties": { + "name": { + "type": "string" + }, + "value": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "number" + } + ] + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "has_fleet_server": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inactivity_timeout": { + "default": 1209600, + "minimum": 0, + "type": "number" + }, + "is_default": { + "type": "boolean" + }, + "is_default_fleet_server": { + "type": "boolean" + }, + "is_managed": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "is_protected": { + "description": "Indicates whether the agent policy has tamper protection enabled. Default false.", + "type": "boolean" + }, + "keep_monitoring_alive": { + "default": false, + "description": "When set to true, monitoring will be enabled but logs/metrics collection will be disabled", + "nullable": true, + "type": "boolean" + }, + "monitoring_diagnostics": { + "additionalProperties": false, + "properties": { + "limit": { + "additionalProperties": false, + "properties": { + "burst": { + "type": "number" + }, + "interval": { + "type": "string" + } + }, + "type": "object" + }, + "uploader": { + "additionalProperties": false, + "properties": { + "init_dur": { + "type": "string" + }, + "max_dur": { + "type": "string" + }, + "max_retries": { + "type": "number" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "monitoring_enabled": { + "items": { + "enum": [ + "logs", + "metrics", + "traces" + ], + "type": "string" + }, + "type": "array" + }, + "monitoring_http": { + "additionalProperties": false, + "properties": { + "buffer": { + "additionalProperties": false, + "properties": { + "enabled": { + "default": false, + "type": "boolean" + } + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "host": { + "type": "string" + }, + "port": { + "maximum": 65353, + "minimum": 0, + "type": "number" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "monitoring_output_id": { + "nullable": true, + "type": "string" + }, + "monitoring_pprof_enabled": { + "type": "boolean" + }, + "name": { + "minLength": 1, + "type": "string" + }, + "namespace": { + "minLength": 1, + "type": "string" + }, + "overrides": { + "additionalProperties": {}, + "description": "Override settings that are defined in the agent policy. Input settings cannot be overridden. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "type": "object" + }, + "package_policies": { + "anyOf": [ + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "description": "This field is present only when retrieving a single agent policy, or when retrieving a list of agent policies with the ?full=true parameter", + "items": { + "additionalProperties": false, + "properties": { + "created_at": { + "type": "string" + }, + "created_by": { + "type": "string" + }, + "description": { + "description": "Package policy description", + "type": "string" + }, + "elasticsearch": { + "additionalProperties": true, + "properties": { + "privileges": { + "additionalProperties": true, + "properties": { + "cluster": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inputs": { + "items": { + "additionalProperties": false, + "properties": { + "compiled_input": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "policy_template": { + "type": "string" + }, + "streams": { + "items": { + "additionalProperties": false, + "properties": { + "compiled_stream": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "data_stream": { + "additionalProperties": false, + "properties": { + "dataset": { + "type": "string" + }, + "elasticsearch": { + "additionalProperties": false, + "properties": { + "dynamic_dataset": { + "type": "boolean" + }, + "dynamic_namespace": { + "type": "boolean" + }, + "privileges": { + "additionalProperties": false, + "properties": { + "indices": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": { + "type": "string" + } + }, + "required": [ + "dataset", + "type" + ], + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "release": { + "enum": [ + "ga", + "beta", + "experimental" + ], + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "enabled", + "data_stream", + "compiled_stream" + ], + "type": "object" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "type", + "enabled", + "streams", + "compiled_input" + ], + "type": "object" + }, + "type": "array" + }, + "is_managed": { + "type": "boolean" + }, + "name": { + "description": "Package policy name (should be unique)", + "type": "string" + }, + "namespace": { + "description": "The package policy namespace. Leave blank to inherit the agent policy's namespace.", + "type": "string" + }, + "output_id": { + "nullable": true, + "type": "string" + }, + "overrides": { + "additionalProperties": false, + "description": "Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "properties": { + "inputs": { + "additionalProperties": {}, + "type": "object" + } + }, + "type": "object" + }, + "package": { + "additionalProperties": false, + "properties": { + "experimental_data_stream_features": { + "items": { + "additionalProperties": false, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": false, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Package name", + "type": "string" + }, + "requires_root": { + "type": "boolean" + }, + "title": { + "type": "string" + }, + "version": { + "description": "Package version", + "type": "string" + } + }, + "required": [ + "name", + "version" + ], + "type": "object" + }, + "policy_id": { + "deprecated": true, + "description": "Agent policy ID where that package policy will be added", + "nullable": true, + "type": "string" + }, + "policy_ids": { + "items": { + "description": "Agent policy IDs where that package policy will be added", + "type": "string" + }, + "type": "array" + }, + "revision": { + "type": "number" + }, + "secret_references": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + "type": "array" + }, + "updated_at": { + "type": "string" + }, + "updated_by": { + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "enabled", + "inputs", + "id", + "revision", + "updated_at", + "updated_by", + "created_at", + "created_by" + ], + "type": "object" + }, + "type": "array" + } + ] + }, + "revision": { + "type": "number" + }, + "schema_version": { + "type": "string" + }, + "space_ids": { + "items": { + "type": "string" + }, + "type": "array" + }, + "status": { + "enum": [ + "active", + "inactive" + ], + "type": "string" + }, + "supports_agentless": { + "default": false, + "description": "Indicates whether the agent policy supports agentless integrations.", + "nullable": true, + "type": "boolean" + }, + "unenroll_timeout": { + "minimum": 0, + "type": "number" + }, + "unprivileged_agents": { + "type": "number" + }, + "updated_at": { + "type": "string" + }, + "updated_by": { + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "name", + "namespace", + "is_managed", + "is_protected", + "status", + "updated_at", + "updated_by", + "revision" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent policies" + ] + } + }, + "/api/fleet/agent_policies/{agentPolicyId}/copy": { + "post": { + "description": "Copy an agent policy by ID", + "operationId": "%2Fapi%2Ffleet%2Fagent_policies%2F%7BagentPolicyId%7D%2Fcopy#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "agentPolicyId", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "format", + "required": false, + "schema": { + "enum": [ + "simplified", + "legacy" + ], + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "description": { + "type": "string" + }, + "name": { + "minLength": 1, + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "advanced_settings": { + "additionalProperties": false, + "properties": { + "agent_download_target_directory": { + "nullable": true + }, + "agent_download_timeout": { + "default": "2h", + "nullable": true + }, + "agent_limits_go_max_procs": { + "nullable": true + }, + "agent_logging_level": { + "default": "info", + "nullable": true + }, + "agent_logging_metrics_period": { + "default": "30s", + "nullable": true + } + }, + "type": "object" + }, + "agent_features": { + "items": { + "additionalProperties": false, + "properties": { + "enabled": { + "type": "boolean" + }, + "name": { + "type": "string" + } + }, + "required": [ + "name", + "enabled" + ], + "type": "object" + }, + "type": "array" + }, + "agents": { + "type": "number" + }, + "data_output_id": { + "nullable": true, + "type": "string" + }, + "description": { + "type": "string" + }, + "download_source_id": { + "nullable": true, + "type": "string" + }, + "fleet_server_host_id": { + "nullable": true, + "type": "string" + }, + "global_data_tags": { + "description": "User defined data tags that are added to all of the inputs. The values can be strings or numbers.", + "items": { + "additionalProperties": false, + "properties": { + "name": { + "type": "string" + }, + "value": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "number" + } + ] + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "has_fleet_server": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inactivity_timeout": { + "default": 1209600, + "minimum": 0, + "type": "number" + }, + "is_default": { + "type": "boolean" + }, + "is_default_fleet_server": { + "type": "boolean" + }, + "is_managed": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "is_protected": { + "description": "Indicates whether the agent policy has tamper protection enabled. Default false.", + "type": "boolean" + }, + "keep_monitoring_alive": { + "default": false, + "description": "When set to true, monitoring will be enabled but logs/metrics collection will be disabled", + "nullable": true, + "type": "boolean" + }, + "monitoring_diagnostics": { + "additionalProperties": false, + "properties": { + "limit": { + "additionalProperties": false, + "properties": { + "burst": { + "type": "number" + }, + "interval": { + "type": "string" + } + }, + "type": "object" + }, + "uploader": { + "additionalProperties": false, + "properties": { + "init_dur": { + "type": "string" + }, + "max_dur": { + "type": "string" + }, + "max_retries": { + "type": "number" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "monitoring_enabled": { + "items": { + "enum": [ + "logs", + "metrics", + "traces" + ], + "type": "string" + }, + "type": "array" + }, + "monitoring_http": { + "additionalProperties": false, + "properties": { + "buffer": { + "additionalProperties": false, + "properties": { + "enabled": { + "default": false, + "type": "boolean" + } + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "host": { + "type": "string" + }, + "port": { + "maximum": 65353, + "minimum": 0, + "type": "number" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "monitoring_output_id": { + "nullable": true, + "type": "string" + }, + "monitoring_pprof_enabled": { + "type": "boolean" + }, + "name": { + "minLength": 1, + "type": "string" + }, + "namespace": { + "minLength": 1, + "type": "string" + }, + "overrides": { + "additionalProperties": {}, + "description": "Override settings that are defined in the agent policy. Input settings cannot be overridden. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "type": "object" + }, + "package_policies": { + "anyOf": [ + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "description": "This field is present only when retrieving a single agent policy, or when retrieving a list of agent policies with the ?full=true parameter", + "items": { + "additionalProperties": false, + "properties": { + "created_at": { + "type": "string" + }, + "created_by": { + "type": "string" + }, + "description": { + "description": "Package policy description", + "type": "string" + }, + "elasticsearch": { + "additionalProperties": true, + "properties": { + "privileges": { + "additionalProperties": true, + "properties": { + "cluster": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inputs": { + "items": { + "additionalProperties": false, + "properties": { + "compiled_input": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "policy_template": { + "type": "string" + }, + "streams": { + "items": { + "additionalProperties": false, + "properties": { + "compiled_stream": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "data_stream": { + "additionalProperties": false, + "properties": { + "dataset": { + "type": "string" + }, + "elasticsearch": { + "additionalProperties": false, + "properties": { + "dynamic_dataset": { + "type": "boolean" + }, + "dynamic_namespace": { + "type": "boolean" + }, + "privileges": { + "additionalProperties": false, + "properties": { + "indices": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": { + "type": "string" + } + }, + "required": [ + "dataset", + "type" + ], + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "release": { + "enum": [ + "ga", + "beta", + "experimental" + ], + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "enabled", + "data_stream", + "compiled_stream" + ], + "type": "object" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "type", + "enabled", + "streams", + "compiled_input" + ], + "type": "object" + }, + "type": "array" + }, + "is_managed": { + "type": "boolean" + }, + "name": { + "description": "Package policy name (should be unique)", + "type": "string" + }, + "namespace": { + "description": "The package policy namespace. Leave blank to inherit the agent policy's namespace.", + "type": "string" + }, + "output_id": { + "nullable": true, + "type": "string" + }, + "overrides": { + "additionalProperties": false, + "description": "Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "properties": { + "inputs": { + "additionalProperties": {}, + "type": "object" + } + }, + "type": "object" + }, + "package": { + "additionalProperties": false, + "properties": { + "experimental_data_stream_features": { + "items": { + "additionalProperties": false, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": false, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Package name", + "type": "string" + }, + "requires_root": { + "type": "boolean" + }, + "title": { + "type": "string" + }, + "version": { + "description": "Package version", + "type": "string" + } + }, + "required": [ + "name", + "version" + ], + "type": "object" + }, + "policy_id": { + "deprecated": true, + "description": "Agent policy ID where that package policy will be added", + "nullable": true, + "type": "string" + }, + "policy_ids": { + "items": { + "description": "Agent policy IDs where that package policy will be added", + "type": "string" + }, + "type": "array" + }, + "revision": { + "type": "number" + }, + "secret_references": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + "type": "array" + }, + "updated_at": { + "type": "string" + }, + "updated_by": { + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "enabled", + "inputs", + "id", + "revision", + "updated_at", + "updated_by", + "created_at", + "created_by" + ], + "type": "object" + }, + "type": "array" + } + ] + }, + "revision": { + "type": "number" + }, + "schema_version": { + "type": "string" + }, + "space_ids": { + "items": { + "type": "string" + }, + "type": "array" + }, + "status": { + "enum": [ + "active", + "inactive" + ], + "type": "string" + }, + "supports_agentless": { + "default": false, + "description": "Indicates whether the agent policy supports agentless integrations.", + "nullable": true, + "type": "boolean" + }, + "unenroll_timeout": { + "minimum": 0, + "type": "number" + }, + "unprivileged_agents": { + "type": "number" + }, + "updated_at": { + "type": "string" + }, + "updated_by": { + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "name", + "namespace", + "is_managed", + "is_protected", + "status", + "updated_at", + "updated_by", + "revision" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent policies" + ] + } + }, + "/api/fleet/agent_policies/{agentPolicyId}/download": { + "get": { + "description": "Download an agent policy by ID", + "operationId": "%2Fapi%2Ffleet%2Fagent_policies%2F%7BagentPolicyId%7D%2Fdownload#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "path", + "name": "agentPolicyId", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "download", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "standalone", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "kubernetes", + "required": false, + "schema": { + "type": "boolean" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "type": "string" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + }, + "404": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent policies" + ] + } + }, + "/api/fleet/agent_policies/{agentPolicyId}/full": { + "get": { + "description": "Get a full agent policy by ID", + "operationId": "%2Fapi%2Ffleet%2Fagent_policies%2F%7BagentPolicyId%7D%2Ffull#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "path", + "name": "agentPolicyId", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "download", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "standalone", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "kubernetes", + "required": false, + "schema": { + "type": "boolean" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "anyOf": [ + { + "type": "string" + }, + { + "additionalProperties": false, + "properties": { + "agent": { + "additionalProperties": false, + "properties": { + "download": { + "additionalProperties": false, + "properties": { + "sourceURI": { + "type": "string" + } + }, + "required": [ + "sourceURI" + ], + "type": "object" + }, + "features": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "enabled": { + "type": "boolean" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "type": "object" + }, + "monitoring": { + "additionalProperties": false, + "properties": { + "enabled": { + "type": "boolean" + }, + "logs": { + "type": "boolean" + }, + "metrics": { + "type": "boolean" + }, + "namespace": { + "type": "string" + }, + "traces": { + "type": "boolean" + }, + "use_output": { + "type": "string" + } + }, + "required": [ + "enabled", + "metrics", + "logs", + "traces" + ], + "type": "object" + }, + "protection": { + "additionalProperties": false, + "properties": { + "enabled": { + "type": "boolean" + }, + "signing_key": { + "type": "string" + }, + "uninstall_token_hash": { + "type": "string" + } + }, + "required": [ + "enabled", + "uninstall_token_hash", + "signing_key" + ], + "type": "object" + } + }, + "required": [ + "monitoring", + "download", + "features" + ], + "type": "object" + }, + "fleet": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "hosts": { + "items": { + "type": "string" + }, + "type": "array" + }, + "proxy_headers": {}, + "proxy_url": { + "type": "string" + }, + "ssl": { + "additionalProperties": false, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "renegotiation": { + "type": "string" + }, + "verification_mode": { + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "hosts", + "proxy_headers" + ], + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "kibana": { + "additionalProperties": false, + "properties": { + "hosts": { + "items": { + "type": "string" + }, + "type": "array" + }, + "path": { + "type": "string" + }, + "protocol": { + "type": "string" + } + }, + "required": [ + "hosts", + "protocol" + ], + "type": "object" + } + }, + "required": [ + "kibana" + ], + "type": "object" + } + ] + }, + "id": { + "type": "string" + }, + "inputs": { + "items": { + "additionalProperties": true, + "properties": { + "data_stream": { + "additionalProperties": true, + "properties": { + "namespace": { + "type": "string" + } + }, + "required": [ + "namespace" + ], + "type": "object" + }, + "id": { + "type": "string" + }, + "meta": { + "additionalProperties": true, + "properties": { + "package": { + "additionalProperties": true, + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "version" + ], + "type": "object" + } + }, + "type": "object" + }, + "name": { + "type": "string" + }, + "package_policy_id": { + "type": "string" + }, + "processors": { + "items": { + "additionalProperties": true, + "properties": { + "add_fields": { + "additionalProperties": true, + "properties": { + "fields": { + "additionalProperties": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "number" + } + ] + }, + "type": "object" + }, + "target": { + "type": "string" + } + }, + "required": [ + "target", + "fields" + ], + "type": "object" + } + }, + "required": [ + "add_fields" + ], + "type": "object" + }, + "type": "array" + }, + "revision": { + "type": "number" + }, + "streams": { + "items": { + "additionalProperties": true, + "properties": { + "data_stream": { + "additionalProperties": true, + "properties": { + "dataset": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "dataset" + ], + "type": "object" + }, + "id": { + "type": "string" + } + }, + "required": [ + "id", + "data_stream" + ], + "type": "object" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "use_output": { + "type": "string" + } + }, + "required": [ + "id", + "name", + "revision", + "type", + "data_stream", + "use_output", + "package_policy_id" + ], + "type": "object" + }, + "type": "array" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "output_permissions": { + "additionalProperties": { + "additionalProperties": {}, + "type": "object" + }, + "type": "object" + }, + "outputs": { + "additionalProperties": { + "additionalProperties": true, + "properties": { + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "hosts": { + "items": { + "type": "string" + }, + "type": "array" + }, + "proxy_headers": {}, + "proxy_url": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "type", + "proxy_headers" + ], + "type": "object" + }, + "type": "object" + }, + "revision": { + "type": "number" + }, + "secret_references": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + "type": "array" + }, + "signed": { + "additionalProperties": false, + "properties": { + "data": { + "type": "string" + }, + "signature": { + "type": "string" + } + }, + "required": [ + "data", + "signature" + ], + "type": "object" + } + }, + "required": [ + "id", + "outputs", + "inputs" + ], + "type": "object" + } + ] + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent policies" + ] + } + }, + "/api/fleet/agent_status": { + "get": { + "description": "Get agent status summary", + "operationId": "%2Fapi%2Ffleet%2Fagent_status#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "policyId", + "required": false, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "policyIds", + "required": false, + "schema": { + "anyOf": [ + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "type": "string" + } + ] + } + }, + { + "in": "query", + "name": "kuery", + "required": false, + "schema": { + "deprecated": true, + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "results": { + "additionalProperties": false, + "properties": { + "active": { + "type": "number" + }, + "all": { + "type": "number" + }, + "error": { + "type": "number" + }, + "events": { + "type": "number" + }, + "inactive": { + "type": "number" + }, + "offline": { + "type": "number" + }, + "online": { + "type": "number" + }, + "other": { + "type": "number" + }, + "total": { + "deprecated": true, + "type": "number" + }, + "unenrolled": { + "type": "number" + }, + "updating": { + "type": "number" + } + }, + "required": [ + "events", + "total", + "online", + "error", + "offline", + "other", + "updating", + "inactive", + "unenrolled", + "all", + "active" + ], + "type": "object" + } + }, + "required": [ + "results" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent status" + ] + } + }, + "/api/fleet/agent_status/data": { + "get": { + "description": "Get incoming agent data", + "operationId": "%2Fapi%2Ffleet%2Fagent_status%2Fdata#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "agentsIds", + "required": true, + "schema": { + "anyOf": [ + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "type": "string" + } + ] + } + }, + { + "in": "query", + "name": "previewData", + "required": false, + "schema": { + "default": false, + "type": "boolean" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "dataPreview": { + "items": {}, + "type": "array" + }, + "items": { + "items": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "data": { + "type": "boolean" + } + }, + "required": [ + "data" + ], + "type": "object" + }, + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "items", + "dataPreview" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agents" + ] + } + }, + "/api/fleet/agents": { + "get": { + "description": "List agents", + "operationId": "%2Fapi%2Ffleet%2Fagents#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "page", + "required": false, + "schema": { + "default": 1, + "type": "number" + } + }, + { + "in": "query", + "name": "perPage", + "required": false, + "schema": { + "default": 20, + "type": "number" + } + }, + { + "in": "query", + "name": "kuery", + "required": false, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "showInactive", + "required": false, + "schema": { + "default": false, + "type": "boolean" + } + }, + { + "in": "query", + "name": "withMetrics", + "required": false, + "schema": { + "default": false, + "type": "boolean" + } + }, + { + "in": "query", + "name": "showUpgradeable", + "required": false, + "schema": { + "default": false, + "type": "boolean" + } + }, + { + "in": "query", + "name": "getStatusSummary", + "required": false, + "schema": { + "default": false, + "type": "boolean" + } + }, + { + "in": "query", + "name": "sortField", + "required": false, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "sortOrder", + "required": false, + "schema": { + "enum": [ + "asc", + "desc" + ], + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "additionalProperties": false, + "properties": { + "access_api_key": { + "type": "string" + }, + "access_api_key_id": { + "type": "string" + }, + "active": { + "type": "boolean" + }, + "agent": { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "version" + ], + "type": "object" + }, + "components": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "message": { + "type": "string" + }, + "status": { + "enum": [ + "STARTING", + "CONFIGURING", + "HEALTHY", + "DEGRADED", + "FAILED", + "STOPPING", + "STOPPED" + ], + "type": "string" + }, + "type": { + "type": "string" + }, + "units": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "message": { + "type": "string" + }, + "payload": { + "additionalProperties": {}, + "type": "object" + }, + "status": { + "enum": [ + "STARTING", + "CONFIGURING", + "HEALTHY", + "DEGRADED", + "FAILED", + "STOPPING", + "STOPPED" + ], + "type": "string" + }, + "type": { + "enum": [ + "input", + "output" + ], + "type": "string" + } + }, + "required": [ + "id", + "type", + "status", + "message" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "id", + "type", + "status", + "message" + ], + "type": "object" + }, + "type": "array" + }, + "default_api_key": { + "type": "string" + }, + "default_api_key_history": { + "items": { + "additionalProperties": false, + "deprecated": true, + "properties": { + "id": { + "type": "string" + }, + "retired_at": { + "type": "string" + } + }, + "required": [ + "id", + "retired_at" + ], + "type": "object" + }, + "type": "array" + }, + "default_api_key_id": { + "type": "string" + }, + "enrolled_at": { + "type": "string" + }, + "id": { + "type": "string" + }, + "last_checkin": { + "type": "string" + }, + "last_checkin_message": { + "type": "string" + }, + "last_checkin_status": { + "enum": [ + "error", + "online", + "degraded", + "updating", + "starting" + ], + "type": "string" + }, + "local_metadata": { + "additionalProperties": {}, + "type": "object" + }, + "metrics": { + "additionalProperties": false, + "properties": { + "cpu_avg": { + "type": "number" + }, + "memory_size_byte_avg": { + "type": "number" + } + }, + "type": "object" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "outputs": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "api_key_id": { + "type": "string" + }, + "to_retire_api_key_ids": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "retired_at": { + "type": "string" + } + }, + "required": [ + "id", + "retired_at" + ], + "type": "object" + }, + "type": "array" + }, + "type": { + "type": "string" + } + }, + "required": [ + "api_key_id", + "type" + ], + "type": "object" + }, + "type": "object" + }, + "packages": { + "items": { + "type": "string" + }, + "type": "array" + }, + "policy_id": { + "type": "string" + }, + "policy_revision": { + "nullable": true, + "type": "number" + }, + "sort": { + "items": { + "anyOf": [ + { + "type": "number" + }, + { + "type": "string" + }, + { + "enum": [], + "nullable": true + } + ] + }, + "type": "array" + }, + "status": { + "enum": [ + "offline", + "error", + "online", + "inactive", + "enrolling", + "unenrolling", + "unenrolled", + "updating", + "degraded" + ], + "type": "string" + }, + "tags": { + "items": { + "type": "string" + }, + "type": "array" + }, + "type": { + "enum": [ + "PERMANENT", + "EPHEMERAL", + "TEMPORARY" + ], + "type": "string" + }, + "unenrolled_at": { + "type": "string" + }, + "unenrollment_started_at": { + "type": "string" + }, + "unhealthy_reason": { + "items": { + "enum": [ + "input", + "output", + "other" + ], + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "upgrade_details": { + "additionalProperties": false, + "properties": { + "action_id": { + "type": "string" + }, + "metadata": { + "additionalProperties": false, + "properties": { + "download_percent": { + "type": "number" + }, + "download_rate": { + "type": "number" + }, + "error_msg": { + "type": "string" + }, + "failed_state": { + "enum": [ + "UPG_REQUESTED", + "UPG_SCHEDULED", + "UPG_DOWNLOADING", + "UPG_EXTRACTING", + "UPG_REPLACING", + "UPG_RESTARTING", + "UPG_FAILED", + "UPG_WATCHING", + "UPG_ROLLBACK" + ], + "type": "string" + }, + "retry_error_msg": { + "type": "string" + }, + "retry_until": { + "type": "string" + }, + "scheduled_at": { + "type": "string" + } + }, + "type": "object" + }, + "state": { + "enum": [ + "UPG_REQUESTED", + "UPG_SCHEDULED", + "UPG_DOWNLOADING", + "UPG_EXTRACTING", + "UPG_REPLACING", + "UPG_RESTARTING", + "UPG_FAILED", + "UPG_WATCHING", + "UPG_ROLLBACK" + ], + "type": "string" + }, + "target_version": { + "type": "string" + } + }, + "required": [ + "target_version", + "action_id", + "state" + ], + "type": "object" + }, + "upgrade_started_at": { + "nullable": true, + "type": "string" + }, + "upgraded_at": { + "nullable": true, + "type": "string" + }, + "user_provided_metadata": { + "additionalProperties": {}, + "type": "object" + } + }, + "required": [ + "id", + "packages", + "type", + "active", + "enrolled_at", + "local_metadata" + ], + "type": "object" + }, + "type": "array" + }, + "list": { + "deprecated": true, + "items": { + "additionalProperties": false, + "properties": { + "access_api_key": { + "type": "string" + }, + "access_api_key_id": { + "type": "string" + }, + "active": { + "type": "boolean" + }, + "agent": { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "version" + ], + "type": "object" + }, + "components": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "message": { + "type": "string" + }, + "status": { + "enum": [ + "STARTING", + "CONFIGURING", + "HEALTHY", + "DEGRADED", + "FAILED", + "STOPPING", + "STOPPED" + ], + "type": "string" + }, + "type": { + "type": "string" + }, + "units": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "message": { + "type": "string" + }, + "payload": { + "additionalProperties": {}, + "type": "object" + }, + "status": { + "enum": [ + "STARTING", + "CONFIGURING", + "HEALTHY", + "DEGRADED", + "FAILED", + "STOPPING", + "STOPPED" + ], + "type": "string" + }, + "type": { + "enum": [ + "input", + "output" + ], + "type": "string" + } + }, + "required": [ + "id", + "type", + "status", + "message" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "id", + "type", + "status", + "message" + ], + "type": "object" + }, + "type": "array" + }, + "default_api_key": { + "type": "string" + }, + "default_api_key_history": { + "items": { + "additionalProperties": false, + "deprecated": true, + "properties": { + "id": { + "type": "string" + }, + "retired_at": { + "type": "string" + } + }, + "required": [ + "id", + "retired_at" + ], + "type": "object" + }, + "type": "array" + }, + "default_api_key_id": { + "type": "string" + }, + "enrolled_at": { + "type": "string" + }, + "id": { + "type": "string" + }, + "last_checkin": { + "type": "string" + }, + "last_checkin_message": { + "type": "string" + }, + "last_checkin_status": { + "enum": [ + "error", + "online", + "degraded", + "updating", + "starting" + ], + "type": "string" + }, + "local_metadata": { + "additionalProperties": {}, + "type": "object" + }, + "metrics": { + "additionalProperties": false, + "properties": { + "cpu_avg": { + "type": "number" + }, + "memory_size_byte_avg": { + "type": "number" + } + }, + "type": "object" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "outputs": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "api_key_id": { + "type": "string" + }, + "to_retire_api_key_ids": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "retired_at": { + "type": "string" + } + }, + "required": [ + "id", + "retired_at" + ], + "type": "object" + }, + "type": "array" + }, + "type": { + "type": "string" + } + }, + "required": [ + "api_key_id", + "type" + ], + "type": "object" + }, + "type": "object" + }, + "packages": { + "items": { + "type": "string" + }, + "type": "array" + }, + "policy_id": { + "type": "string" + }, + "policy_revision": { + "nullable": true, + "type": "number" + }, + "sort": { + "items": { + "anyOf": [ + { + "type": "number" + }, + { + "type": "string" + }, + { + "enum": [], + "nullable": true + } + ] + }, + "type": "array" + }, + "status": { + "enum": [ + "offline", + "error", + "online", + "inactive", + "enrolling", + "unenrolling", + "unenrolled", + "updating", + "degraded" + ], + "type": "string" + }, + "tags": { + "items": { + "type": "string" + }, + "type": "array" + }, + "type": { + "enum": [ + "PERMANENT", + "EPHEMERAL", + "TEMPORARY" + ], + "type": "string" + }, + "unenrolled_at": { + "type": "string" + }, + "unenrollment_started_at": { + "type": "string" + }, + "unhealthy_reason": { + "items": { + "enum": [ + "input", + "output", + "other" + ], + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "upgrade_details": { + "additionalProperties": false, + "properties": { + "action_id": { + "type": "string" + }, + "metadata": { + "additionalProperties": false, + "properties": { + "download_percent": { + "type": "number" + }, + "download_rate": { + "type": "number" + }, + "error_msg": { + "type": "string" + }, + "failed_state": { + "enum": [ + "UPG_REQUESTED", + "UPG_SCHEDULED", + "UPG_DOWNLOADING", + "UPG_EXTRACTING", + "UPG_REPLACING", + "UPG_RESTARTING", + "UPG_FAILED", + "UPG_WATCHING", + "UPG_ROLLBACK" + ], + "type": "string" + }, + "retry_error_msg": { + "type": "string" + }, + "retry_until": { + "type": "string" + }, + "scheduled_at": { + "type": "string" + } + }, + "type": "object" + }, + "state": { + "enum": [ + "UPG_REQUESTED", + "UPG_SCHEDULED", + "UPG_DOWNLOADING", + "UPG_EXTRACTING", + "UPG_REPLACING", + "UPG_RESTARTING", + "UPG_FAILED", + "UPG_WATCHING", + "UPG_ROLLBACK" + ], + "type": "string" + }, + "target_version": { + "type": "string" + } + }, + "required": [ + "target_version", + "action_id", + "state" + ], + "type": "object" + }, + "upgrade_started_at": { + "nullable": true, + "type": "string" + }, + "upgraded_at": { + "nullable": true, + "type": "string" + }, + "user_provided_metadata": { + "additionalProperties": {}, + "type": "object" + } + }, + "required": [ + "id", + "packages", + "type", + "active", + "enrolled_at", + "local_metadata" + ], + "type": "object" + }, + "type": "array" + }, + "page": { + "type": "number" + }, + "perPage": { + "type": "number" + }, + "statusSummary": { + "additionalProperties": { + "type": "number" + }, + "type": "object" + }, + "total": { + "type": "number" + } + }, + "required": [ + "items", + "total", + "page", + "perPage" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agents" + ] + }, + "post": { + "description": "List agents by action ids", + "operationId": "%2Fapi%2Ffleet%2Fagents#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "actionIds": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "actionIds" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "items" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agents" + ] + } + }, + "/api/fleet/agents/action_status": { + "get": { + "description": "Get agent action status", + "operationId": "%2Fapi%2Ffleet%2Fagents%2Faction_status#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "page", + "required": false, + "schema": { + "default": 0, + "type": "number" + } + }, + { + "in": "query", + "name": "perPage", + "required": false, + "schema": { + "default": 20, + "type": "number" + } + }, + { + "in": "query", + "name": "date", + "required": false, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "latest", + "required": false, + "schema": { + "type": "number" + } + }, + { + "in": "query", + "name": "errorSize", + "required": false, + "schema": { + "default": 5, + "type": "number" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "additionalProperties": false, + "properties": { + "actionId": { + "type": "string" + }, + "cancellationTime": { + "type": "string" + }, + "completionTime": { + "type": "string" + }, + "creationTime": { + "description": "creation time of action", + "type": "string" + }, + "expiration": { + "type": "string" + }, + "hasRolloutPeriod": { + "type": "boolean" + }, + "latestErrors": { + "items": { + "additionalProperties": false, + "description": "latest errors that happened when the agents executed the action", + "properties": { + "agentId": { + "type": "string" + }, + "error": { + "type": "string" + }, + "hostname": { + "type": "string" + }, + "timestamp": { + "type": "string" + } + }, + "required": [ + "agentId", + "error", + "timestamp" + ], + "type": "object" + }, + "type": "array" + }, + "nbAgentsAck": { + "description": "number of agents that acknowledged the action", + "type": "number" + }, + "nbAgentsActionCreated": { + "description": "number of agents included in action from kibana", + "type": "number" + }, + "nbAgentsActioned": { + "description": "number of agents actioned", + "type": "number" + }, + "nbAgentsFailed": { + "description": "number of agents that failed to execute the action", + "type": "number" + }, + "newPolicyId": { + "description": "new policy id (POLICY_REASSIGN action)", + "type": "string" + }, + "policyId": { + "description": "policy id (POLICY_CHANGE action)", + "type": "string" + }, + "revision": { + "description": "new policy revision (POLICY_CHANGE action)", + "type": "number" + }, + "startTime": { + "description": "start time of action (scheduled actions)", + "type": "string" + }, + "status": { + "enum": [ + "COMPLETE", + "EXPIRED", + "CANCELLED", + "FAILED", + "IN_PROGRESS", + "ROLLOUT_PASSED" + ], + "type": "string" + }, + "type": { + "enum": [ + "UPGRADE", + "UNENROLL", + "SETTINGS", + "POLICY_REASSIGN", + "CANCEL", + "FORCE_UNENROLL", + "REQUEST_DIAGNOSTICS", + "UPDATE_TAGS", + "POLICY_CHANGE", + "INPUT_ACTION" + ], + "type": "string" + }, + "version": { + "description": "agent version number (UPGRADE action)", + "type": "string" + } + }, + "required": [ + "actionId", + "nbAgentsActionCreated", + "nbAgentsAck", + "nbAgentsFailed", + "type", + "nbAgentsActioned", + "status", + "creationTime" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "items" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent actions" + ] + } + }, + "/api/fleet/agents/actions/{actionId}/cancel": { + "post": { + "description": "Cancel agent action", + "operationId": "%2Fapi%2Ffleet%2Fagents%2Factions%2F%7BactionId%7D%2Fcancel#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "actionId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "ack_data": {}, + "agents": { + "items": { + "type": "string" + }, + "type": "array" + }, + "created_at": { + "type": "string" + }, + "data": {}, + "expiration": { + "type": "string" + }, + "id": { + "type": "string" + }, + "minimum_execution_duration": { + "type": "number" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "rollout_duration_seconds": { + "type": "number" + }, + "sent_at": { + "type": "string" + }, + "source_uri": { + "type": "string" + }, + "start_time": { + "type": "string" + }, + "total": { + "type": "number" + }, + "type": { + "type": "string" + } + }, + "required": [ + "id", + "type", + "data", + "created_at", + "ack_data", + "agents" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent actions" + ] + } + }, + "/api/fleet/agents/available_versions": { + "get": { + "description": "Get available agent versions", + "operationId": "%2Fapi%2Ffleet%2Fagents%2Favailable_versions#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "items" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agents" + ] + } + }, + "/api/fleet/agents/bulk_reassign": { + "post": { + "description": "Bulk reassign agents", + "operationId": "%2Fapi%2Ffleet%2Fagents%2Fbulk_reassign#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "agents": { + "anyOf": [ + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "type": "string" + } + ] + }, + "batchSize": { + "type": "number" + }, + "includeInactive": { + "default": false, + "type": "boolean" + }, + "policy_id": { + "type": "string" + } + }, + "required": [ + "policy_id", + "agents" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "actionId": { + "type": "string" + } + }, + "required": [ + "actionId" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent actions" + ] + } + }, + "/api/fleet/agents/bulk_request_diagnostics": { + "post": { + "description": "Bulk request diagnostics from agents", + "operationId": "%2Fapi%2Ffleet%2Fagents%2Fbulk_request_diagnostics#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "additional_metrics": { + "items": { + "enum": [ + "CPU" + ], + "type": "string" + }, + "type": "array" + }, + "agents": { + "anyOf": [ + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "type": "string" + } + ] + }, + "batchSize": { + "type": "number" + } + }, + "required": [ + "agents" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "actionId": { + "type": "string" + } + }, + "required": [ + "actionId" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent actions" + ] + } + }, + "/api/fleet/agents/bulk_unenroll": { + "post": { + "description": "Bulk unenroll agents", + "operationId": "%2Fapi%2Ffleet%2Fagents%2Fbulk_unenroll#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "agents": { + "anyOf": [ + { + "items": { + "description": "KQL query string, leave empty to action all agents", + "type": "string" + }, + "type": "array" + }, + { + "description": "list of agent IDs", + "type": "string" + } + ] + }, + "batchSize": { + "type": "number" + }, + "force": { + "description": "Unenrolls hosted agents too", + "type": "boolean" + }, + "includeInactive": { + "description": "When passing agents by KQL query, unenrolls inactive agents too", + "type": "boolean" + }, + "revoke": { + "description": "Revokes API keys of agents", + "type": "boolean" + } + }, + "required": [ + "agents" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "actionId": { + "type": "string" + } + }, + "required": [ + "actionId" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent actions" + ] + } + }, + "/api/fleet/agents/bulk_update_agent_tags": { + "post": { + "description": "Bulk update agent tags", + "operationId": "%2Fapi%2Ffleet%2Fagents%2Fbulk_update_agent_tags#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "agents": { + "anyOf": [ + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "type": "string" + } + ] + }, + "batchSize": { + "type": "number" + }, + "includeInactive": { + "default": false, + "type": "boolean" + }, + "tagsToAdd": { + "items": { + "type": "string" + }, + "type": "array" + }, + "tagsToRemove": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "agents" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "actionId": { + "type": "string" + } + }, + "required": [ + "actionId" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent actions" + ] + } + }, + "/api/fleet/agents/bulk_upgrade": { + "post": { + "description": "Bulk upgrade agents", + "operationId": "%2Fapi%2Ffleet%2Fagents%2Fbulk_upgrade#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "agents": { + "anyOf": [ + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "type": "string" + } + ] + }, + "batchSize": { + "type": "number" + }, + "force": { + "type": "boolean" + }, + "includeInactive": { + "default": false, + "type": "boolean" + }, + "rollout_duration_seconds": { + "minimum": 600, + "type": "number" + }, + "skipRateLimitCheck": { + "type": "boolean" + }, + "source_uri": { + "type": "string" + }, + "start_time": { + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "agents", + "version" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "actionId": { + "type": "string" + } + }, + "required": [ + "actionId" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent actions" + ] + } + }, + "/api/fleet/agents/files/{fileId}": { + "delete": { + "description": "Delete file uploaded by agent", + "operationId": "%2Fapi%2Ffleet%2Fagents%2Ffiles%2F%7BfileId%7D#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "fileId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "deleted": { + "type": "boolean" + }, + "id": { + "type": "string" + } + }, + "required": [ + "id", + "deleted" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agents" + ] + } + }, + "/api/fleet/agents/files/{fileId}/{fileName}": { + "get": { + "description": "Get file uploaded by agent", + "operationId": "%2Fapi%2Ffleet%2Fagents%2Ffiles%2F%7BfileId%7D%2F%7BfileName%7D#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "path", + "name": "fileId", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "path", + "name": "fileName", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agents" + ] + } + }, + "/api/fleet/agents/setup": { + "get": { + "description": "Get agent setup info", + "operationId": "%2Fapi%2Ffleet%2Fagents%2Fsetup#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "A summary of the agent setup status. `isReady` indicates whether the setup is ready. If the setup is not ready, `missing_requirements` lists which requirements are missing.", + "properties": { + "isReady": { + "type": "boolean" + }, + "is_secrets_storage_enabled": { + "type": "boolean" + }, + "is_space_awareness_enabled": { + "type": "boolean" + }, + "missing_optional_features": { + "items": { + "enum": [ + "encrypted_saved_object_encryption_key_required" + ], + "type": "string" + }, + "type": "array" + }, + "missing_requirements": { + "items": { + "enum": [ + "security_required", + "tls_required", + "api_keys", + "fleet_admin_user", + "fleet_server" + ], + "type": "string" + }, + "type": "array" + }, + "package_verification_key_id": { + "type": "string" + } + }, + "required": [ + "isReady", + "missing_requirements", + "missing_optional_features" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agents" + ] + }, + "post": { + "description": "Initiate agent setup", + "operationId": "%2Fapi%2Ffleet%2Fagents%2Fsetup#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "A summary of the result of Fleet's `setup` lifecycle. If `isInitialized` is true, Fleet is ready to accept agent enrollment. `nonFatalErrors` may include useful insight into non-blocking issues with Fleet setup.", + "properties": { + "isInitialized": { + "type": "boolean" + }, + "nonFatalErrors": { + "items": { + "additionalProperties": false, + "properties": { + "message": { + "type": "string" + }, + "name": { + "type": "string" + } + }, + "required": [ + "name", + "message" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "isInitialized", + "nonFatalErrors" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agents" + ] + } + }, + "/api/fleet/agents/tags": { + "get": { + "description": "List agent tags", + "operationId": "%2Fapi%2Ffleet%2Fagents%2Ftags#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "kuery", + "required": false, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "showInactive", + "required": false, + "schema": { + "default": false, + "type": "boolean" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "items" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agents" + ] + } + }, + "/api/fleet/agents/{agentId}": { + "delete": { + "description": "Delete agent by ID", + "operationId": "%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D#2", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "agentId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "action": { + "enum": [ + "deleted" + ], + "type": "string" + } + }, + "required": [ + "action" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agents" + ] + }, + "get": { + "description": "Get agent by ID", + "operationId": "%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "path", + "name": "agentId", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "withMetrics", + "required": false, + "schema": { + "default": false, + "type": "boolean" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "access_api_key": { + "type": "string" + }, + "access_api_key_id": { + "type": "string" + }, + "active": { + "type": "boolean" + }, + "agent": { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "version" + ], + "type": "object" + }, + "components": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "message": { + "type": "string" + }, + "status": { + "enum": [ + "STARTING", + "CONFIGURING", + "HEALTHY", + "DEGRADED", + "FAILED", + "STOPPING", + "STOPPED" + ], + "type": "string" + }, + "type": { + "type": "string" + }, + "units": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "message": { + "type": "string" + }, + "payload": { + "additionalProperties": {}, + "type": "object" + }, + "status": { + "enum": [ + "STARTING", + "CONFIGURING", + "HEALTHY", + "DEGRADED", + "FAILED", + "STOPPING", + "STOPPED" + ], + "type": "string" + }, + "type": { + "enum": [ + "input", + "output" + ], + "type": "string" + } + }, + "required": [ + "id", + "type", + "status", + "message" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "id", + "type", + "status", + "message" + ], + "type": "object" + }, + "type": "array" + }, + "default_api_key": { + "type": "string" + }, + "default_api_key_history": { + "items": { + "additionalProperties": false, + "deprecated": true, + "properties": { + "id": { + "type": "string" + }, + "retired_at": { + "type": "string" + } + }, + "required": [ + "id", + "retired_at" + ], + "type": "object" + }, + "type": "array" + }, + "default_api_key_id": { + "type": "string" + }, + "enrolled_at": { + "type": "string" + }, + "id": { + "type": "string" + }, + "last_checkin": { + "type": "string" + }, + "last_checkin_message": { + "type": "string" + }, + "last_checkin_status": { + "enum": [ + "error", + "online", + "degraded", + "updating", + "starting" + ], + "type": "string" + }, + "local_metadata": { + "additionalProperties": {}, + "type": "object" + }, + "metrics": { + "additionalProperties": false, + "properties": { + "cpu_avg": { + "type": "number" + }, + "memory_size_byte_avg": { + "type": "number" + } + }, + "type": "object" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "outputs": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "api_key_id": { + "type": "string" + }, + "to_retire_api_key_ids": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "retired_at": { + "type": "string" + } + }, + "required": [ + "id", + "retired_at" + ], + "type": "object" + }, + "type": "array" + }, + "type": { + "type": "string" + } + }, + "required": [ + "api_key_id", + "type" + ], + "type": "object" + }, + "type": "object" + }, + "packages": { + "items": { + "type": "string" + }, + "type": "array" + }, + "policy_id": { + "type": "string" + }, + "policy_revision": { + "nullable": true, + "type": "number" + }, + "sort": { + "items": { + "anyOf": [ + { + "type": "number" + }, + { + "type": "string" + }, + { + "enum": [], + "nullable": true + } + ] + }, + "type": "array" + }, + "status": { + "enum": [ + "offline", + "error", + "online", + "inactive", + "enrolling", + "unenrolling", + "unenrolled", + "updating", + "degraded" + ], + "type": "string" + }, + "tags": { + "items": { + "type": "string" + }, + "type": "array" + }, + "type": { + "enum": [ + "PERMANENT", + "EPHEMERAL", + "TEMPORARY" + ], + "type": "string" + }, + "unenrolled_at": { + "type": "string" + }, + "unenrollment_started_at": { + "type": "string" + }, + "unhealthy_reason": { + "items": { + "enum": [ + "input", + "output", + "other" + ], + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "upgrade_details": { + "additionalProperties": false, + "properties": { + "action_id": { + "type": "string" + }, + "metadata": { + "additionalProperties": false, + "properties": { + "download_percent": { + "type": "number" + }, + "download_rate": { + "type": "number" + }, + "error_msg": { + "type": "string" + }, + "failed_state": { + "enum": [ + "UPG_REQUESTED", + "UPG_SCHEDULED", + "UPG_DOWNLOADING", + "UPG_EXTRACTING", + "UPG_REPLACING", + "UPG_RESTARTING", + "UPG_FAILED", + "UPG_WATCHING", + "UPG_ROLLBACK" + ], + "type": "string" + }, + "retry_error_msg": { + "type": "string" + }, + "retry_until": { + "type": "string" + }, + "scheduled_at": { + "type": "string" + } + }, + "type": "object" + }, + "state": { + "enum": [ + "UPG_REQUESTED", + "UPG_SCHEDULED", + "UPG_DOWNLOADING", + "UPG_EXTRACTING", + "UPG_REPLACING", + "UPG_RESTARTING", + "UPG_FAILED", + "UPG_WATCHING", + "UPG_ROLLBACK" + ], + "type": "string" + }, + "target_version": { + "type": "string" + } + }, + "required": [ + "target_version", + "action_id", + "state" + ], + "type": "object" + }, + "upgrade_started_at": { + "nullable": true, + "type": "string" + }, + "upgraded_at": { + "nullable": true, + "type": "string" + }, + "user_provided_metadata": { + "additionalProperties": {}, + "type": "object" + } + }, + "required": [ + "id", + "packages", + "type", + "active", + "enrolled_at", + "local_metadata" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agents" + ] + }, + "put": { + "description": "Update agent by ID", + "operationId": "%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "agentId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "tags": { + "items": { + "type": "string" + }, + "type": "array" + }, + "user_provided_metadata": { + "additionalProperties": {}, + "type": "object" + } + }, + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "access_api_key": { + "type": "string" + }, + "access_api_key_id": { + "type": "string" + }, + "active": { + "type": "boolean" + }, + "agent": { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "version" + ], + "type": "object" + }, + "components": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "message": { + "type": "string" + }, + "status": { + "enum": [ + "STARTING", + "CONFIGURING", + "HEALTHY", + "DEGRADED", + "FAILED", + "STOPPING", + "STOPPED" + ], + "type": "string" + }, + "type": { + "type": "string" + }, + "units": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "message": { + "type": "string" + }, + "payload": { + "additionalProperties": {}, + "type": "object" + }, + "status": { + "enum": [ + "STARTING", + "CONFIGURING", + "HEALTHY", + "DEGRADED", + "FAILED", + "STOPPING", + "STOPPED" + ], + "type": "string" + }, + "type": { + "enum": [ + "input", + "output" + ], + "type": "string" + } + }, + "required": [ + "id", + "type", + "status", + "message" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "id", + "type", + "status", + "message" + ], + "type": "object" + }, + "type": "array" + }, + "default_api_key": { + "type": "string" + }, + "default_api_key_history": { + "items": { + "additionalProperties": false, + "deprecated": true, + "properties": { + "id": { + "type": "string" + }, + "retired_at": { + "type": "string" + } + }, + "required": [ + "id", + "retired_at" + ], + "type": "object" + }, + "type": "array" + }, + "default_api_key_id": { + "type": "string" + }, + "enrolled_at": { + "type": "string" + }, + "id": { + "type": "string" + }, + "last_checkin": { + "type": "string" + }, + "last_checkin_message": { + "type": "string" + }, + "last_checkin_status": { + "enum": [ + "error", + "online", + "degraded", + "updating", + "starting" + ], + "type": "string" + }, + "local_metadata": { + "additionalProperties": {}, + "type": "object" + }, + "metrics": { + "additionalProperties": false, + "properties": { + "cpu_avg": { + "type": "number" + }, + "memory_size_byte_avg": { + "type": "number" + } + }, + "type": "object" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "outputs": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "api_key_id": { + "type": "string" + }, + "to_retire_api_key_ids": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "retired_at": { + "type": "string" + } + }, + "required": [ + "id", + "retired_at" + ], + "type": "object" + }, + "type": "array" + }, + "type": { + "type": "string" + } + }, + "required": [ + "api_key_id", + "type" + ], + "type": "object" + }, + "type": "object" + }, + "packages": { + "items": { + "type": "string" + }, + "type": "array" + }, + "policy_id": { + "type": "string" + }, + "policy_revision": { + "nullable": true, + "type": "number" + }, + "sort": { + "items": { + "anyOf": [ + { + "type": "number" + }, + { + "type": "string" + }, + { + "enum": [], + "nullable": true + } + ] + }, + "type": "array" + }, + "status": { + "enum": [ + "offline", + "error", + "online", + "inactive", + "enrolling", + "unenrolling", + "unenrolled", + "updating", + "degraded" + ], + "type": "string" + }, + "tags": { + "items": { + "type": "string" + }, + "type": "array" + }, + "type": { + "enum": [ + "PERMANENT", + "EPHEMERAL", + "TEMPORARY" + ], + "type": "string" + }, + "unenrolled_at": { + "type": "string" + }, + "unenrollment_started_at": { + "type": "string" + }, + "unhealthy_reason": { + "items": { + "enum": [ + "input", + "output", + "other" + ], + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "upgrade_details": { + "additionalProperties": false, + "properties": { + "action_id": { + "type": "string" + }, + "metadata": { + "additionalProperties": false, + "properties": { + "download_percent": { + "type": "number" + }, + "download_rate": { + "type": "number" + }, + "error_msg": { + "type": "string" + }, + "failed_state": { + "enum": [ + "UPG_REQUESTED", + "UPG_SCHEDULED", + "UPG_DOWNLOADING", + "UPG_EXTRACTING", + "UPG_REPLACING", + "UPG_RESTARTING", + "UPG_FAILED", + "UPG_WATCHING", + "UPG_ROLLBACK" + ], + "type": "string" + }, + "retry_error_msg": { + "type": "string" + }, + "retry_until": { + "type": "string" + }, + "scheduled_at": { + "type": "string" + } + }, + "type": "object" + }, + "state": { + "enum": [ + "UPG_REQUESTED", + "UPG_SCHEDULED", + "UPG_DOWNLOADING", + "UPG_EXTRACTING", + "UPG_REPLACING", + "UPG_RESTARTING", + "UPG_FAILED", + "UPG_WATCHING", + "UPG_ROLLBACK" + ], + "type": "string" + }, + "target_version": { + "type": "string" + } + }, + "required": [ + "target_version", + "action_id", + "state" + ], + "type": "object" + }, + "upgrade_started_at": { + "nullable": true, + "type": "string" + }, + "upgraded_at": { + "nullable": true, + "type": "string" + }, + "user_provided_metadata": { + "additionalProperties": {}, + "type": "object" + } + }, + "required": [ + "id", + "packages", + "type", + "active", + "enrolled_at", + "local_metadata" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agents" + ] + } + }, + "/api/fleet/agents/{agentId}/actions": { + "post": { + "description": "Create agent action", + "operationId": "%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Factions#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "agentId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "action": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "ack_data": {}, + "data": {}, + "type": { + "enum": [ + "UNENROLL", + "UPGRADE", + "POLICY_REASSIGN" + ], + "type": "string" + } + }, + "required": [ + "type", + "data", + "ack_data" + ], + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "data": { + "additionalProperties": false, + "properties": { + "log_level": { + "enum": [ + "debug", + "info", + "warning", + "error" + ], + "nullable": true, + "type": "string" + } + }, + "required": [ + "log_level" + ], + "type": "object" + }, + "type": { + "enum": [ + "SETTINGS" + ], + "type": "string" + } + }, + "required": [ + "type", + "data" + ], + "type": "object" + } + ] + } + }, + "required": [ + "action" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "ack_data": {}, + "agents": { + "items": { + "type": "string" + }, + "type": "array" + }, + "created_at": { + "type": "string" + }, + "data": {}, + "expiration": { + "type": "string" + }, + "id": { + "type": "string" + }, + "minimum_execution_duration": { + "type": "number" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "rollout_duration_seconds": { + "type": "number" + }, + "sent_at": { + "type": "string" + }, + "source_uri": { + "type": "string" + }, + "start_time": { + "type": "string" + }, + "total": { + "type": "number" + }, + "type": { + "type": "string" + } + }, + "required": [ + "id", + "type", + "data", + "created_at", + "ack_data", + "agents" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent actions" + ] + } + }, + "/api/fleet/agents/{agentId}/reassign": { + "post": { + "description": "Reassign agent", + "operationId": "%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Freassign#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "agentId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "policy_id": { + "type": "string" + } + }, + "required": [ + "policy_id" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": {}, + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent actions" + ] + }, + "put": { + "deprecated": true, + "operationId": "%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Freassign#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "agentId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "policy_id": { + "type": "string" + } + }, + "required": [ + "policy_id" + ], + "type": "object" + } + } + } + }, + "responses": {}, + "summary": "", + "tags": [] + } + }, + "/api/fleet/agents/{agentId}/request_diagnostics": { + "post": { + "description": "Request agent diagnostics", + "operationId": "%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Frequest_diagnostics#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "agentId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "nullable": true, + "properties": { + "additional_metrics": { + "items": { + "enum": [ + "CPU" + ], + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "actionId": { + "type": "string" + } + }, + "required": [ + "actionId" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent actions" + ] + } + }, + "/api/fleet/agents/{agentId}/unenroll": { + "post": { + "description": "Unenroll agent", + "operationId": "%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Funenroll#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "agentId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "nullable": true, + "properties": { + "force": { + "type": "boolean" + }, + "revoke": { + "type": "boolean" + } + }, + "type": "object" + } + } + } + }, + "responses": {}, + "summary": "", + "tags": [ + "Elastic Agent actions" + ] + } + }, + "/api/fleet/agents/{agentId}/upgrade": { + "post": { + "description": "Upgrade agent", + "operationId": "%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Fupgrade#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "agentId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "force": { + "type": "boolean" + }, + "skipRateLimitCheck": { + "type": "boolean" + }, + "source_uri": { + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "version" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": {}, + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent actions" + ] + } + }, + "/api/fleet/agents/{agentId}/uploads": { + "get": { + "description": "List agent uploads", + "operationId": "%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Fuploads#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "path", + "name": "agentId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "additionalProperties": false, + "properties": { + "actionId": { + "type": "string" + }, + "createTime": { + "type": "string" + }, + "error": { + "type": "string" + }, + "filePath": { + "type": "string" + }, + "id": { + "type": "string" + }, + "name": { + "type": "string" + }, + "status": { + "enum": [ + "READY", + "AWAITING_UPLOAD", + "DELETED", + "EXPIRED", + "IN_PROGRESS", + "FAILED" + ], + "type": "string" + } + }, + "required": [ + "id", + "name", + "filePath", + "createTime", + "status", + "actionId" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "items" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agents" + ] + } + }, + "/api/fleet/check-permissions": { + "get": { + "description": "Check permissions", + "operationId": "%2Fapi%2Ffleet%2Fcheck-permissions#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "fleetServerSetup", + "required": false, + "schema": { + "type": "boolean" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "error": { + "enum": [ + "MISSING_SECURITY", + "MISSING_PRIVILEGES", + "MISSING_FLEET_SERVER_SETUP_PRIVILEGES" + ], + "type": "string" + }, + "success": { + "type": "boolean" + } + }, + "required": [ + "success" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet internals" + ] + } + }, + "/api/fleet/data_streams": { + "get": { + "description": "List data streams", + "operationId": "%2Fapi%2Ffleet%2Fdata_streams#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "data_streams": { + "items": { + "additionalProperties": false, + "properties": { + "dashboards": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "title": { + "type": "string" + } + }, + "required": [ + "id", + "title" + ], + "type": "object" + }, + "type": "array" + }, + "dataset": { + "type": "string" + }, + "index": { + "type": "string" + }, + "last_activity_ms": { + "type": "number" + }, + "namespace": { + "type": "string" + }, + "package": { + "type": "string" + }, + "package_version": { + "type": "string" + }, + "serviceDetails": { + "additionalProperties": false, + "nullable": true, + "properties": { + "environment": { + "type": "string" + }, + "serviceName": { + "type": "string" + } + }, + "required": [ + "environment", + "serviceName" + ], + "type": "object" + }, + "size_in_bytes": { + "type": "number" + }, + "size_in_bytes_formatted": { + "anyOf": [ + { + "type": "number" + }, + { + "type": "string" + } + ] + }, + "type": { + "type": "string" + } + }, + "required": [ + "index", + "dataset", + "namespace", + "type", + "package", + "package_version", + "last_activity_ms", + "size_in_bytes", + "size_in_bytes_formatted", + "dashboards", + "serviceDetails" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "data_streams" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Data streams" + ] + } + }, + "/api/fleet/enrollment-api-keys": { + "get": { + "deprecated": true, + "operationId": "%2Fapi%2Ffleet%2Fenrollment-api-keys#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "page", + "required": false, + "schema": { + "default": 1, + "type": "number" + } + }, + { + "in": "query", + "name": "perPage", + "required": false, + "schema": { + "default": 20, + "type": "number" + } + }, + { + "in": "query", + "name": "kuery", + "required": false, + "schema": { + "type": "string" + } + } + ], + "responses": {}, + "summary": "", + "tags": [] + }, + "post": { + "deprecated": true, + "operationId": "%2Fapi%2Ffleet%2Fenrollment-api-keys#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "expiration": { + "type": "string" + }, + "name": { + "type": "string" + }, + "policy_id": { + "type": "string" + } + }, + "required": [ + "policy_id" + ], + "type": "object" + } + } + } + }, + "responses": {}, + "summary": "", + "tags": [] + } + }, + "/api/fleet/enrollment-api-keys/{keyId}": { + "delete": { + "deprecated": true, + "operationId": "%2Fapi%2Ffleet%2Fenrollment-api-keys%2F%7BkeyId%7D#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "keyId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": {}, + "summary": "", + "tags": [] + }, + "get": { + "deprecated": true, + "operationId": "%2Fapi%2Ffleet%2Fenrollment-api-keys%2F%7BkeyId%7D#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "path", + "name": "keyId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": {}, + "summary": "", + "tags": [] + } + }, + "/api/fleet/enrollment_api_keys": { + "get": { + "description": "List enrollment API keys", + "operationId": "%2Fapi%2Ffleet%2Fenrollment_api_keys#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "page", + "required": false, + "schema": { + "default": 1, + "type": "number" + } + }, + { + "in": "query", + "name": "perPage", + "required": false, + "schema": { + "default": 20, + "type": "number" + } + }, + { + "in": "query", + "name": "kuery", + "required": false, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "additionalProperties": false, + "properties": { + "active": { + "description": "When false, the enrollment API key is revoked and cannot be used for enrolling Elastic Agents.", + "type": "boolean" + }, + "api_key": { + "description": "The enrollment API key (token) used for enrolling Elastic Agents.", + "type": "string" + }, + "api_key_id": { + "description": "The ID of the API key in the Security API.", + "type": "string" + }, + "created_at": { + "type": "string" + }, + "id": { + "type": "string" + }, + "name": { + "description": "The name of the enrollment API key.", + "type": "string" + }, + "policy_id": { + "description": "The ID of the agent policy the Elastic Agent will be enrolled in.", + "type": "string" + } + }, + "required": [ + "id", + "api_key_id", + "api_key", + "active", + "created_at" + ], + "type": "object" + }, + "type": "array" + }, + "list": { + "deprecated": true, + "items": { + "additionalProperties": false, + "properties": { + "active": { + "description": "When false, the enrollment API key is revoked and cannot be used for enrolling Elastic Agents.", + "type": "boolean" + }, + "api_key": { + "description": "The enrollment API key (token) used for enrolling Elastic Agents.", + "type": "string" + }, + "api_key_id": { + "description": "The ID of the API key in the Security API.", + "type": "string" + }, + "created_at": { + "type": "string" + }, + "id": { + "type": "string" + }, + "name": { + "description": "The name of the enrollment API key.", + "type": "string" + }, + "policy_id": { + "description": "The ID of the agent policy the Elastic Agent will be enrolled in.", + "type": "string" + } + }, + "required": [ + "id", + "api_key_id", + "api_key", + "active", + "created_at" + ], + "type": "object" + }, + "type": "array" + }, + "page": { + "type": "number" + }, + "perPage": { + "type": "number" + }, + "total": { + "type": "number" + } + }, + "required": [ + "items", + "total", + "page", + "perPage", + "list" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet enrollment API keys" + ] + }, + "post": { + "description": "Create enrollment API key", + "operationId": "%2Fapi%2Ffleet%2Fenrollment_api_keys#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "expiration": { + "type": "string" + }, + "name": { + "type": "string" + }, + "policy_id": { + "type": "string" + } + }, + "required": [ + "policy_id" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "action": { + "enum": [ + "created" + ], + "type": "string" + }, + "item": { + "additionalProperties": false, + "properties": { + "active": { + "description": "When false, the enrollment API key is revoked and cannot be used for enrolling Elastic Agents.", + "type": "boolean" + }, + "api_key": { + "description": "The enrollment API key (token) used for enrolling Elastic Agents.", + "type": "string" + }, + "api_key_id": { + "description": "The ID of the API key in the Security API.", + "type": "string" + }, + "created_at": { + "type": "string" + }, + "id": { + "type": "string" + }, + "name": { + "description": "The name of the enrollment API key.", + "type": "string" + }, + "policy_id": { + "description": "The ID of the agent policy the Elastic Agent will be enrolled in.", + "type": "string" + } + }, + "required": [ + "id", + "api_key_id", + "api_key", + "active", + "created_at" + ], + "type": "object" + } + }, + "required": [ + "item", + "action" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet enrollment API keys" + ] + } + }, + "/api/fleet/enrollment_api_keys/{keyId}": { + "delete": { + "description": "Revoke enrollment API key by ID by marking it as inactive", + "operationId": "%2Fapi%2Ffleet%2Fenrollment_api_keys%2F%7BkeyId%7D#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "keyId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "action": { + "enum": [ + "deleted" + ], + "type": "string" + } + }, + "required": [ + "action" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet enrollment API keys" + ] + }, + "get": { + "description": "Get enrollment API key by ID", + "operationId": "%2Fapi%2Ffleet%2Fenrollment_api_keys%2F%7BkeyId%7D#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "path", + "name": "keyId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "active": { + "description": "When false, the enrollment API key is revoked and cannot be used for enrolling Elastic Agents.", + "type": "boolean" + }, + "api_key": { + "description": "The enrollment API key (token) used for enrolling Elastic Agents.", + "type": "string" + }, + "api_key_id": { + "description": "The ID of the API key in the Security API.", + "type": "string" + }, + "created_at": { + "type": "string" + }, + "id": { + "type": "string" + }, + "name": { + "description": "The name of the enrollment API key.", + "type": "string" + }, + "policy_id": { + "description": "The ID of the agent policy the Elastic Agent will be enrolled in.", + "type": "string" + } + }, + "required": [ + "id", + "api_key_id", + "api_key", + "active", + "created_at" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet enrollment API keys" + ] + } + }, + "/api/fleet/epm/bulk_assets": { + "post": { + "description": "Bulk get assets", + "operationId": "%2Fapi%2Ffleet%2Fepm%2Fbulk_assets#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "assetIds": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "assetIds" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "additionalProperties": false, + "properties": { + "appLink": { + "type": "string" + }, + "attributes": { + "additionalProperties": false, + "properties": { + "description": { + "type": "string" + }, + "service": { + "type": "string" + }, + "title": { + "type": "string" + } + }, + "type": "object" + }, + "id": { + "type": "string" + }, + "type": { + "type": "string" + }, + "updatedAt": { + "type": "string" + } + }, + "required": [ + "id", + "type", + "attributes" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "items" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Package Manager (EPM)" + ] + } + }, + "/api/fleet/epm/categories": { + "get": { + "description": "List package categories", + "operationId": "%2Fapi%2Ffleet%2Fepm%2Fcategories#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "prerelease", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "experimental", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "include_policy_templates", + "required": false, + "schema": { + "type": "boolean" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "additionalProperties": false, + "properties": { + "count": { + "type": "number" + }, + "id": { + "type": "string" + }, + "parent_id": { + "type": "string" + }, + "parent_title": { + "type": "string" + }, + "title": { + "type": "string" + } + }, + "required": [ + "id", + "title", + "count" + ], + "type": "object" + }, + "type": "array" + }, + "response": { + "items": { + "additionalProperties": false, + "deprecated": true, + "properties": { + "count": { + "type": "number" + }, + "id": { + "type": "string" + }, + "parent_id": { + "type": "string" + }, + "parent_title": { + "type": "string" + }, + "title": { + "type": "string" + } + }, + "required": [ + "id", + "title", + "count" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "items" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Package Manager (EPM)" + ] + } + }, + "/api/fleet/epm/custom_integrations": { + "post": { + "description": "Create custom integration", + "operationId": "%2Fapi%2Ffleet%2Fepm%2Fcustom_integrations#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "datasets": { + "items": { + "additionalProperties": false, + "properties": { + "name": { + "type": "string" + }, + "type": { + "enum": [ + "logs", + "metrics", + "traces", + "synthetics", + "profiling" + ], + "type": "string" + } + }, + "required": [ + "name", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "force": { + "type": "boolean" + }, + "integrationName": { + "type": "string" + } + }, + "required": [ + "integrationName", + "datasets" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "_meta": { + "additionalProperties": false, + "properties": { + "install_source": { + "type": "string" + } + }, + "required": [ + "install_source" + ], + "type": "object" + }, + "items": { + "items": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "originId": { + "type": "string" + }, + "type": { + "enum": [ + "dashboard", + "lens", + "visualization", + "search", + "index-pattern", + "map", + "ml-module", + "security-rule", + "csp-rule-template", + "osquery-pack-asset", + "osquery-saved-query", + "tag" + ], + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "deferred": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "type": { + "enum": [ + "index", + "index_template", + "component_template", + "ingest_pipeline", + "ilm_policy", + "data_stream_ilm_policy", + "transform", + "ml_model" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + } + ] + }, + "type": "array" + }, + "response": { + "deprecated": true, + "items": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "originId": { + "type": "string" + }, + "type": { + "enum": [ + "dashboard", + "lens", + "visualization", + "search", + "index-pattern", + "map", + "ml-module", + "security-rule", + "csp-rule-template", + "osquery-pack-asset", + "osquery-saved-query", + "tag" + ], + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "deferred": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "type": { + "enum": [ + "index", + "index_template", + "component_template", + "ingest_pipeline", + "ilm_policy", + "data_stream_ilm_policy", + "transform", + "ml_model" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + } + ] + }, + "type": "array" + } + }, + "required": [ + "items", + "_meta" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Package Manager (EPM)" + ] + } + }, + "/api/fleet/epm/data_streams": { + "get": { + "description": "List data streams", + "operationId": "%2Fapi%2Ffleet%2Fepm%2Fdata_streams#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "type", + "required": false, + "schema": { + "enum": [ + "logs", + "metrics", + "traces", + "synthetics", + "profiling" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "datasetQuery", + "required": false, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "sortOrder", + "required": false, + "schema": { + "default": "asc", + "enum": [ + "asc", + "desc" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "uncategorisedOnly", + "required": false, + "schema": { + "default": false, + "type": "boolean" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "additionalProperties": false, + "properties": { + "name": { + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "items" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Data streams" + ] + } + }, + "/api/fleet/epm/packages": { + "get": { + "description": "List packages", + "operationId": "%2Fapi%2Ffleet%2Fepm%2Fpackages#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "category", + "required": false, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "prerelease", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "experimental", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "excludeInstallStatus", + "required": false, + "schema": { + "type": "boolean" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "additionalProperties": true, + "properties": { + "categories": { + "items": { + "type": "string" + }, + "type": "array" + }, + "conditions": { + "additionalProperties": true, + "properties": { + "elastic": { + "additionalProperties": true, + "properties": { + "capabilities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "subscription": { + "type": "string" + } + }, + "type": "object" + }, + "kibana": { + "additionalProperties": true, + "properties": { + "version": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "data_streams": { + "items": { + "additionalProperties": {}, + "type": "object" + }, + "type": "array" + }, + "description": { + "type": "string" + }, + "download": { + "type": "string" + }, + "format_version": { + "type": "string" + }, + "icons": { + "items": { + "additionalProperties": true, + "properties": { + "dark_mode": { + "type": "boolean" + }, + "path": { + "type": "string" + }, + "size": { + "type": "string" + }, + "src": { + "type": "string" + }, + "title": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "src" + ], + "type": "object" + }, + "type": "array" + }, + "id": { + "type": "string" + }, + "installationInfo": { + "additionalProperties": true, + "properties": { + "additional_spaces_installed_kibana": { + "additionalProperties": { + "items": { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + }, + "originId": { + "type": "string" + }, + "type": { + "enum": [ + "dashboard", + "lens", + "visualization", + "search", + "index-pattern", + "map", + "ml-module", + "security-rule", + "csp-rule-template", + "osquery-pack-asset", + "osquery-saved-query", + "tag" + ], + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "type": "object" + }, + "created_at": { + "type": "string" + }, + "experimental_data_stream_features": { + "items": { + "additionalProperties": true, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": true, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "install_format_schema_version": { + "type": "string" + }, + "install_source": { + "enum": [ + "registry", + "upload", + "bundled", + "custom" + ], + "type": "string" + }, + "install_status": { + "enum": [ + "installed", + "installing", + "install_failed" + ], + "type": "string" + }, + "installed_es": { + "items": { + "additionalProperties": true, + "properties": { + "deferred": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "type": { + "enum": [ + "index", + "index_template", + "component_template", + "ingest_pipeline", + "ilm_policy", + "data_stream_ilm_policy", + "transform", + "ml_model" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "installed_kibana": { + "items": { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + }, + "originId": { + "type": "string" + }, + "type": { + "enum": [ + "dashboard", + "lens", + "visualization", + "search", + "index-pattern", + "map", + "ml-module", + "security-rule", + "csp-rule-template", + "osquery-pack-asset", + "osquery-saved-query", + "tag" + ], + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "installed_kibana_space_id": { + "type": "string" + }, + "latest_executed_state": { + "additionalProperties": true, + "properties": { + "error": { + "type": "string" + }, + "name": { + "type": "string" + }, + "started_at": { + "type": "string" + } + }, + "required": [ + "name", + "started_at" + ], + "type": "object" + }, + "latest_install_failed_attempts": { + "items": { + "additionalProperties": true, + "properties": { + "created_at": { + "type": "string" + }, + "error": { + "additionalProperties": true, + "properties": { + "message": { + "type": "string" + }, + "name": { + "type": "string" + }, + "stack": { + "type": "string" + } + }, + "required": [ + "name", + "message" + ], + "type": "object" + }, + "target_version": { + "type": "string" + } + }, + "required": [ + "created_at", + "target_version", + "error" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "type": "string" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "updated_at": { + "type": "string" + }, + "verification_key_id": { + "nullable": true, + "type": "string" + }, + "verification_status": { + "enum": [ + "unverified", + "verified", + "unknown" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "type", + "installed_kibana", + "installed_es", + "name", + "version", + "install_status", + "install_source", + "verification_status" + ], + "type": "object" + }, + "integration": { + "type": "string" + }, + "internal": { + "type": "boolean" + }, + "latestVersion": { + "type": "string" + }, + "name": { + "type": "string" + }, + "owner": { + "additionalProperties": true, + "properties": { + "github": { + "type": "string" + }, + "type": { + "enum": [ + "elastic", + "partner", + "community" + ], + "type": "string" + } + }, + "type": "object" + }, + "path": { + "type": "string" + }, + "policy_templates": { + "items": { + "additionalProperties": {}, + "type": "object" + }, + "type": "array" + }, + "readme": { + "type": "string" + }, + "release": { + "enum": [ + "ga", + "beta", + "experimental" + ], + "type": "string" + }, + "savedObject": {}, + "signature_path": { + "type": "string" + }, + "source": { + "additionalProperties": true, + "properties": { + "license": { + "type": "string" + } + }, + "required": [ + "license" + ], + "type": "object" + }, + "status": { + "type": "string" + }, + "title": { + "type": "string" + }, + "type": { + "enum": [ + "integration", + "input" + ], + "type": "string" + }, + "vars": { + "items": { + "additionalProperties": {}, + "type": "object" + }, + "type": "array" + }, + "version": { + "type": "string" + } + }, + "required": [ + "savedObject", + "name", + "version", + "title", + "id" + ], + "type": "object" + }, + "type": "array" + }, + "response": { + "items": { + "additionalProperties": true, + "deprecated": true, + "properties": { + "categories": { + "items": { + "type": "string" + }, + "type": "array" + }, + "conditions": { + "additionalProperties": true, + "properties": { + "elastic": { + "additionalProperties": true, + "properties": { + "capabilities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "subscription": { + "type": "string" + } + }, + "type": "object" + }, + "kibana": { + "additionalProperties": true, + "properties": { + "version": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "data_streams": { + "items": { + "additionalProperties": {}, + "type": "object" + }, + "type": "array" + }, + "description": { + "type": "string" + }, + "download": { + "type": "string" + }, + "format_version": { + "type": "string" + }, + "icons": { + "items": { + "additionalProperties": true, + "properties": { + "dark_mode": { + "type": "boolean" + }, + "path": { + "type": "string" + }, + "size": { + "type": "string" + }, + "src": { + "type": "string" + }, + "title": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "src" + ], + "type": "object" + }, + "type": "array" + }, + "id": { + "type": "string" + }, + "installationInfo": { + "additionalProperties": true, + "properties": { + "additional_spaces_installed_kibana": { + "additionalProperties": { + "items": { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + }, + "originId": { + "type": "string" + }, + "type": { + "enum": [ + "dashboard", + "lens", + "visualization", + "search", + "index-pattern", + "map", + "ml-module", + "security-rule", + "csp-rule-template", + "osquery-pack-asset", + "osquery-saved-query", + "tag" + ], + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "type": "object" + }, + "created_at": { + "type": "string" + }, + "experimental_data_stream_features": { + "items": { + "additionalProperties": true, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": true, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "install_format_schema_version": { + "type": "string" + }, + "install_source": { + "enum": [ + "registry", + "upload", + "bundled", + "custom" + ], + "type": "string" + }, + "install_status": { + "enum": [ + "installed", + "installing", + "install_failed" + ], + "type": "string" + }, + "installed_es": { + "items": { + "additionalProperties": true, + "properties": { + "deferred": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "type": { + "enum": [ + "index", + "index_template", + "component_template", + "ingest_pipeline", + "ilm_policy", + "data_stream_ilm_policy", + "transform", + "ml_model" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "installed_kibana": { + "items": { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + }, + "originId": { + "type": "string" + }, + "type": { + "enum": [ + "dashboard", + "lens", + "visualization", + "search", + "index-pattern", + "map", + "ml-module", + "security-rule", + "csp-rule-template", + "osquery-pack-asset", + "osquery-saved-query", + "tag" + ], + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "installed_kibana_space_id": { + "type": "string" + }, + "latest_executed_state": { + "additionalProperties": true, + "properties": { + "error": { + "type": "string" + }, + "name": { + "type": "string" + }, + "started_at": { + "type": "string" + } + }, + "required": [ + "name", + "started_at" + ], + "type": "object" + }, + "latest_install_failed_attempts": { + "items": { + "additionalProperties": true, + "properties": { + "created_at": { + "type": "string" + }, + "error": { + "additionalProperties": true, + "properties": { + "message": { + "type": "string" + }, + "name": { + "type": "string" + }, + "stack": { + "type": "string" + } + }, + "required": [ + "name", + "message" + ], + "type": "object" + }, + "target_version": { + "type": "string" + } + }, + "required": [ + "created_at", + "target_version", + "error" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "type": "string" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "updated_at": { + "type": "string" + }, + "verification_key_id": { + "nullable": true, + "type": "string" + }, + "verification_status": { + "enum": [ + "unverified", + "verified", + "unknown" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "type", + "installed_kibana", + "installed_es", + "name", + "version", + "install_status", + "install_source", + "verification_status" + ], + "type": "object" + }, + "integration": { + "type": "string" + }, + "internal": { + "type": "boolean" + }, + "latestVersion": { + "type": "string" + }, + "name": { + "type": "string" + }, + "owner": { + "additionalProperties": true, + "properties": { + "github": { + "type": "string" + }, + "type": { + "enum": [ + "elastic", + "partner", + "community" + ], + "type": "string" + } + }, + "type": "object" + }, + "path": { + "type": "string" + }, + "policy_templates": { + "items": { + "additionalProperties": {}, + "type": "object" + }, + "type": "array" + }, + "readme": { + "type": "string" + }, + "release": { + "enum": [ + "ga", + "beta", + "experimental" + ], + "type": "string" + }, + "savedObject": {}, + "signature_path": { + "type": "string" + }, + "source": { + "additionalProperties": true, + "properties": { + "license": { + "type": "string" + } + }, + "required": [ + "license" + ], + "type": "object" + }, + "status": { + "type": "string" + }, + "title": { + "type": "string" + }, + "type": { + "enum": [ + "integration", + "input" + ], + "type": "string" + }, + "vars": { + "items": { + "additionalProperties": {}, + "type": "object" + }, + "type": "array" + }, + "version": { + "type": "string" + } + }, + "required": [ + "savedObject", + "name", + "version", + "title", + "id" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "items" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Package Manager (EPM)" + ] + }, + "post": { + "description": "Install package by upload", + "operationId": "%2Fapi%2Ffleet%2Fepm%2Fpackages#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "query", + "name": "ignoreMappingUpdateErrors", + "required": false, + "schema": { + "default": false, + "type": "boolean" + } + }, + { + "in": "query", + "name": "skipDataStreamRollover", + "required": false, + "schema": { + "default": false, + "type": "boolean" + } + } + ], + "requestBody": { + "content": { + "application/gzip; application/zip; Elastic-Api-Version=2023-10-31": { + "schema": { + "format": "binary", + "type": "string" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/gzip; application/zip; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "_meta": { + "additionalProperties": false, + "properties": { + "install_source": { + "type": "string" + } + }, + "required": [ + "install_source" + ], + "type": "object" + }, + "items": { + "items": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "originId": { + "type": "string" + }, + "type": { + "enum": [ + "dashboard", + "lens", + "visualization", + "search", + "index-pattern", + "map", + "ml-module", + "security-rule", + "csp-rule-template", + "osquery-pack-asset", + "osquery-saved-query", + "tag" + ], + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "deferred": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "type": { + "enum": [ + "index", + "index_template", + "component_template", + "ingest_pipeline", + "ilm_policy", + "data_stream_ilm_policy", + "transform", + "ml_model" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + } + ] + }, + "type": "array" + }, + "response": { + "deprecated": true, + "items": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "originId": { + "type": "string" + }, + "type": { + "enum": [ + "dashboard", + "lens", + "visualization", + "search", + "index-pattern", + "map", + "ml-module", + "security-rule", + "csp-rule-template", + "osquery-pack-asset", + "osquery-saved-query", + "tag" + ], + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "deferred": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "type": { + "enum": [ + "index", + "index_template", + "component_template", + "ingest_pipeline", + "ilm_policy", + "data_stream_ilm_policy", + "transform", + "ml_model" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + } + ] + }, + "type": "array" + } + }, + "required": [ + "items", + "_meta" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/gzip; application/zip; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Package Manager (EPM)" + ] + } + }, + "/api/fleet/epm/packages/_bulk": { + "post": { + "description": "Bulk install packages", + "operationId": "%2Fapi%2Ffleet%2Fepm%2Fpackages%2F_bulk#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "query", + "name": "prerelease", + "required": false, + "schema": { + "type": "boolean" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "force": { + "default": false, + "type": "boolean" + }, + "packages": { + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "additionalProperties": false, + "properties": { + "name": { + "type": "string" + }, + "prerelease": { + "type": "boolean" + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "version" + ], + "type": "object" + } + ] + }, + "minItems": 1, + "type": "array" + } + }, + "required": [ + "packages" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "name": { + "type": "string" + }, + "result": { + "additionalProperties": false, + "properties": { + "assets": { + "items": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "originId": { + "type": "string" + }, + "type": { + "enum": [ + "dashboard", + "lens", + "visualization", + "search", + "index-pattern", + "map", + "ml-module", + "security-rule", + "csp-rule-template", + "osquery-pack-asset", + "osquery-saved-query", + "tag" + ], + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "deferred": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "type": { + "enum": [ + "index", + "index_template", + "component_template", + "ingest_pipeline", + "ilm_policy", + "data_stream_ilm_policy", + "transform", + "ml_model" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + } + ] + }, + "type": "array" + }, + "error": {}, + "installSource": { + "type": "string" + }, + "installType": { + "type": "string" + }, + "status": { + "enum": [ + "installed", + "already_installed" + ], + "type": "string" + } + }, + "required": [ + "error", + "installType" + ], + "type": "object" + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "version", + "result" + ], + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "error": { + "anyOf": [ + { + "type": "string" + }, + {} + ] + }, + "name": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "name", + "statusCode", + "error" + ], + "type": "object" + } + ] + }, + "type": "array" + }, + "response": { + "deprecated": true, + "items": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "name": { + "type": "string" + }, + "result": { + "additionalProperties": false, + "properties": { + "assets": { + "items": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "originId": { + "type": "string" + }, + "type": { + "enum": [ + "dashboard", + "lens", + "visualization", + "search", + "index-pattern", + "map", + "ml-module", + "security-rule", + "csp-rule-template", + "osquery-pack-asset", + "osquery-saved-query", + "tag" + ], + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "deferred": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "type": { + "enum": [ + "index", + "index_template", + "component_template", + "ingest_pipeline", + "ilm_policy", + "data_stream_ilm_policy", + "transform", + "ml_model" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + } + ] + }, + "type": "array" + }, + "error": {}, + "installSource": { + "type": "string" + }, + "installType": { + "type": "string" + }, + "status": { + "enum": [ + "installed", + "already_installed" + ], + "type": "string" + } + }, + "required": [ + "error", + "installType" + ], + "type": "object" + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "version", + "result" + ], + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "error": { + "anyOf": [ + { + "type": "string" + }, + {} + ] + }, + "name": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "name", + "statusCode", + "error" + ], + "type": "object" + } + ] + }, + "type": "array" + } + }, + "required": [ + "items" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Package Manager (EPM)" + ] + } + }, + "/api/fleet/epm/packages/installed": { + "get": { + "description": "Get installed packages", + "operationId": "%2Fapi%2Ffleet%2Fepm%2Fpackages%2Finstalled#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "dataStreamType", + "required": false, + "schema": { + "enum": [ + "logs", + "metrics", + "traces", + "synthetics", + "profiling" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "showOnlyActiveDataStreams", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "nameQuery", + "required": false, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "searchAfter", + "required": false, + "schema": { + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "number" + } + ] + }, + "type": "array" + } + }, + { + "in": "query", + "name": "perPage", + "required": false, + "schema": { + "default": 15, + "type": "number" + } + }, + { + "in": "query", + "name": "sortOrder", + "required": false, + "schema": { + "default": "asc", + "enum": [ + "asc", + "desc" + ], + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "additionalProperties": false, + "properties": { + "dataStreams": { + "items": { + "additionalProperties": false, + "properties": { + "name": { + "type": "string" + }, + "title": { + "type": "string" + } + }, + "required": [ + "name", + "title" + ], + "type": "object" + }, + "type": "array" + }, + "description": { + "type": "string" + }, + "icons": { + "items": { + "additionalProperties": false, + "properties": { + "dark_mode": { + "type": "boolean" + }, + "path": { + "type": "string" + }, + "size": { + "type": "string" + }, + "src": { + "type": "string" + }, + "title": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "src" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "type": "string" + }, + "status": { + "type": "string" + }, + "title": { + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "version", + "status", + "dataStreams" + ], + "type": "object" + }, + "type": "array" + }, + "searchAfter": { + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "number" + }, + { + "type": "boolean" + }, + { + "enum": [], + "nullable": true + }, + {} + ] + }, + "type": "array" + }, + "total": { + "type": "number" + } + }, + "required": [ + "items", + "total" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Package Manager (EPM)" + ] + } + }, + "/api/fleet/epm/packages/limited": { + "get": { + "description": "Get limited package list", + "operationId": "%2Fapi%2Ffleet%2Fepm%2Fpackages%2Flimited#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "type": "string" + }, + "type": "array" + }, + "response": { + "deprecated": true, + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "items" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Package Manager (EPM)" + ] + } + }, + "/api/fleet/epm/packages/{pkgName}/stats": { + "get": { + "description": "Get package stats", + "operationId": "%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2Fstats#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "path", + "name": "pkgName", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "response": { + "additionalProperties": false, + "properties": { + "agent_policy_count": { + "type": "number" + } + }, + "required": [ + "agent_policy_count" + ], + "type": "object" + } + }, + "required": [ + "response" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Package Manager (EPM)" + ] + } + }, + "/api/fleet/epm/packages/{pkgName}/{pkgVersion}": { + "delete": { + "description": "Delete package", + "operationId": "%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D#3", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "pkgName", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "path", + "name": "pkgVersion", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "force", + "required": false, + "schema": { + "type": "boolean" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "nullable": true, + "properties": { + "force": { + "type": "boolean" + } + }, + "required": [ + "force" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "originId": { + "type": "string" + }, + "type": { + "enum": [ + "dashboard", + "lens", + "visualization", + "search", + "index-pattern", + "map", + "ml-module", + "security-rule", + "csp-rule-template", + "osquery-pack-asset", + "osquery-saved-query", + "tag" + ], + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "deferred": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "type": { + "enum": [ + "index", + "index_template", + "component_template", + "ingest_pipeline", + "ilm_policy", + "data_stream_ilm_policy", + "transform", + "ml_model" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + } + ] + }, + "type": "array" + }, + "response": { + "deprecated": true, + "items": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "originId": { + "type": "string" + }, + "type": { + "enum": [ + "dashboard", + "lens", + "visualization", + "search", + "index-pattern", + "map", + "ml-module", + "security-rule", + "csp-rule-template", + "osquery-pack-asset", + "osquery-saved-query", + "tag" + ], + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "deferred": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "type": { + "enum": [ + "index", + "index_template", + "component_template", + "ingest_pipeline", + "ilm_policy", + "data_stream_ilm_policy", + "transform", + "ml_model" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + } + ] + }, + "type": "array" + } + }, + "required": [ + "items" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Package Manager (EPM)" + ] + }, + "get": { + "description": "Get package", + "operationId": "%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "path", + "name": "pkgName", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "path", + "name": "pkgVersion", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "ignoreUnverified", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "prerelease", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "full", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "withMetadata", + "required": false, + "schema": { + "default": false, + "type": "boolean" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": true, + "properties": { + "agent": { + "additionalProperties": false, + "properties": { + "privileges": { + "additionalProperties": false, + "properties": { + "root": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "asset_tags": { + "items": { + "additionalProperties": false, + "properties": { + "asset_ids": { + "items": { + "type": "string" + }, + "type": "array" + }, + "asset_types": { + "items": { + "type": "string" + }, + "type": "array" + }, + "text": { + "type": "string" + } + }, + "required": [ + "text" + ], + "type": "object" + }, + "type": "array" + }, + "assets": { + "additionalProperties": {}, + "type": "object" + }, + "categories": { + "items": { + "type": "string" + }, + "type": "array" + }, + "conditions": { + "additionalProperties": true, + "properties": { + "elastic": { + "additionalProperties": true, + "properties": { + "capabilities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "subscription": { + "type": "string" + } + }, + "type": "object" + }, + "kibana": { + "additionalProperties": true, + "properties": { + "version": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "data_streams": { + "items": { + "additionalProperties": {}, + "type": "object" + }, + "type": "array" + }, + "description": { + "type": "string" + }, + "download": { + "type": "string" + }, + "elasticsearch": { + "additionalProperties": {}, + "type": "object" + }, + "format_version": { + "type": "string" + }, + "icons": { + "items": { + "additionalProperties": true, + "properties": { + "dark_mode": { + "type": "boolean" + }, + "path": { + "type": "string" + }, + "size": { + "type": "string" + }, + "src": { + "type": "string" + }, + "title": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "src" + ], + "type": "object" + }, + "type": "array" + }, + "installationInfo": { + "additionalProperties": true, + "properties": { + "additional_spaces_installed_kibana": { + "additionalProperties": { + "items": { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + }, + "originId": { + "type": "string" + }, + "type": { + "enum": [ + "dashboard", + "lens", + "visualization", + "search", + "index-pattern", + "map", + "ml-module", + "security-rule", + "csp-rule-template", + "osquery-pack-asset", + "osquery-saved-query", + "tag" + ], + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "type": "object" + }, + "created_at": { + "type": "string" + }, + "experimental_data_stream_features": { + "items": { + "additionalProperties": true, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": true, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "install_format_schema_version": { + "type": "string" + }, + "install_source": { + "enum": [ + "registry", + "upload", + "bundled", + "custom" + ], + "type": "string" + }, + "install_status": { + "enum": [ + "installed", + "installing", + "install_failed" + ], + "type": "string" + }, + "installed_es": { + "items": { + "additionalProperties": true, + "properties": { + "deferred": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "type": { + "enum": [ + "index", + "index_template", + "component_template", + "ingest_pipeline", + "ilm_policy", + "data_stream_ilm_policy", + "transform", + "ml_model" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "installed_kibana": { + "items": { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + }, + "originId": { + "type": "string" + }, + "type": { + "enum": [ + "dashboard", + "lens", + "visualization", + "search", + "index-pattern", + "map", + "ml-module", + "security-rule", + "csp-rule-template", + "osquery-pack-asset", + "osquery-saved-query", + "tag" + ], + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "installed_kibana_space_id": { + "type": "string" + }, + "latest_executed_state": { + "additionalProperties": true, + "properties": { + "error": { + "type": "string" + }, + "name": { + "type": "string" + }, + "started_at": { + "type": "string" + } + }, + "required": [ + "name", + "started_at" + ], + "type": "object" + }, + "latest_install_failed_attempts": { + "items": { + "additionalProperties": true, + "properties": { + "created_at": { + "type": "string" + }, + "error": { + "additionalProperties": true, + "properties": { + "message": { + "type": "string" + }, + "name": { + "type": "string" + }, + "stack": { + "type": "string" + } + }, + "required": [ + "name", + "message" + ], + "type": "object" + }, + "target_version": { + "type": "string" + } + }, + "required": [ + "created_at", + "target_version", + "error" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "type": "string" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "updated_at": { + "type": "string" + }, + "verification_key_id": { + "nullable": true, + "type": "string" + }, + "verification_status": { + "enum": [ + "unverified", + "verified", + "unknown" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "type", + "installed_kibana", + "installed_es", + "name", + "version", + "install_status", + "install_source", + "verification_status" + ], + "type": "object" + }, + "internal": { + "type": "boolean" + }, + "keepPoliciesUpToDate": { + "type": "boolean" + }, + "latestVersion": { + "type": "string" + }, + "license": { + "type": "string" + }, + "licensePath": { + "type": "string" + }, + "name": { + "type": "string" + }, + "notice": { + "type": "string" + }, + "owner": { + "additionalProperties": true, + "properties": { + "github": { + "type": "string" + }, + "type": { + "enum": [ + "elastic", + "partner", + "community" + ], + "type": "string" + } + }, + "type": "object" + }, + "path": { + "type": "string" + }, + "policy_templates": { + "items": { + "additionalProperties": {}, + "type": "object" + }, + "type": "array" + }, + "readme": { + "type": "string" + }, + "release": { + "enum": [ + "ga", + "beta", + "experimental" + ], + "type": "string" + }, + "savedObject": {}, + "screenshots": { + "items": { + "additionalProperties": false, + "properties": { + "dark_mode": { + "type": "boolean" + }, + "path": { + "type": "string" + }, + "size": { + "type": "string" + }, + "src": { + "type": "string" + }, + "title": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "src" + ], + "type": "object" + }, + "type": "array" + }, + "signature_path": { + "type": "string" + }, + "source": { + "additionalProperties": true, + "properties": { + "license": { + "type": "string" + } + }, + "required": [ + "license" + ], + "type": "object" + }, + "status": { + "type": "string" + }, + "title": { + "type": "string" + }, + "type": { + "enum": [ + "integration", + "input" + ], + "type": "string" + }, + "vars": { + "items": { + "additionalProperties": {}, + "type": "object" + }, + "type": "array" + }, + "version": { + "type": "string" + } + }, + "required": [ + "savedObject", + "name", + "version", + "title", + "assets" + ], + "type": "object" + }, + "metadata": { + "additionalProperties": false, + "properties": { + "has_policies": { + "type": "boolean" + } + }, + "required": [ + "has_policies" + ], + "type": "object" + }, + "response": { + "additionalProperties": true, + "deprecated": true, + "properties": { + "agent": { + "additionalProperties": false, + "properties": { + "privileges": { + "additionalProperties": false, + "properties": { + "root": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "asset_tags": { + "items": { + "additionalProperties": false, + "properties": { + "asset_ids": { + "items": { + "type": "string" + }, + "type": "array" + }, + "asset_types": { + "items": { + "type": "string" + }, + "type": "array" + }, + "text": { + "type": "string" + } + }, + "required": [ + "text" + ], + "type": "object" + }, + "type": "array" + }, + "assets": { + "additionalProperties": {}, + "type": "object" + }, + "categories": { + "items": { + "type": "string" + }, + "type": "array" + }, + "conditions": { + "additionalProperties": true, + "properties": { + "elastic": { + "additionalProperties": true, + "properties": { + "capabilities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "subscription": { + "type": "string" + } + }, + "type": "object" + }, + "kibana": { + "additionalProperties": true, + "properties": { + "version": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "data_streams": { + "items": { + "additionalProperties": {}, + "type": "object" + }, + "type": "array" + }, + "description": { + "type": "string" + }, + "download": { + "type": "string" + }, + "elasticsearch": { + "additionalProperties": {}, + "type": "object" + }, + "format_version": { + "type": "string" + }, + "icons": { + "items": { + "additionalProperties": true, + "properties": { + "dark_mode": { + "type": "boolean" + }, + "path": { + "type": "string" + }, + "size": { + "type": "string" + }, + "src": { + "type": "string" + }, + "title": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "src" + ], + "type": "object" + }, + "type": "array" + }, + "installationInfo": { + "additionalProperties": true, + "properties": { + "additional_spaces_installed_kibana": { + "additionalProperties": { + "items": { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + }, + "originId": { + "type": "string" + }, + "type": { + "enum": [ + "dashboard", + "lens", + "visualization", + "search", + "index-pattern", + "map", + "ml-module", + "security-rule", + "csp-rule-template", + "osquery-pack-asset", + "osquery-saved-query", + "tag" + ], + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "type": "object" + }, + "created_at": { + "type": "string" + }, + "experimental_data_stream_features": { + "items": { + "additionalProperties": true, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": true, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "install_format_schema_version": { + "type": "string" + }, + "install_source": { + "enum": [ + "registry", + "upload", + "bundled", + "custom" + ], + "type": "string" + }, + "install_status": { + "enum": [ + "installed", + "installing", + "install_failed" + ], + "type": "string" + }, + "installed_es": { + "items": { + "additionalProperties": true, + "properties": { + "deferred": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "type": { + "enum": [ + "index", + "index_template", + "component_template", + "ingest_pipeline", + "ilm_policy", + "data_stream_ilm_policy", + "transform", + "ml_model" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "installed_kibana": { + "items": { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + }, + "originId": { + "type": "string" + }, + "type": { + "enum": [ + "dashboard", + "lens", + "visualization", + "search", + "index-pattern", + "map", + "ml-module", + "security-rule", + "csp-rule-template", + "osquery-pack-asset", + "osquery-saved-query", + "tag" + ], + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "installed_kibana_space_id": { + "type": "string" + }, + "latest_executed_state": { + "additionalProperties": true, + "properties": { + "error": { + "type": "string" + }, + "name": { + "type": "string" + }, + "started_at": { + "type": "string" + } + }, + "required": [ + "name", + "started_at" + ], + "type": "object" + }, + "latest_install_failed_attempts": { + "items": { + "additionalProperties": true, + "properties": { + "created_at": { + "type": "string" + }, + "error": { + "additionalProperties": true, + "properties": { + "message": { + "type": "string" + }, + "name": { + "type": "string" + }, + "stack": { + "type": "string" + } + }, + "required": [ + "name", + "message" + ], + "type": "object" + }, + "target_version": { + "type": "string" + } + }, + "required": [ + "created_at", + "target_version", + "error" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "type": "string" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "updated_at": { + "type": "string" + }, + "verification_key_id": { + "nullable": true, + "type": "string" + }, + "verification_status": { + "enum": [ + "unverified", + "verified", + "unknown" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "type", + "installed_kibana", + "installed_es", + "name", + "version", + "install_status", + "install_source", + "verification_status" + ], + "type": "object" + }, + "internal": { + "type": "boolean" + }, + "keepPoliciesUpToDate": { + "type": "boolean" + }, + "latestVersion": { + "type": "string" + }, + "license": { + "type": "string" + }, + "licensePath": { + "type": "string" + }, + "name": { + "type": "string" + }, + "notice": { + "type": "string" + }, + "owner": { + "additionalProperties": true, + "properties": { + "github": { + "type": "string" + }, + "type": { + "enum": [ + "elastic", + "partner", + "community" + ], + "type": "string" + } + }, + "type": "object" + }, + "path": { + "type": "string" + }, + "policy_templates": { + "items": { + "additionalProperties": {}, + "type": "object" + }, + "type": "array" + }, + "readme": { + "type": "string" + }, + "release": { + "enum": [ + "ga", + "beta", + "experimental" + ], + "type": "string" + }, + "savedObject": {}, + "screenshots": { + "items": { + "additionalProperties": false, + "properties": { + "dark_mode": { + "type": "boolean" + }, + "path": { + "type": "string" + }, + "size": { + "type": "string" + }, + "src": { + "type": "string" + }, + "title": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "src" + ], + "type": "object" + }, + "type": "array" + }, + "signature_path": { + "type": "string" + }, + "source": { + "additionalProperties": true, + "properties": { + "license": { + "type": "string" + } + }, + "required": [ + "license" + ], + "type": "object" + }, + "status": { + "type": "string" + }, + "title": { + "type": "string" + }, + "type": { + "enum": [ + "integration", + "input" + ], + "type": "string" + }, + "vars": { + "items": { + "additionalProperties": {}, + "type": "object" + }, + "type": "array" + }, + "version": { + "type": "string" + } + }, + "required": [ + "savedObject", + "name", + "version", + "title", + "assets" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Package Manager (EPM)" + ] + }, + "post": { + "description": "Install package from registry", + "operationId": "%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D#2", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "pkgName", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "path", + "name": "pkgVersion", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "prerelease", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "ignoreMappingUpdateErrors", + "required": false, + "schema": { + "default": false, + "type": "boolean" + } + }, + { + "in": "query", + "name": "skipDataStreamRollover", + "required": false, + "schema": { + "default": false, + "type": "boolean" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "nullable": true, + "properties": { + "force": { + "default": false, + "type": "boolean" + }, + "ignore_constraints": { + "default": false, + "type": "boolean" + } + }, + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "_meta": { + "additionalProperties": false, + "properties": { + "install_source": { + "type": "string" + } + }, + "required": [ + "install_source" + ], + "type": "object" + }, + "items": { + "items": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "originId": { + "type": "string" + }, + "type": { + "enum": [ + "dashboard", + "lens", + "visualization", + "search", + "index-pattern", + "map", + "ml-module", + "security-rule", + "csp-rule-template", + "osquery-pack-asset", + "osquery-saved-query", + "tag" + ], + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "deferred": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "type": { + "enum": [ + "index", + "index_template", + "component_template", + "ingest_pipeline", + "ilm_policy", + "data_stream_ilm_policy", + "transform", + "ml_model" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + } + ] + }, + "type": "array" + }, + "response": { + "deprecated": true, + "items": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "originId": { + "type": "string" + }, + "type": { + "enum": [ + "dashboard", + "lens", + "visualization", + "search", + "index-pattern", + "map", + "ml-module", + "security-rule", + "csp-rule-template", + "osquery-pack-asset", + "osquery-saved-query", + "tag" + ], + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "deferred": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "type": { + "enum": [ + "index", + "index_template", + "component_template", + "ingest_pipeline", + "ilm_policy", + "data_stream_ilm_policy", + "transform", + "ml_model" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + } + ] + }, + "type": "array" + } + }, + "required": [ + "items", + "_meta" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Package Manager (EPM)" + ] + }, + "put": { + "description": "Update package settings", + "operationId": "%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "pkgName", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "path", + "name": "pkgVersion", + "required": true, + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "keepPoliciesUpToDate": { + "type": "boolean" + } + }, + "required": [ + "keepPoliciesUpToDate" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": true, + "properties": { + "agent": { + "additionalProperties": false, + "properties": { + "privileges": { + "additionalProperties": false, + "properties": { + "root": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "asset_tags": { + "items": { + "additionalProperties": false, + "properties": { + "asset_ids": { + "items": { + "type": "string" + }, + "type": "array" + }, + "asset_types": { + "items": { + "type": "string" + }, + "type": "array" + }, + "text": { + "type": "string" + } + }, + "required": [ + "text" + ], + "type": "object" + }, + "type": "array" + }, + "assets": { + "additionalProperties": {}, + "type": "object" + }, + "categories": { + "items": { + "type": "string" + }, + "type": "array" + }, + "conditions": { + "additionalProperties": true, + "properties": { + "elastic": { + "additionalProperties": true, + "properties": { + "capabilities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "subscription": { + "type": "string" + } + }, + "type": "object" + }, + "kibana": { + "additionalProperties": true, + "properties": { + "version": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "data_streams": { + "items": { + "additionalProperties": {}, + "type": "object" + }, + "type": "array" + }, + "description": { + "type": "string" + }, + "download": { + "type": "string" + }, + "elasticsearch": { + "additionalProperties": {}, + "type": "object" + }, + "format_version": { + "type": "string" + }, + "icons": { + "items": { + "additionalProperties": true, + "properties": { + "dark_mode": { + "type": "boolean" + }, + "path": { + "type": "string" + }, + "size": { + "type": "string" + }, + "src": { + "type": "string" + }, + "title": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "src" + ], + "type": "object" + }, + "type": "array" + }, + "installationInfo": { + "additionalProperties": true, + "properties": { + "additional_spaces_installed_kibana": { + "additionalProperties": { + "items": { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + }, + "originId": { + "type": "string" + }, + "type": { + "enum": [ + "dashboard", + "lens", + "visualization", + "search", + "index-pattern", + "map", + "ml-module", + "security-rule", + "csp-rule-template", + "osquery-pack-asset", + "osquery-saved-query", + "tag" + ], + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "type": "object" + }, + "created_at": { + "type": "string" + }, + "experimental_data_stream_features": { + "items": { + "additionalProperties": true, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": true, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "install_format_schema_version": { + "type": "string" + }, + "install_source": { + "enum": [ + "registry", + "upload", + "bundled", + "custom" + ], + "type": "string" + }, + "install_status": { + "enum": [ + "installed", + "installing", + "install_failed" + ], + "type": "string" + }, + "installed_es": { + "items": { + "additionalProperties": true, + "properties": { + "deferred": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "type": { + "enum": [ + "index", + "index_template", + "component_template", + "ingest_pipeline", + "ilm_policy", + "data_stream_ilm_policy", + "transform", + "ml_model" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "installed_kibana": { + "items": { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + }, + "originId": { + "type": "string" + }, + "type": { + "enum": [ + "dashboard", + "lens", + "visualization", + "search", + "index-pattern", + "map", + "ml-module", + "security-rule", + "csp-rule-template", + "osquery-pack-asset", + "osquery-saved-query", + "tag" + ], + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "installed_kibana_space_id": { + "type": "string" + }, + "latest_executed_state": { + "additionalProperties": true, + "properties": { + "error": { + "type": "string" + }, + "name": { + "type": "string" + }, + "started_at": { + "type": "string" + } + }, + "required": [ + "name", + "started_at" + ], + "type": "object" + }, + "latest_install_failed_attempts": { + "items": { + "additionalProperties": true, + "properties": { + "created_at": { + "type": "string" + }, + "error": { + "additionalProperties": true, + "properties": { + "message": { + "type": "string" + }, + "name": { + "type": "string" + }, + "stack": { + "type": "string" + } + }, + "required": [ + "name", + "message" + ], + "type": "object" + }, + "target_version": { + "type": "string" + } + }, + "required": [ + "created_at", + "target_version", + "error" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "type": "string" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "updated_at": { + "type": "string" + }, + "verification_key_id": { + "nullable": true, + "type": "string" + }, + "verification_status": { + "enum": [ + "unverified", + "verified", + "unknown" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "type", + "installed_kibana", + "installed_es", + "name", + "version", + "install_status", + "install_source", + "verification_status" + ], + "type": "object" + }, + "internal": { + "type": "boolean" + }, + "keepPoliciesUpToDate": { + "type": "boolean" + }, + "latestVersion": { + "type": "string" + }, + "license": { + "type": "string" + }, + "licensePath": { + "type": "string" + }, + "name": { + "type": "string" + }, + "notice": { + "type": "string" + }, + "owner": { + "additionalProperties": true, + "properties": { + "github": { + "type": "string" + }, + "type": { + "enum": [ + "elastic", + "partner", + "community" + ], + "type": "string" + } + }, + "type": "object" + }, + "path": { + "type": "string" + }, + "policy_templates": { + "items": { + "additionalProperties": {}, + "type": "object" + }, + "type": "array" + }, + "readme": { + "type": "string" + }, + "release": { + "enum": [ + "ga", + "beta", + "experimental" + ], + "type": "string" + }, + "savedObject": {}, + "screenshots": { + "items": { + "additionalProperties": false, + "properties": { + "dark_mode": { + "type": "boolean" + }, + "path": { + "type": "string" + }, + "size": { + "type": "string" + }, + "src": { + "type": "string" + }, + "title": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "src" + ], + "type": "object" + }, + "type": "array" + }, + "signature_path": { + "type": "string" + }, + "source": { + "additionalProperties": true, + "properties": { + "license": { + "type": "string" + } + }, + "required": [ + "license" + ], + "type": "object" + }, + "status": { + "type": "string" + }, + "title": { + "type": "string" + }, + "type": { + "enum": [ + "integration", + "input" + ], + "type": "string" + }, + "vars": { + "items": { + "additionalProperties": {}, + "type": "object" + }, + "type": "array" + }, + "version": { + "type": "string" + } + }, + "required": [ + "savedObject", + "name", + "version", + "title", + "assets" + ], + "type": "object" + }, + "response": { + "additionalProperties": true, + "deprecated": true, + "properties": { + "agent": { + "additionalProperties": false, + "properties": { + "privileges": { + "additionalProperties": false, + "properties": { + "root": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "asset_tags": { + "items": { + "additionalProperties": false, + "properties": { + "asset_ids": { + "items": { + "type": "string" + }, + "type": "array" + }, + "asset_types": { + "items": { + "type": "string" + }, + "type": "array" + }, + "text": { + "type": "string" + } + }, + "required": [ + "text" + ], + "type": "object" + }, + "type": "array" + }, + "assets": { + "additionalProperties": {}, + "type": "object" + }, + "categories": { + "items": { + "type": "string" + }, + "type": "array" + }, + "conditions": { + "additionalProperties": true, + "properties": { + "elastic": { + "additionalProperties": true, + "properties": { + "capabilities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "subscription": { + "type": "string" + } + }, + "type": "object" + }, + "kibana": { + "additionalProperties": true, + "properties": { + "version": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "data_streams": { + "items": { + "additionalProperties": {}, + "type": "object" + }, + "type": "array" + }, + "description": { + "type": "string" + }, + "download": { + "type": "string" + }, + "elasticsearch": { + "additionalProperties": {}, + "type": "object" + }, + "format_version": { + "type": "string" + }, + "icons": { + "items": { + "additionalProperties": true, + "properties": { + "dark_mode": { + "type": "boolean" + }, + "path": { + "type": "string" + }, + "size": { + "type": "string" + }, + "src": { + "type": "string" + }, + "title": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "src" + ], + "type": "object" + }, + "type": "array" + }, + "installationInfo": { + "additionalProperties": true, + "properties": { + "additional_spaces_installed_kibana": { + "additionalProperties": { + "items": { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + }, + "originId": { + "type": "string" + }, + "type": { + "enum": [ + "dashboard", + "lens", + "visualization", + "search", + "index-pattern", + "map", + "ml-module", + "security-rule", + "csp-rule-template", + "osquery-pack-asset", + "osquery-saved-query", + "tag" + ], + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "type": "object" + }, + "created_at": { + "type": "string" + }, + "experimental_data_stream_features": { + "items": { + "additionalProperties": true, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": true, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "install_format_schema_version": { + "type": "string" + }, + "install_source": { + "enum": [ + "registry", + "upload", + "bundled", + "custom" + ], + "type": "string" + }, + "install_status": { + "enum": [ + "installed", + "installing", + "install_failed" + ], + "type": "string" + }, + "installed_es": { + "items": { + "additionalProperties": true, + "properties": { + "deferred": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "type": { + "enum": [ + "index", + "index_template", + "component_template", + "ingest_pipeline", + "ilm_policy", + "data_stream_ilm_policy", + "transform", + "ml_model" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "installed_kibana": { + "items": { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + }, + "originId": { + "type": "string" + }, + "type": { + "enum": [ + "dashboard", + "lens", + "visualization", + "search", + "index-pattern", + "map", + "ml-module", + "security-rule", + "csp-rule-template", + "osquery-pack-asset", + "osquery-saved-query", + "tag" + ], + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "installed_kibana_space_id": { + "type": "string" + }, + "latest_executed_state": { + "additionalProperties": true, + "properties": { + "error": { + "type": "string" + }, + "name": { + "type": "string" + }, + "started_at": { + "type": "string" + } + }, + "required": [ + "name", + "started_at" + ], + "type": "object" + }, + "latest_install_failed_attempts": { + "items": { + "additionalProperties": true, + "properties": { + "created_at": { + "type": "string" + }, + "error": { + "additionalProperties": true, + "properties": { + "message": { + "type": "string" + }, + "name": { + "type": "string" + }, + "stack": { + "type": "string" + } + }, + "required": [ + "name", + "message" + ], + "type": "object" + }, + "target_version": { + "type": "string" + } + }, + "required": [ + "created_at", + "target_version", + "error" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "type": "string" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "updated_at": { + "type": "string" + }, + "verification_key_id": { + "nullable": true, + "type": "string" + }, + "verification_status": { + "enum": [ + "unverified", + "verified", + "unknown" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "type", + "installed_kibana", + "installed_es", + "name", + "version", + "install_status", + "install_source", + "verification_status" + ], + "type": "object" + }, + "internal": { + "type": "boolean" + }, + "keepPoliciesUpToDate": { + "type": "boolean" + }, + "latestVersion": { + "type": "string" + }, + "license": { + "type": "string" + }, + "licensePath": { + "type": "string" + }, + "name": { + "type": "string" + }, + "notice": { + "type": "string" + }, + "owner": { + "additionalProperties": true, + "properties": { + "github": { + "type": "string" + }, + "type": { + "enum": [ + "elastic", + "partner", + "community" + ], + "type": "string" + } + }, + "type": "object" + }, + "path": { + "type": "string" + }, + "policy_templates": { + "items": { + "additionalProperties": {}, + "type": "object" + }, + "type": "array" + }, + "readme": { + "type": "string" + }, + "release": { + "enum": [ + "ga", + "beta", + "experimental" + ], + "type": "string" + }, + "savedObject": {}, + "screenshots": { + "items": { + "additionalProperties": false, + "properties": { + "dark_mode": { + "type": "boolean" + }, + "path": { + "type": "string" + }, + "size": { + "type": "string" + }, + "src": { + "type": "string" + }, + "title": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "src" + ], + "type": "object" + }, + "type": "array" + }, + "signature_path": { + "type": "string" + }, + "source": { + "additionalProperties": true, + "properties": { + "license": { + "type": "string" + } + }, + "required": [ + "license" + ], + "type": "object" + }, + "status": { + "type": "string" + }, + "title": { + "type": "string" + }, + "type": { + "enum": [ + "integration", + "input" + ], + "type": "string" + }, + "vars": { + "items": { + "additionalProperties": {}, + "type": "object" + }, + "type": "array" + }, + "version": { + "type": "string" + } + }, + "required": [ + "savedObject", + "name", + "version", + "title", + "assets" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Package Manager (EPM)" + ] + } + }, + "/api/fleet/epm/packages/{pkgName}/{pkgVersion}/transforms/authorize": { + "post": { + "description": "Authorize transforms", + "operationId": "%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D%2Ftransforms%2Fauthorize#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "pkgName", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "path", + "name": "pkgVersion", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "prerelease", + "required": false, + "schema": { + "type": "boolean" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "transforms": { + "items": { + "additionalProperties": false, + "properties": { + "transformId": { + "type": "string" + } + }, + "required": [ + "transformId" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "transforms" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "items": { + "additionalProperties": false, + "properties": { + "error": { + "nullable": true + }, + "success": { + "type": "boolean" + }, + "transformId": { + "type": "string" + } + }, + "required": [ + "transformId", + "success", + "error" + ], + "type": "object" + }, + "type": "array" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Package Manager (EPM)" + ] + } + }, + "/api/fleet/epm/packages/{pkgName}/{pkgVersion}/{filePath*}": { + "get": { + "description": "Get package file", + "operationId": "%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D%2F%7BfilePath*%7D#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "path", + "name": "pkgName", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "path", + "name": "pkgVersion", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "path", + "name": "filePath", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": {} + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Package Manager (EPM)" + ] + } + }, + "/api/fleet/epm/packages/{pkgkey}": { + "delete": { + "deprecated": true, + "operationId": "%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#3", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "pkgkey", + "required": true, + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "nullable": true, + "properties": { + "force": { + "type": "boolean" + } + }, + "required": [ + "force" + ], + "type": "object" + } + } + } + }, + "responses": {}, + "summary": "", + "tags": [] + }, + "get": { + "deprecated": true, + "operationId": "%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "path", + "name": "pkgkey", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "ignoreUnverified", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "prerelease", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "full", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "withMetadata", + "required": false, + "schema": { + "default": false, + "type": "boolean" + } + } + ], + "responses": {}, + "summary": "", + "tags": [] + }, + "post": { + "deprecated": true, + "operationId": "%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#2", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "pkgkey", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "prerelease", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "ignoreMappingUpdateErrors", + "required": false, + "schema": { + "default": false, + "type": "boolean" + } + }, + { + "in": "query", + "name": "skipDataStreamRollover", + "required": false, + "schema": { + "default": false, + "type": "boolean" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "nullable": true, + "properties": { + "force": { + "type": "boolean" + } + }, + "required": [ + "force" + ], + "type": "object" + } + } + } + }, + "responses": {}, + "summary": "", + "tags": [] + }, + "put": { + "deprecated": true, + "operationId": "%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "pkgkey", + "required": true, + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "keepPoliciesUpToDate": { + "type": "boolean" + } + }, + "required": [ + "keepPoliciesUpToDate" + ], + "type": "object" + } + } + } + }, + "responses": {}, + "summary": "", + "tags": [] + } + }, + "/api/fleet/epm/templates/{pkgName}/{pkgVersion}/inputs": { + "get": { + "description": "Get inputs template", + "operationId": "%2Fapi%2Ffleet%2Fepm%2Ftemplates%2F%7BpkgName%7D%2F%7BpkgVersion%7D%2Finputs#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "path", + "name": "pkgName", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "path", + "name": "pkgVersion", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "format", + "required": false, + "schema": { + "default": "json", + "enum": [ + "json", + "yml", + "yaml" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "prerelease", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "ignoreUnverified", + "required": false, + "schema": { + "type": "boolean" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "anyOf": [ + { + "type": "string" + }, + { + "additionalProperties": false, + "properties": { + "inputs": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "streams": { + "items": { + "additionalProperties": true, + "properties": { + "data_stream": { + "additionalProperties": true, + "properties": { + "dataset": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "dataset" + ], + "type": "object" + }, + "id": { + "type": "string" + } + }, + "required": [ + "id", + "data_stream" + ], + "type": "object" + }, + "type": "array" + }, + "type": { + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "inputs" + ], + "type": "object" + } + ] + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Package Manager (EPM)" + ] + } + }, + "/api/fleet/epm/verification_key_id": { + "get": { + "description": "Get a package signature verification key ID", + "operationId": "%2Fapi%2Ffleet%2Fepm%2Fverification_key_id#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "id": { + "nullable": true, + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Package Manager (EPM)" + ] + } + }, + "/api/fleet/fleet_server_hosts": { + "get": { + "description": "List Fleet Server hosts", + "operationId": "%2Fapi%2Ffleet%2Ffleet_server_hosts#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "additionalProperties": false, + "properties": { + "host_urls": { + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "default": false, + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + } + }, + "required": [ + "id", + "name", + "host_urls" + ], + "type": "object" + }, + "type": "array" + }, + "page": { + "type": "number" + }, + "perPage": { + "type": "number" + }, + "total": { + "type": "number" + } + }, + "required": [ + "items", + "total", + "page", + "perPage" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet Server hosts" + ] + }, + "post": { + "description": "Create Fleet Server host", + "operationId": "%2Fapi%2Ffleet%2Ffleet_server_hosts#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "host_urls": { + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "default": false, + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + } + }, + "required": [ + "name", + "host_urls" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "host_urls": { + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "default": false, + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + } + }, + "required": [ + "id", + "name", + "host_urls" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet Server hosts" + ] + } + }, + "/api/fleet/fleet_server_hosts/{itemId}": { + "delete": { + "description": "Delete Fleet Server host by ID", + "operationId": "%2Fapi%2Ffleet%2Ffleet_server_hosts%2F%7BitemId%7D#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "itemId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet Server hosts" + ] + }, + "get": { + "description": "Get Fleet Server host by ID", + "operationId": "%2Fapi%2Ffleet%2Ffleet_server_hosts%2F%7BitemId%7D#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "path", + "name": "itemId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "host_urls": { + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "default": false, + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + } + }, + "required": [ + "id", + "name", + "host_urls" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet Server hosts" + ] + }, + "put": { + "description": "Update Fleet Server host by ID", + "operationId": "%2Fapi%2Ffleet%2Ffleet_server_hosts%2F%7BitemId%7D#2", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "itemId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "host_urls": { + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "is_default": { + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + } + }, + "required": [ + "proxy_id" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "host_urls": { + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "default": false, + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + } + }, + "required": [ + "id", + "name", + "host_urls" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet Server hosts" + ] + } + }, + "/api/fleet/health_check": { + "post": { + "description": "Check Fleet Server health", + "operationId": "%2Fapi%2Ffleet%2Fhealth_check#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "host": { + "format": "uri", + "type": "string" + }, + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "host": { + "deprecated": true, + "type": "string" + }, + "host_id": { + "type": "string" + }, + "name": { + "type": "string" + }, + "status": { + "type": "string" + } + }, + "required": [ + "status" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + }, + "404": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet internals" + ] + } + }, + "/api/fleet/kubernetes": { + "get": { + "description": "Get full K8s agent manifest", + "operationId": "%2Fapi%2Ffleet%2Fkubernetes#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "download", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "fleetServer", + "required": false, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "enrolToken", + "required": false, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "type": "string" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent policies" + ] + } + }, + "/api/fleet/kubernetes/download": { + "get": { + "operationId": "%2Fapi%2Ffleet%2Fkubernetes%2Fdownload#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "download", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "fleetServer", + "required": false, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "enrolToken", + "required": false, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "type": "string" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + }, + "404": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Elastic Agent policies" + ] + } + }, + "/api/fleet/logstash_api_keys": { + "post": { + "description": "Generate Logstash API keyy", + "operationId": "%2Fapi%2Ffleet%2Flogstash_api_keys#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "api_key": { + "type": "string" + } + }, + "required": [ + "api_key" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet outputs" + ] + } + }, + "/api/fleet/message_signing_service/rotate_key_pair": { + "post": { + "description": "Rotate fleet message signing key pair", + "operationId": "%2Fapi%2Ffleet%2Fmessage_signing_service%2Frotate_key_pair#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "query", + "name": "acknowledge", + "required": false, + "schema": { + "default": false, + "type": "boolean" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "message": { + "type": "string" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + }, + "500": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Message Signing Service" + ] + } + }, + "/api/fleet/outputs": { + "get": { + "description": "List outputs", + "operationId": "%2Fapi%2Ffleet%2Foutputs#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "anyOf": [ + { + "additionalProperties": true, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "hosts": { + "items": { + "format": "uri", + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_default_monitoring": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "preset": { + "enum": [ + "balanced", + "custom", + "throughput", + "scale", + "latency" + ], + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "shipper": { + "additionalProperties": true, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": true, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "type": { + "enum": [ + "elasticsearch" + ], + "type": "string" + } + }, + "required": [ + "name", + "type", + "hosts" + ], + "type": "object" + }, + { + "additionalProperties": true, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "hosts": { + "items": { + "format": "uri", + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_default_monitoring": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "preset": { + "enum": [ + "balanced", + "custom", + "throughput", + "scale", + "latency" + ], + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "secrets": { + "additionalProperties": true, + "properties": { + "service_token": { + "anyOf": [ + { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + } + }, + "type": "object" + }, + "service_token": { + "nullable": true, + "type": "string" + }, + "shipper": { + "additionalProperties": true, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": true, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "type": { + "enum": [ + "remote_elasticsearch" + ], + "type": "string" + } + }, + "required": [ + "name", + "type", + "hosts" + ], + "type": "object" + }, + { + "additionalProperties": true, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "hosts": { + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_default_monitoring": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "secrets": { + "additionalProperties": true, + "properties": { + "ssl": { + "additionalProperties": true, + "properties": { + "key": { + "anyOf": [ + { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + } + }, + "type": "object" + } + }, + "type": "object" + }, + "shipper": { + "additionalProperties": true, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": true, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "type": { + "enum": [ + "logstash" + ], + "type": "string" + } + }, + "required": [ + "name", + "type", + "hosts" + ], + "type": "object" + }, + { + "additionalProperties": true, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "auth_type": { + "enum": [ + "none", + "user_pass", + "ssl", + "kerberos" + ], + "type": "string" + }, + "broker_timeout": { + "type": "number" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "client_id": { + "type": "string" + }, + "compression": { + "enum": [ + "gzip", + "snappy", + "lz4", + "none" + ], + "type": "string" + }, + "compression_level": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "type": "number" + }, + { + "not": {} + } + ] + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "connection_type": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "enum": [ + "plaintext", + "encryption" + ], + "type": "string" + }, + { + "not": {} + } + ] + }, + "hash": { + "additionalProperties": true, + "properties": { + "hash": { + "type": "string" + }, + "random": { + "type": "boolean" + } + }, + "type": "object" + }, + "headers": { + "items": { + "additionalProperties": true, + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "required": [ + "key", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "hosts": { + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_default_monitoring": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "partition": { + "enum": [ + "random", + "round_robin", + "hash" + ], + "type": "string" + }, + "password": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "not": {} + }, + { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "type": "string" + }, + { + "not": {} + } + ] + } + ] + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "random": { + "additionalProperties": true, + "properties": { + "group_events": { + "type": "number" + } + }, + "type": "object" + }, + "required_acks": { + "enum": [ + 1, + 0, + -1 + ], + "type": "integer" + }, + "round_robin": { + "additionalProperties": true, + "properties": { + "group_events": { + "type": "number" + } + }, + "type": "object" + }, + "sasl": { + "additionalProperties": true, + "nullable": true, + "properties": { + "mechanism": { + "enum": [ + "PLAIN", + "SCRAM-SHA-256", + "SCRAM-SHA-512" + ], + "type": "string" + } + }, + "type": "object" + }, + "secrets": { + "additionalProperties": true, + "properties": { + "password": { + "anyOf": [ + { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + }, + "ssl": { + "additionalProperties": true, + "properties": { + "key": { + "anyOf": [ + { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + } + }, + "required": [ + "key" + ], + "type": "object" + } + }, + "type": "object" + }, + "shipper": { + "additionalProperties": true, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": true, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "timeout": { + "type": "number" + }, + "topic": { + "type": "string" + }, + "topics": { + "items": { + "additionalProperties": true, + "properties": { + "topic": { + "type": "string" + }, + "when": { + "additionalProperties": true, + "properties": { + "condition": { + "type": "string" + }, + "type": { + "enum": [ + "equals", + "contains", + "regexp" + ], + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "topic" + ], + "type": "object" + }, + "minItems": 1, + "type": "array" + }, + "type": { + "enum": [ + "kafka" + ], + "type": "string" + }, + "username": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "type": "string" + }, + { + "not": {} + } + ] + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "type", + "hosts", + "compression_level", + "auth_type", + "connection_type", + "username", + "password" + ], + "type": "object" + } + ] + }, + "type": "array" + }, + "page": { + "type": "number" + }, + "perPage": { + "type": "number" + }, + "total": { + "type": "number" + } + }, + "required": [ + "items", + "total", + "page", + "perPage" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet outputs" + ] + }, + "post": { + "description": "Create output", + "operationId": "%2Fapi%2Ffleet%2Foutputs#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "hosts": { + "items": { + "format": "uri", + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_default_monitoring": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "preset": { + "enum": [ + "balanced", + "custom", + "throughput", + "scale", + "latency" + ], + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "shipper": { + "additionalProperties": false, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": false, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "type": { + "enum": [ + "elasticsearch" + ], + "type": "string" + } + }, + "required": [ + "name", + "type", + "hosts" + ], + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "hosts": { + "items": { + "format": "uri", + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_default_monitoring": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "preset": { + "enum": [ + "balanced", + "custom", + "throughput", + "scale", + "latency" + ], + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "secrets": { + "additionalProperties": false, + "properties": { + "service_token": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + } + }, + "type": "object" + }, + "service_token": { + "nullable": true, + "type": "string" + }, + "shipper": { + "additionalProperties": false, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": false, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "type": { + "enum": [ + "remote_elasticsearch" + ], + "type": "string" + } + }, + "required": [ + "name", + "type", + "hosts" + ], + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "hosts": { + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_default_monitoring": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "secrets": { + "additionalProperties": false, + "properties": { + "ssl": { + "additionalProperties": false, + "properties": { + "key": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + } + }, + "type": "object" + } + }, + "type": "object" + }, + "shipper": { + "additionalProperties": false, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": false, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "type": { + "enum": [ + "logstash" + ], + "type": "string" + } + }, + "required": [ + "name", + "type", + "hosts" + ], + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "auth_type": { + "enum": [ + "none", + "user_pass", + "ssl", + "kerberos" + ], + "type": "string" + }, + "broker_timeout": { + "type": "number" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "client_id": { + "type": "string" + }, + "compression": { + "enum": [ + "gzip", + "snappy", + "lz4", + "none" + ], + "type": "string" + }, + "compression_level": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "type": "number" + }, + { + "not": {} + } + ] + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "connection_type": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "enum": [ + "plaintext", + "encryption" + ], + "type": "string" + }, + { + "not": {} + } + ] + }, + "hash": { + "additionalProperties": false, + "properties": { + "hash": { + "type": "string" + }, + "random": { + "type": "boolean" + } + }, + "type": "object" + }, + "headers": { + "items": { + "additionalProperties": false, + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "required": [ + "key", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "hosts": { + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_default_monitoring": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "partition": { + "enum": [ + "random", + "round_robin", + "hash" + ], + "type": "string" + }, + "password": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "not": {} + }, + { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "type": "string" + }, + { + "not": {} + } + ] + } + ] + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "random": { + "additionalProperties": false, + "properties": { + "group_events": { + "type": "number" + } + }, + "type": "object" + }, + "required_acks": { + "enum": [ + 1, + 0, + -1 + ], + "type": "integer" + }, + "round_robin": { + "additionalProperties": false, + "properties": { + "group_events": { + "type": "number" + } + }, + "type": "object" + }, + "sasl": { + "additionalProperties": false, + "nullable": true, + "properties": { + "mechanism": { + "enum": [ + "PLAIN", + "SCRAM-SHA-256", + "SCRAM-SHA-512" + ], + "type": "string" + } + }, + "type": "object" + }, + "secrets": { + "additionalProperties": false, + "properties": { + "password": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + }, + "ssl": { + "additionalProperties": false, + "properties": { + "key": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + } + }, + "required": [ + "key" + ], + "type": "object" + } + }, + "type": "object" + }, + "shipper": { + "additionalProperties": false, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": false, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "timeout": { + "type": "number" + }, + "topic": { + "type": "string" + }, + "topics": { + "items": { + "additionalProperties": false, + "properties": { + "topic": { + "type": "string" + }, + "when": { + "additionalProperties": false, + "properties": { + "condition": { + "type": "string" + }, + "type": { + "enum": [ + "equals", + "contains", + "regexp" + ], + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "topic" + ], + "type": "object" + }, + "minItems": 1, + "type": "array" + }, + "type": { + "enum": [ + "kafka" + ], + "type": "string" + }, + "username": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "type": "string" + }, + { + "not": {} + } + ] + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "type", + "hosts", + "compression_level", + "auth_type", + "connection_type", + "username", + "password" + ], + "type": "object" + } + ] + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "anyOf": [ + { + "additionalProperties": true, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "hosts": { + "items": { + "format": "uri", + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_default_monitoring": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "preset": { + "enum": [ + "balanced", + "custom", + "throughput", + "scale", + "latency" + ], + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "shipper": { + "additionalProperties": true, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": true, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "type": { + "enum": [ + "elasticsearch" + ], + "type": "string" + } + }, + "required": [ + "name", + "type", + "hosts" + ], + "type": "object" + }, + { + "additionalProperties": true, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "hosts": { + "items": { + "format": "uri", + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_default_monitoring": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "preset": { + "enum": [ + "balanced", + "custom", + "throughput", + "scale", + "latency" + ], + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "secrets": { + "additionalProperties": true, + "properties": { + "service_token": { + "anyOf": [ + { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + } + }, + "type": "object" + }, + "service_token": { + "nullable": true, + "type": "string" + }, + "shipper": { + "additionalProperties": true, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": true, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "type": { + "enum": [ + "remote_elasticsearch" + ], + "type": "string" + } + }, + "required": [ + "name", + "type", + "hosts" + ], + "type": "object" + }, + { + "additionalProperties": true, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "hosts": { + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_default_monitoring": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "secrets": { + "additionalProperties": true, + "properties": { + "ssl": { + "additionalProperties": true, + "properties": { + "key": { + "anyOf": [ + { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + } + }, + "type": "object" + } + }, + "type": "object" + }, + "shipper": { + "additionalProperties": true, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": true, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "type": { + "enum": [ + "logstash" + ], + "type": "string" + } + }, + "required": [ + "name", + "type", + "hosts" + ], + "type": "object" + }, + { + "additionalProperties": true, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "auth_type": { + "enum": [ + "none", + "user_pass", + "ssl", + "kerberos" + ], + "type": "string" + }, + "broker_timeout": { + "type": "number" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "client_id": { + "type": "string" + }, + "compression": { + "enum": [ + "gzip", + "snappy", + "lz4", + "none" + ], + "type": "string" + }, + "compression_level": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "type": "number" + }, + { + "not": {} + } + ] + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "connection_type": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "enum": [ + "plaintext", + "encryption" + ], + "type": "string" + }, + { + "not": {} + } + ] + }, + "hash": { + "additionalProperties": true, + "properties": { + "hash": { + "type": "string" + }, + "random": { + "type": "boolean" + } + }, + "type": "object" + }, + "headers": { + "items": { + "additionalProperties": true, + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "required": [ + "key", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "hosts": { + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_default_monitoring": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "partition": { + "enum": [ + "random", + "round_robin", + "hash" + ], + "type": "string" + }, + "password": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "not": {} + }, + { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "type": "string" + }, + { + "not": {} + } + ] + } + ] + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "random": { + "additionalProperties": true, + "properties": { + "group_events": { + "type": "number" + } + }, + "type": "object" + }, + "required_acks": { + "enum": [ + 1, + 0, + -1 + ], + "type": "integer" + }, + "round_robin": { + "additionalProperties": true, + "properties": { + "group_events": { + "type": "number" + } + }, + "type": "object" + }, + "sasl": { + "additionalProperties": true, + "nullable": true, + "properties": { + "mechanism": { + "enum": [ + "PLAIN", + "SCRAM-SHA-256", + "SCRAM-SHA-512" + ], + "type": "string" + } + }, + "type": "object" + }, + "secrets": { + "additionalProperties": true, + "properties": { + "password": { + "anyOf": [ + { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + }, + "ssl": { + "additionalProperties": true, + "properties": { + "key": { + "anyOf": [ + { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + } + }, + "required": [ + "key" + ], + "type": "object" + } + }, + "type": "object" + }, + "shipper": { + "additionalProperties": true, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": true, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "timeout": { + "type": "number" + }, + "topic": { + "type": "string" + }, + "topics": { + "items": { + "additionalProperties": true, + "properties": { + "topic": { + "type": "string" + }, + "when": { + "additionalProperties": true, + "properties": { + "condition": { + "type": "string" + }, + "type": { + "enum": [ + "equals", + "contains", + "regexp" + ], + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "topic" + ], + "type": "object" + }, + "minItems": 1, + "type": "array" + }, + "type": { + "enum": [ + "kafka" + ], + "type": "string" + }, + "username": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "type": "string" + }, + { + "not": {} + } + ] + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "type", + "hosts", + "compression_level", + "auth_type", + "connection_type", + "username", + "password" + ], + "type": "object" + } + ] + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet outputs" + ] + } + }, + "/api/fleet/outputs/{outputId}": { + "delete": { + "description": "Delete output by ID", + "operationId": "%2Fapi%2Ffleet%2Foutputs%2F%7BoutputId%7D#2", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "outputId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + }, + "404": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet outputs" + ] + }, + "get": { + "description": "Get output by ID", + "operationId": "%2Fapi%2Ffleet%2Foutputs%2F%7BoutputId%7D#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "path", + "name": "outputId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "anyOf": [ + { + "additionalProperties": true, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "hosts": { + "items": { + "format": "uri", + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_default_monitoring": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "preset": { + "enum": [ + "balanced", + "custom", + "throughput", + "scale", + "latency" + ], + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "shipper": { + "additionalProperties": true, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": true, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "type": { + "enum": [ + "elasticsearch" + ], + "type": "string" + } + }, + "required": [ + "name", + "type", + "hosts" + ], + "type": "object" + }, + { + "additionalProperties": true, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "hosts": { + "items": { + "format": "uri", + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_default_monitoring": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "preset": { + "enum": [ + "balanced", + "custom", + "throughput", + "scale", + "latency" + ], + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "secrets": { + "additionalProperties": true, + "properties": { + "service_token": { + "anyOf": [ + { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + } + }, + "type": "object" + }, + "service_token": { + "nullable": true, + "type": "string" + }, + "shipper": { + "additionalProperties": true, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": true, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "type": { + "enum": [ + "remote_elasticsearch" + ], + "type": "string" + } + }, + "required": [ + "name", + "type", + "hosts" + ], + "type": "object" + }, + { + "additionalProperties": true, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "hosts": { + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_default_monitoring": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "secrets": { + "additionalProperties": true, + "properties": { + "ssl": { + "additionalProperties": true, + "properties": { + "key": { + "anyOf": [ + { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + } + }, + "type": "object" + } + }, + "type": "object" + }, + "shipper": { + "additionalProperties": true, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": true, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "type": { + "enum": [ + "logstash" + ], + "type": "string" + } + }, + "required": [ + "name", + "type", + "hosts" + ], + "type": "object" + }, + { + "additionalProperties": true, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "auth_type": { + "enum": [ + "none", + "user_pass", + "ssl", + "kerberos" + ], + "type": "string" + }, + "broker_timeout": { + "type": "number" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "client_id": { + "type": "string" + }, + "compression": { + "enum": [ + "gzip", + "snappy", + "lz4", + "none" + ], + "type": "string" + }, + "compression_level": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "type": "number" + }, + { + "not": {} + } + ] + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "connection_type": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "enum": [ + "plaintext", + "encryption" + ], + "type": "string" + }, + { + "not": {} + } + ] + }, + "hash": { + "additionalProperties": true, + "properties": { + "hash": { + "type": "string" + }, + "random": { + "type": "boolean" + } + }, + "type": "object" + }, + "headers": { + "items": { + "additionalProperties": true, + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "required": [ + "key", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "hosts": { + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_default_monitoring": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "partition": { + "enum": [ + "random", + "round_robin", + "hash" + ], + "type": "string" + }, + "password": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "not": {} + }, + { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "type": "string" + }, + { + "not": {} + } + ] + } + ] + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "random": { + "additionalProperties": true, + "properties": { + "group_events": { + "type": "number" + } + }, + "type": "object" + }, + "required_acks": { + "enum": [ + 1, + 0, + -1 + ], + "type": "integer" + }, + "round_robin": { + "additionalProperties": true, + "properties": { + "group_events": { + "type": "number" + } + }, + "type": "object" + }, + "sasl": { + "additionalProperties": true, + "nullable": true, + "properties": { + "mechanism": { + "enum": [ + "PLAIN", + "SCRAM-SHA-256", + "SCRAM-SHA-512" + ], + "type": "string" + } + }, + "type": "object" + }, + "secrets": { + "additionalProperties": true, + "properties": { + "password": { + "anyOf": [ + { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + }, + "ssl": { + "additionalProperties": true, + "properties": { + "key": { + "anyOf": [ + { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + } + }, + "required": [ + "key" + ], + "type": "object" + } + }, + "type": "object" + }, + "shipper": { + "additionalProperties": true, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": true, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "timeout": { + "type": "number" + }, + "topic": { + "type": "string" + }, + "topics": { + "items": { + "additionalProperties": true, + "properties": { + "topic": { + "type": "string" + }, + "when": { + "additionalProperties": true, + "properties": { + "condition": { + "type": "string" + }, + "type": { + "enum": [ + "equals", + "contains", + "regexp" + ], + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "topic" + ], + "type": "object" + }, + "minItems": 1, + "type": "array" + }, + "type": { + "enum": [ + "kafka" + ], + "type": "string" + }, + "username": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "type": "string" + }, + { + "not": {} + } + ] + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "type", + "hosts", + "compression_level", + "auth_type", + "connection_type", + "username", + "password" + ], + "type": "object" + } + ] + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet outputs" + ] + }, + "put": { + "description": "Update output by ID", + "operationId": "%2Fapi%2Ffleet%2Foutputs%2F%7BoutputId%7D#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "outputId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "hosts": { + "items": { + "format": "uri", + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "type": "boolean" + }, + "is_default_monitoring": { + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "preset": { + "enum": [ + "balanced", + "custom", + "throughput", + "scale", + "latency" + ], + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "shipper": { + "additionalProperties": false, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": false, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "type": { + "enum": [ + "elasticsearch" + ], + "type": "string" + } + }, + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "hosts": { + "items": { + "format": "uri", + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "type": "boolean" + }, + "is_default_monitoring": { + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "preset": { + "enum": [ + "balanced", + "custom", + "throughput", + "scale", + "latency" + ], + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "secrets": { + "additionalProperties": false, + "properties": { + "service_token": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + } + }, + "type": "object" + }, + "service_token": { + "nullable": true, + "type": "string" + }, + "shipper": { + "additionalProperties": false, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": false, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "type": { + "enum": [ + "remote_elasticsearch" + ], + "type": "string" + } + }, + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "hosts": { + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "type": "boolean" + }, + "is_default_monitoring": { + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "secrets": { + "additionalProperties": false, + "properties": { + "ssl": { + "additionalProperties": false, + "properties": { + "key": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + } + }, + "type": "object" + } + }, + "type": "object" + }, + "shipper": { + "additionalProperties": false, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": false, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "type": { + "enum": [ + "logstash" + ], + "type": "string" + } + }, + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "auth_type": { + "enum": [ + "none", + "user_pass", + "ssl", + "kerberos" + ], + "type": "string" + }, + "broker_timeout": { + "type": "number" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "client_id": { + "type": "string" + }, + "compression": { + "enum": [ + "gzip", + "snappy", + "lz4", + "none" + ], + "type": "string" + }, + "compression_level": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "type": "number" + }, + { + "not": {} + } + ] + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "connection_type": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "enum": [ + "plaintext", + "encryption" + ], + "type": "string" + }, + { + "not": {} + } + ] + }, + "hash": { + "additionalProperties": false, + "properties": { + "hash": { + "type": "string" + }, + "random": { + "type": "boolean" + } + }, + "type": "object" + }, + "headers": { + "items": { + "additionalProperties": false, + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "required": [ + "key", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "hosts": { + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_default_monitoring": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "partition": { + "enum": [ + "random", + "round_robin", + "hash" + ], + "type": "string" + }, + "password": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "not": {} + }, + { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "type": "string" + }, + { + "not": {} + } + ] + } + ] + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "random": { + "additionalProperties": false, + "properties": { + "group_events": { + "type": "number" + } + }, + "type": "object" + }, + "required_acks": { + "enum": [ + 1, + 0, + -1 + ], + "type": "integer" + }, + "round_robin": { + "additionalProperties": false, + "properties": { + "group_events": { + "type": "number" + } + }, + "type": "object" + }, + "sasl": { + "additionalProperties": false, + "nullable": true, + "properties": { + "mechanism": { + "enum": [ + "PLAIN", + "SCRAM-SHA-256", + "SCRAM-SHA-512" + ], + "type": "string" + } + }, + "type": "object" + }, + "secrets": { + "additionalProperties": false, + "properties": { + "password": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + }, + "ssl": { + "additionalProperties": false, + "properties": { + "key": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + } + }, + "required": [ + "key" + ], + "type": "object" + } + }, + "type": "object" + }, + "shipper": { + "additionalProperties": false, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": false, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "timeout": { + "type": "number" + }, + "topic": { + "type": "string" + }, + "topics": { + "items": { + "additionalProperties": false, + "properties": { + "topic": { + "type": "string" + }, + "when": { + "additionalProperties": false, + "properties": { + "condition": { + "type": "string" + }, + "type": { + "enum": [ + "equals", + "contains", + "regexp" + ], + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "topic" + ], + "type": "object" + }, + "minItems": 1, + "type": "array" + }, + "type": { + "enum": [ + "kafka" + ], + "type": "string" + }, + "username": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "type": "string" + }, + { + "not": {} + } + ] + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "compression_level", + "connection_type", + "username", + "password" + ], + "type": "object" + } + ] + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "anyOf": [ + { + "additionalProperties": true, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "hosts": { + "items": { + "format": "uri", + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_default_monitoring": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "preset": { + "enum": [ + "balanced", + "custom", + "throughput", + "scale", + "latency" + ], + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "shipper": { + "additionalProperties": true, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": true, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "type": { + "enum": [ + "elasticsearch" + ], + "type": "string" + } + }, + "required": [ + "name", + "type", + "hosts" + ], + "type": "object" + }, + { + "additionalProperties": true, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "hosts": { + "items": { + "format": "uri", + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_default_monitoring": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "preset": { + "enum": [ + "balanced", + "custom", + "throughput", + "scale", + "latency" + ], + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "secrets": { + "additionalProperties": true, + "properties": { + "service_token": { + "anyOf": [ + { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + } + }, + "type": "object" + }, + "service_token": { + "nullable": true, + "type": "string" + }, + "shipper": { + "additionalProperties": true, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": true, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "type": { + "enum": [ + "remote_elasticsearch" + ], + "type": "string" + } + }, + "required": [ + "name", + "type", + "hosts" + ], + "type": "object" + }, + { + "additionalProperties": true, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "hosts": { + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_default_monitoring": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "secrets": { + "additionalProperties": true, + "properties": { + "ssl": { + "additionalProperties": true, + "properties": { + "key": { + "anyOf": [ + { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + } + }, + "type": "object" + } + }, + "type": "object" + }, + "shipper": { + "additionalProperties": true, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": true, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "type": { + "enum": [ + "logstash" + ], + "type": "string" + } + }, + "required": [ + "name", + "type", + "hosts" + ], + "type": "object" + }, + { + "additionalProperties": true, + "properties": { + "allow_edit": { + "items": { + "type": "string" + }, + "type": "array" + }, + "auth_type": { + "enum": [ + "none", + "user_pass", + "ssl", + "kerberos" + ], + "type": "string" + }, + "broker_timeout": { + "type": "number" + }, + "ca_sha256": { + "nullable": true, + "type": "string" + }, + "ca_trusted_fingerprint": { + "nullable": true, + "type": "string" + }, + "client_id": { + "type": "string" + }, + "compression": { + "enum": [ + "gzip", + "snappy", + "lz4", + "none" + ], + "type": "string" + }, + "compression_level": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "type": "number" + }, + { + "not": {} + } + ] + }, + "config_yaml": { + "nullable": true, + "type": "string" + }, + "connection_type": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "enum": [ + "plaintext", + "encryption" + ], + "type": "string" + }, + { + "not": {} + } + ] + }, + "hash": { + "additionalProperties": true, + "properties": { + "hash": { + "type": "string" + }, + "random": { + "type": "boolean" + } + }, + "type": "object" + }, + "headers": { + "items": { + "additionalProperties": true, + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "required": [ + "key", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "hosts": { + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "id": { + "type": "string" + }, + "is_default": { + "default": false, + "type": "boolean" + }, + "is_default_monitoring": { + "default": false, + "type": "boolean" + }, + "is_internal": { + "type": "boolean" + }, + "is_preconfigured": { + "type": "boolean" + }, + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "partition": { + "enum": [ + "random", + "round_robin", + "hash" + ], + "type": "string" + }, + "password": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "not": {} + }, + { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "type": "string" + }, + { + "not": {} + } + ] + } + ] + }, + "proxy_id": { + "nullable": true, + "type": "string" + }, + "random": { + "additionalProperties": true, + "properties": { + "group_events": { + "type": "number" + } + }, + "type": "object" + }, + "required_acks": { + "enum": [ + 1, + 0, + -1 + ], + "type": "integer" + }, + "round_robin": { + "additionalProperties": true, + "properties": { + "group_events": { + "type": "number" + } + }, + "type": "object" + }, + "sasl": { + "additionalProperties": true, + "nullable": true, + "properties": { + "mechanism": { + "enum": [ + "PLAIN", + "SCRAM-SHA-256", + "SCRAM-SHA-512" + ], + "type": "string" + } + }, + "type": "object" + }, + "secrets": { + "additionalProperties": true, + "properties": { + "password": { + "anyOf": [ + { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + }, + "ssl": { + "additionalProperties": true, + "properties": { + "key": { + "anyOf": [ + { + "additionalProperties": true, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + { + "type": "string" + } + ] + } + }, + "required": [ + "key" + ], + "type": "object" + } + }, + "type": "object" + }, + "shipper": { + "additionalProperties": true, + "nullable": true, + "properties": { + "compression_level": { + "nullable": true, + "type": "number" + }, + "disk_queue_compression_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_enabled": { + "default": false, + "nullable": true, + "type": "boolean" + }, + "disk_queue_encryption_enabled": { + "nullable": true, + "type": "boolean" + }, + "disk_queue_max_size": { + "nullable": true, + "type": "number" + }, + "disk_queue_path": { + "nullable": true, + "type": "string" + }, + "loadbalance": { + "nullable": true, + "type": "boolean" + }, + "max_batch_bytes": { + "nullable": true, + "type": "number" + }, + "mem_queue_events": { + "nullable": true, + "type": "number" + }, + "queue_flush_timeout": { + "nullable": true, + "type": "number" + } + }, + "required": [ + "disk_queue_path", + "disk_queue_max_size", + "disk_queue_encryption_enabled", + "disk_queue_compression_enabled", + "compression_level", + "loadbalance", + "mem_queue_events", + "queue_flush_timeout", + "max_batch_bytes" + ], + "type": "object" + }, + "ssl": { + "additionalProperties": true, + "nullable": true, + "properties": { + "certificate": { + "type": "string" + }, + "certificate_authorities": { + "items": { + "type": "string" + }, + "type": "array" + }, + "key": { + "type": "string" + }, + "verification_mode": { + "enum": [ + "full", + "none", + "certificate", + "strict" + ], + "type": "string" + } + }, + "type": "object" + }, + "timeout": { + "type": "number" + }, + "topic": { + "type": "string" + }, + "topics": { + "items": { + "additionalProperties": true, + "properties": { + "topic": { + "type": "string" + }, + "when": { + "additionalProperties": true, + "properties": { + "condition": { + "type": "string" + }, + "type": { + "enum": [ + "equals", + "contains", + "regexp" + ], + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "topic" + ], + "type": "object" + }, + "minItems": 1, + "type": "array" + }, + "type": { + "enum": [ + "kafka" + ], + "type": "string" + }, + "username": { + "anyOf": [ + { + "items": {}, + "type": "array" + }, + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "type": "object" + }, + { + "type": "string" + } + ], + "nullable": true, + "oneOf": [ + { + "type": "string" + }, + { + "not": {} + } + ] + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "type", + "hosts", + "compression_level", + "auth_type", + "connection_type", + "username", + "password" + ], + "type": "object" + } + ] + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet outputs" + ] + } + }, + "/api/fleet/outputs/{outputId}/health": { + "get": { + "description": "Get latest output health", + "operationId": "%2Fapi%2Ffleet%2Foutputs%2F%7BoutputId%7D%2Fhealth#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "path", + "name": "outputId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "message": { + "description": "long message if unhealthy", + "type": "string" + }, + "state": { + "description": "state of output, HEALTHY or DEGRADED", + "type": "string" + }, + "timestamp": { + "description": "timestamp of reported state", + "type": "string" + } + }, + "required": [ + "state", + "message", + "timestamp" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet outputs" + ] + } + }, + "/api/fleet/package_policies": { + "get": { + "description": "List package policies", + "operationId": "%2Fapi%2Ffleet%2Fpackage_policies#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "page", + "required": false, + "schema": { + "type": "number" + } + }, + { + "in": "query", + "name": "perPage", + "required": false, + "schema": { + "type": "number" + } + }, + { + "in": "query", + "name": "sortField", + "required": false, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "sortOrder", + "required": false, + "schema": { + "enum": [ + "desc", + "asc" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "showUpgradeable", + "required": false, + "schema": { + "type": "boolean" + } + }, + { + "in": "query", + "name": "kuery", + "required": false, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "format", + "required": false, + "schema": { + "enum": [ + "simplified", + "legacy" + ], + "type": "string" + } + }, + { + "in": "query", + "name": "withAgentCount", + "required": false, + "schema": { + "type": "boolean" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "additionalProperties": false, + "properties": { + "agents": { + "type": "number" + }, + "created_at": { + "type": "string" + }, + "created_by": { + "type": "string" + }, + "description": { + "description": "Package policy description", + "type": "string" + }, + "elasticsearch": { + "additionalProperties": true, + "properties": { + "privileges": { + "additionalProperties": true, + "properties": { + "cluster": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inputs": { + "anyOf": [ + { + "items": { + "additionalProperties": false, + "properties": { + "compiled_input": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "policy_template": { + "type": "string" + }, + "streams": { + "items": { + "additionalProperties": false, + "properties": { + "compiled_stream": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "data_stream": { + "additionalProperties": false, + "properties": { + "dataset": { + "type": "string" + }, + "elasticsearch": { + "additionalProperties": false, + "properties": { + "dynamic_dataset": { + "type": "boolean" + }, + "dynamic_namespace": { + "type": "boolean" + }, + "privileges": { + "additionalProperties": false, + "properties": { + "indices": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": { + "type": "string" + } + }, + "required": [ + "dataset", + "type" + ], + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "release": { + "enum": [ + "ga", + "beta", + "experimental" + ], + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "enabled", + "data_stream", + "compiled_stream" + ], + "type": "object" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "type", + "enabled", + "streams", + "compiled_input" + ], + "type": "object" + }, + "type": "array" + }, + { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "enabled": { + "description": "enable or disable that input, (default to true)", + "type": "boolean" + }, + "streams": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "enabled": { + "description": "enable or disable that stream, (default to true)", + "type": "boolean" + }, + "vars": { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object" + } + }, + "type": "object" + }, + "description": "Input streams (see integration documentation to know what streams are available)", + "type": "object" + }, + "vars": { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object" + } + }, + "type": "object" + }, + "description": "Package policy inputs (see integration documentation to know what inputs are available)", + "type": "object", + "x-oas-optional": true + } + ] + }, + "is_managed": { + "type": "boolean" + }, + "name": { + "description": "Package policy name (should be unique)", + "type": "string" + }, + "namespace": { + "description": "The package policy namespace. Leave blank to inherit the agent policy's namespace.", + "type": "string" + }, + "output_id": { + "nullable": true, + "type": "string" + }, + "overrides": { + "additionalProperties": false, + "description": "Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "properties": { + "inputs": { + "additionalProperties": {}, + "type": "object" + } + }, + "type": "object" + }, + "package": { + "additionalProperties": false, + "properties": { + "experimental_data_stream_features": { + "items": { + "additionalProperties": false, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": false, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Package name", + "type": "string" + }, + "requires_root": { + "type": "boolean" + }, + "title": { + "type": "string" + }, + "version": { + "description": "Package version", + "type": "string" + } + }, + "required": [ + "name", + "version" + ], + "type": "object" + }, + "policy_id": { + "deprecated": true, + "description": "Agent policy ID where that package policy will be added", + "nullable": true, + "type": "string" + }, + "policy_ids": { + "items": { + "description": "Agent policy IDs where that package policy will be added", + "type": "string" + }, + "type": "array" + }, + "revision": { + "type": "number" + }, + "secret_references": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + "type": "array" + }, + "spaceIds": { + "items": { + "type": "string" + }, + "type": "array" + }, + "updated_at": { + "type": "string" + }, + "updated_by": { + "type": "string" + }, + "vars": { + "anyOf": [ + { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object", + "x-oas-optional": true + } + ] + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "enabled", + "inputs", + "id", + "revision", + "updated_at", + "updated_by", + "created_at", + "created_by" + ], + "type": "object" + }, + "type": "array" + }, + "page": { + "type": "number" + }, + "perPage": { + "type": "number" + }, + "total": { + "type": "number" + } + }, + "required": [ + "items", + "total", + "page", + "perPage" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet package policies" + ] + }, + "post": { + "description": "Create package policy", + "operationId": "%2Fapi%2Ffleet%2Fpackage_policies#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "query", + "name": "format", + "required": false, + "schema": { + "enum": [ + "simplified", + "legacy" + ], + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "description": { + "description": "Package policy description", + "type": "string" + }, + "enabled": { + "type": "boolean" + }, + "force": { + "description": "Force package policy creation even if package is not verified, or if the agent policy is managed.", + "type": "boolean" + }, + "id": { + "description": "Package policy unique identifier", + "type": "string" + }, + "inputs": { + "items": { + "additionalProperties": false, + "properties": { + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "policy_template": { + "type": "string" + }, + "streams": { + "items": { + "additionalProperties": false, + "properties": { + "compiled_stream": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "data_stream": { + "additionalProperties": false, + "properties": { + "dataset": { + "type": "string" + }, + "elasticsearch": { + "additionalProperties": false, + "properties": { + "dynamic_dataset": { + "type": "boolean" + }, + "dynamic_namespace": { + "type": "boolean" + }, + "privileges": { + "additionalProperties": false, + "properties": { + "indices": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": { + "type": "string" + } + }, + "required": [ + "dataset", + "type" + ], + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "release": { + "enum": [ + "ga", + "beta", + "experimental" + ], + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "enabled", + "data_stream", + "compiled_stream" + ], + "type": "object" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "type", + "enabled" + ], + "type": "object" + }, + "type": "array" + }, + "is_managed": { + "type": "boolean" + }, + "name": { + "description": "Package policy name (should be unique)", + "type": "string" + }, + "namespace": { + "description": "The package policy namespace. Leave blank to inherit the agent policy's namespace.", + "type": "string" + }, + "output_id": { + "nullable": true, + "type": "string" + }, + "overrides": { + "additionalProperties": false, + "description": "Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "properties": { + "inputs": { + "additionalProperties": {}, + "type": "object" + } + }, + "type": "object" + }, + "package": { + "additionalProperties": false, + "properties": { + "experimental_data_stream_features": { + "items": { + "additionalProperties": false, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": false, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Package name", + "type": "string" + }, + "requires_root": { + "type": "boolean" + }, + "title": { + "type": "string" + }, + "version": { + "description": "Package version", + "type": "string" + } + }, + "required": [ + "name", + "version" + ], + "type": "object" + }, + "policy_id": { + "deprecated": true, + "description": "Agent policy ID where that package policy will be added", + "nullable": true, + "type": "string" + }, + "policy_ids": { + "items": { + "description": "Agent policy IDs where that package policy will be added", + "type": "string" + }, + "type": "array" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "name", + "inputs" + ], + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "description": { + "type": "string" + }, + "force": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inputs": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "enabled": { + "description": "enable or disable that input, (default to true)", + "type": "boolean" + }, + "streams": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "enabled": { + "description": "enable or disable that stream, (default to true)", + "type": "boolean" + }, + "vars": { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object" + } + }, + "type": "object" + }, + "description": "Input streams (see integration documentation to know what streams are available)", + "type": "object" + }, + "vars": { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object" + } + }, + "type": "object" + }, + "description": "Package policy inputs (see integration documentation to know what inputs are available)", + "type": "object" + }, + "name": { + "type": "string" + }, + "namespace": { + "type": "string" + }, + "output_id": { + "nullable": true, + "type": "string" + }, + "package": { + "additionalProperties": false, + "properties": { + "experimental_data_stream_features": { + "items": { + "additionalProperties": false, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": false, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Package name", + "type": "string" + }, + "requires_root": { + "type": "boolean" + }, + "title": { + "type": "string" + }, + "version": { + "description": "Package version", + "type": "string" + } + }, + "required": [ + "name", + "version" + ], + "type": "object" + }, + "policy_id": { + "nullable": true, + "type": "string" + }, + "policy_ids": { + "items": { + "type": "string" + }, + "type": "array" + }, + "vars": { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "name", + "package" + ], + "type": "object" + } + ], + "description": "You should use inputs as an object and not use the deprecated inputs array." + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "agents": { + "type": "number" + }, + "created_at": { + "type": "string" + }, + "created_by": { + "type": "string" + }, + "description": { + "description": "Package policy description", + "type": "string" + }, + "elasticsearch": { + "additionalProperties": true, + "properties": { + "privileges": { + "additionalProperties": true, + "properties": { + "cluster": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inputs": { + "anyOf": [ + { + "items": { + "additionalProperties": false, + "properties": { + "compiled_input": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "policy_template": { + "type": "string" + }, + "streams": { + "items": { + "additionalProperties": false, + "properties": { + "compiled_stream": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "data_stream": { + "additionalProperties": false, + "properties": { + "dataset": { + "type": "string" + }, + "elasticsearch": { + "additionalProperties": false, + "properties": { + "dynamic_dataset": { + "type": "boolean" + }, + "dynamic_namespace": { + "type": "boolean" + }, + "privileges": { + "additionalProperties": false, + "properties": { + "indices": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": { + "type": "string" + } + }, + "required": [ + "dataset", + "type" + ], + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "release": { + "enum": [ + "ga", + "beta", + "experimental" + ], + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "enabled", + "data_stream", + "compiled_stream" + ], + "type": "object" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "type", + "enabled", + "streams", + "compiled_input" + ], + "type": "object" + }, + "type": "array" + }, + { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "enabled": { + "description": "enable or disable that input, (default to true)", + "type": "boolean" + }, + "streams": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "enabled": { + "description": "enable or disable that stream, (default to true)", + "type": "boolean" + }, + "vars": { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object" + } + }, + "type": "object" + }, + "description": "Input streams (see integration documentation to know what streams are available)", + "type": "object" + }, + "vars": { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object" + } + }, + "type": "object" + }, + "description": "Package policy inputs (see integration documentation to know what inputs are available)", + "type": "object", + "x-oas-optional": true + } + ] + }, + "is_managed": { + "type": "boolean" + }, + "name": { + "description": "Package policy name (should be unique)", + "type": "string" + }, + "namespace": { + "description": "The package policy namespace. Leave blank to inherit the agent policy's namespace.", + "type": "string" + }, + "output_id": { + "nullable": true, + "type": "string" + }, + "overrides": { + "additionalProperties": false, + "description": "Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "properties": { + "inputs": { + "additionalProperties": {}, + "type": "object" + } + }, + "type": "object" + }, + "package": { + "additionalProperties": false, + "properties": { + "experimental_data_stream_features": { + "items": { + "additionalProperties": false, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": false, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Package name", + "type": "string" + }, + "requires_root": { + "type": "boolean" + }, + "title": { + "type": "string" + }, + "version": { + "description": "Package version", + "type": "string" + } + }, + "required": [ + "name", + "version" + ], + "type": "object" + }, + "policy_id": { + "deprecated": true, + "description": "Agent policy ID where that package policy will be added", + "nullable": true, + "type": "string" + }, + "policy_ids": { + "items": { + "description": "Agent policy IDs where that package policy will be added", + "type": "string" + }, + "type": "array" + }, + "revision": { + "type": "number" + }, + "secret_references": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + "type": "array" + }, + "spaceIds": { + "items": { + "type": "string" + }, + "type": "array" + }, + "updated_at": { + "type": "string" + }, + "updated_by": { + "type": "string" + }, + "vars": { + "anyOf": [ + { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object", + "x-oas-optional": true + } + ] + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "enabled", + "inputs", + "id", + "revision", + "updated_at", + "updated_by", + "created_at", + "created_by" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + }, + "409": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet package policies" + ] + } + }, + "/api/fleet/package_policies/_bulk_get": { + "post": { + "description": "Bulk get package policies", + "operationId": "%2Fapi%2Ffleet%2Fpackage_policies%2F_bulk_get#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "query", + "name": "format", + "required": false, + "schema": { + "enum": [ + "simplified", + "legacy" + ], + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "ids": { + "description": "list of package policy ids", + "items": { + "type": "string" + }, + "type": "array" + }, + "ignoreMissing": { + "type": "boolean" + } + }, + "required": [ + "ids" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "additionalProperties": false, + "properties": { + "agents": { + "type": "number" + }, + "created_at": { + "type": "string" + }, + "created_by": { + "type": "string" + }, + "description": { + "description": "Package policy description", + "type": "string" + }, + "elasticsearch": { + "additionalProperties": true, + "properties": { + "privileges": { + "additionalProperties": true, + "properties": { + "cluster": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inputs": { + "anyOf": [ + { + "items": { + "additionalProperties": false, + "properties": { + "compiled_input": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "policy_template": { + "type": "string" + }, + "streams": { + "items": { + "additionalProperties": false, + "properties": { + "compiled_stream": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "data_stream": { + "additionalProperties": false, + "properties": { + "dataset": { + "type": "string" + }, + "elasticsearch": { + "additionalProperties": false, + "properties": { + "dynamic_dataset": { + "type": "boolean" + }, + "dynamic_namespace": { + "type": "boolean" + }, + "privileges": { + "additionalProperties": false, + "properties": { + "indices": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": { + "type": "string" + } + }, + "required": [ + "dataset", + "type" + ], + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "release": { + "enum": [ + "ga", + "beta", + "experimental" + ], + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "enabled", + "data_stream", + "compiled_stream" + ], + "type": "object" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "type", + "enabled", + "streams", + "compiled_input" + ], + "type": "object" + }, + "type": "array" + }, + { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "enabled": { + "description": "enable or disable that input, (default to true)", + "type": "boolean" + }, + "streams": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "enabled": { + "description": "enable or disable that stream, (default to true)", + "type": "boolean" + }, + "vars": { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object" + } + }, + "type": "object" + }, + "description": "Input streams (see integration documentation to know what streams are available)", + "type": "object" + }, + "vars": { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object" + } + }, + "type": "object" + }, + "description": "Package policy inputs (see integration documentation to know what inputs are available)", + "type": "object", + "x-oas-optional": true + } + ] + }, + "is_managed": { + "type": "boolean" + }, + "name": { + "description": "Package policy name (should be unique)", + "type": "string" + }, + "namespace": { + "description": "The package policy namespace. Leave blank to inherit the agent policy's namespace.", + "type": "string" + }, + "output_id": { + "nullable": true, + "type": "string" + }, + "overrides": { + "additionalProperties": false, + "description": "Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "properties": { + "inputs": { + "additionalProperties": {}, + "type": "object" + } + }, + "type": "object" + }, + "package": { + "additionalProperties": false, + "properties": { + "experimental_data_stream_features": { + "items": { + "additionalProperties": false, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": false, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Package name", + "type": "string" + }, + "requires_root": { + "type": "boolean" + }, + "title": { + "type": "string" + }, + "version": { + "description": "Package version", + "type": "string" + } + }, + "required": [ + "name", + "version" + ], + "type": "object" + }, + "policy_id": { + "deprecated": true, + "description": "Agent policy ID where that package policy will be added", + "nullable": true, + "type": "string" + }, + "policy_ids": { + "items": { + "description": "Agent policy IDs where that package policy will be added", + "type": "string" + }, + "type": "array" + }, + "revision": { + "type": "number" + }, + "secret_references": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + "type": "array" + }, + "spaceIds": { + "items": { + "type": "string" + }, + "type": "array" + }, + "updated_at": { + "type": "string" + }, + "updated_by": { + "type": "string" + }, + "vars": { + "anyOf": [ + { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object", + "x-oas-optional": true + } + ] + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "enabled", + "inputs", + "id", + "revision", + "updated_at", + "updated_by", + "created_at", + "created_by" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "items" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + }, + "404": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "message": { + "type": "string" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet package policies" + ] + } + }, + "/api/fleet/package_policies/delete": { + "post": { + "description": "Bulk delete package policies", + "operationId": "%2Fapi%2Ffleet%2Fpackage_policies%2Fdelete#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "force": { + "type": "boolean" + }, + "packagePolicyIds": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "packagePolicyIds" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "items": { + "additionalProperties": false, + "properties": { + "body": { + "additionalProperties": false, + "properties": { + "message": { + "type": "string" + } + }, + "required": [ + "message" + ], + "type": "object" + }, + "id": { + "type": "string" + }, + "name": { + "type": "string" + }, + "output_id": { + "nullable": true, + "type": "string" + }, + "package": { + "additionalProperties": false, + "properties": { + "experimental_data_stream_features": { + "items": { + "additionalProperties": false, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": false, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Package name", + "type": "string" + }, + "requires_root": { + "type": "boolean" + }, + "title": { + "type": "string" + }, + "version": { + "description": "Package version", + "type": "string" + } + }, + "required": [ + "name", + "version" + ], + "type": "object" + }, + "policy_id": { + "deprecated": true, + "description": "Use `policy_ids` instead", + "nullable": true, + "type": "string" + }, + "policy_ids": { + "items": { + "type": "string" + }, + "type": "array" + }, + "statusCode": { + "type": "number" + }, + "success": { + "type": "boolean" + } + }, + "required": [ + "id", + "success", + "policy_ids", + "package" + ], + "type": "object" + }, + "type": "array" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet package policies" + ] + } + }, + "/api/fleet/package_policies/upgrade": { + "post": { + "description": "Upgrade package policy to a newer package version", + "operationId": "%2Fapi%2Ffleet%2Fpackage_policies%2Fupgrade#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "packagePolicyIds": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "packagePolicyIds" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "items": { + "additionalProperties": false, + "properties": { + "body": { + "additionalProperties": false, + "properties": { + "message": { + "type": "string" + } + }, + "required": [ + "message" + ], + "type": "object" + }, + "id": { + "type": "string" + }, + "name": { + "type": "string" + }, + "statusCode": { + "type": "number" + }, + "success": { + "type": "boolean" + } + }, + "required": [ + "id", + "success" + ], + "type": "object" + }, + "type": "array" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet package policies" + ] + } + }, + "/api/fleet/package_policies/upgrade/dryrun": { + "post": { + "description": "Dry run package policy upgrade", + "operationId": "%2Fapi%2Ffleet%2Fpackage_policies%2Fupgrade%2Fdryrun#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "packagePolicyIds": { + "items": { + "type": "string" + }, + "type": "array" + }, + "packageVersion": { + "type": "string" + } + }, + "required": [ + "packagePolicyIds" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "items": { + "additionalProperties": false, + "properties": { + "agent_diff": { + "items": { + "items": { + "additionalProperties": true, + "properties": { + "data_stream": { + "additionalProperties": true, + "properties": { + "namespace": { + "type": "string" + } + }, + "required": [ + "namespace" + ], + "type": "object" + }, + "id": { + "type": "string" + }, + "meta": { + "additionalProperties": true, + "properties": { + "package": { + "additionalProperties": true, + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "version" + ], + "type": "object" + } + }, + "required": [ + "package" + ], + "type": "object" + }, + "name": { + "type": "string" + }, + "package_policy_id": { + "type": "string" + }, + "processors": { + "items": { + "additionalProperties": true, + "properties": { + "add_fields": { + "additionalProperties": true, + "properties": { + "fields": { + "additionalProperties": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "number" + } + ] + }, + "type": "object" + }, + "target": { + "type": "string" + } + }, + "required": [ + "target", + "fields" + ], + "type": "object" + } + }, + "required": [ + "add_fields" + ], + "type": "object" + }, + "type": "array" + }, + "revision": { + "type": "number" + }, + "streams": { + "items": { + "additionalProperties": true, + "properties": { + "data_stream": { + "additionalProperties": true, + "properties": { + "dataset": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "dataset" + ], + "type": "object" + }, + "id": { + "type": "string" + } + }, + "required": [ + "id", + "data_stream" + ], + "type": "object" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "use_output": { + "type": "string" + } + }, + "required": [ + "id", + "name", + "revision", + "type", + "data_stream", + "use_output", + "package_policy_id" + ], + "type": "object" + }, + "type": "array" + }, + "type": "array" + }, + "body": { + "additionalProperties": false, + "properties": { + "message": { + "type": "string" + } + }, + "required": [ + "message" + ], + "type": "object" + }, + "diff": { + "items": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "agents": { + "type": "number" + }, + "created_at": { + "type": "string" + }, + "created_by": { + "type": "string" + }, + "description": { + "description": "Package policy description", + "type": "string" + }, + "elasticsearch": { + "additionalProperties": true, + "properties": { + "privileges": { + "additionalProperties": true, + "properties": { + "cluster": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inputs": { + "anyOf": [ + { + "items": { + "additionalProperties": false, + "properties": { + "compiled_input": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "policy_template": { + "type": "string" + }, + "streams": { + "items": { + "additionalProperties": false, + "properties": { + "compiled_stream": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "data_stream": { + "additionalProperties": false, + "properties": { + "dataset": { + "type": "string" + }, + "elasticsearch": { + "additionalProperties": false, + "properties": { + "dynamic_dataset": { + "type": "boolean" + }, + "dynamic_namespace": { + "type": "boolean" + }, + "privileges": { + "additionalProperties": false, + "properties": { + "indices": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": { + "type": "string" + } + }, + "required": [ + "dataset", + "type" + ], + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "release": { + "enum": [ + "ga", + "beta", + "experimental" + ], + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "enabled", + "data_stream", + "compiled_stream" + ], + "type": "object" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "type", + "enabled", + "streams", + "compiled_input" + ], + "type": "object" + }, + "type": "array" + }, + { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "enabled": { + "description": "enable or disable that input, (default to true)", + "type": "boolean" + }, + "streams": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "enabled": { + "description": "enable or disable that stream, (default to true)", + "type": "boolean" + }, + "vars": { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object" + } + }, + "type": "object" + }, + "description": "Input streams (see integration documentation to know what streams are available)", + "type": "object" + }, + "vars": { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object" + } + }, + "type": "object" + }, + "description": "Package policy inputs (see integration documentation to know what inputs are available)", + "type": "object", + "x-oas-optional": true + } + ] + }, + "is_managed": { + "type": "boolean" + }, + "name": { + "description": "Package policy name (should be unique)", + "type": "string" + }, + "namespace": { + "description": "The package policy namespace. Leave blank to inherit the agent policy's namespace.", + "type": "string" + }, + "output_id": { + "nullable": true, + "type": "string" + }, + "overrides": { + "additionalProperties": false, + "description": "Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "properties": { + "inputs": { + "additionalProperties": {}, + "type": "object" + } + }, + "type": "object" + }, + "package": { + "additionalProperties": false, + "properties": { + "experimental_data_stream_features": { + "items": { + "additionalProperties": false, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": false, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Package name", + "type": "string" + }, + "requires_root": { + "type": "boolean" + }, + "title": { + "type": "string" + }, + "version": { + "description": "Package version", + "type": "string" + } + }, + "required": [ + "name", + "version" + ], + "type": "object" + }, + "policy_id": { + "deprecated": true, + "description": "Agent policy ID where that package policy will be added", + "nullable": true, + "type": "string" + }, + "policy_ids": { + "items": { + "description": "Agent policy IDs where that package policy will be added", + "type": "string" + }, + "type": "array" + }, + "revision": { + "type": "number" + }, + "secret_references": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + "type": "array" + }, + "spaceIds": { + "items": { + "type": "string" + }, + "type": "array" + }, + "updated_at": { + "type": "string" + }, + "updated_by": { + "type": "string" + }, + "vars": { + "anyOf": [ + { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object", + "x-oas-optional": true + } + ] + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "enabled", + "inputs", + "revision", + "updated_at", + "updated_by", + "created_at", + "created_by" + ], + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "description": { + "description": "Package policy description", + "type": "string" + }, + "enabled": { + "type": "boolean" + }, + "errors": { + "items": { + "additionalProperties": false, + "properties": { + "key": { + "type": "string" + }, + "message": { + "type": "string" + } + }, + "required": [ + "message" + ], + "type": "object" + }, + "type": "array" + }, + "force": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inputs": { + "items": { + "additionalProperties": false, + "properties": { + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "policy_template": { + "type": "string" + }, + "streams": { + "items": { + "additionalProperties": false, + "properties": { + "compiled_stream": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "data_stream": { + "additionalProperties": false, + "properties": { + "dataset": { + "type": "string" + }, + "elasticsearch": { + "additionalProperties": false, + "properties": { + "dynamic_dataset": { + "type": "boolean" + }, + "dynamic_namespace": { + "type": "boolean" + }, + "privileges": { + "additionalProperties": false, + "properties": { + "indices": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": { + "type": "string" + } + }, + "required": [ + "dataset", + "type" + ], + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "release": { + "enum": [ + "ga", + "beta", + "experimental" + ], + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "enabled", + "data_stream", + "compiled_stream" + ], + "type": "object" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "type", + "enabled", + "streams" + ], + "type": "object" + }, + "type": "array" + }, + "is_managed": { + "type": "boolean" + }, + "missingVars": { + "items": { + "type": "string" + }, + "type": "array" + }, + "name": { + "description": "Package policy name (should be unique)", + "type": "string" + }, + "namespace": { + "description": "The package policy namespace. Leave blank to inherit the agent policy's namespace.", + "type": "string" + }, + "output_id": { + "nullable": true, + "type": "string" + }, + "overrides": { + "additionalProperties": false, + "description": "Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "properties": { + "inputs": { + "additionalProperties": {}, + "type": "object" + } + }, + "type": "object" + }, + "package": { + "additionalProperties": false, + "properties": { + "experimental_data_stream_features": { + "items": { + "additionalProperties": false, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": false, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Package name", + "type": "string" + }, + "requires_root": { + "type": "boolean" + }, + "title": { + "type": "string" + }, + "version": { + "description": "Package version", + "type": "string" + } + }, + "required": [ + "name", + "version" + ], + "type": "object" + }, + "policy_id": { + "deprecated": true, + "description": "Agent policy ID where that package policy will be added", + "nullable": true, + "type": "string" + }, + "policy_ids": { + "items": { + "description": "Agent policy IDs where that package policy will be added", + "type": "string" + }, + "type": "array" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "name", + "enabled", + "inputs" + ], + "type": "object" + } + ] + }, + "type": "array" + }, + "hasErrors": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "hasErrors" + ], + "type": "object" + }, + "type": "array" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet package policies" + ] + } + }, + "/api/fleet/package_policies/{packagePolicyId}": { + "delete": { + "description": "Delete package policy by ID", + "operationId": "%2Fapi%2Ffleet%2Fpackage_policies%2F%7BpackagePolicyId%7D#2", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "packagePolicyId", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "force", + "required": false, + "schema": { + "type": "boolean" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet package policies" + ] + }, + "get": { + "description": "Get package policy by ID", + "operationId": "%2Fapi%2Ffleet%2Fpackage_policies%2F%7BpackagePolicyId%7D#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "path", + "name": "packagePolicyId", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "format", + "required": false, + "schema": { + "enum": [ + "simplified", + "legacy" + ], + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "agents": { + "type": "number" + }, + "created_at": { + "type": "string" + }, + "created_by": { + "type": "string" + }, + "description": { + "description": "Package policy description", + "type": "string" + }, + "elasticsearch": { + "additionalProperties": true, + "properties": { + "privileges": { + "additionalProperties": true, + "properties": { + "cluster": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inputs": { + "anyOf": [ + { + "items": { + "additionalProperties": false, + "properties": { + "compiled_input": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "policy_template": { + "type": "string" + }, + "streams": { + "items": { + "additionalProperties": false, + "properties": { + "compiled_stream": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "data_stream": { + "additionalProperties": false, + "properties": { + "dataset": { + "type": "string" + }, + "elasticsearch": { + "additionalProperties": false, + "properties": { + "dynamic_dataset": { + "type": "boolean" + }, + "dynamic_namespace": { + "type": "boolean" + }, + "privileges": { + "additionalProperties": false, + "properties": { + "indices": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": { + "type": "string" + } + }, + "required": [ + "dataset", + "type" + ], + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "release": { + "enum": [ + "ga", + "beta", + "experimental" + ], + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "enabled", + "data_stream", + "compiled_stream" + ], + "type": "object" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "type", + "enabled", + "streams", + "compiled_input" + ], + "type": "object" + }, + "type": "array" + }, + { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "enabled": { + "description": "enable or disable that input, (default to true)", + "type": "boolean" + }, + "streams": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "enabled": { + "description": "enable or disable that stream, (default to true)", + "type": "boolean" + }, + "vars": { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object" + } + }, + "type": "object" + }, + "description": "Input streams (see integration documentation to know what streams are available)", + "type": "object" + }, + "vars": { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object" + } + }, + "type": "object" + }, + "description": "Package policy inputs (see integration documentation to know what inputs are available)", + "type": "object", + "x-oas-optional": true + } + ] + }, + "is_managed": { + "type": "boolean" + }, + "name": { + "description": "Package policy name (should be unique)", + "type": "string" + }, + "namespace": { + "description": "The package policy namespace. Leave blank to inherit the agent policy's namespace.", + "type": "string" + }, + "output_id": { + "nullable": true, + "type": "string" + }, + "overrides": { + "additionalProperties": false, + "description": "Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "properties": { + "inputs": { + "additionalProperties": {}, + "type": "object" + } + }, + "type": "object" + }, + "package": { + "additionalProperties": false, + "properties": { + "experimental_data_stream_features": { + "items": { + "additionalProperties": false, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": false, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Package name", + "type": "string" + }, + "requires_root": { + "type": "boolean" + }, + "title": { + "type": "string" + }, + "version": { + "description": "Package version", + "type": "string" + } + }, + "required": [ + "name", + "version" + ], + "type": "object" + }, + "policy_id": { + "deprecated": true, + "description": "Agent policy ID where that package policy will be added", + "nullable": true, + "type": "string" + }, + "policy_ids": { + "items": { + "description": "Agent policy IDs where that package policy will be added", + "type": "string" + }, + "type": "array" + }, + "revision": { + "type": "number" + }, + "secret_references": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + "type": "array" + }, + "spaceIds": { + "items": { + "type": "string" + }, + "type": "array" + }, + "updated_at": { + "type": "string" + }, + "updated_by": { + "type": "string" + }, + "vars": { + "anyOf": [ + { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object", + "x-oas-optional": true + } + ] + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "enabled", + "inputs", + "id", + "revision", + "updated_at", + "updated_by", + "created_at", + "created_by" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + }, + "404": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "message": { + "type": "string" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet package policies" + ] + }, + "put": { + "description": "Update package policy by ID", + "operationId": "%2Fapi%2Ffleet%2Fpackage_policies%2F%7BpackagePolicyId%7D#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "packagePolicyId", + "required": true, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "format", + "required": false, + "schema": { + "enum": [ + "simplified", + "legacy" + ], + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "anyOf": [ + { + "additionalProperties": false, + "properties": { + "description": { + "description": "Package policy description", + "type": "string" + }, + "enabled": { + "type": "boolean" + }, + "force": { + "type": "boolean" + }, + "inputs": { + "items": { + "additionalProperties": false, + "properties": { + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "policy_template": { + "type": "string" + }, + "streams": { + "items": { + "additionalProperties": false, + "properties": { + "compiled_stream": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "data_stream": { + "additionalProperties": false, + "properties": { + "dataset": { + "type": "string" + }, + "elasticsearch": { + "additionalProperties": false, + "properties": { + "dynamic_dataset": { + "type": "boolean" + }, + "dynamic_namespace": { + "type": "boolean" + }, + "privileges": { + "additionalProperties": false, + "properties": { + "indices": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": { + "type": "string" + } + }, + "required": [ + "dataset", + "type" + ], + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "release": { + "enum": [ + "ga", + "beta", + "experimental" + ], + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "enabled", + "data_stream", + "compiled_stream" + ], + "type": "object" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "type", + "enabled" + ], + "type": "object" + }, + "type": "array" + }, + "is_managed": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "namespace": { + "description": "The package policy namespace. Leave blank to inherit the agent policy's namespace.", + "type": "string" + }, + "output_id": { + "nullable": true, + "type": "string" + }, + "overrides": { + "additionalProperties": false, + "description": "Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "properties": { + "inputs": { + "additionalProperties": {}, + "type": "object" + } + }, + "type": "object" + }, + "package": { + "additionalProperties": false, + "properties": { + "experimental_data_stream_features": { + "items": { + "additionalProperties": false, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": false, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Package name", + "type": "string" + }, + "requires_root": { + "type": "boolean" + }, + "title": { + "type": "string" + }, + "version": { + "description": "Package version", + "type": "string" + } + }, + "required": [ + "name", + "version" + ], + "type": "object" + }, + "policy_id": { + "deprecated": true, + "description": "Agent policy ID where that package policy will be added", + "nullable": true, + "type": "string" + }, + "policy_ids": { + "items": { + "description": "Agent policy IDs where that package policy will be added", + "type": "string" + }, + "type": "array" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "version": { + "type": "string" + } + }, + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "description": { + "type": "string" + }, + "force": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inputs": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "enabled": { + "description": "enable or disable that input, (default to true)", + "type": "boolean" + }, + "streams": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "enabled": { + "description": "enable or disable that stream, (default to true)", + "type": "boolean" + }, + "vars": { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object" + } + }, + "type": "object" + }, + "description": "Input streams (see integration documentation to know what streams are available)", + "type": "object" + }, + "vars": { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object" + } + }, + "type": "object" + }, + "description": "Package policy inputs (see integration documentation to know what inputs are available)", + "type": "object" + }, + "name": { + "type": "string" + }, + "namespace": { + "type": "string" + }, + "output_id": { + "nullable": true, + "type": "string" + }, + "package": { + "additionalProperties": false, + "properties": { + "experimental_data_stream_features": { + "items": { + "additionalProperties": false, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": false, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Package name", + "type": "string" + }, + "requires_root": { + "type": "boolean" + }, + "title": { + "type": "string" + }, + "version": { + "description": "Package version", + "type": "string" + } + }, + "required": [ + "name", + "version" + ], + "type": "object" + }, + "policy_id": { + "nullable": true, + "type": "string" + }, + "policy_ids": { + "items": { + "type": "string" + }, + "type": "array" + }, + "vars": { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "name", + "package" + ], + "type": "object" + } + ] + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "agents": { + "type": "number" + }, + "created_at": { + "type": "string" + }, + "created_by": { + "type": "string" + }, + "description": { + "description": "Package policy description", + "type": "string" + }, + "elasticsearch": { + "additionalProperties": true, + "properties": { + "privileges": { + "additionalProperties": true, + "properties": { + "cluster": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "inputs": { + "anyOf": [ + { + "items": { + "additionalProperties": false, + "properties": { + "compiled_input": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "policy_template": { + "type": "string" + }, + "streams": { + "items": { + "additionalProperties": false, + "properties": { + "compiled_stream": {}, + "config": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + "data_stream": { + "additionalProperties": false, + "properties": { + "dataset": { + "type": "string" + }, + "elasticsearch": { + "additionalProperties": false, + "properties": { + "dynamic_dataset": { + "type": "boolean" + }, + "dynamic_namespace": { + "type": "boolean" + }, + "privileges": { + "additionalProperties": false, + "properties": { + "indices": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": { + "type": "string" + } + }, + "required": [ + "dataset", + "type" + ], + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "keep_enabled": { + "type": "boolean" + }, + "release": { + "enum": [ + "ga", + "beta", + "experimental" + ], + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "enabled", + "data_stream", + "compiled_stream" + ], + "type": "object" + }, + "type": "array" + }, + "type": { + "type": "string" + }, + "vars": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + } + }, + "required": [ + "type", + "enabled", + "streams", + "compiled_input" + ], + "type": "object" + }, + "type": "array" + }, + { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "enabled": { + "description": "enable or disable that input, (default to true)", + "type": "boolean" + }, + "streams": { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "enabled": { + "description": "enable or disable that stream, (default to true)", + "type": "boolean" + }, + "vars": { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object" + } + }, + "type": "object" + }, + "description": "Input streams (see integration documentation to know what streams are available)", + "type": "object" + }, + "vars": { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object" + } + }, + "type": "object" + }, + "description": "Package policy inputs (see integration documentation to know what inputs are available)", + "type": "object", + "x-oas-optional": true + } + ] + }, + "is_managed": { + "type": "boolean" + }, + "name": { + "description": "Package policy name (should be unique)", + "type": "string" + }, + "namespace": { + "description": "The package policy namespace. Leave blank to inherit the agent policy's namespace.", + "type": "string" + }, + "output_id": { + "nullable": true, + "type": "string" + }, + "overrides": { + "additionalProperties": false, + "description": "Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.", + "nullable": true, + "properties": { + "inputs": { + "additionalProperties": {}, + "type": "object" + } + }, + "type": "object" + }, + "package": { + "additionalProperties": false, + "properties": { + "experimental_data_stream_features": { + "items": { + "additionalProperties": false, + "properties": { + "data_stream": { + "type": "string" + }, + "features": { + "additionalProperties": false, + "properties": { + "doc_value_only_numeric": { + "type": "boolean" + }, + "doc_value_only_other": { + "type": "boolean" + }, + "synthetic_source": { + "type": "boolean" + }, + "tsdb": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "data_stream", + "features" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Package name", + "type": "string" + }, + "requires_root": { + "type": "boolean" + }, + "title": { + "type": "string" + }, + "version": { + "description": "Package version", + "type": "string" + } + }, + "required": [ + "name", + "version" + ], + "type": "object" + }, + "policy_id": { + "deprecated": true, + "description": "Agent policy ID where that package policy will be added", + "nullable": true, + "type": "string" + }, + "policy_ids": { + "items": { + "description": "Agent policy IDs where that package policy will be added", + "type": "string" + }, + "type": "array" + }, + "revision": { + "type": "number" + }, + "secret_references": { + "items": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + }, + "type": "array" + }, + "spaceIds": { + "items": { + "type": "string" + }, + "type": "array" + }, + "updated_at": { + "type": "string" + }, + "updated_by": { + "type": "string" + }, + "vars": { + "anyOf": [ + { + "additionalProperties": { + "additionalProperties": false, + "properties": { + "frozen": { + "type": "boolean" + }, + "type": { + "type": "string" + }, + "value": {} + }, + "required": [ + "value" + ], + "type": "object" + }, + "description": "Package variable (see integration documentation for more information)", + "type": "object" + }, + { + "additionalProperties": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "items": { + "type": "number" + }, + "type": "array" + }, + { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + }, + "isSecretRef": { + "type": "boolean" + } + }, + "required": [ + "id", + "isSecretRef" + ], + "type": "object" + } + ], + "nullable": true + }, + "description": "Input/stream level variable (see integration documentation for more information)", + "type": "object", + "x-oas-optional": true + } + ] + }, + "version": { + "type": "string" + } + }, + "required": [ + "name", + "enabled", + "inputs", + "id", + "revision", + "updated_at", + "updated_by", + "created_at", + "created_by" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + }, + "403": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet package policies" + ] + } + }, + "/api/fleet/proxies": { + "get": { + "description": "List proxies", + "operationId": "%2Fapi%2Ffleet%2Fproxies#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "additionalProperties": false, + "properties": { + "certificate": { + "nullable": true, + "type": "string" + }, + "certificate_authorities": { + "nullable": true, + "type": "string" + }, + "certificate_key": { + "nullable": true, + "type": "string" + }, + "id": { + "type": "string" + }, + "is_preconfigured": { + "default": false, + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_headers": { + "additionalProperties": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "boolean" + }, + { + "type": "number" + } + ] + }, + "nullable": true, + "type": "object" + }, + "url": { + "type": "string" + } + }, + "required": [ + "id", + "url", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "page": { + "type": "number" + }, + "perPage": { + "type": "number" + }, + "total": { + "type": "number" + } + }, + "required": [ + "items", + "total", + "page", + "perPage" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet proxies" + ] + }, + "post": { + "description": "Create proxy", + "operationId": "%2Fapi%2Ffleet%2Fproxies#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "certificate": { + "nullable": true, + "type": "string" + }, + "certificate_authorities": { + "nullable": true, + "type": "string" + }, + "certificate_key": { + "nullable": true, + "type": "string" + }, + "id": { + "type": "string" + }, + "is_preconfigured": { + "default": false, + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_headers": { + "additionalProperties": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "boolean" + }, + { + "type": "number" + } + ] + }, + "nullable": true, + "type": "object" + }, + "url": { + "type": "string" + } + }, + "required": [ + "url", + "name" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "certificate": { + "nullable": true, + "type": "string" + }, + "certificate_authorities": { + "nullable": true, + "type": "string" + }, + "certificate_key": { + "nullable": true, + "type": "string" + }, + "id": { + "type": "string" + }, + "is_preconfigured": { + "default": false, + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_headers": { + "additionalProperties": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "boolean" + }, + { + "type": "number" + } + ] + }, + "nullable": true, + "type": "object" + }, + "url": { + "type": "string" + } + }, + "required": [ + "id", + "url", + "name" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet proxies" + ] + } + }, + "/api/fleet/proxies/{itemId}": { + "delete": { + "description": "Delete proxy by ID", + "operationId": "%2Fapi%2Ffleet%2Fproxies%2F%7BitemId%7D#2", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "itemId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet proxies" + ] + }, + "get": { + "description": "Get proxy by ID", + "operationId": "%2Fapi%2Ffleet%2Fproxies%2F%7BitemId%7D#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "path", + "name": "itemId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "certificate": { + "nullable": true, + "type": "string" + }, + "certificate_authorities": { + "nullable": true, + "type": "string" + }, + "certificate_key": { + "nullable": true, + "type": "string" + }, + "id": { + "type": "string" + }, + "is_preconfigured": { + "default": false, + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_headers": { + "additionalProperties": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "boolean" + }, + { + "type": "number" + } + ] + }, + "nullable": true, + "type": "object" + }, + "url": { + "type": "string" + } + }, + "required": [ + "id", + "url", + "name" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet proxies" + ] + }, + "put": { + "description": "Update proxy by ID", + "operationId": "%2Fapi%2Ffleet%2Fproxies%2F%7BitemId%7D#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + }, + { + "in": "path", + "name": "itemId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "certificate": { + "nullable": true, + "type": "string" + }, + "certificate_authorities": { + "nullable": true, + "type": "string" + }, + "certificate_key": { + "nullable": true, + "type": "string" + }, + "name": { + "type": "string" + }, + "proxy_headers": { + "additionalProperties": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "boolean" + }, + { + "type": "number" + } + ] + }, + "nullable": true, + "type": "object" + }, + "url": { + "type": "string" + } + }, + "required": [ + "proxy_headers", + "certificate_authorities", + "certificate", + "certificate_key" + ], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "certificate": { + "nullable": true, + "type": "string" + }, + "certificate_authorities": { + "nullable": true, + "type": "string" + }, + "certificate_key": { + "nullable": true, + "type": "string" + }, + "id": { + "type": "string" + }, + "is_preconfigured": { + "default": false, + "type": "boolean" + }, + "name": { + "type": "string" + }, + "proxy_headers": { + "additionalProperties": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "boolean" + }, + { + "type": "number" + } + ] + }, + "nullable": true, + "type": "object" + }, + "url": { + "type": "string" + } + }, + "required": [ + "id", + "url", + "name" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet proxies" + ] + } + }, + "/api/fleet/service-tokens": { + "post": { + "deprecated": true, + "description": "Create a service token", + "operationId": "%2Fapi%2Ffleet%2Fservice-tokens#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "responses": {}, + "summary": "", + "tags": [] + } + }, + "/api/fleet/service_tokens": { + "post": { + "description": "Create a service token", + "operationId": "%2Fapi%2Ffleet%2Fservice_tokens#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "nullable": true, + "properties": { + "remote": { + "default": false, + "type": "boolean" + } + }, + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "name": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet service tokens" + ] + } + }, + "/api/fleet/settings": { + "get": { + "description": "Get settings", + "operationId": "%2Fapi%2Ffleet%2Fsettings#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "fleet_server_hosts": { + "items": { + "type": "string" + }, + "type": "array" + }, + "has_seen_add_data_notice": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "output_secret_storage_requirements_met": { + "type": "boolean" + }, + "preconfigured_fields": { + "items": { + "enum": [ + "fleet_server_hosts" + ], + "type": "string" + }, + "type": "array" + }, + "prerelease_integrations_enabled": { + "type": "boolean" + }, + "secret_storage_requirements_met": { + "type": "boolean" + }, + "use_space_awareness_migration_started_at": { + "type": "string" + }, + "use_space_awareness_migration_status": { + "enum": [ + "pending", + "success", + "error" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "prerelease_integrations_enabled", + "id" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + }, + "404": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "message": { + "type": "string" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet internals" + ] + }, + "put": { + "description": "Update settings", + "operationId": "%2Fapi%2Ffleet%2Fsettings#1", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "additional_yaml_config": { + "type": "string" + }, + "fleet_server_hosts": { + "items": { + "format": "uri", + "type": "string" + }, + "type": "array" + }, + "has_seen_add_data_notice": { + "type": "boolean" + }, + "kibana_ca_sha256": { + "type": "string" + }, + "kibana_urls": { + "items": { + "format": "uri", + "type": "string" + }, + "type": "array" + }, + "prerelease_integrations_enabled": { + "type": "boolean" + } + }, + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "fleet_server_hosts": { + "items": { + "type": "string" + }, + "type": "array" + }, + "has_seen_add_data_notice": { + "type": "boolean" + }, + "id": { + "type": "string" + }, + "output_secret_storage_requirements_met": { + "type": "boolean" + }, + "preconfigured_fields": { + "items": { + "enum": [ + "fleet_server_hosts" + ], + "type": "string" + }, + "type": "array" + }, + "prerelease_integrations_enabled": { + "type": "boolean" + }, + "secret_storage_requirements_met": { + "type": "boolean" + }, + "use_space_awareness_migration_started_at": { + "type": "string" + }, + "use_space_awareness_migration_status": { + "enum": [ + "pending", + "success", + "error" + ], + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "prerelease_integrations_enabled", + "id" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + }, + "404": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "message": { + "type": "string" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet internals" + ] + } + }, + "/api/fleet/setup": { + "post": { + "description": "Initiate Fleet setup", + "operationId": "%2Fapi%2Ffleet%2Fsetup#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "A required header to protect against CSRF attacks", + "in": "header", + "name": "kbn-xsrf", + "required": true, + "schema": { + "example": "true", + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "A summary of the result of Fleet's `setup` lifecycle. If `isInitialized` is true, Fleet is ready to accept agent enrollment. `nonFatalErrors` may include useful insight into non-blocking issues with Fleet setup.", + "properties": { + "isInitialized": { + "type": "boolean" + }, + "nonFatalErrors": { + "items": { + "additionalProperties": false, + "properties": { + "message": { + "type": "string" + }, + "name": { + "type": "string" + } + }, + "required": [ + "name", + "message" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "isInitialized", + "nonFatalErrors" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + }, + "500": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Internal Server Error", + "properties": { + "message": { + "type": "string" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet internals" + ] + } + }, + "/api/fleet/uninstall_tokens": { + "get": { + "description": "List metadata for latest uninstall tokens per agent policy", + "operationId": "%2Fapi%2Ffleet%2Funinstall_tokens#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "description": "Partial match filtering for policy IDs", + "in": "query", + "name": "policyId", + "required": false, + "schema": { + "maxLength": 50, + "type": "string" + } + }, + { + "in": "query", + "name": "search", + "required": false, + "schema": { + "maxLength": 50, + "type": "string" + } + }, + { + "description": "The number of items to return", + "in": "query", + "name": "perPage", + "required": false, + "schema": { + "minimum": 5, + "type": "number" + } + }, + { + "in": "query", + "name": "page", + "required": false, + "schema": { + "minimum": 1, + "type": "number" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "items": { + "items": { + "additionalProperties": false, + "properties": { + "created_at": { + "type": "string" + }, + "id": { + "type": "string" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "policy_id": { + "type": "string" + }, + "policy_name": { + "nullable": true, + "type": "string" + } + }, + "required": [ + "id", + "policy_id", + "created_at" + ], + "type": "object" + }, + "type": "array" + }, + "page": { + "type": "number" + }, + "perPage": { + "type": "number" + }, + "total": { + "type": "number" + } + }, + "required": [ + "items", + "total", + "page", + "perPage" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet uninstall tokens" + ] + } + }, + "/api/fleet/uninstall_tokens/{uninstallTokenId}": { + "get": { + "description": "Get one decrypted uninstall token by its ID", + "operationId": "%2Fapi%2Ffleet%2Funinstall_tokens%2F%7BuninstallTokenId%7D#0", + "parameters": [ + { + "description": "The version of the API to use", + "in": "header", + "name": "elastic-api-version", + "schema": { + "default": "2023-10-31", + "enum": [ + "2023-10-31" + ], + "type": "string" + } + }, + { + "in": "path", + "name": "uninstallTokenId", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "properties": { + "item": { + "additionalProperties": false, + "properties": { + "created_at": { + "type": "string" + }, + "id": { + "type": "string" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "policy_id": { + "type": "string" + }, + "policy_name": { + "nullable": true, + "type": "string" + }, + "token": { + "type": "string" + } + }, + "required": [ + "id", + "policy_id", + "created_at", + "token" + ], + "type": "object" + } + }, + "required": [ + "item" + ], + "type": "object" + } + } + } + }, + "400": { + "content": { + "application/json; Elastic-Api-Version=2023-10-31": { + "schema": { + "additionalProperties": false, + "description": "Generic Error", + "properties": { + "error": { + "type": "string" + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "number" + } + }, + "required": [ + "message" + ], + "type": "object" + } + } + } + } + }, + "summary": "", + "tags": [ + "Fleet uninstall tokens" + ] + } + }, "/api/spaces/space": { "get": { "description": "Get all spaces", @@ -6677,6 +41085,54 @@ { "name": "connectors" }, + { + "name": "Data streams" + }, + { + "name": "Elastic Agent actions" + }, + { + "name": "Elastic Agent binary download sources" + }, + { + "name": "Elastic Agent policies" + }, + { + "name": "Elastic Agent status" + }, + { + "name": "Elastic Agents" + }, + { + "name": "Elastic Package Manager (EPM)" + }, + { + "name": "Fleet enrollment API keys" + }, + { + "name": "Fleet internals" + }, + { + "name": "Fleet outputs" + }, + { + "name": "Fleet package policies" + }, + { + "name": "Fleet proxies" + }, + { + "name": "Fleet Server hosts" + }, + { + "name": "Fleet service tokens" + }, + { + "name": "Fleet uninstall tokens" + }, + { + "name": "Message Signing Service" + }, { "name": "spaces" }, diff --git a/oas_docs/output/kibana.serverless.staging.yaml b/oas_docs/output/kibana.serverless.staging.yaml index 39819e8307e75..8bd9bd198e5e1 100644 --- a/oas_docs/output/kibana.serverless.staging.yaml +++ b/oas_docs/output/kibana.serverless.staging.yaml @@ -79,7 +79,6 @@ servers: kibana_url: default: localhost:5601 - url: / - - url: http://KIBANA_HOST:5601 - description: local url: http://localhost:5601 paths: @@ -9817,184 +9816,983 @@ paths: - Security Exceptions API /api/fleet/agent_download_sources: get: - operationId: get-download-sources + description: List agent binary download sources + operationId: '%2Fapi%2Ffleet%2Fagent_download_sources#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: items: items: - $ref: '#/components/schemas/Fleet_download_sources' + additionalProperties: false + type: object + properties: + host: + format: uri + type: string + id: + type: string + is_default: + default: false + type: boolean + name: + type: string + proxy_id: + description: >- + The ID of the proxy to use for this download source. + See the proxies API for more information. + nullable: true + type: string + required: + - id + - name + - host type: array page: - type: integer + type: number perPage: - type: integer + type: number total: - type: integer - description: OK + type: number + required: + - items + - total + - page + - perPage '400': - $ref: '#/components/responses/Fleet_error' - summary: List agent binary download sources + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - Elastic Agent binary download sources post: - operationId: post-download-sources + description: Create agent binary download source + operationId: '%2Fapi%2Ffleet%2Fagent_download_sources#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: host: + format: uri type: string id: type: string is_default: + default: false type: boolean name: type: string + proxy_id: + description: >- + The ID of the proxy to use for this download source. See the + proxies API for more information. + nullable: true + type: string required: - name - host - - is_default responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: item: - $ref: '#/components/schemas/Fleet_download_sources' - description: OK + additionalProperties: false + type: object + properties: + host: + format: uri + type: string + id: + type: string + is_default: + default: false + type: boolean + name: + type: string + proxy_id: + description: >- + The ID of the proxy to use for this download source. + See the proxies API for more information. + nullable: true + type: string + required: + - id + - name + - host + required: + - item '400': - $ref: '#/components/responses/Fleet_error' - summary: Create agent binary download source + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - Elastic Agent binary download sources /api/fleet/agent_download_sources/{sourceId}: delete: - operationId: delete-download-source + description: Delete agent binary download source by ID + operationId: '%2Fapi%2Ffleet%2Fagent_download_sources%2F%7BsourceId%7D#2' parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: sourceId + required: true + schema: + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: id: type: string required: - id - description: OK '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete agent binary download source by ID + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - Elastic Agent binary download sources get: - operationId: get-one-download-source + description: Get agent binary download source by ID + operationId: '%2Fapi%2Ffleet%2Fagent_download_sources%2F%7BsourceId%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: sourceId + required: true + schema: + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: item: - $ref: '#/components/schemas/Fleet_download_sources' + additionalProperties: false + type: object + properties: + host: + format: uri + type: string + id: + type: string + is_default: + default: false + type: boolean + name: + type: string + proxy_id: + description: >- + The ID of the proxy to use for this download source. + See the proxies API for more information. + nullable: true + type: string + required: + - id + - name + - host required: - item - description: OK '400': - $ref: '#/components/responses/Fleet_error' - summary: Get agent binary download source by ID + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - Elastic Agent binary download sources - parameters: - - in: path - name: sourceId - required: true - schema: - type: string put: - operationId: update-download-source + description: Update agent binary download source by ID + operationId: '%2Fapi%2Ffleet%2Fagent_download_sources%2F%7BsourceId%7D#1' parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: sourceId + required: true + schema: + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: host: + format: uri + type: string + id: type: string is_default: + default: false type: boolean name: type: string + proxy_id: + description: >- + The ID of the proxy to use for this download source. See the + proxies API for more information. + nullable: true + type: string required: - name - - is_default - host responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: item: - $ref: '#/components/schemas/Fleet_download_sources' + additionalProperties: false + type: object + properties: + host: + format: uri + type: string + id: + type: string + is_default: + default: false + type: boolean + name: + type: string + proxy_id: + description: >- + The ID of the proxy to use for this download source. + See the proxies API for more information. + nullable: true + type: string + required: + - id + - name + - host required: - item - description: OK '400': - $ref: '#/components/responses/Fleet_error' - summary: Update agent binary download source by ID + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - Elastic Agent binary download sources /api/fleet/agent_policies: get: - description: '' - operationId: agent-policy-list + description: List agent policies + operationId: '%2Fapi%2Ffleet%2Fagent_policies#0' parameters: - - $ref: '#/components/parameters/Fleet_page_size' - - $ref: '#/components/parameters/Fleet_page_index' - - $ref: '#/components/parameters/Fleet_kuery' - - $ref: '#/components/parameters/Fleet_format' - - description: >- - When set to true, retrieve the related package policies for each - agent policy. - in: query - name: full + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: page + required: false + schema: + type: number + - in: query + name: perPage + required: false + schema: + type: number + - in: query + name: sortField + required: false + schema: + type: string + - in: query + name: sortOrder + required: false + schema: + enum: + - desc + - asc + type: string + - in: query + name: showUpgradeable + required: false schema: type: boolean - - description: >- - When set to true, do not count how many agents are in the agent - policy, this can improve performance if you are searching over a - large number of agent policies. The "agents" property will always be - 0 if set to true. - in: query + - in: query + name: kuery + required: false + schema: + type: string + - in: query name: noAgentCount + required: false schema: type: boolean + - in: query + name: full + required: false + schema: + type: boolean + - in: query + name: format + required: false + schema: + enum: + - simplified + - legacy + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: items: items: - $ref: '#/components/schemas/Fleet_agent_policy' + additionalProperties: false + type: object + properties: + advanced_settings: + additionalProperties: false + type: object + properties: + agent_download_target_directory: + nullable: true + agent_download_timeout: + default: 2h + nullable: true + agent_limits_go_max_procs: + nullable: true + agent_logging_level: + default: info + nullable: true + agent_logging_metrics_period: + default: 30s + nullable: true + agent_features: + items: + additionalProperties: false + type: object + properties: + enabled: + type: boolean + name: + type: string + required: + - name + - enabled + type: array + agents: + type: number + data_output_id: + nullable: true + type: string + description: + type: string + download_source_id: + nullable: true + type: string + fleet_server_host_id: + nullable: true + type: string + global_data_tags: + description: >- + User defined data tags that are added to all of the + inputs. The values can be strings or numbers. + items: + additionalProperties: false + type: object + properties: + name: + type: string + value: + anyOf: + - type: string + - type: number + required: + - name + - value + type: array + has_fleet_server: + type: boolean + id: + type: string + inactivity_timeout: + default: 1209600 + minimum: 0 + type: number + is_default: + type: boolean + is_default_fleet_server: + type: boolean + is_managed: + type: boolean + is_preconfigured: + type: boolean + is_protected: + description: >- + Indicates whether the agent policy has tamper + protection enabled. Default false. + type: boolean + keep_monitoring_alive: + default: false + description: >- + When set to true, monitoring will be enabled but + logs/metrics collection will be disabled + nullable: true + type: boolean + monitoring_diagnostics: + additionalProperties: false + type: object + properties: + limit: + additionalProperties: false + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + additionalProperties: false + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number + monitoring_enabled: + items: + enum: + - logs + - metrics + - traces + type: string + type: array + monitoring_http: + additionalProperties: false + type: object + properties: + buffer: + additionalProperties: false + type: object + properties: + enabled: + default: false + type: boolean + enabled: + type: boolean + host: + type: string + port: + maximum: 65353 + minimum: 0 + type: number + required: + - enabled + monitoring_output_id: + nullable: true + type: string + monitoring_pprof_enabled: + type: boolean + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + overrides: + additionalProperties: {} + description: >- + Override settings that are defined in the agent + policy. Input settings cannot be overridden. The + override option should be used only in unusual + circumstances and not as a routine procedure. + nullable: true + type: object + package_policies: + anyOf: + - items: + type: string + type: array + - description: >- + This field is present only when retrieving a + single agent policy, or when retrieving a list + of agent policies with the ?full=true parameter + items: + additionalProperties: false + type: object + properties: + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank + to inherit the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the + package policy. The override option should + be used only in unusual circumstances and + not as a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy + will be added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package + policy will be added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + updated_at: + type: string + updated_by: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + version: + type: string + required: + - name + - enabled + - inputs + - id + - revision + - updated_at + - updated_by + - created_at + - created_by + type: array + revision: + type: number + schema_version: + type: string + space_ids: + items: + type: string + type: array + status: + enum: + - active + - inactive + type: string + supports_agentless: + default: false + description: >- + Indicates whether the agent policy supports + agentless integrations. + nullable: true + type: boolean + unenroll_timeout: + minimum: 0 + type: number + unprivileged_agents: + type: number + updated_at: + type: string + updated_by: + type: string + version: + type: string + required: + - id + - name + - namespace + - is_managed + - is_protected + - status + - updated_at + - updated_by + - revision type: array page: type: number @@ -10007,756 +10805,2625 @@ paths: - total - page - perPage - description: OK '400': - $ref: '#/components/responses/Fleet_error' - summary: List agent policies - tags: - - Elastic Agent policies - post: - operationId: create-agent-policy - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Fleet_agent_policy_create_request' - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - item: - $ref: '#/components/schemas/Fleet_agent_policy' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Create agent policy + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - Elastic Agent policies - /api/fleet/agent_policies/_bulk_get: post: - operationId: bulk-get-agent-policies + description: Create an agent policy + operationId: '%2Fapi%2Ffleet%2Fagent_policies#1' parameters: - - $ref: '#/components/parameters/Fleet_format' + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: query + name: sys_monitoring + required: false + schema: + type: boolean requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - full: - description: get full policies with package policies populated + advanced_settings: + additionalProperties: false + type: object + properties: + agent_download_target_directory: + nullable: true + agent_download_timeout: + default: 2h + nullable: true + agent_limits_go_max_procs: + nullable: true + agent_logging_level: + default: info + nullable: true + agent_logging_metrics_period: + default: 30s + nullable: true + agent_features: + items: + additionalProperties: false + type: object + properties: + enabled: + type: boolean + name: + type: string + required: + - name + - enabled + type: array + data_output_id: + nullable: true + type: string + description: + type: string + download_source_id: + nullable: true + type: string + fleet_server_host_id: + nullable: true + type: string + force: type: boolean - ids: - description: list of agent policy ids + global_data_tags: + description: >- + User defined data tags that are added to all of the inputs. + The values can be strings or numbers. items: - type: string + additionalProperties: false + type: object + properties: + name: + type: string + value: + anyOf: + - type: string + - type: number + required: + - name + - value type: array - ignoreMissing: + has_fleet_server: type: boolean - required: - - ids - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: + id: + type: string + inactivity_timeout: + default: 1209600 + minimum: 0 + type: number + is_default: + type: boolean + is_default_fleet_server: + type: boolean + is_managed: + type: boolean + is_protected: + type: boolean + keep_monitoring_alive: + default: false + description: >- + When set to true, monitoring will be enabled but + logs/metrics collection will be disabled + nullable: true + type: boolean + monitoring_diagnostics: + additionalProperties: false + type: object + properties: + limit: + additionalProperties: false + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + additionalProperties: false + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number + monitoring_enabled: items: - items: - $ref: '#/components/schemas/Fleet_agent_policy' - type: array - required: - - items - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Bulk get agent policies - tags: - - Elastic Agent policies - /api/fleet/agent_policies/{agentPolicyId}: - get: - description: Get one agent policy - operationId: agent-policy-info - parameters: [] - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_agent_policy' - required: - - item - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get agent policy by ID - tags: - - Elastic Agent policies - parameters: - - in: path - name: agentPolicyId - required: true - schema: - type: string - - $ref: '#/components/parameters/Fleet_format' - put: - operationId: update-agent-policy - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Fleet_agent_policy_update_request' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_agent_policy' - required: - - item - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Update agent policy by ID - tags: - - Elastic Agent policies - /api/fleet/agent_policies/{agentPolicyId}/copy: - parameters: - - in: path - name: agentPolicyId - required: true - schema: - type: string - - $ref: '#/components/parameters/Fleet_format' - post: - operationId: agent-policy-copy - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - description: + enum: + - logs + - metrics + - traces + type: string + type: array + monitoring_http: + additionalProperties: false + type: object + properties: + buffer: + additionalProperties: false + type: object + properties: + enabled: + default: false + type: boolean + enabled: + type: boolean + host: + type: string + port: + maximum: 65353 + minimum: 0 + type: number + required: + - enabled + monitoring_output_id: + nullable: true type: string + monitoring_pprof_enabled: + type: boolean name: + minLength: 1 type: string + namespace: + minLength: 1 + type: string + overrides: + additionalProperties: {} + description: >- + Override settings that are defined in the agent policy. + Input settings cannot be overridden. The override option + should be used only in unusual circumstances and not as a + routine procedure. + nullable: true + type: object + space_ids: + items: + type: string + type: array + supports_agentless: + default: false + description: >- + Indicates whether the agent policy supports agentless + integrations. + nullable: true + type: boolean + unenroll_timeout: + minimum: 0 + type: number required: - name - description: '' + - namespace responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: item: - $ref: '#/components/schemas/Fleet_agent_policy' + additionalProperties: false + type: object + properties: + advanced_settings: + additionalProperties: false + type: object + properties: + agent_download_target_directory: + nullable: true + agent_download_timeout: + default: 2h + nullable: true + agent_limits_go_max_procs: + nullable: true + agent_logging_level: + default: info + nullable: true + agent_logging_metrics_period: + default: 30s + nullable: true + agent_features: + items: + additionalProperties: false + type: object + properties: + enabled: + type: boolean + name: + type: string + required: + - name + - enabled + type: array + agents: + type: number + data_output_id: + nullable: true + type: string + description: + type: string + download_source_id: + nullable: true + type: string + fleet_server_host_id: + nullable: true + type: string + global_data_tags: + description: >- + User defined data tags that are added to all of the + inputs. The values can be strings or numbers. + items: + additionalProperties: false + type: object + properties: + name: + type: string + value: + anyOf: + - type: string + - type: number + required: + - name + - value + type: array + has_fleet_server: + type: boolean + id: + type: string + inactivity_timeout: + default: 1209600 + minimum: 0 + type: number + is_default: + type: boolean + is_default_fleet_server: + type: boolean + is_managed: + type: boolean + is_preconfigured: + type: boolean + is_protected: + description: >- + Indicates whether the agent policy has tamper + protection enabled. Default false. + type: boolean + keep_monitoring_alive: + default: false + description: >- + When set to true, monitoring will be enabled but + logs/metrics collection will be disabled + nullable: true + type: boolean + monitoring_diagnostics: + additionalProperties: false + type: object + properties: + limit: + additionalProperties: false + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + additionalProperties: false + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number + monitoring_enabled: + items: + enum: + - logs + - metrics + - traces + type: string + type: array + monitoring_http: + additionalProperties: false + type: object + properties: + buffer: + additionalProperties: false + type: object + properties: + enabled: + default: false + type: boolean + enabled: + type: boolean + host: + type: string + port: + maximum: 65353 + minimum: 0 + type: number + required: + - enabled + monitoring_output_id: + nullable: true + type: string + monitoring_pprof_enabled: + type: boolean + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + overrides: + additionalProperties: {} + description: >- + Override settings that are defined in the agent + policy. Input settings cannot be overridden. The + override option should be used only in unusual + circumstances and not as a routine procedure. + nullable: true + type: object + package_policies: + anyOf: + - items: + type: string + type: array + - description: >- + This field is present only when retrieving a + single agent policy, or when retrieving a list of + agent policies with the ?full=true parameter + items: + additionalProperties: false + type: object + properties: + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to + inherit the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the + package policy. The override option should + be used only in unusual circumstances and + not as a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy + will be added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy + will be added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + updated_at: + type: string + updated_by: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + version: + type: string + required: + - name + - enabled + - inputs + - id + - revision + - updated_at + - updated_by + - created_at + - created_by + type: array + revision: + type: number + schema_version: + type: string + space_ids: + items: + type: string + type: array + status: + enum: + - active + - inactive + type: string + supports_agentless: + default: false + description: >- + Indicates whether the agent policy supports agentless + integrations. + nullable: true + type: boolean + unenroll_timeout: + minimum: 0 + type: number + unprivileged_agents: + type: number + updated_at: + type: string + updated_by: + type: string + version: + type: string + required: + - id + - name + - namespace + - is_managed + - is_protected + - status + - updated_at + - updated_by + - revision required: - item - description: OK '400': - $ref: '#/components/responses/Fleet_error' - summary: Copy agent policy by ID - tags: - - Elastic Agent policies - /api/fleet/agent_policies/{agentPolicyId}/download: - get: - operationId: agent-policy-download - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - item: + error: type: string - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Download agent policy by ID - tags: - - Elastic Agent policies - parameters: - - in: path - name: agentPolicyId - required: true - schema: - type: string - - in: query - name: download - required: false - schema: - type: string - - in: query - name: standalone - required: false - schema: - type: string - - in: query - name: kubernetes - required: false - schema: - type: string - /api/fleet/agent_policies/{agentPolicyId}/full: - get: - operationId: agent-policy-full - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - item: - oneOf: - - type: string - - $ref: '#/components/schemas/Fleet_agent_policy_full' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get full agent policy by ID + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - Elastic Agent policies - parameters: - - in: path - name: agentPolicyId - required: true - schema: - type: string - - in: query - name: download - required: false - schema: - type: string - - in: query - name: standalone - required: false - schema: - type: string - - in: query - name: kubernetes - required: false - schema: - type: string - /api/fleet/agent_policies/delete: - parameters: [] + /api/fleet/agent_policies/_bulk_get: post: - operationId: delete-agent-policy + description: Bulk get agent policies + operationId: '%2Fapi%2Ffleet%2Fagent_policies%2F_bulk_get#0' parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: query + name: format + required: false + schema: + enum: + - simplified + - legacy + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - agentPolicyId: - type: string - force: - description: >- - bypass validation checks that can prevent agent policy - deletion + full: + description: get full policies with package policies populated type: boolean - required: - - agentPolicyId - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - id: + ids: + description: list of package policy ids + items: type: string - success: - type: boolean - required: - - id - - success - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete agent policy by ID - tags: - - Elastic Agent policies - /api/fleet/agent_status: - get: - operationId: get-agent-status - parameters: - - in: query - name: policyId - required: false - schema: - type: string - - deprecated: true - in: query - name: kuery - required: false - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - active: - type: integer - all: - type: integer - error: - type: integer - events: - type: integer - inactive: - type: integer - offline: - type: integer - online: - type: integer - other: - type: integer - total: - deprecated: true - type: integer - unenrolled: - type: integer - updating: - type: integer - required: - - active - - all - - error - - events - - inactive - - offline - - online - - other - - total - - updating - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get agent status summary - tags: - - Elastic Agent status - /api/fleet/agent_status/data: - get: - operationId: get-agent-data - parameters: - - in: query - name: agentsIds - required: true - schema: - items: - type: string - type: array + type: array + ignoreMissing: + type: boolean + required: + - ids responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: items: items: - additionalProperties: - type: object - properties: - data: - type: boolean + additionalProperties: false type: object + properties: + advanced_settings: + additionalProperties: false + type: object + properties: + agent_download_target_directory: + nullable: true + agent_download_timeout: + default: 2h + nullable: true + agent_limits_go_max_procs: + nullable: true + agent_logging_level: + default: info + nullable: true + agent_logging_metrics_period: + default: 30s + nullable: true + agent_features: + items: + additionalProperties: false + type: object + properties: + enabled: + type: boolean + name: + type: string + required: + - name + - enabled + type: array + agents: + type: number + data_output_id: + nullable: true + type: string + description: + type: string + download_source_id: + nullable: true + type: string + fleet_server_host_id: + nullable: true + type: string + global_data_tags: + description: >- + User defined data tags that are added to all of the + inputs. The values can be strings or numbers. + items: + additionalProperties: false + type: object + properties: + name: + type: string + value: + anyOf: + - type: string + - type: number + required: + - name + - value + type: array + has_fleet_server: + type: boolean + id: + type: string + inactivity_timeout: + default: 1209600 + minimum: 0 + type: number + is_default: + type: boolean + is_default_fleet_server: + type: boolean + is_managed: + type: boolean + is_preconfigured: + type: boolean + is_protected: + description: >- + Indicates whether the agent policy has tamper + protection enabled. Default false. + type: boolean + keep_monitoring_alive: + default: false + description: >- + When set to true, monitoring will be enabled but + logs/metrics collection will be disabled + nullable: true + type: boolean + monitoring_diagnostics: + additionalProperties: false + type: object + properties: + limit: + additionalProperties: false + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + additionalProperties: false + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number + monitoring_enabled: + items: + enum: + - logs + - metrics + - traces + type: string + type: array + monitoring_http: + additionalProperties: false + type: object + properties: + buffer: + additionalProperties: false + type: object + properties: + enabled: + default: false + type: boolean + enabled: + type: boolean + host: + type: string + port: + maximum: 65353 + minimum: 0 + type: number + required: + - enabled + monitoring_output_id: + nullable: true + type: string + monitoring_pprof_enabled: + type: boolean + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + overrides: + additionalProperties: {} + description: >- + Override settings that are defined in the agent + policy. Input settings cannot be overridden. The + override option should be used only in unusual + circumstances and not as a routine procedure. + nullable: true + type: object + package_policies: + anyOf: + - items: + type: string + type: array + - description: >- + This field is present only when retrieving a + single agent policy, or when retrieving a list + of agent policies with the ?full=true parameter + items: + additionalProperties: false + type: object + properties: + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank + to inherit the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the + package policy. The override option should + be used only in unusual circumstances and + not as a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy + will be added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package + policy will be added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + updated_at: + type: string + updated_by: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + version: + type: string + required: + - name + - enabled + - inputs + - id + - revision + - updated_at + - updated_by + - created_at + - created_by + type: array + revision: + type: number + schema_version: + type: string + space_ids: + items: + type: string + type: array + status: + enum: + - active + - inactive + type: string + supports_agentless: + default: false + description: >- + Indicates whether the agent policy supports + agentless integrations. + nullable: true + type: boolean + unenroll_timeout: + minimum: 0 + type: number + unprivileged_agents: + type: number + updated_at: + type: string + updated_by: + type: string + version: + type: string + required: + - id + - name + - namespace + - is_managed + - is_protected + - status + - updated_at + - updated_by + - revision type: array - description: OK + required: + - items '400': - $ref: '#/components/responses/Fleet_error' - summary: Get incoming agent data - tags: - - Elastic Agent status - /api/fleet/agent-status: - get: - deprecated: true - operationId: get-agent-status-deprecated - parameters: - - in: query - name: policyId - required: false - schema: - type: string - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: error: - type: integer - events: - type: integer - inactive: - type: integer - offline: - type: integer - online: - type: integer - other: - type: integer - total: - type: integer - updating: - type: integer + type: string + message: + type: string + statusCode: + type: number required: - - error - - events - - inactive - - offline - - online - - other - - total - - updating - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get agent status summary + - message + summary: '' tags: - - Elastic Agent status - /api/fleet/agents: + - Elastic Agent policies + /api/fleet/agent_policies/{agentPolicyId}: get: - operationId: get-agents + description: Get an agent policy by ID + operationId: '%2Fapi%2Ffleet%2Fagent_policies%2F%7BagentPolicyId%7D#0' parameters: - - $ref: '#/components/parameters/Fleet_page_size' - - $ref: '#/components/parameters/Fleet_page_index' - - $ref: '#/components/parameters/Fleet_kuery' - - $ref: '#/components/parameters/Fleet_show_inactive' - - $ref: '#/components/parameters/Fleet_show_upgradeable' - - $ref: '#/components/parameters/Fleet_sort_field' - - $ref: '#/components/parameters/Fleet_sort_order' - - $ref: '#/components/parameters/Fleet_with_metrics' + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: agentPolicyId + required: true + schema: + type: string - in: query - name: getStatusSummary + name: format required: false schema: - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Fleet_get_agents_response' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: List agents - tags: - - Elastic Agents - post: - operationId: get-agents-by-actions - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - actionIds: - items: - type: string - type: array - required: - - policy_id - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Fleet_agent_get_by_actions' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: List agents by action ids - tags: - - Elastic Agents - /api/fleet/agents/{agentId}: - delete: - operationId: delete-agent - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + enum: + - simplified + - legacy + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - action: - enum: - - deleted - type: string + item: + additionalProperties: false + type: object + properties: + advanced_settings: + additionalProperties: false + type: object + properties: + agent_download_target_directory: + nullable: true + agent_download_timeout: + default: 2h + nullable: true + agent_limits_go_max_procs: + nullable: true + agent_logging_level: + default: info + nullable: true + agent_logging_metrics_period: + default: 30s + nullable: true + agent_features: + items: + additionalProperties: false + type: object + properties: + enabled: + type: boolean + name: + type: string + required: + - name + - enabled + type: array + agents: + type: number + data_output_id: + nullable: true + type: string + description: + type: string + download_source_id: + nullable: true + type: string + fleet_server_host_id: + nullable: true + type: string + global_data_tags: + description: >- + User defined data tags that are added to all of the + inputs. The values can be strings or numbers. + items: + additionalProperties: false + type: object + properties: + name: + type: string + value: + anyOf: + - type: string + - type: number + required: + - name + - value + type: array + has_fleet_server: + type: boolean + id: + type: string + inactivity_timeout: + default: 1209600 + minimum: 0 + type: number + is_default: + type: boolean + is_default_fleet_server: + type: boolean + is_managed: + type: boolean + is_preconfigured: + type: boolean + is_protected: + description: >- + Indicates whether the agent policy has tamper + protection enabled. Default false. + type: boolean + keep_monitoring_alive: + default: false + description: >- + When set to true, monitoring will be enabled but + logs/metrics collection will be disabled + nullable: true + type: boolean + monitoring_diagnostics: + additionalProperties: false + type: object + properties: + limit: + additionalProperties: false + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + additionalProperties: false + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number + monitoring_enabled: + items: + enum: + - logs + - metrics + - traces + type: string + type: array + monitoring_http: + additionalProperties: false + type: object + properties: + buffer: + additionalProperties: false + type: object + properties: + enabled: + default: false + type: boolean + enabled: + type: boolean + host: + type: string + port: + maximum: 65353 + minimum: 0 + type: number + required: + - enabled + monitoring_output_id: + nullable: true + type: string + monitoring_pprof_enabled: + type: boolean + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + overrides: + additionalProperties: {} + description: >- + Override settings that are defined in the agent + policy. Input settings cannot be overridden. The + override option should be used only in unusual + circumstances and not as a routine procedure. + nullable: true + type: object + package_policies: + anyOf: + - items: + type: string + type: array + - description: >- + This field is present only when retrieving a + single agent policy, or when retrieving a list of + agent policies with the ?full=true parameter + items: + additionalProperties: false + type: object + properties: + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to + inherit the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the + package policy. The override option should + be used only in unusual circumstances and + not as a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy + will be added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy + will be added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + updated_at: + type: string + updated_by: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + version: + type: string + required: + - name + - enabled + - inputs + - id + - revision + - updated_at + - updated_by + - created_at + - created_by + type: array + revision: + type: number + schema_version: + type: string + space_ids: + items: + type: string + type: array + status: + enum: + - active + - inactive + type: string + supports_agentless: + default: false + description: >- + Indicates whether the agent policy supports agentless + integrations. + nullable: true + type: boolean + unenroll_timeout: + minimum: 0 + type: number + unprivileged_agents: + type: number + updated_at: + type: string + updated_by: + type: string + version: + type: string + required: + - id + - name + - namespace + - is_managed + - is_protected + - status + - updated_at + - updated_by + - revision required: - - action - description: OK + - item '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete agent by ID - tags: - - Elastic Agents - get: - operationId: get-agent - parameters: - - $ref: '#/components/parameters/Fleet_with_metrics' - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - item: - $ref: '#/components/schemas/Fleet_agent' + error: + type: string + message: + type: string + statusCode: + type: number required: - - item - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get agent by ID + - message + summary: '' tags: - - Elastic Agents - parameters: - - in: path - name: agentId - required: true - schema: - type: string + - Elastic Agent policies put: - operationId: update-agent + description: Update an agent policy by ID + operationId: '%2Fapi%2Ffleet%2Fagent_policies%2F%7BagentPolicyId%7D#1' parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: agentPolicyId + required: true + schema: + type: string + - in: query + name: format + required: false + schema: + enum: + - simplified + - legacy + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - tags: - items: - type: string - type: array - user_provided_metadata: + advanced_settings: + additionalProperties: false type: object - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_agent' - required: - - item - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Update agent by ID - tags: - - Elastic Agents - /api/fleet/agents/{agentId}/actions: - parameters: - - in: path - name: agentId - required: true - schema: - type: string - post: - operationId: new-agent-action - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - action: - $ref: '#/components/schemas/Fleet_agent_action' - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - body: - items: - type: number - type: array - headers: - type: string - statusCode: - type: number - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Create agent action - tags: - - Elastic Agent actions - /api/fleet/agents/{agentId}/reassign: - parameters: - - in: path - name: agentId - required: true - schema: - type: string - post: - operationId: reassign-agent - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - policy_id: + properties: + agent_download_target_directory: + nullable: true + agent_download_timeout: + default: 2h + nullable: true + agent_limits_go_max_procs: + nullable: true + agent_logging_level: + default: info + nullable: true + agent_logging_metrics_period: + default: 30s + nullable: true + agent_features: + items: + additionalProperties: false + type: object + properties: + enabled: + type: boolean + name: + type: string + required: + - name + - enabled + type: array + data_output_id: + nullable: true type: string - required: - - policy_id - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Reassign agent - tags: - - Elastic Agents - put: - deprecated: true - operationId: reassign-agent-deprecated - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - policy_id: + description: type: string - required: - - policy_id - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Reassign agent - tags: - - Elastic Agents - /api/fleet/agents/{agentId}/request_diagnostics: - parameters: - - in: path - name: agentId - required: true - schema: - type: string - post: - operationId: request-diagnostics-agent - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - additional_metrics: + download_source_id: + nullable: true + type: string + fleet_server_host_id: + nullable: true + type: string + force: + type: boolean + global_data_tags: + description: >- + User defined data tags that are added to all of the inputs. + The values can be strings or numbers. items: - oneOf: - - enum: - - CPU + additionalProperties: false + type: object + properties: + name: type: string + value: + anyOf: + - type: string + - type: number + required: + - name + - value type: array - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - actionId: + has_fleet_server: + type: boolean + id: + type: string + inactivity_timeout: + default: 1209600 + minimum: 0 + type: number + is_default: + type: boolean + is_default_fleet_server: + type: boolean + is_managed: + type: boolean + is_protected: + type: boolean + keep_monitoring_alive: + default: false + description: >- + When set to true, monitoring will be enabled but + logs/metrics collection will be disabled + nullable: true + type: boolean + monitoring_diagnostics: + additionalProperties: false + type: object + properties: + limit: + additionalProperties: false + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + additionalProperties: false + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number + monitoring_enabled: + items: + enum: + - logs + - metrics + - traces type: string - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Request agent diagnostics - tags: - - Elastic Agents - /api/fleet/agents/{agentId}/unenroll: - parameters: - - in: path - name: agentId - required: true - schema: - type: string - post: - operationId: unenroll-agent - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - force: + type: array + monitoring_http: + additionalProperties: false + type: object + properties: + buffer: + additionalProperties: false + type: object + properties: + enabled: + default: false + type: boolean + enabled: + type: boolean + host: + type: string + port: + maximum: 65353 + minimum: 0 + type: number + required: + - enabled + monitoring_output_id: + nullable: true + type: string + monitoring_pprof_enabled: type: boolean - revoke: + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + overrides: + additionalProperties: {} + description: >- + Override settings that are defined in the agent policy. + Input settings cannot be overridden. The override option + should be used only in unusual circumstances and not as a + routine procedure. + nullable: true + type: object + space_ids: + items: + type: string + type: array + supports_agentless: + default: false + description: >- + Indicates whether the agent policy supports agentless + integrations. + nullable: true type: boolean + unenroll_timeout: + minimum: 0 + type: number + required: + - name + - namespace responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object - description: OK + properties: + item: + additionalProperties: false + type: object + properties: + advanced_settings: + additionalProperties: false + type: object + properties: + agent_download_target_directory: + nullable: true + agent_download_timeout: + default: 2h + nullable: true + agent_limits_go_max_procs: + nullable: true + agent_logging_level: + default: info + nullable: true + agent_logging_metrics_period: + default: 30s + nullable: true + agent_features: + items: + additionalProperties: false + type: object + properties: + enabled: + type: boolean + name: + type: string + required: + - name + - enabled + type: array + agents: + type: number + data_output_id: + nullable: true + type: string + description: + type: string + download_source_id: + nullable: true + type: string + fleet_server_host_id: + nullable: true + type: string + global_data_tags: + description: >- + User defined data tags that are added to all of the + inputs. The values can be strings or numbers. + items: + additionalProperties: false + type: object + properties: + name: + type: string + value: + anyOf: + - type: string + - type: number + required: + - name + - value + type: array + has_fleet_server: + type: boolean + id: + type: string + inactivity_timeout: + default: 1209600 + minimum: 0 + type: number + is_default: + type: boolean + is_default_fleet_server: + type: boolean + is_managed: + type: boolean + is_preconfigured: + type: boolean + is_protected: + description: >- + Indicates whether the agent policy has tamper + protection enabled. Default false. + type: boolean + keep_monitoring_alive: + default: false + description: >- + When set to true, monitoring will be enabled but + logs/metrics collection will be disabled + nullable: true + type: boolean + monitoring_diagnostics: + additionalProperties: false + type: object + properties: + limit: + additionalProperties: false + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + additionalProperties: false + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number + monitoring_enabled: + items: + enum: + - logs + - metrics + - traces + type: string + type: array + monitoring_http: + additionalProperties: false + type: object + properties: + buffer: + additionalProperties: false + type: object + properties: + enabled: + default: false + type: boolean + enabled: + type: boolean + host: + type: string + port: + maximum: 65353 + minimum: 0 + type: number + required: + - enabled + monitoring_output_id: + nullable: true + type: string + monitoring_pprof_enabled: + type: boolean + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + overrides: + additionalProperties: {} + description: >- + Override settings that are defined in the agent + policy. Input settings cannot be overridden. The + override option should be used only in unusual + circumstances and not as a routine procedure. + nullable: true + type: object + package_policies: + anyOf: + - items: + type: string + type: array + - description: >- + This field is present only when retrieving a + single agent policy, or when retrieving a list of + agent policies with the ?full=true parameter + items: + additionalProperties: false + type: object + properties: + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to + inherit the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the + package policy. The override option should + be used only in unusual circumstances and + not as a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy + will be added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy + will be added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + updated_at: + type: string + updated_by: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + version: + type: string + required: + - name + - enabled + - inputs + - id + - revision + - updated_at + - updated_by + - created_at + - created_by + type: array + revision: + type: number + schema_version: + type: string + space_ids: + items: + type: string + type: array + status: + enum: + - active + - inactive + type: string + supports_agentless: + default: false + description: >- + Indicates whether the agent policy supports agentless + integrations. + nullable: true + type: boolean + unenroll_timeout: + minimum: 0 + type: number + unprivileged_agents: + type: number + updated_at: + type: string + updated_by: + type: string + version: + type: string + required: + - id + - name + - namespace + - is_managed + - is_protected + - status + - updated_at + - updated_by + - revision + required: + - item '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: error: @@ -10764,1126 +13431,2085 @@ paths: message: type: string statusCode: - enum: - - 400 type: number - description: BAD REQUEST - summary: Unenroll agent + required: + - message + summary: '' tags: - - Elastic Agents - /api/fleet/agents/{agentId}/upgrade: - parameters: - - in: path - name: agentId - required: true - schema: - type: string + - Elastic Agent policies + /api/fleet/agent_policies/{agentPolicyId}/copy: post: - operationId: upgrade-agent + description: Copy an agent policy by ID + operationId: '%2Fapi%2Ffleet%2Fagent_policies%2F%7BagentPolicyId%7D%2Fcopy#0' parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: agentPolicyId + required: true + schema: + type: string + - in: query + name: format + required: false + schema: + enum: + - simplified + - legacy + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Fleet_upgrade_agent' - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Fleet_upgrade_agent' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Upgrade agent - tags: - - Elastic Agents - /api/fleet/agents/{agentId}/uploads: - get: - operationId: list-agent-uploads + additionalProperties: false + type: object + properties: + description: + type: string + name: + minLength: 1 + type: string + required: + - name responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - body: + item: + additionalProperties: false type: object properties: - item: + advanced_settings: + additionalProperties: false + type: object + properties: + agent_download_target_directory: + nullable: true + agent_download_timeout: + default: 2h + nullable: true + agent_limits_go_max_procs: + nullable: true + agent_logging_level: + default: info + nullable: true + agent_logging_metrics_period: + default: 30s + nullable: true + agent_features: items: - $ref: '#/components/schemas/Fleet_agent_diagnostics' + additionalProperties: false + type: object + properties: + enabled: + type: boolean + name: + type: string + required: + - name + - enabled type: array - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: List agent uploads - tags: - - Elastic Agents - parameters: - - in: path - name: agentId - required: true - schema: - type: string - /api/fleet/agents/action_status: - get: - operationId: agents-action-status - parameters: - - $ref: '#/components/parameters/Fleet_page_size' - - $ref: '#/components/parameters/Fleet_page_index' - - in: query - name: errorSize - schema: - default: 5 - type: integer - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - items: - items: - type: object - properties: - actionId: - type: string - cancellationTime: - type: string - completionTime: - type: string - creationTime: - description: creation time of action - type: string - expiration: - type: string - latestErrors: - description: >- - latest errors that happened when the agents executed - the action - items: + agents: + type: number + data_output_id: + nullable: true + type: string + description: + type: string + download_source_id: + nullable: true + type: string + fleet_server_host_id: + nullable: true + type: string + global_data_tags: + description: >- + User defined data tags that are added to all of the + inputs. The values can be strings or numbers. + items: + additionalProperties: false + type: object + properties: + name: + type: string + value: + anyOf: + - type: string + - type: number + required: + - name + - value + type: array + has_fleet_server: + type: boolean + id: + type: string + inactivity_timeout: + default: 1209600 + minimum: 0 + type: number + is_default: + type: boolean + is_default_fleet_server: + type: boolean + is_managed: + type: boolean + is_preconfigured: + type: boolean + is_protected: + description: >- + Indicates whether the agent policy has tamper + protection enabled. Default false. + type: boolean + keep_monitoring_alive: + default: false + description: >- + When set to true, monitoring will be enabled but + logs/metrics collection will be disabled + nullable: true + type: boolean + monitoring_diagnostics: + additionalProperties: false + type: object + properties: + limit: + additionalProperties: false type: object properties: - agentId: + burst: + type: number + interval: type: string - error: + uploader: + additionalProperties: false + type: object + properties: + init_dur: type: string - timestamp: + max_dur: type: string - type: array - nbAgentsAck: - description: number of agents that acknowledged the action - type: number - nbAgentsActionCreated: - description: number of agents included in action from kibana - type: number - nbAgentsActioned: - description: number of agents actioned - type: number - nbAgentsFailed: - description: number of agents that failed to execute the action - type: number - newPolicyId: - description: new policy id (POLICY_REASSIGN action) - type: string - policyId: - description: policy id (POLICY_CHANGE action) - type: string - revision: - description: new policy revision (POLICY_CHANGE action) - type: string - startTime: - description: start time of action (scheduled actions) - type: string - status: - enum: - - COMPLETE - - EXPIRED - - CANCELLED - - FAILED - - IN_PROGRESS - - ROLLOUT_PASSED - type: string - type: + max_retries: + type: number + monitoring_enabled: + items: enum: - - POLICY_REASSIGN - - UPGRADE - - UNENROLL - - FORCE_UNENROLL - - UPDATE_TAGS - - CANCEL - - REQUEST_DIAGNOSTICS - - SETTINGS - - POLICY_CHANGE - - INPUT_ACTION + - logs + - metrics + - traces type: string - version: - description: agent version number (UPGRADE action) + type: array + monitoring_http: + additionalProperties: false + type: object + properties: + buffer: + additionalProperties: false + type: object + properties: + enabled: + default: false + type: boolean + enabled: + type: boolean + host: + type: string + port: + maximum: 65353 + minimum: 0 + type: number + required: + - enabled + monitoring_output_id: + nullable: true + type: string + monitoring_pprof_enabled: + type: boolean + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + overrides: + additionalProperties: {} + description: >- + Override settings that are defined in the agent + policy. Input settings cannot be overridden. The + override option should be used only in unusual + circumstances and not as a routine procedure. + nullable: true + type: object + package_policies: + anyOf: + - items: + type: string + type: array + - description: >- + This field is present only when retrieving a + single agent policy, or when retrieving a list of + agent policies with the ?full=true parameter + items: + additionalProperties: false + type: object + properties: + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to + inherit the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the + package policy. The override option should + be used only in unusual circumstances and + not as a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy + will be added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy + will be added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + updated_at: + type: string + updated_by: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + version: + type: string + required: + - name + - enabled + - inputs + - id + - revision + - updated_at + - updated_by + - created_at + - created_by + type: array + revision: + type: number + schema_version: + type: string + space_ids: + items: type: string - required: - - actionId - - complete - - nbAgentsActioned - - nbAgentsActionCreated - - nbAgentsAck - - nbAgentsFailed - - status - - creationTime - - type - type: array + type: array + status: + enum: + - active + - inactive + type: string + supports_agentless: + default: false + description: >- + Indicates whether the agent policy supports agentless + integrations. + nullable: true + type: boolean + unenroll_timeout: + minimum: 0 + type: number + unprivileged_agents: + type: number + updated_at: + type: string + updated_by: + type: string + version: + type: string + required: + - id + - name + - namespace + - is_managed + - is_protected + - status + - updated_at + - updated_by + - revision required: - - items - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get agent action status - tags: - - Elastic Agent actions - /api/fleet/agents/actions/{actionId}/cancel: - parameters: - - in: path - name: actionId - required: true - schema: - type: string - post: - operationId: agent-action-cancel - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_agent_action' - description: OK + - item '400': - $ref: '#/components/responses/Fleet_error' - summary: Cancel agent action - tags: - - Elastic Agent actions - /api/fleet/agents/bulk_reassign: - post: - operationId: bulk-reassign-agents - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - example: - agents: 'fleet-agents.policy_id : ("policy1" or "policy2")' - policy_id: policy_id - schema: - type: object - properties: - agents: - oneOf: - - description: KQL query string, leave empty to action all agents - type: string - - description: list of agent IDs - items: - type: string - type: array - policy_id: - description: new agent policy id - type: string - required: - - policy_id - - agents - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - actionId: + error: type: string - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Bulk reassign agents + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Elastic Agents - /api/fleet/agents/bulk_request_diagnostics: - post: - operationId: bulk-request-diagnostics + - Elastic Agent policies + /api/fleet/agent_policies/{agentPolicyId}/download: + get: + description: Download an agent policy by ID + operationId: '%2Fapi%2Ffleet%2Fagent_policies%2F%7BagentPolicyId%7D%2Fdownload#0' parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - example: - agents: 'fleet-agents.policy_id : ("policy1" or "policy2")' - schema: - type: object - properties: - additional_metrics: - items: - oneOf: - - enum: - - CPU - type: string - type: array - agents: - oneOf: - - description: KQL query string, leave empty to action all agents - type: string - - description: list of agent IDs - items: - type: string - type: array - batchSize: - type: number - required: - - agents + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: agentPolicyId + required: true + schema: + type: string + - in: query + name: download + required: false + schema: + type: boolean + - in: query + name: standalone + required: false + schema: + type: boolean + - in: query + name: kubernetes + required: false + schema: + type: boolean responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - actionId: - type: string - description: OK + type: string '400': - $ref: '#/components/responses/Fleet_error' - summary: Bulk request diagnostics from agents - tags: - - Elastic Agents - /api/fleet/agents/bulk_unenroll: - post: - operationId: bulk-unenroll-agents - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - example: - agents: - - agent1 - - agent2 - force: false - revoke: true - schema: - type: object - properties: - agents: - oneOf: - - description: KQL query string, leave empty to action all agents - type: string - - description: list of agent IDs - items: - type: string - type: array - force: - description: Unenrolls hosted agents too - type: boolean - includeInactive: - description: >- - When passing agents by KQL query, unenrolls inactive agents - too - type: boolean - revoke: - description: Revokes API keys of agents - type: boolean - required: - - agents - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - actionId: - type: string - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Bulk unenroll agents - tags: - - Elastic Agents - /api/fleet/agents/bulk_update_agent_tags: - post: - operationId: bulk-update-agent-tags - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - example: - agents: - - agent1 - - agent2 - tagsToAdd: - - newTag - tagsToRemove: - - existingTag - schema: - type: object - properties: - agents: - oneOf: - - description: KQL query string, leave empty to action all agents - type: string - - description: list of agent IDs - items: - type: string - type: array - batchSize: - type: number - tagsToAdd: - items: + error: type: string - type: array - tagsToRemove: - items: + message: type: string - type: array - required: - - agents - responses: - '200': + statusCode: + type: number + required: + - message + '404': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - actionId: + error: type: string - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Bulk update agent tags - tags: - - Elastic Agents - /api/fleet/agents/bulk_upgrade: - post: - operationId: bulk-upgrade-agents - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - example: - agents: - - agent1 - - agent2 - rollout_duration_seconds: 3600 - source_uri: https://artifacts.elastic.co/downloads/beats/elastic-agent - start_time: '2022-08-03T14:00:00.000Z' - version: 8.4.0 - schema: - $ref: '#/components/schemas/Fleet_bulk_upgrade_agents' - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - actionId: + message: type: string - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Bulk upgrade agents + statusCode: + type: number + required: + - message + summary: '' tags: - - Elastic Agents - /api/fleet/agents/files/{fileId}: - delete: - operationId: delete-agent-upload-file + - Elastic Agent policies + /api/fleet/agent_policies/{agentPolicyId}/full: + get: + description: Get a full agent policy by ID + operationId: '%2Fapi%2Ffleet%2Fagent_policies%2F%7BagentPolicyId%7D%2Ffull#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: agentPolicyId + required: true + schema: + type: string + - in: query + name: download + required: false + schema: + type: boolean + - in: query + name: standalone + required: false + schema: + type: boolean + - in: query + name: kubernetes + required: false + schema: + type: boolean responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - body: - type: object - properties: - deleted: - type: boolean - id: - type: string - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete file uploaded by agent - tags: - - Elastic Agents - parameters: - - in: path - name: fileId - required: true - schema: - type: string - /api/fleet/agents/files/{fileId}/{fileName}: - get: - operationId: get-agent-upload-file - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - body: - type: object - properties: - items: + item: + anyOf: + - type: string + - additionalProperties: false type: object properties: - body: {} - headers: {} - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get file uploaded by agent - tags: - - Elastic Agents - parameters: - - in: path - name: fileId - required: true - schema: - type: string - - in: path - name: fileName - required: true - schema: - type: string - /api/fleet/agents/setup: - get: - operationId: get-agents-setup-status - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Fleet_fleet_status_response' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get agent setup info - tags: - - Elastic Agents - post: - operationId: setup-agents - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - admin_password: - type: string - admin_username: - type: string - required: - - admin_username - - admin_password - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Fleet_fleet_setup_response' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Initiate agent setup - tags: - - Elastic Agents - /api/fleet/agents/tags: - get: - operationId: get-agent-tags - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Fleet_get_agent_tags_response' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: List agent tags - tags: - - Elastic Agents - /api/fleet/data_streams: - get: - operationId: data-streams-list - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - data_streams: - items: - $ref: '#/components/schemas/Fleet_data_stream' - type: array - description: OK + agent: + additionalProperties: false + type: object + properties: + download: + additionalProperties: false + type: object + properties: + sourceURI: + type: string + required: + - sourceURI + features: + additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + type: boolean + required: + - enabled + type: object + monitoring: + additionalProperties: false + type: object + properties: + enabled: + type: boolean + logs: + type: boolean + metrics: + type: boolean + namespace: + type: string + traces: + type: boolean + use_output: + type: string + required: + - enabled + - metrics + - logs + - traces + protection: + additionalProperties: false + type: object + properties: + enabled: + type: boolean + signing_key: + type: string + uninstall_token_hash: + type: string + required: + - enabled + - uninstall_token_hash + - signing_key + required: + - monitoring + - download + - features + fleet: + anyOf: + - additionalProperties: false + type: object + properties: + hosts: + items: + type: string + type: array + proxy_headers: {} + proxy_url: + type: string + ssl: + additionalProperties: false + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + renegotiation: + type: string + verification_mode: + type: string + required: + - hosts + - proxy_headers + - additionalProperties: false + type: object + properties: + kibana: + additionalProperties: false + type: object + properties: + hosts: + items: + type: string + type: array + path: + type: string + protocol: + type: string + required: + - hosts + - protocol + required: + - kibana + id: + type: string + inputs: + items: + additionalProperties: true + type: object + properties: + data_stream: + additionalProperties: true + type: object + properties: + namespace: + type: string + required: + - namespace + id: + type: string + meta: + additionalProperties: true + type: object + properties: + package: + additionalProperties: true + type: object + properties: + name: + type: string + version: + type: string + required: + - name + - version + name: + type: string + package_policy_id: + type: string + processors: + items: + additionalProperties: true + type: object + properties: + add_fields: + additionalProperties: true + type: object + properties: + fields: + additionalProperties: + anyOf: + - type: string + - type: number + type: object + target: + type: string + required: + - target + - fields + required: + - add_fields + type: array + revision: + type: number + streams: + items: + additionalProperties: true + type: object + properties: + data_stream: + additionalProperties: true + type: object + properties: + dataset: + type: string + type: + type: string + required: + - dataset + id: + type: string + required: + - id + - data_stream + type: array + type: + type: string + use_output: + type: string + required: + - id + - name + - revision + - type + - data_stream + - use_output + - package_policy_id + type: array + namespaces: + items: + type: string + type: array + output_permissions: + additionalProperties: + additionalProperties: {} + type: object + type: object + outputs: + additionalProperties: + additionalProperties: true + type: object + properties: + ca_sha256: + nullable: true + type: string + hosts: + items: + type: string + type: array + proxy_headers: {} + proxy_url: + type: string + type: + type: string + required: + - type + - proxy_headers + type: object + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + signed: + additionalProperties: false + type: object + properties: + data: + type: string + signature: + type: string + required: + - data + - signature + required: + - id + - outputs + - inputs + required: + - item '400': - $ref: '#/components/responses/Fleet_error' - summary: List data streams - tags: - - Data streams - parameters: [] - /api/fleet/enrollment_api_keys: - get: - operationId: get-enrollment-api-keys - parameters: - - $ref: '#/components/parameters/Fleet_page_size' - - $ref: '#/components/parameters/Fleet_page_index' - - $ref: '#/components/parameters/Fleet_kuery' - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - items: - items: - $ref: '#/components/schemas/Fleet_enrollment_api_key' - type: array - list: - deprecated: true - items: - $ref: '#/components/schemas/Fleet_enrollment_api_key' - type: array - page: - type: number - perPage: - type: number - total: + error: + type: string + message: + type: string + statusCode: type: number required: - - items - - page - - perPage - - total - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: List enrollment API keys + - message + summary: '' tags: - - Fleet enrollment API keys + - Elastic Agent policies + /api/fleet/agent_policies/delete: post: - operationId: create-enrollment-api-keys + description: Delete agent policy by ID + operationId: '%2Fapi%2Ffleet%2Fagent_policies%2Fdelete#0' parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - name: - description: The name of the enrollment API key. Must be unique. + agentPolicyId: type: string - policy_id: + force: description: >- - The ID of the agent policy the Elastic Agent will be - enrolled in. - type: string + bypass validation checks that can prevent agent policy + deletion + type: boolean required: - - policy_id + - agentPolicyId responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - action: - enum: - - created + id: type: string - item: - $ref: '#/components/schemas/Fleet_enrollment_api_key' - description: OK + name: + type: string + required: + - id + - name '400': - $ref: '#/components/responses/Fleet_error' - summary: Create enrollment API key - tags: - - Fleet enrollment API keys - /api/fleet/enrollment_api_keys/{keyId}: - delete: - operationId: delete-enrollment-api-key - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - action: - enum: - - deleted + error: + type: string + message: type: string + statusCode: + type: number required: - - action - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Revoke enrollment API key by ID by marking it as inactive + - message + summary: '' tags: - - Fleet enrollment API keys + - Elastic Agent policies + /api/fleet/agent_status: get: - operationId: get-enrollment-api-key + description: Get agent status summary + operationId: '%2Fapi%2Ffleet%2Fagent_status#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: policyId + required: false + schema: + type: string + - in: query + name: policyIds + required: false + schema: + anyOf: + - items: + type: string + type: array + - type: string + - in: query + name: kuery + required: false + schema: + deprecated: true + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - item: - $ref: '#/components/schemas/Fleet_enrollment_api_key' + results: + additionalProperties: false + type: object + properties: + active: + type: number + all: + type: number + error: + type: number + events: + type: number + inactive: + type: number + offline: + type: number + online: + type: number + other: + type: number + total: + deprecated: true + type: number + unenrolled: + type: number + updating: + type: number + required: + - events + - total + - online + - error + - offline + - other + - updating + - inactive + - unenrolled + - all + - active required: - - item - description: OK + - results '400': - $ref: '#/components/responses/Fleet_error' - summary: Get enrollment API key by ID - tags: - - Fleet enrollment API keys - parameters: - - in: path - name: keyId - required: true - schema: - type: string - /api/fleet/enrollment-api-keys: - get: - deprecated: true - operationId: get-enrollment-api-keys-deprecated - parameters: [] - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - items: - items: - $ref: '#/components/schemas/Fleet_enrollment_api_key' - type: array - list: - deprecated: true - items: - $ref: '#/components/schemas/Fleet_enrollment_api_key' - type: array - page: - type: number - perPage: - type: number - total: + error: + type: string + message: + type: string + statusCode: type: number required: - - items - - page - - perPage - - total - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: List enrollment API keys + - message + summary: '' tags: - - Fleet enrollment API keys - post: - deprecated: true - operationId: create-enrollment-api-keys-deprecated + - Elastic Agent status + /api/fleet/agent_status/data: + get: + description: Get incoming agent data + operationId: '%2Fapi%2Ffleet%2Fagent_status%2Fdata#0' parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: agentsIds + required: true + schema: + anyOf: + - items: + type: string + type: array + - type: string + - in: query + name: previewData + required: false + schema: + default: false + type: boolean responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - action: - enum: - - created - type: string - item: - $ref: '#/components/schemas/Fleet_enrollment_api_key' - description: OK + dataPreview: + items: {} + type: array + items: + items: + additionalProperties: + additionalProperties: false + type: object + properties: + data: + type: boolean + required: + - data + type: object + type: array + required: + - items + - dataPreview '400': - $ref: '#/components/responses/Fleet_error' - summary: Create enrollment API key - tags: - - Fleet enrollment API keys - /api/fleet/enrollment-api-keys/{keyId}: - delete: - deprecated: true - operationId: delete-enrollment-api-key-deprecated - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - action: - enum: - - deleted + error: + type: string + message: type: string + statusCode: + type: number required: - - action - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete enrollment API key by ID + - message + summary: '' tags: - - Fleet enrollment API keys + - Elastic Agents + /api/fleet/agent-status: get: deprecated: true - operationId: get-enrollment-api-key-deprecated - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_enrollment_api_key' - required: - - item - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get enrollment API key by ID - tags: - - Fleet enrollment API keys - parameters: - - in: path - name: keyId - required: true - schema: - type: string - /api/fleet/epm/bulk_assets: - post: - operationId: bulk-get-assets - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - assetIds: - description: list of items necessary to fetch assets - items: - type: object - properties: - id: - type: string - type: - type: string - type: array - required: - - assetIds - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Fleet_get_bulk_assets_response' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Bulk get assets - tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/categories: - get: - operationId: get-package-categories - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Fleet_get_categories_response' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: List package categories - tags: - - Elastic Package Manager (EPM) - parameters: - - description: >- - Whether to include prerelease packages in categories count (e.g. beta, - rc, preview) - in: query - name: prerelease - schema: - default: false - type: boolean - - deprecated: true - in: query - name: experimental - schema: - default: false - type: boolean - - in: query - name: include_policy_templates - schema: - default: false - type: boolean - /api/fleet/epm/packages: + operationId: '%2Fapi%2Ffleet%2Fagent-status#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: policyId + required: false + schema: + type: string + - in: query + name: policyIds + required: false + schema: + anyOf: + - items: + type: string + type: array + - type: string + - in: query + name: kuery + required: false + schema: + deprecated: true + type: string + responses: {} + summary: '' + tags: [] + /api/fleet/agents: get: - operationId: list-all-packages + description: List agents + operationId: '%2Fapi%2Ffleet%2Fagents#0' parameters: - - description: >- - Whether to exclude the install status of each package. Enabling this - option will opt in to caching for the response via `cache-control` - headers. If you don't need up-to-date installation info for a - package, and are querying for a list of available packages, - providing this flag can improve performance substantially. - in: query - name: excludeInstallStatus + - description: The version of the API to use + in: header + name: elastic-api-version schema: - default: false - type: boolean - - description: >- - Whether to return prerelease versions of packages (e.g. beta, rc, - preview) - in: query - name: prerelease + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: page + required: false + schema: + default: 1 + type: number + - in: query + name: perPage + required: false + schema: + default: 20 + type: number + - in: query + name: kuery + required: false + schema: + type: string + - in: query + name: showInactive + required: false schema: default: false type: boolean - - deprecated: true - in: query - name: experimental + - in: query + name: withMetrics + required: false schema: default: false type: boolean - in: query - name: category - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Fleet_get_packages_response' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: List packages - tags: - - Elastic Package Manager (EPM) - post: - description: '' - operationId: install-package-by-upload - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - - description: avoid erroring out on unexpected mapping update errors - in: query - name: ignoreMappingUpdateErrors + name: showUpgradeable + required: false schema: default: false type: boolean - - description: >- - Skip data stream rollover during index template mapping or settings - update - in: query - name: skipDataStreamRollover + - in: query + name: getStatusSummary + required: false schema: default: false type: boolean - requestBody: - content: - application/gzip; Elastic-Api-Version=2023-10-31: - schema: - format: binary - type: string - application/zip; Elastic-Api-Version=2023-10-31: - schema: - format: binary - type: string + - in: query + name: sortField + required: false + schema: + type: string + - in: query + name: sortOrder + required: false + schema: + enum: + - asc + - desc + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - _meta: - type: object - properties: - install_source: - enum: - - upload - - registry - - bundled - type: string items: items: + additionalProperties: false type: object properties: + access_api_key: + type: string + access_api_key_id: + type: string + active: + type: boolean + agent: + additionalProperties: true + type: object + properties: + id: + type: string + version: + type: string + required: + - id + - version + components: + items: + additionalProperties: false + type: object + properties: + id: + type: string + message: + type: string + status: + enum: + - STARTING + - CONFIGURING + - HEALTHY + - DEGRADED + - FAILED + - STOPPING + - STOPPED + type: string + type: + type: string + units: + items: + additionalProperties: false + type: object + properties: + id: + type: string + message: + type: string + payload: + additionalProperties: {} + type: object + status: + enum: + - STARTING + - CONFIGURING + - HEALTHY + - DEGRADED + - FAILED + - STOPPING + - STOPPED + type: string + type: + enum: + - input + - output + type: string + required: + - id + - type + - status + - message + type: array + required: + - id + - type + - status + - message + type: array + default_api_key: + type: string + default_api_key_history: + items: + additionalProperties: false + deprecated: true + type: object + properties: + id: + type: string + retired_at: + type: string + required: + - id + - retired_at + type: array + default_api_key_id: + type: string + enrolled_at: + type: string id: type: string + last_checkin: + type: string + last_checkin_message: + type: string + last_checkin_status: + enum: + - error + - online + - degraded + - updating + - starting + type: string + local_metadata: + additionalProperties: {} + type: object + metrics: + additionalProperties: false + type: object + properties: + cpu_avg: + type: number + memory_size_byte_avg: + type: number + namespaces: + items: + type: string + type: array + outputs: + additionalProperties: + additionalProperties: false + type: object + properties: + api_key_id: + type: string + to_retire_api_key_ids: + items: + additionalProperties: false + type: object + properties: + id: + type: string + retired_at: + type: string + required: + - id + - retired_at + type: array + type: + type: string + required: + - api_key_id + - type + type: object + packages: + items: + type: string + type: array + policy_id: + type: string + policy_revision: + nullable: true + type: number + sort: + items: + anyOf: + - type: number + - type: string + - enum: [] + nullable: true + type: array + status: + enum: + - offline + - error + - online + - inactive + - enrolling + - unenrolling + - unenrolled + - updating + - degraded + type: string + tags: + items: + type: string + type: array type: - oneOf: - - $ref: >- - #/components/schemas/Fleet_kibana_saved_object_type - - $ref: >- - #/components/schemas/Fleet_elasticsearch_asset_type + enum: + - PERMANENT + - EPHEMERAL + - TEMPORARY + type: string + unenrolled_at: + type: string + unenrollment_started_at: + type: string + unhealthy_reason: + items: + enum: + - input + - output + - other + type: string + nullable: true + type: array + upgrade_details: + additionalProperties: false + type: object + properties: + action_id: + type: string + metadata: + additionalProperties: false + type: object + properties: + download_percent: + type: number + download_rate: + type: number + error_msg: + type: string + failed_state: + enum: + - UPG_REQUESTED + - UPG_SCHEDULED + - UPG_DOWNLOADING + - UPG_EXTRACTING + - UPG_REPLACING + - UPG_RESTARTING + - UPG_FAILED + - UPG_WATCHING + - UPG_ROLLBACK + type: string + retry_error_msg: + type: string + retry_until: + type: string + scheduled_at: + type: string + state: + enum: + - UPG_REQUESTED + - UPG_SCHEDULED + - UPG_DOWNLOADING + - UPG_EXTRACTING + - UPG_REPLACING + - UPG_RESTARTING + - UPG_FAILED + - UPG_WATCHING + - UPG_ROLLBACK + type: string + target_version: + type: string + required: + - target_version + - action_id + - state + upgrade_started_at: + nullable: true + type: string + upgraded_at: + nullable: true + type: string + user_provided_metadata: + additionalProperties: {} + type: object + required: + - id + - packages + - type + - active + - enrolled_at + - local_metadata + type: array + list: + deprecated: true + items: + additionalProperties: false + type: object + properties: + access_api_key: + type: string + access_api_key_id: + type: string + active: + type: boolean + agent: + additionalProperties: true + type: object + properties: + id: + type: string + version: + type: string + required: + - id + - version + components: + items: + additionalProperties: false + type: object + properties: + id: + type: string + message: + type: string + status: + enum: + - STARTING + - CONFIGURING + - HEALTHY + - DEGRADED + - FAILED + - STOPPING + - STOPPED + type: string + type: + type: string + units: + items: + additionalProperties: false + type: object + properties: + id: + type: string + message: + type: string + payload: + additionalProperties: {} + type: object + status: + enum: + - STARTING + - CONFIGURING + - HEALTHY + - DEGRADED + - FAILED + - STOPPING + - STOPPED + type: string + type: + enum: + - input + - output + type: string + required: + - id + - type + - status + - message + type: array + required: + - id + - type + - status + - message + type: array + default_api_key: + type: string + default_api_key_history: + items: + additionalProperties: false + deprecated: true + type: object + properties: + id: + type: string + retired_at: + type: string + required: + - id + - retired_at + type: array + default_api_key_id: + type: string + enrolled_at: + type: string + id: + type: string + last_checkin: + type: string + last_checkin_message: + type: string + last_checkin_status: + enum: + - error + - online + - degraded + - updating + - starting + type: string + local_metadata: + additionalProperties: {} + type: object + metrics: + additionalProperties: false + type: object + properties: + cpu_avg: + type: number + memory_size_byte_avg: + type: number + namespaces: + items: + type: string + type: array + outputs: + additionalProperties: + additionalProperties: false + type: object + properties: + api_key_id: + type: string + to_retire_api_key_ids: + items: + additionalProperties: false + type: object + properties: + id: + type: string + retired_at: + type: string + required: + - id + - retired_at + type: array + type: + type: string + required: + - api_key_id + - type + type: object + packages: + items: + type: string + type: array + policy_id: + type: string + policy_revision: + nullable: true + type: number + sort: + items: + anyOf: + - type: number + - type: string + - enum: [] + nullable: true + type: array + status: + enum: + - offline + - error + - online + - inactive + - enrolling + - unenrolling + - unenrolled + - updating + - degraded + type: string + tags: + items: + type: string + type: array + type: + enum: + - PERMANENT + - EPHEMERAL + - TEMPORARY + type: string + unenrolled_at: + type: string + unenrollment_started_at: + type: string + unhealthy_reason: + items: + enum: + - input + - output + - other + type: string + nullable: true + type: array + upgrade_details: + additionalProperties: false + type: object + properties: + action_id: + type: string + metadata: + additionalProperties: false + type: object + properties: + download_percent: + type: number + download_rate: + type: number + error_msg: + type: string + failed_state: + enum: + - UPG_REQUESTED + - UPG_SCHEDULED + - UPG_DOWNLOADING + - UPG_EXTRACTING + - UPG_REPLACING + - UPG_RESTARTING + - UPG_FAILED + - UPG_WATCHING + - UPG_ROLLBACK + type: string + retry_error_msg: + type: string + retry_until: + type: string + scheduled_at: + type: string + state: + enum: + - UPG_REQUESTED + - UPG_SCHEDULED + - UPG_DOWNLOADING + - UPG_EXTRACTING + - UPG_REPLACING + - UPG_RESTARTING + - UPG_FAILED + - UPG_WATCHING + - UPG_ROLLBACK + type: string + target_version: + type: string + required: + - target_version + - action_id + - state + upgrade_started_at: + nullable: true + type: string + upgraded_at: + nullable: true + type: string + user_provided_metadata: + additionalProperties: {} + type: object required: - id + - packages - type + - active + - enrolled_at + - local_metadata type: array + page: + type: number + perPage: + type: number + statusSummary: + additionalProperties: + type: number + type: object + total: + type: number required: - items - description: OK + - total + - page + - perPage '400': - $ref: '#/components/responses/Fleet_error' - '429': - $ref: '#/components/responses/Fleet_error' - summary: Install by package by direct upload + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/packages/_bulk: + - Elastic Agents post: - operationId: bulk-install-packages + description: List agents by action ids + operationId: '%2Fapi%2Ffleet%2Fagents#1' parameters: - - description: >- - Whether to return prerelease versions of packages (e.g. beta, rc, - preview) - in: query - name: prerelease + - description: The version of the API to use + in: header + name: elastic-api-version schema: - default: false - type: boolean + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - force: - description: force install to ignore package verification errors - type: boolean - packages: - description: list of packages to install + actionIds: items: - oneOf: - - description: package name - type: string - - type: object - properties: - name: - description: package name - type: string - version: - description: package version - type: string + type: string type: array required: - - packages + - actionIds responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Fleet_bulk_install_packages_response' - description: OK + additionalProperties: false + type: object + properties: + items: + items: + type: string + type: array + required: + - items '400': - $ref: '#/components/responses/Fleet_error' - summary: Bulk install packages + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/packages/{pkgkey}: + - Elastic Agents + /api/fleet/agents/{agentId}: delete: - deprecated: true - operationId: delete-package-deprecated + description: Delete agent by ID + operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D#2' parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string - in: path - name: pkgkey + name: agentId required: true schema: type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - force: - type: boolean responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - response: - items: - type: object - properties: - id: - type: string - type: - oneOf: - - $ref: >- - #/components/schemas/Fleet_kibana_saved_object_type - - $ref: >- - #/components/schemas/Fleet_elasticsearch_asset_type - required: - - id - - type - type: array + action: + enum: + - deleted + type: string required: - - response - description: OK + - action '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete ackage - tags: - - Elastic Package Manager (EPM) + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agents get: - deprecated: true - operationId: get-package-deprecated + description: Get agent by ID + operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D#0' parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string - in: path - name: pkgkey + name: agentId required: true schema: type: string - - description: >- - Whether to return prerelease versions of packages (e.g. beta, rc, - preview) - in: query - name: prerelease + - in: query + name: withMetrics + required: false schema: default: false type: boolean @@ -11892,764 +15518,1091 @@ paths: content: application/json; Elastic-Api-Version=2023-10-31: schema: - allOf: - - properties: - response: - $ref: '#/components/schemas/Fleet_package_info' - - properties: - savedObject: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + access_api_key: + type: string + access_api_key_id: + type: string + active: + type: boolean + agent: + additionalProperties: true + type: object + properties: + id: + type: string + version: + type: string + required: + - id + - version + components: + items: + additionalProperties: false + type: object + properties: + id: + type: string + message: + type: string + status: + enum: + - STARTING + - CONFIGURING + - HEALTHY + - DEGRADED + - FAILED + - STOPPING + - STOPPED + type: string + type: + type: string + units: + items: + additionalProperties: false + type: object + properties: + id: + type: string + message: + type: string + payload: + additionalProperties: {} + type: object + status: + enum: + - STARTING + - CONFIGURING + - HEALTHY + - DEGRADED + - FAILED + - STOPPING + - STOPPED + type: string + type: + enum: + - input + - output + type: string + required: + - id + - type + - status + - message + type: array + required: + - id + - type + - status + - message + type: array + default_api_key: + type: string + default_api_key_history: + items: + additionalProperties: false + deprecated: true + type: object + properties: + id: + type: string + retired_at: + type: string + required: + - id + - retired_at + type: array + default_api_key_id: + type: string + enrolled_at: + type: string + id: + type: string + last_checkin: + type: string + last_checkin_message: + type: string + last_checkin_status: + enum: + - error + - online + - degraded + - updating + - starting + type: string + local_metadata: + additionalProperties: {} + type: object + metrics: + additionalProperties: false + type: object + properties: + cpu_avg: + type: number + memory_size_byte_avg: + type: number + namespaces: + items: + type: string + type: array + outputs: + additionalProperties: + additionalProperties: false + type: object + properties: + api_key_id: + type: string + to_retire_api_key_ids: + items: + additionalProperties: false + type: object + properties: + id: + type: string + retired_at: + type: string + required: + - id + - retired_at + type: array + type: + type: string + required: + - api_key_id + - type + type: object + packages: + items: + type: string + type: array + policy_id: type: string + policy_revision: + nullable: true + type: number + sort: + items: + anyOf: + - type: number + - type: string + - enum: [] + nullable: true + type: array status: enum: - - installed - - installing - - install_failed - - not_installed + - offline + - error + - online + - inactive + - enrolling + - unenrolling + - unenrolled + - updating + - degraded + type: string + tags: + items: + type: string + type: array + type: + enum: + - PERMANENT + - EPHEMERAL + - TEMPORARY + type: string + unenrolled_at: + type: string + unenrollment_started_at: + type: string + unhealthy_reason: + items: + enum: + - input + - output + - other + type: string + nullable: true + type: array + upgrade_details: + additionalProperties: false + type: object + properties: + action_id: + type: string + metadata: + additionalProperties: false + type: object + properties: + download_percent: + type: number + download_rate: + type: number + error_msg: + type: string + failed_state: + enum: + - UPG_REQUESTED + - UPG_SCHEDULED + - UPG_DOWNLOADING + - UPG_EXTRACTING + - UPG_REPLACING + - UPG_RESTARTING + - UPG_FAILED + - UPG_WATCHING + - UPG_ROLLBACK + type: string + retry_error_msg: + type: string + retry_until: + type: string + scheduled_at: + type: string + state: + enum: + - UPG_REQUESTED + - UPG_SCHEDULED + - UPG_DOWNLOADING + - UPG_EXTRACTING + - UPG_REPLACING + - UPG_RESTARTING + - UPG_FAILED + - UPG_WATCHING + - UPG_ROLLBACK + type: string + target_version: + type: string + required: + - target_version + - action_id + - state + upgrade_started_at: + nullable: true type: string + upgraded_at: + nullable: true + type: string + user_provided_metadata: + additionalProperties: {} + type: object required: - - status - - savedObject - type: object - description: OK + - id + - packages + - type + - active + - enrolled_at + - local_metadata + required: + - item '400': - $ref: '#/components/responses/Fleet_error' - summary: Get package - tags: - - Elastic Package Manager (EPM) - post: - deprecated: true - description: '' - operationId: install-package-deprecated - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - - in: path - name: pkgkey - required: true - schema: - type: string - - description: avoid erroring out on unexpected mapping update errors - in: query - name: ignoreMappingUpdateErrors - schema: - default: false - type: boolean - - description: >- - Skip data stream rollover during index template mapping or settings - update - in: query - name: skipDataStreamRollover - schema: - default: false - type: boolean - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - force: - type: boolean - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - response: - items: - type: object - properties: - id: - type: string - type: - oneOf: - - $ref: >- - #/components/schemas/Fleet_kibana_saved_object_type - - $ref: >- - #/components/schemas/Fleet_elasticsearch_asset_type - required: - - id - - type - type: array + error: + type: string + message: + type: string + statusCode: + type: number required: - - response - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Install package + - message + summary: '' tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/packages/{pkgName}/{pkgVersion}: - delete: - operationId: delete-package + - Elastic Agents + put: + description: Update agent by ID + operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D#1' parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - - description: delete package even if policies used by agents - in: query - name: force + - description: The version of the API to use + in: header + name: elastic-api-version schema: - type: boolean + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: agentId + required: true + schema: + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: - deprecated: true + additionalProperties: false type: object properties: - force: - type: boolean + tags: + items: + type: string + type: array + user_provided_metadata: + additionalProperties: {} + type: object responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - items: - items: - type: object - properties: - id: - type: string - type: - oneOf: - - $ref: >- - #/components/schemas/Fleet_kibana_saved_object_type - - $ref: >- - #/components/schemas/Fleet_elasticsearch_asset_type - required: - - id - - type - type: array - required: - - items - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete package - tags: - - Elastic Package Manager (EPM) - get: - operationId: get-package - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - allOf: - - properties: - item: - $ref: '#/components/schemas/Fleet_package_info' - - properties: - keepPoliciesUpToDate: + item: + additionalProperties: false + type: object + properties: + access_api_key: + type: string + access_api_key_id: + type: string + active: type: boolean - latestVersion: + agent: + additionalProperties: true + type: object + properties: + id: + type: string + version: + type: string + required: + - id + - version + components: + items: + additionalProperties: false + type: object + properties: + id: + type: string + message: + type: string + status: + enum: + - STARTING + - CONFIGURING + - HEALTHY + - DEGRADED + - FAILED + - STOPPING + - STOPPED + type: string + type: + type: string + units: + items: + additionalProperties: false + type: object + properties: + id: + type: string + message: + type: string + payload: + additionalProperties: {} + type: object + status: + enum: + - STARTING + - CONFIGURING + - HEALTHY + - DEGRADED + - FAILED + - STOPPING + - STOPPED + type: string + type: + enum: + - input + - output + type: string + required: + - id + - type + - status + - message + type: array + required: + - id + - type + - status + - message + type: array + default_api_key: type: string - licensePath: + default_api_key_history: + items: + additionalProperties: false + deprecated: true + type: object + properties: + id: + type: string + retired_at: + type: string + required: + - id + - retired_at + type: array + default_api_key_id: type: string - notice: + enrolled_at: type: string - savedObject: - deprecated: true + id: + type: string + last_checkin: + type: string + last_checkin_message: + type: string + last_checkin_status: + enum: + - error + - online + - degraded + - updating + - starting + type: string + local_metadata: + additionalProperties: {} + type: object + metrics: + additionalProperties: false + type: object + properties: + cpu_avg: + type: number + memory_size_byte_avg: + type: number + namespaces: + items: + type: string + type: array + outputs: + additionalProperties: + additionalProperties: false + type: object + properties: + api_key_id: + type: string + to_retire_api_key_ids: + items: + additionalProperties: false + type: object + properties: + id: + type: string + retired_at: + type: string + required: + - id + - retired_at + type: array + type: + type: string + required: + - api_key_id + - type type: object + packages: + items: + type: string + type: array + policy_id: + type: string + policy_revision: + nullable: true + type: number + sort: + items: + anyOf: + - type: number + - type: string + - enum: [] + nullable: true + type: array status: enum: - - installed - - installing - - install_failed - - not_installed + - offline + - error + - online + - inactive + - enrolling + - unenrolling + - unenrolled + - updating + - degraded + type: string + tags: + items: + type: string + type: array + type: + enum: + - PERMANENT + - EPHEMERAL + - TEMPORARY + type: string + unenrolled_at: + type: string + unenrollment_started_at: + type: string + unhealthy_reason: + items: + enum: + - input + - output + - other + type: string + nullable: true + type: array + upgrade_details: + additionalProperties: false + type: object + properties: + action_id: + type: string + metadata: + additionalProperties: false + type: object + properties: + download_percent: + type: number + download_rate: + type: number + error_msg: + type: string + failed_state: + enum: + - UPG_REQUESTED + - UPG_SCHEDULED + - UPG_DOWNLOADING + - UPG_EXTRACTING + - UPG_REPLACING + - UPG_RESTARTING + - UPG_FAILED + - UPG_WATCHING + - UPG_ROLLBACK + type: string + retry_error_msg: + type: string + retry_until: + type: string + scheduled_at: + type: string + state: + enum: + - UPG_REQUESTED + - UPG_SCHEDULED + - UPG_DOWNLOADING + - UPG_EXTRACTING + - UPG_REPLACING + - UPG_RESTARTING + - UPG_FAILED + - UPG_WATCHING + - UPG_ROLLBACK + type: string + target_version: + type: string + required: + - target_version + - action_id + - state + upgrade_started_at: + nullable: true + type: string + upgraded_at: + nullable: true type: string + user_provided_metadata: + additionalProperties: {} + type: object required: - - status - - savedObject - type: object - description: OK + - id + - packages + - type + - active + - enrolled_at + - local_metadata + required: + - item '400': - $ref: '#/components/responses/Fleet_error' - summary: Get package + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Elastic Package Manager (EPM) - parameters: - - in: path - name: pkgName - required: true - schema: - type: string - - in: path - name: pkgVersion - required: true - schema: - type: string - - description: Ignore if the package is fails signature verification - in: query - name: ignoreUnverified - schema: - type: boolean - - description: >- - Return all fields from the package manifest, not just those supported - by the Elastic Package Registry - in: query - name: full - schema: - type: boolean - - description: >- - Whether to return prerelease versions of packages (e.g. beta, rc, - preview) - in: query - name: prerelease - schema: - default: false - type: boolean + - Elastic Agents + /api/fleet/agents/{agentId}/actions: post: - description: '' - operationId: install-package + description: Create agent action + operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Factions#0' parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - - description: avoid erroring out on unexpected mapping update errors - in: query - name: ignoreMappingUpdateErrors + - description: The version of the API to use + in: header + name: elastic-api-version schema: - default: false - type: boolean - - description: >- - Skip data stream rollover during index template mapping or settings - update - in: query - name: skipDataStreamRollover + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true schema: - default: false - type: boolean + example: 'true' + type: string + - in: path + name: agentId + required: true + schema: + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - force: - type: boolean - ignore_constraints: - type: boolean + action: + anyOf: + - additionalProperties: false + type: object + properties: + ack_data: {} + data: {} + type: + enum: + - UNENROLL + - UPGRADE + - POLICY_REASSIGN + type: string + required: + - type + - data + - ack_data + - additionalProperties: false + type: object + properties: + data: + additionalProperties: false + type: object + properties: + log_level: + enum: + - debug + - info + - warning + - error + nullable: true + type: string + required: + - log_level + type: + enum: + - SETTINGS + type: string + required: + - type + - data + required: + - action responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - _meta: + item: + additionalProperties: false type: object properties: - install_source: - enum: - - registry - - upload - - bundled - type: string - items: - items: - type: object - properties: - id: + ack_data: {} + agents: + items: type: string - type: - oneOf: - - $ref: >- - #/components/schemas/Fleet_kibana_saved_object_type - - $ref: >- - #/components/schemas/Fleet_elasticsearch_asset_type - required: - - id - - type - type: array - required: - - items - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Install package - tags: - - Elastic Package Manager (EPM) - put: - description: '' - operationId: update-package - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - keepPoliciesUpToDate: - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - items: - items: - type: object - properties: - id: + type: array + created_at: + type: string + data: {} + expiration: + type: string + id: + type: string + minimum_execution_duration: + type: number + namespaces: + items: type: string - type: - oneOf: - - $ref: >- - #/components/schemas/Fleet_kibana_saved_object_type - - $ref: >- - #/components/schemas/Fleet_elasticsearch_asset_type - required: - - id - - type - type: array + type: array + rollout_duration_seconds: + type: number + sent_at: + type: string + source_uri: + type: string + start_time: + type: string + total: + type: number + type: + type: string + required: + - id + - type + - data + - created_at + - ack_data + - agents required: - - items - description: OK + - item '400': - $ref: '#/components/responses/Fleet_error' - summary: Update package settings - tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/packages/{pkgName}/{pkgVersion}/{filePath}: - get: - operationId: packages-get-file - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - body: - type: object - headers: - type: object + error: + type: string + message: + type: string statusCode: type: number - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get package file + required: + - message + summary: '' tags: - - Elastic Package Manager (EPM) - parameters: - - in: path - name: pkgName - required: true - schema: - type: string - - in: path - name: pkgVersion - required: true - schema: - type: string - - in: path - name: filePath - required: true - schema: - type: string - /api/fleet/epm/packages/{pkgName}/{pkgVersion}/transforms/authorize: + - Elastic Agent actions + /api/fleet/agents/{agentId}/reassign: post: - description: '' - operationId: reauthorize-transforms + description: Reassign agent + operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Freassign#1' parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - - in: path - name: pkgName + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf required: true schema: + example: 'true' type: string - in: path - name: pkgVersion + name: agentId required: true schema: type: string - - description: >- - Whether to include prerelease packages in categories count (e.g. - beta, rc, preview) - in: query - name: prerelease - schema: - default: false - type: boolean requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - transforms: - items: - type: object - properties: - transformId: - type: string - type: array - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - items: - items: - type: object - properties: - error: - type: string - success: - type: boolean - transformId: - type: string - required: - - transformId - - error - type: array - required: - - items - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Authorize transforms - tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/packages/{pkgName}/stats: - get: - operationId: get-package-stats - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - response: - $ref: '#/components/schemas/Fleet_package_usage_stats' - required: - - response - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get package stats - tags: - - Elastic Package Manager (EPM) - parameters: - - in: path - name: pkgName - required: true - schema: - type: string - /api/fleet/epm/packages/limited: - get: - operationId: list-limited-packages + policy_id: + type: string + required: + - policy_id responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object - properties: - items: - items: - type: string - type: array - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get limited package list - tags: - - Elastic Package Manager (EPM) - parameters: [] - /api/fleet/epm/templates/{pkgName}/{pkgVersion}/inputs: - get: - operationId: get-inputs-template - responses: - '200': - description: OK + properties: {} '400': - $ref: '#/components/responses/Fleet_error' - summary: Get inputs template - tags: - - Elastic Package Manager (EPM) - parameters: - - in: path - name: pkgName - required: true - schema: - type: string - - in: path - name: pkgVersion - required: true - schema: - type: string - - description: Format of response - json or yaml - in: query - name: format - schema: - enum: - - json - - yaml - - yml - type: string - - description: Specify if version is prerelease - in: query - name: prerelease - schema: - type: boolean - - description: Ignore if the package is fails signature verification - in: query - name: ignoreUnverified - schema: - type: boolean - /api/fleet/epm/verification_key_id: - get: - operationId: packages-get-verification-key-id - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - body: - type: object - properties: - id: - description: >- - the key ID of the GPG key used to verify package - signatures - nullable: true - type: string - headers: - type: object + error: + type: string + message: + type: string statusCode: type: number - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get package signature verification key ID - tags: - - Elastic Package Manager (EPM) - parameters: [] - /api/fleet/fleet_server_hosts: - get: - operationId: get-fleet-server-hosts - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - items: - items: - $ref: '#/components/schemas/Fleet_fleet_server_host' - type: array - page: - type: integer - perPage: - type: integer - total: - type: integer - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: List Fleet Server hosts + required: + - message + summary: '' tags: - - Fleet Server hosts + - Elastic Agent actions + put: + deprecated: true + operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Freassign#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: agentId + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + policy_id: + type: string + required: + - policy_id + responses: {} + summary: '' + tags: [] + /api/fleet/agents/{agentId}/request_diagnostics: post: - operationId: post-fleet-server-hosts + description: Request agent diagnostics + operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Frequest_diagnostics#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: agentId + required: true + schema: + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + nullable: true type: object properties: - host_urls: + additional_metrics: items: + enum: + - CPU type: string type: array - id: - type: string - is_default: - type: boolean - is_internal: - type: boolean - name: - type: string - proxy_id: - description: >- - The ID of the proxy to use for this fleet server host. See - the proxies API for more information. - type: string - required: - - name - - host_urls - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_fleet_server_host' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Create Fleet Server host - tags: - - Fleet Server hosts - /api/fleet/fleet_server_hosts/{itemId}: - delete: - operationId: delete-fleet-server-hosts - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - id: + actionId: type: string required: - - id - description: OK + - actionId '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete Fleet Server host by ID - tags: - - Fleet Server hosts - get: - operationId: get-one-fleet-server-hosts - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - item: - $ref: '#/components/schemas/Fleet_fleet_server_host' + error: + type: string + message: + type: string + statusCode: + type: number required: - - item - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get Fleet Server host by ID + - message + summary: '' tags: - - Fleet Server hosts - parameters: - - in: path - name: itemId - required: true - schema: - type: string - put: - operationId: update-fleet-server-hosts + - Elastic Agent actions + /api/fleet/agents/{agentId}/unenroll: + post: + description: Unenroll agent + operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Funenroll#0' parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: agentId + required: true + schema: + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + nullable: true type: object properties: - host_urls: - items: - type: string - type: array - is_default: + force: type: boolean - is_internal: + revoke: type: boolean - name: - type: string - proxy_id: - description: >- - The ID of the proxy to use for this fleet server host. See - the proxies API for more information. - nullable: true - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_fleet_server_host' - required: - - item - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Update Fleet Server host by ID + responses: {} + summary: '' tags: - - Fleet Server hosts - /api/fleet/health_check: + - Elastic Agent actions + /api/fleet/agents/{agentId}/upgrade: post: - operationId: fleet-server-health-check + description: Upgrade agent + operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Fupgrade#0' parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: agentId + required: true + schema: + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - host: - deprecated: true + force: + type: boolean + skipRateLimitCheck: + type: boolean + source_uri: type: string - id: + version: type: string required: - - id - required: true + - version responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + type: object + properties: {} + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error type: object properties: - host: - deprecated: true - type: string - id: - description: Fleet Server host id + error: type: string - status: + message: type: string - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Fleet Server health check + statusCode: + type: number + required: + - message + summary: '' tags: - - Fleet internals - /api/fleet/kubernetes: + - Elastic Agent actions + /api/fleet/agents/{agentId}/uploads: get: - operationId: get-full-k8s-manifest + description: List agent uploads + operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Fuploads#0' parameters: - - in: query - name: download - required: false - schema: - type: boolean - - in: query - name: fleetServer - required: false + - description: The version of the API to use + in: header + name: elastic-api-version schema: + default: '2023-10-31' + enum: + - '2023-10-31' type: string - - in: query - name: enrolToken - required: false + - in: path + name: agentId + required: true schema: type: string responses: @@ -12657,3069 +16610,6051 @@ paths: content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - item: - type: string - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get full K8s agent manifest - tags: - - Fleet Kubernetes - /api/fleet/logstash_api_keys: - post: - operationId: generate-logstash-api-key - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - api_key: - type: string - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Generate Logstash API key - tags: - - Fleet outputs - /api/fleet/outputs: - get: - operationId: get-outputs - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: + additionalProperties: false type: object properties: items: items: - $ref: '#/components/schemas/Fleet_output_create_request' + additionalProperties: false + type: object + properties: + actionId: + type: string + createTime: + type: string + error: + type: string + filePath: + type: string + id: + type: string + name: + type: string + status: + enum: + - READY + - AWAITING_UPLOAD + - DELETED + - EXPIRED + - IN_PROGRESS + - FAILED + type: string + required: + - id + - name + - filePath + - createTime + - status + - actionId type: array - page: - type: integer - perPage: - type: integer - total: - type: integer - description: OK + required: + - items '400': - $ref: '#/components/responses/Fleet_error' - summary: List outputs - tags: - - Fleet outputs - post: - operationId: post-outputs - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Fleet_output_create_request' - required: true - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - item: - $ref: '#/components/schemas/Fleet_output_create_request' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Create output + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Fleet outputs - /api/fleet/outputs/{outputId}: - delete: - operationId: delete-output + - Elastic Agents + /api/fleet/agents/action_status: + get: + description: Get agent action status + operationId: '%2Fapi%2Ffleet%2Fagents%2Faction_status#0' parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: page + required: false + schema: + default: 0 + type: number + - in: query + name: perPage + required: false + schema: + default: 20 + type: number + - in: query + name: date + required: false + schema: + type: string + - in: query + name: latest + required: false + schema: + type: number + - in: query + name: errorSize + required: false + schema: + default: 5 + type: number responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - id: - type: string + items: + items: + additionalProperties: false + type: object + properties: + actionId: + type: string + cancellationTime: + type: string + completionTime: + type: string + creationTime: + description: creation time of action + type: string + expiration: + type: string + hasRolloutPeriod: + type: boolean + latestErrors: + items: + additionalProperties: false + description: >- + latest errors that happened when the agents + executed the action + type: object + properties: + agentId: + type: string + error: + type: string + hostname: + type: string + timestamp: + type: string + required: + - agentId + - error + - timestamp + type: array + nbAgentsAck: + description: number of agents that acknowledged the action + type: number + nbAgentsActionCreated: + description: number of agents included in action from kibana + type: number + nbAgentsActioned: + description: number of agents actioned + type: number + nbAgentsFailed: + description: number of agents that failed to execute the action + type: number + newPolicyId: + description: new policy id (POLICY_REASSIGN action) + type: string + policyId: + description: policy id (POLICY_CHANGE action) + type: string + revision: + description: new policy revision (POLICY_CHANGE action) + type: number + startTime: + description: start time of action (scheduled actions) + type: string + status: + enum: + - COMPLETE + - EXPIRED + - CANCELLED + - FAILED + - IN_PROGRESS + - ROLLOUT_PASSED + type: string + type: + enum: + - UPGRADE + - UNENROLL + - SETTINGS + - POLICY_REASSIGN + - CANCEL + - FORCE_UNENROLL + - REQUEST_DIAGNOSTICS + - UPDATE_TAGS + - POLICY_CHANGE + - INPUT_ACTION + type: string + version: + description: agent version number (UPGRADE action) + type: string + required: + - actionId + - nbAgentsActionCreated + - nbAgentsAck + - nbAgentsFailed + - type + - nbAgentsActioned + - status + - creationTime + type: array required: - - id - description: OK + - items '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete output by ID - tags: - - Fleet outputs - get: - operationId: get-output - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - item: - $ref: '#/components/schemas/Fleet_output_create_request' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get output by ID + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Fleet outputs - parameters: - - in: path - name: outputId - required: true - schema: - type: string - put: - operationId: update-output + - Elastic Agent actions + /api/fleet/agents/actions/{actionId}/cancel: + post: + description: Cancel agent action + operationId: '%2Fapi%2Ffleet%2Fagents%2Factions%2F%7BactionId%7D%2Fcancel#0' parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Fleet_output_update_request' + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: actionId + required: true + schema: + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: item: - $ref: '#/components/schemas/Fleet_output_update_request' - description: OK + additionalProperties: false + type: object + properties: + ack_data: {} + agents: + items: + type: string + type: array + created_at: + type: string + data: {} + expiration: + type: string + id: + type: string + minimum_execution_duration: + type: number + namespaces: + items: + type: string + type: array + rollout_duration_seconds: + type: number + sent_at: + type: string + source_uri: + type: string + start_time: + type: string + total: + type: number + type: + type: string + required: + - id + - type + - data + - created_at + - ack_data + - agents + required: + - item '400': - $ref: '#/components/responses/Fleet_error' - summary: Update output by ID - tags: - - Fleet outputs - /api/fleet/outputs/{outputId}/health: - get: - operationId: get-output-health - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - message: - description: long message if unhealthy - type: string - state: - description: state of output, HEALTHY or DEGRADED + error: type: string - timestamp: - description: timestamp of reported state + message: type: string - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get latest output health + statusCode: + type: number + required: + - message + summary: '' tags: - - Fleet outputs - parameters: - - in: path - name: outputId - required: true - schema: - type: string - /api/fleet/package_policies: + - Elastic Agent actions + /api/fleet/agents/available_versions: get: - operationId: get-package-policies + description: Get available agent versions + operationId: '%2Fapi%2Ffleet%2Fagents%2Favailable_versions#0' parameters: - - $ref: '#/components/parameters/Fleet_page_size' - - $ref: '#/components/parameters/Fleet_page_index' - - $ref: '#/components/parameters/Fleet_kuery' - - $ref: '#/components/parameters/Fleet_format' + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: items: items: - $ref: '#/components/schemas/Fleet_package_policy' + type: string type: array - page: - type: number - perPage: - type: number - total: - type: number required: - items - description: OK '400': - $ref: '#/components/responses/Fleet_error' - summary: List package policies - tags: - - Fleet package policies - parameters: [] - post: - operationId: create-package-policy - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - - $ref: '#/components/parameters/Fleet_format' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Fleet_package_policy_request' - description: >- - You should use inputs as an object and not use the deprecated inputs - array. - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - item: - $ref: '#/components/schemas/Fleet_package_policy' + error: + type: string + message: + type: string + statusCode: + type: number required: - - item - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - '409': - $ref: '#/components/responses/Fleet_error' - summary: Create package policy + - message + summary: '' tags: - - Fleet package policies - /api/fleet/package_policies/_bulk_get: + - Elastic Agents + /api/fleet/agents/bulk_reassign: post: - operationId: bulk-get-package-policies + description: Bulk reassign agents + operationId: '%2Fapi%2Ffleet%2Fagents%2Fbulk_reassign#0' parameters: - - $ref: '#/components/parameters/Fleet_format' + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - ids: - description: list of package policy ids - items: - type: string - type: array - ignoreMissing: + agents: + anyOf: + - items: + type: string + type: array + - type: string + batchSize: + type: number + includeInactive: + default: false type: boolean + policy_id: + type: string required: - - ids + - policy_id + - agents responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - items: - items: - $ref: '#/components/schemas/Fleet_package_policy' - type: array + actionId: + type: string required: - - items - description: OK + - actionId '400': - $ref: '#/components/responses/Fleet_error' - summary: Bulk get package policies - tags: - - Fleet package policies - /api/fleet/package_policies/{packagePolicyId}: - delete: - operationId: delete-package-policy - parameters: - - in: query - name: force - schema: - type: boolean - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - id: + error: + type: string + message: type: string + statusCode: + type: number required: - - id - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete package policy by ID + - message + summary: '' tags: - - Fleet package policies - get: - operationId: get-package-policy + - Elastic Agent actions + /api/fleet/agents/bulk_request_diagnostics: + post: + description: Bulk request diagnostics from agents + operationId: '%2Fapi%2Ffleet%2Fagents%2Fbulk_request_diagnostics#0' parameters: - - $ref: '#/components/parameters/Fleet_format' + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + additional_metrics: + items: + enum: + - CPU + type: string + type: array + agents: + anyOf: + - items: + type: string + type: array + - type: string + batchSize: + type: number + required: + - agents responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - item: - $ref: '#/components/schemas/Fleet_package_policy' + actionId: + type: string required: - - item - description: OK + - actionId '400': - $ref: '#/components/responses/Fleet_error' - summary: Get package policy by ID - tags: - - Fleet package policies - parameters: - - in: path - name: packagePolicyId - required: true - schema: - type: string - put: - operationId: update-package-policy - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - - $ref: '#/components/parameters/Fleet_format' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Fleet_package_policy_request' - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - item: - $ref: '#/components/schemas/Fleet_package_policy' + error: + type: string + message: + type: string + statusCode: + type: number required: - - item - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Update package policy by ID + - message + summary: '' tags: - - Fleet package policies - /api/fleet/package_policies/delete: + - Elastic Agent actions + /api/fleet/agents/bulk_unenroll: post: - operationId: post-delete-package-policy + description: Bulk unenroll agents + operationId: '%2Fapi%2Ffleet%2Fagents%2Fbulk_unenroll#0' parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: + agents: + anyOf: + - items: + description: KQL query string, leave empty to action all agents + type: string + type: array + - description: list of agent IDs + type: string + batchSize: + type: number force: + description: Unenrolls hosted agents too + type: boolean + includeInactive: + description: >- + When passing agents by KQL query, unenrolls inactive agents + too + type: boolean + revoke: + description: Revokes API keys of agents type: boolean - packagePolicyIds: - items: - type: string - type: array required: - - packagePolicyIds + - agents responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - items: - type: object - properties: - id: - type: string - name: - type: string - success: - type: boolean - required: - - id - - success - type: array - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete package policy - tags: - - Fleet package policies - /api/fleet/package_policies/upgrade: - post: - operationId: upgrade-package-policy - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - packagePolicyIds: - items: + additionalProperties: false + type: object + properties: + actionId: type: string - type: array - required: - - packagePolicyIds - responses: - '200': + required: + - actionId + '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - items: - type: object - properties: - id: - type: string - name: - type: string - success: - type: boolean - required: - - id - - success - type: array - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - '409': - $ref: '#/components/responses/Fleet_error' - summary: Upgrade package policy to a newer package version + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Fleet package policies - /api/fleet/package_policies/upgrade/dryrun: + - Elastic Agent actions + /api/fleet/agents/bulk_update_agent_tags: post: - operationId: upgrade-package-policy-dry-run + description: Bulk update agent tags + operationId: '%2Fapi%2Ffleet%2Fagents%2Fbulk_update_agent_tags#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - packagePolicyIds: + agents: + anyOf: + - items: + type: string + type: array + - type: string + batchSize: + type: number + includeInactive: + default: false + type: boolean + tagsToAdd: + items: + type: string + type: array + tagsToRemove: items: type: string type: array - packageVersion: - type: string required: - - packagePolicyIds + - agents responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - items: - type: object - properties: - agent_diff: - $ref: '#/components/schemas/Fleet_upgrade_agent_diff' - diff: - $ref: '#/components/schemas/Fleet_upgrade_diff' - hasErrors: - type: boolean - required: - - hasErrors - type: array - description: OK + additionalProperties: false + type: object + properties: + actionId: + type: string + required: + - actionId '400': - $ref: '#/components/responses/Fleet_error' - summary: Dry run package policy upgrade - tags: - - Fleet package policies - /api/fleet/proxies: - get: - operationId: get-fleet-proxies - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - items: - items: - $ref: '#/components/schemas/Fleet_proxies' - type: array - page: - type: integer - perPage: - type: integer - total: - type: integer - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: List proxies + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Fleet proxies + - Elastic Agent actions + /api/fleet/agents/bulk_upgrade: post: - operationId: post-fleet-proxies + description: Bulk upgrade agents + operationId: '%2Fapi%2Ffleet%2Fagents%2Fbulk_upgrade#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - certificate: - type: string - certificate_authorities: - type: string - certificate_key: - type: string - id: + agents: + anyOf: + - items: + type: string + type: array + - type: string + batchSize: + type: number + force: + type: boolean + includeInactive: + default: false + type: boolean + rollout_duration_seconds: + minimum: 600 + type: number + skipRateLimitCheck: + type: boolean + source_uri: type: string - name: + start_time: type: string - proxy_headers: - type: object - url: + version: type: string required: - - name - - url + - agents + - version responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - item: - $ref: '#/components/schemas/Fleet_proxies' - description: OK + actionId: + type: string + required: + - actionId '400': - $ref: '#/components/responses/Fleet_error' - summary: Create proxy + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Fleet proxies - /api/fleet/proxies/{itemId}: + - Elastic Agent actions + /api/fleet/agents/files/{fileId}: delete: - operationId: delete-fleet-proxies + description: Delete file uploaded by agent + operationId: '%2Fapi%2Ffleet%2Fagents%2Ffiles%2F%7BfileId%7D#0' parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: fileId + required: true + schema: + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: + deleted: + type: boolean id: type: string required: - id - description: OK + - deleted '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete proxy by ID - tags: - - Fleet proxies - get: - operationId: get-one-fleet-proxies - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - item: - $ref: '#/components/schemas/Fleet_proxies' + error: + type: string + message: + type: string + statusCode: + type: number required: - - item - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get proxy by ID + - message + summary: '' tags: - - Fleet proxies - parameters: - - in: path - name: itemId - required: true - schema: - type: string - put: - operationId: update-fleet-proxies + - Elastic Agents + /api/fleet/agents/files/{fileId}/{fileName}: + get: + description: Get file uploaded by agent + operationId: '%2Fapi%2Ffleet%2Fagents%2Ffiles%2F%7BfileId%7D%2F%7BfileName%7D#0' parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - certificate: - type: string - certificate_authorities: - type: string - certificate_key: - type: string - name: - type: string - proxy_headers: - type: object - url: - type: string + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: fileId + required: true + schema: + type: string + - in: path + name: fileName + required: true + schema: + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: type: object - properties: - item: - $ref: '#/components/schemas/Fleet_proxies' - required: - - item - description: OK '400': - $ref: '#/components/responses/Fleet_error' - summary: Update proxy by ID - tags: - - Fleet proxies - /api/fleet/service_tokens: - post: - operationId: generate-service-token - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - name: + error: type: string - value: + message: type: string - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Create service token + statusCode: + type: number + required: + - message + summary: '' tags: - - Fleet service tokens - /api/fleet/service-tokens: - post: - deprecated: true - operationId: generate-service-token-deprecated + - Elastic Agents + /api/fleet/agents/setup: + get: + description: Get agent setup info + operationId: '%2Fapi%2Ffleet%2Fagents%2Fsetup#0' parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: >- + A summary of the agent setup status. `isReady` indicates + whether the setup is ready. If the setup is not ready, + `missing_requirements` lists which requirements are missing. type: object properties: - name: - type: string - value: + is_secrets_storage_enabled: + type: boolean + is_space_awareness_enabled: + type: boolean + isReady: + type: boolean + missing_optional_features: + items: + enum: + - encrypted_saved_object_encryption_key_required + type: string + type: array + missing_requirements: + items: + enum: + - security_required + - tls_required + - api_keys + - fleet_admin_user + - fleet_server + type: string + type: array + package_verification_key_id: type: string - description: OK + required: + - isReady + - missing_requirements + - missing_optional_features '400': - $ref: '#/components/responses/Fleet_error' - summary: Create service token - tags: - - Fleet service tokens - /api/fleet/settings: - get: - operationId: get-settings - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Fleet_fleet_settings_response' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get settings - tags: - - Fleet internals - put: - operationId: update-settings - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - additional_yaml_config: - type: string - fleet_server_hosts: - description: Protocol and path must be the same for each URL - items: + additionalProperties: false + description: Generic Error + type: object + properties: + error: type: string - type: array - has_seen_add_data_notice: - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Fleet_fleet_settings_response' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Update settings + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Fleet internals - /api/fleet/setup: + - Elastic Agents post: - operationId: setup + description: Initiate agent setup + operationId: '%2Fapi%2Ffleet%2Fagents%2Fsetup#1' parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Fleet_fleet_setup_response' - description: OK + additionalProperties: false + description: >- + A summary of the result of Fleet's `setup` lifecycle. If + `isInitialized` is true, Fleet is ready to accept agent + enrollment. `nonFatalErrors` may include useful insight into + non-blocking issues with Fleet setup. + type: object + properties: + isInitialized: + type: boolean + nonFatalErrors: + items: + additionalProperties: false + type: object + properties: + message: + type: string + name: + type: string + required: + - name + - message + type: array + required: + - isInitialized + - nonFatalErrors '400': - $ref: '#/components/responses/Fleet_error' - '500': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: + error: + type: string message: type: string - description: Internal Server Error - summary: Initiate Fleet setup + statusCode: + type: number + required: + - message + summary: '' tags: - - Fleet internals - /api/fleet/uninstall_tokens: + - Elastic Agents + /api/fleet/agents/tags: get: - operationId: get-uninstall-tokens + description: List agent tags + operationId: '%2Fapi%2Ffleet%2Fagents%2Ftags#0' parameters: - - description: The number of items to return - in: query - name: perPage - required: false + - description: The version of the API to use + in: header + name: elastic-api-version schema: - default: 20 - minimum: 5 - type: integer - - $ref: '#/components/parameters/Fleet_page_index' - - description: Partial match filtering for policy IDs - in: query - name: policyId + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: kuery required: false schema: type: string + - in: query + name: showInactive + required: false + schema: + default: false + type: boolean responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: items: items: - type: object - properties: - created_at: - type: string - id: - type: string - policy_id: - type: string - required: - - id - - policy_id - - created_at + type: string type: array - page: - type: number - perPage: - type: number - total: - type: number required: - items - - total - - page - - perPage - description: OK '400': - $ref: '#/components/responses/Fleet_error' - summary: List metadata for latest uninstall tokens per agent policy - tags: - - Fleet uninstall tokens - /api/fleet/uninstall_tokens/{uninstallTokenId}: - get: - operationId: get-uninstall-token - parameters: - - in: path - name: uninstallTokenId - required: true - schema: - type: string - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - item: - type: object - properties: - created_at: - type: string - id: - type: string - policy_id: - type: string - token: - type: string - required: - - id - - token - - policy_id - - created_at + error: + type: string + message: + type: string + statusCode: + type: number required: - - item - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get one decrypted uninstall token by its ID + - message + summary: '' tags: - - Fleet uninstall tokens - /api/lists: - delete: - description: | - Delete a list using the list ID. - > info - > When you delete a list, all of its list items are also deleted. - operationId: DeleteList + - Elastic Agents + /api/fleet/check-permissions: + get: + description: Check permissions + operationId: '%2Fapi%2Ffleet%2Fcheck-permissions#0' parameters: - - description: List's `id` value - in: query - name: id - required: true - schema: - $ref: '#/components/schemas/Security_Lists_API_ListId' - - in: query - name: deleteReferences - required: false + - description: The version of the API to use + in: header + name: elastic-api-version schema: - default: false - type: boolean + default: '2023-10-31' + enum: + - '2023-10-31' + type: string - in: query - name: ignoreReferences + name: fleetServerSetup required: false schema: - default: false type: boolean responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Security_Lists_API_List' - description: Successful response + additionalProperties: false + type: object + properties: + error: + enum: + - MISSING_SECURITY + - MISSING_PRIVILEGES + - MISSING_FLEET_SERVER_SETUP_PRIVILEGES + type: string + success: + type: boolean + required: + - success '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Delete a list + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Security Lists API + - Fleet internals + /api/fleet/data_streams: get: - description: Get the details of a list using the list ID. - operationId: ReadList + description: List data streams + operationId: '%2Fapi%2Ffleet%2Fdata_streams#0' parameters: - - description: List's `id` value - in: query - name: id - required: true + - description: The version of the API to use + in: header + name: elastic-api-version schema: - $ref: '#/components/schemas/Security_Lists_API_ListId' + default: '2023-10-31' + enum: + - '2023-10-31' + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Security_Lists_API_List' - description: Successful response + additionalProperties: false + type: object + properties: + data_streams: + items: + additionalProperties: false + type: object + properties: + dashboards: + items: + additionalProperties: false + type: object + properties: + id: + type: string + title: + type: string + required: + - id + - title + type: array + dataset: + type: string + index: + type: string + last_activity_ms: + type: number + namespace: + type: string + package: + type: string + package_version: + type: string + serviceDetails: + additionalProperties: false + nullable: true + type: object + properties: + environment: + type: string + serviceName: + type: string + required: + - environment + - serviceName + size_in_bytes: + type: number + size_in_bytes_formatted: + anyOf: + - type: number + - type: string + type: + type: string + required: + - index + - dataset + - namespace + - type + - package + - package_version + - last_activity_ms + - size_in_bytes + - size_in_bytes_formatted + - dashboards + - serviceDetails + type: array + required: + - data_streams '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Get list details + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Security Lists API - patch: - description: Update specific fields of an existing list using the list ID. - operationId: PatchList - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - _version: - type: string - description: - $ref: '#/components/schemas/Security_Lists_API_ListDescription' - id: - $ref: '#/components/schemas/Security_Lists_API_ListId' - meta: - $ref: '#/components/schemas/Security_Lists_API_ListMetadata' - name: - $ref: '#/components/schemas/Security_Lists_API_ListName' - version: - minimum: 1 - type: integer - required: - - id - description: List's properties - required: true + - Data streams + /api/fleet/enrollment_api_keys: + get: + description: List enrollment API keys + operationId: '%2Fapi%2Ffleet%2Fenrollment_api_keys#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: page + required: false + schema: + default: 1 + type: number + - in: query + name: perPage + required: false + schema: + default: 20 + type: number + - in: query + name: kuery + required: false + schema: + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Security_Lists_API_List' - description: Successful response + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + active: + description: >- + When false, the enrollment API key is revoked and + cannot be used for enrolling Elastic Agents. + type: boolean + api_key: + description: >- + The enrollment API key (token) used for enrolling + Elastic Agents. + type: string + api_key_id: + description: The ID of the API key in the Security API. + type: string + created_at: + type: string + id: + type: string + name: + description: The name of the enrollment API key. + type: string + policy_id: + description: >- + The ID of the agent policy the Elastic Agent will be + enrolled in. + type: string + required: + - id + - api_key_id + - api_key + - active + - created_at + type: array + list: + deprecated: true + items: + additionalProperties: false + type: object + properties: + active: + description: >- + When false, the enrollment API key is revoked and + cannot be used for enrolling Elastic Agents. + type: boolean + api_key: + description: >- + The enrollment API key (token) used for enrolling + Elastic Agents. + type: string + api_key_id: + description: The ID of the API key in the Security API. + type: string + created_at: + type: string + id: + type: string + name: + description: The name of the enrollment API key. + type: string + policy_id: + description: >- + The ID of the agent policy the Elastic Agent will be + enrolled in. + type: string + required: + - id + - api_key_id + - api_key + - active + - created_at + type: array + page: + type: number + perPage: + type: number + total: + type: number + required: + - items + - total + - page + - perPage + - list '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Patch a list + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Security Lists API + - Fleet enrollment API keys post: - description: Create a new list. - operationId: CreateList + description: Create enrollment API key + operationId: '%2Fapi%2Ffleet%2Fenrollment_api_keys#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - description: - $ref: '#/components/schemas/Security_Lists_API_ListDescription' - deserializer: + expiration: type: string - id: - $ref: '#/components/schemas/Security_Lists_API_ListId' - meta: - $ref: '#/components/schemas/Security_Lists_API_ListMetadata' name: - $ref: '#/components/schemas/Security_Lists_API_ListName' - serializer: type: string - type: - $ref: '#/components/schemas/Security_Lists_API_ListType' - version: - default: 1 - minimum: 1 - type: integer + policy_id: + type: string required: - - name - - description - - type - description: List's properties - required: true + - policy_id responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Security_Lists_API_List' - description: Successful response + additionalProperties: false + type: object + properties: + action: + enum: + - created + type: string + item: + additionalProperties: false + type: object + properties: + active: + description: >- + When false, the enrollment API key is revoked and + cannot be used for enrolling Elastic Agents. + type: boolean + api_key: + description: >- + The enrollment API key (token) used for enrolling + Elastic Agents. + type: string + api_key_id: + description: The ID of the API key in the Security API. + type: string + created_at: + type: string + id: + type: string + name: + description: The name of the enrollment API key. + type: string + policy_id: + description: >- + The ID of the agent policy the Elastic Agent will be + enrolled in. + type: string + required: + - id + - api_key_id + - api_key + - active + - created_at + required: + - item + - action '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet enrollment API keys + /api/fleet/enrollment_api_keys/{keyId}: + delete: + description: Revoke enrollment API key by ID by marking it as inactive + operationId: '%2Fapi%2Ffleet%2Fenrollment_api_keys%2F%7BkeyId%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: keyId + required: true + schema: + type: string + responses: + '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': + additionalProperties: false + type: object + properties: + action: + enum: + - deleted + type: string + required: + - action + '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '409': + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet enrollment API keys + get: + description: Get enrollment API key by ID + operationId: '%2Fapi%2Ffleet%2Fenrollment_api_keys%2F%7BkeyId%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: keyId + required: true + schema: + type: string + responses: + '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List already exists response - '500': + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + active: + description: >- + When false, the enrollment API key is revoked and + cannot be used for enrolling Elastic Agents. + type: boolean + api_key: + description: >- + The enrollment API key (token) used for enrolling + Elastic Agents. + type: string + api_key_id: + description: The ID of the API key in the Security API. + type: string + created_at: + type: string + id: + type: string + name: + description: The name of the enrollment API key. + type: string + policy_id: + description: >- + The ID of the agent policy the Elastic Agent will be + enrolled in. + type: string + required: + - id + - api_key_id + - api_key + - active + - created_at + required: + - item + '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Create a list + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Security Lists API - put: - description: > - Update a list using the list ID. The original list is replaced, and all - unspecified fields are deleted. - - > info - - > You cannot modify the `id` value. - operationId: UpdateList + - Fleet enrollment API keys + /api/fleet/enrollment-api-keys: + get: + deprecated: true + operationId: '%2Fapi%2Ffleet%2Fenrollment-api-keys#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: page + required: false + schema: + default: 1 + type: number + - in: query + name: perPage + required: false + schema: + default: 20 + type: number + - in: query + name: kuery + required: false + schema: + type: string + responses: {} + summary: '' + tags: [] + post: + deprecated: true + operationId: '%2Fapi%2Ffleet%2Fenrollment-api-keys#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - _version: + expiration: type: string - description: - $ref: '#/components/schemas/Security_Lists_API_ListDescription' - id: - $ref: '#/components/schemas/Security_Lists_API_ListId' - meta: - $ref: '#/components/schemas/Security_Lists_API_ListMetadata' name: - $ref: '#/components/schemas/Security_Lists_API_ListName' - version: - minimum: 1 - type: integer + type: string + policy_id: + type: string required: - - id - - name - - description - description: List's properties - required: true + - policy_id + responses: {} + summary: '' + tags: [] + /api/fleet/enrollment-api-keys/{keyId}: + delete: + deprecated: true + operationId: '%2Fapi%2Ffleet%2Fenrollment-api-keys%2F%7BkeyId%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: keyId + required: true + schema: + type: string + responses: {} + summary: '' + tags: [] + get: + deprecated: true + operationId: '%2Fapi%2Ffleet%2Fenrollment-api-keys%2F%7BkeyId%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: keyId + required: true + schema: + type: string + responses: {} + summary: '' + tags: [] + /api/fleet/epm/bulk_assets: + post: + description: Bulk get assets + operationId: '%2Fapi%2Ffleet%2Fepm%2Fbulk_assets#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + assetIds: + items: + additionalProperties: false + type: object + properties: + id: + type: string + type: + type: string + required: + - id + - type + type: array + required: + - assetIds responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Security_Lists_API_List' - description: Successful response + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + appLink: + type: string + attributes: + additionalProperties: false + type: object + properties: + description: + type: string + service: + type: string + title: + type: string + id: + type: string + type: + type: string + updatedAt: + type: string + required: + - id + - type + - attributes + type: array + required: + - items '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Update a list + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Security Lists API - /api/lists/_find: + - Elastic Package Manager (EPM) + /api/fleet/epm/categories: get: - description: >- - Get a paginated subset of lists. By default, the first page is returned, - with 20 results per page. - operationId: FindLists + description: List package categories + operationId: '%2Fapi%2Ffleet%2Fepm%2Fcategories#0' parameters: - - description: The page number to return - in: query - name: page - required: false - schema: - type: integer - - description: The number of lists to return per page - in: query - name: per_page - required: false - schema: - type: integer - - description: Determines which field is used to sort the results - in: query - name: sort_field - required: false - schema: - $ref: '#/components/schemas/Security_Lists_API_NonEmptyString' - - description: Determines the sort order, which can be `desc` or `asc` - in: query - name: sort_order - required: false + - description: The version of the API to use + in: header + name: elastic-api-version schema: + default: '2023-10-31' enum: - - desc - - asc + - '2023-10-31' type: string - - description: > - Returns the list that come after the last list returned in the - previous call - - (use the cursor value returned in the previous call). This parameter - uses - - the `tie_breaker_id` field to ensure all lists are sorted and - returned correctly. - in: query - name: cursor + - in: query + name: prerelease required: false schema: - $ref: '#/components/schemas/Security_Lists_API_FindListsCursor' - - description: > - Filters the returned results according to the value of the specified - field, - - using the : syntax. - in: query - name: filter + type: boolean + - in: query + name: experimental required: false schema: - $ref: '#/components/schemas/Security_Lists_API_FindListsFilter' + type: boolean + - in: query + name: include_policy_templates + required: false + schema: + type: boolean responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - cursor: - $ref: '#/components/schemas/Security_Lists_API_FindListsCursor' - data: + items: items: - $ref: '#/components/schemas/Security_Lists_API_List' + additionalProperties: false + type: object + properties: + count: + type: number + id: + type: string + parent_id: + type: string + parent_title: + type: string + title: + type: string + required: + - id + - title + - count + type: array + response: + items: + additionalProperties: false + deprecated: true + type: object + properties: + count: + type: number + id: + type: string + parent_id: + type: string + parent_title: + type: string + title: + type: string + required: + - id + - title + - count type: array - page: - minimum: 0 - type: integer - per_page: - minimum: 0 - type: integer - total: - minimum: 0 - type: integer required: - - data - - page - - per_page - - total - - cursor - description: Successful response + - items '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Get lists + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Security Lists API - /api/lists/index: - delete: - description: Delete the `.lists` and `.items` data streams. - operationId: DeleteListIndex + - Elastic Package Manager (EPM) + /api/fleet/epm/custom_integrations: + post: + description: Create custom integration + operationId: '%2Fapi%2Ffleet%2Fepm%2Fcustom_integrations#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + datasets: + items: + additionalProperties: false + type: object + properties: + name: + type: string + type: + enum: + - logs + - metrics + - traces + - synthetics + - profiling + type: string + required: + - name + - type + type: array + force: + type: boolean + integrationName: + type: string + required: + - integrationName + - datasets responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - acknowledged: - type: boolean - required: - - acknowledged - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List data stream not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Delete list data streams - tags: - - Security Lists API - get: - description: Verify that `.lists` and `.items` data streams exist. - operationId: ReadListIndex - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - list_index: - type: boolean - list_item_index: - type: boolean + _meta: + additionalProperties: false + type: object + properties: + install_source: + type: string + required: + - install_source + items: + items: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + - additionalProperties: false + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + response: + deprecated: true + items: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + - additionalProperties: false + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array required: - - list_index - - list_item_index - description: Successful response + - items + - _meta '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List data stream(s) not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Get status of list data streams - tags: - - Security Lists API - post: - description: Create `.lists` and `.items` data streams in the relevant space. - operationId: CreateListIndex - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: + additionalProperties: false + description: Generic Error type: object properties: - acknowledged: - type: boolean + error: + type: string + message: + type: string + statusCode: + type: number required: - - acknowledged - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '409': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List data stream exists response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Create list data streams + - message + summary: '' tags: - - Security Lists API - /api/lists/items: - delete: - description: Delete a list item using its `id`, or its `list_id` and `value` fields. - operationId: DeleteListItem + - Elastic Package Manager (EPM) + /api/fleet/epm/data_streams: + get: + description: List data streams + operationId: '%2Fapi%2Ffleet%2Fepm%2Fdata_streams#0' parameters: - - description: Required if `list_id` and `value` are not specified - in: query - name: id - required: false + - description: The version of the API to use + in: header + name: elastic-api-version schema: - $ref: '#/components/schemas/Security_Lists_API_ListId' - - description: Required if `id` is not specified - in: query - name: list_id + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: type required: false schema: - $ref: '#/components/schemas/Security_Lists_API_ListId' - - description: Required if `id` is not specified - in: query - name: value + enum: + - logs + - metrics + - traces + - synthetics + - profiling + type: string + - in: query + name: datasetQuery required: false schema: type: string - - description: >- - Determines when changes made by the request are made visible to - search - in: query - name: refresh + - in: query + name: sortOrder required: false schema: - default: 'false' + default: asc enum: - - 'true' - - 'false' - - wait_for + - asc + - desc type: string + - in: query + name: uncategorisedOnly + required: false + schema: + default: false + type: boolean responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - oneOf: - - $ref: '#/components/schemas/Security_Lists_API_ListItem' - - items: - $ref: '#/components/schemas/Security_Lists_API_ListItem' + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + name: + type: string + required: + - name type: array - description: Successful response + required: + - items '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List item not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Delete a list item + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Security Lists API + - Data streams + /api/fleet/epm/packages: get: - description: Get the details of a list item. - operationId: ReadListItem + description: List packages + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages#0' parameters: - - description: Required if `list_id` and `value` are not specified - in: query - name: id + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: category required: false schema: - $ref: '#/components/schemas/Security_Lists_API_ListId' - - description: Required if `id` is not specified - in: query - name: list_id + type: string + - in: query + name: prerelease required: false schema: - $ref: '#/components/schemas/Security_Lists_API_ListId' - - description: Required if `id` is not specified - in: query - name: value + type: boolean + - in: query + name: experimental required: false schema: - type: string + type: boolean + - in: query + name: excludeInstallStatus + required: false + schema: + type: boolean responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - oneOf: - - $ref: '#/components/schemas/Security_Lists_API_ListItem' - - items: - $ref: '#/components/schemas/Security_Lists_API_ListItem' + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: true + type: object + properties: + categories: + items: + type: string + type: array + conditions: + additionalProperties: true + type: object + properties: + elastic: + additionalProperties: true + type: object + properties: + capabilities: + items: + type: string + type: array + subscription: + type: string + kibana: + additionalProperties: true + type: object + properties: + version: + type: string + data_streams: + items: + additionalProperties: {} + type: object + type: array + description: + type: string + download: + type: string + format_version: + type: string + icons: + items: + additionalProperties: true + type: object + properties: + dark_mode: + type: boolean + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + type: array + id: + type: string + installationInfo: + additionalProperties: true + type: object + properties: + additional_spaces_installed_kibana: + additionalProperties: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + type: object + created_at: + type: string + experimental_data_stream_features: + items: + additionalProperties: true + type: object + properties: + data_stream: + type: string + features: + additionalProperties: true + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + install_format_schema_version: + type: string + install_source: + enum: + - registry + - upload + - bundled + - custom + type: string + install_status: + enum: + - installed + - installing + - install_failed + type: string + installed_es: + items: + additionalProperties: true + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + installed_kibana: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + installed_kibana_space_id: + type: string + latest_executed_state: + additionalProperties: true + type: object + properties: + error: + type: string + name: + type: string + started_at: + type: string + required: + - name + - started_at + latest_install_failed_attempts: + items: + additionalProperties: true + type: object + properties: + created_at: + type: string + error: + additionalProperties: true + type: object + properties: + message: + type: string + name: + type: string + stack: + type: string + required: + - name + - message + target_version: + type: string + required: + - created_at + - target_version + - error + type: array + name: + type: string + namespaces: + items: + type: string + type: array + type: + type: string + updated_at: + type: string + verification_key_id: + nullable: true + type: string + verification_status: + enum: + - unverified + - verified + - unknown + type: string + version: + type: string + required: + - type + - installed_kibana + - installed_es + - name + - version + - install_status + - install_source + - verification_status + integration: + type: string + internal: + type: boolean + latestVersion: + type: string + name: + type: string + owner: + additionalProperties: true + type: object + properties: + github: + type: string + type: + enum: + - elastic + - partner + - community + type: string + path: + type: string + policy_templates: + items: + additionalProperties: {} + type: object + type: array + readme: + type: string + release: + enum: + - ga + - beta + - experimental + type: string + savedObject: {} + signature_path: + type: string + source: + additionalProperties: true + type: object + properties: + license: + type: string + required: + - license + status: + type: string + title: + type: string + type: + enum: + - integration + - input + type: string + vars: + items: + additionalProperties: {} + type: object + type: array + version: + type: string + required: + - savedObject + - name + - version + - title + - id type: array - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List item not found response - '500': + response: + items: + additionalProperties: true + deprecated: true + type: object + properties: + categories: + items: + type: string + type: array + conditions: + additionalProperties: true + type: object + properties: + elastic: + additionalProperties: true + type: object + properties: + capabilities: + items: + type: string + type: array + subscription: + type: string + kibana: + additionalProperties: true + type: object + properties: + version: + type: string + data_streams: + items: + additionalProperties: {} + type: object + type: array + description: + type: string + download: + type: string + format_version: + type: string + icons: + items: + additionalProperties: true + type: object + properties: + dark_mode: + type: boolean + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + type: array + id: + type: string + installationInfo: + additionalProperties: true + type: object + properties: + additional_spaces_installed_kibana: + additionalProperties: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + type: object + created_at: + type: string + experimental_data_stream_features: + items: + additionalProperties: true + type: object + properties: + data_stream: + type: string + features: + additionalProperties: true + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + install_format_schema_version: + type: string + install_source: + enum: + - registry + - upload + - bundled + - custom + type: string + install_status: + enum: + - installed + - installing + - install_failed + type: string + installed_es: + items: + additionalProperties: true + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + installed_kibana: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + installed_kibana_space_id: + type: string + latest_executed_state: + additionalProperties: true + type: object + properties: + error: + type: string + name: + type: string + started_at: + type: string + required: + - name + - started_at + latest_install_failed_attempts: + items: + additionalProperties: true + type: object + properties: + created_at: + type: string + error: + additionalProperties: true + type: object + properties: + message: + type: string + name: + type: string + stack: + type: string + required: + - name + - message + target_version: + type: string + required: + - created_at + - target_version + - error + type: array + name: + type: string + namespaces: + items: + type: string + type: array + type: + type: string + updated_at: + type: string + verification_key_id: + nullable: true + type: string + verification_status: + enum: + - unverified + - verified + - unknown + type: string + version: + type: string + required: + - type + - installed_kibana + - installed_es + - name + - version + - install_status + - install_source + - verification_status + integration: + type: string + internal: + type: boolean + latestVersion: + type: string + name: + type: string + owner: + additionalProperties: true + type: object + properties: + github: + type: string + type: + enum: + - elastic + - partner + - community + type: string + path: + type: string + policy_templates: + items: + additionalProperties: {} + type: object + type: array + readme: + type: string + release: + enum: + - ga + - beta + - experimental + type: string + savedObject: {} + signature_path: + type: string + source: + additionalProperties: true + type: object + properties: + license: + type: string + required: + - license + status: + type: string + title: + type: string + type: + enum: + - integration + - input + type: string + vars: + items: + additionalProperties: {} + type: object + type: array + version: + type: string + required: + - savedObject + - name + - version + - title + - id + type: array + required: + - items + '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Get a list item + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Security Lists API - patch: - description: Update specific fields of an existing list item using the list item ID. - operationId: PatchListItem + - Elastic Package Manager (EPM) + post: + description: Install package by upload + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: query + name: ignoreMappingUpdateErrors + required: false + schema: + default: false + type: boolean + - in: query + name: skipDataStreamRollover + required: false + schema: + default: false + type: boolean requestBody: content: - application/json; Elastic-Api-Version=2023-10-31: + application/gzip; application/zip; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - _version: - type: string - id: - $ref: '#/components/schemas/Security_Lists_API_ListItemId' - meta: - $ref: '#/components/schemas/Security_Lists_API_ListItemMetadata' - refresh: - description: >- - Determines when changes made by the request are made visible - to search - enum: - - 'true' - - 'false' - - wait_for - type: string - value: - $ref: '#/components/schemas/Security_Lists_API_ListItemValue' - required: - - id - description: List item's properties - required: true + format: binary + type: string responses: '200': content: - application/json; Elastic-Api-Version=2023-10-31: + application/gzip; application/zip; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Security_Lists_API_ListItem' - description: Successful response + additionalProperties: false + type: object + properties: + _meta: + additionalProperties: false + type: object + properties: + install_source: + type: string + required: + - install_source + items: + items: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + - additionalProperties: false + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + response: + deprecated: true + items: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + - additionalProperties: false + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + required: + - items + - _meta '400': content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: + application/gzip; application/zip; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List item not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Patch a list item + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Security Lists API + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/_bulk: post: - description: > - Create a list item and associate it with the specified list. - - - All list items in the same list must be the same type. For example, each - list item in an `ip` list must define a specific IP address. - - > info - - > Before creating a list item, you must create a list. - operationId: CreateListItem + description: Bulk install packages + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F_bulk#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: query + name: prerelease + required: false + schema: + type: boolean requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - id: - $ref: '#/components/schemas/Security_Lists_API_ListItemId' - list_id: - $ref: '#/components/schemas/Security_Lists_API_ListId' - meta: - $ref: '#/components/schemas/Security_Lists_API_ListItemMetadata' - refresh: - description: >- - Determines when changes made by the request are made visible - to search - enum: - - 'true' - - 'false' - - wait_for - type: string - value: - $ref: '#/components/schemas/Security_Lists_API_ListItemValue' + force: + default: false + type: boolean + packages: + items: + anyOf: + - type: string + - additionalProperties: false + type: object + properties: + name: + type: string + prerelease: + type: boolean + version: + type: string + required: + - name + - version + minItems: 1 + type: array required: - - list_id - - value - description: List item's properties - required: true + - packages responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Security_Lists_API_ListItem' - description: Successful response + additionalProperties: false + type: object + properties: + items: + items: + anyOf: + - additionalProperties: false + type: object + properties: + name: + type: string + result: + additionalProperties: false + type: object + properties: + assets: + items: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + - additionalProperties: false + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + error: {} + installSource: + type: string + installType: + type: string + status: + enum: + - installed + - already_installed + type: string + required: + - error + - installType + version: + type: string + required: + - name + - version + - result + - additionalProperties: false + type: object + properties: + error: + anyOf: + - type: string + - {} + name: + type: string + statusCode: + type: number + required: + - name + - statusCode + - error + type: array + response: + deprecated: true + items: + anyOf: + - additionalProperties: false + type: object + properties: + name: + type: string + result: + additionalProperties: false + type: object + properties: + assets: + items: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + - additionalProperties: false + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + error: {} + installSource: + type: string + installType: + type: string + status: + enum: + - installed + - already_installed + type: string + required: + - error + - installType + version: + type: string + required: + - name + - version + - result + - additionalProperties: false + type: object + properties: + error: + anyOf: + - type: string + - {} + name: + type: string + statusCode: + type: number + required: + - name + - statusCode + - error + type: array + required: + - items '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '409': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List item already exists response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Create a list item + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Security Lists API - put: - description: > - Update a list item using the list item ID. The original list item is - replaced, and all unspecified fields are deleted. - - > info - - > You cannot modify the `id` value. - operationId: UpdateListItem + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/{pkgkey}: + delete: + deprecated: true + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#3' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: pkgkey + required: true + schema: + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + nullable: true type: object properties: - _version: - type: string - id: - $ref: '#/components/schemas/Security_Lists_API_ListItemId' - meta: - $ref: '#/components/schemas/Security_Lists_API_ListItemMetadata' - value: - $ref: '#/components/schemas/Security_Lists_API_ListItemValue' + force: + type: boolean required: - - id - - value - description: List item's properties - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_ListItem' - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List item not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Update a list item - tags: - - Security Lists API - /api/lists/items/_export: - post: - description: Export list item values from the specified list. - operationId: ExportListItems - parameters: - - description: List's id to export - in: query - name: list_id - required: true - schema: - $ref: '#/components/schemas/Security_Lists_API_ListId' - responses: - '200': - content: - application/ndjson; Elastic-Api-Version=2023-10-31: - schema: - description: A `.txt` file containing list items from the specified list - format: binary - type: string - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Export list items - tags: - - Security Lists API - /api/lists/items/_find: + - force + responses: {} + summary: '' + tags: [] get: - description: Get all list items in the specified list. - operationId: FindListItems + deprecated: true + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#0' parameters: - - description: List's id - in: query - name: list_id + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: pkgkey required: true schema: - $ref: '#/components/schemas/Security_Lists_API_ListId' - - description: The page number to return - in: query - name: page + type: string + - in: query + name: ignoreUnverified required: false schema: - type: integer - - description: The number of list items to return per page - in: query - name: per_page + type: boolean + - in: query + name: prerelease required: false schema: - type: integer - - description: Determines which field is used to sort the results - in: query - name: sort_field + type: boolean + - in: query + name: full required: false schema: - $ref: '#/components/schemas/Security_Lists_API_NonEmptyString' - - description: Determines the sort order, which can be `desc` or `asc` - in: query - name: sort_order + type: boolean + - in: query + name: withMetadata required: false schema: + default: false + type: boolean + responses: {} + summary: '' + tags: [] + post: + deprecated: true + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#2' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' enum: - - desc - - asc + - '2023-10-31' type: string - - description: > - Returns the list that come after the last list returned in the - previous call - - (use the cursor value returned in the previous call). This parameter - uses - - the `tie_breaker_id` field to ensure all lists are sorted and - returned correctly. - in: query - name: cursor - required: false + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true schema: - $ref: '#/components/schemas/Security_Lists_API_FindListItemsCursor' - - description: > - Filters the returned results according to the value of the specified - field, - - using the : syntax. - in: query - name: filter - required: false + example: 'true' + type: string + - in: path + name: pkgkey + required: true schema: - $ref: '#/components/schemas/Security_Lists_API_FindListItemsFilter' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - cursor: - $ref: >- - #/components/schemas/Security_Lists_API_FindListItemsCursor - data: - items: - $ref: '#/components/schemas/Security_Lists_API_ListItem' - type: array - page: - minimum: 0 - type: integer - per_page: - minimum: 0 - type: integer - total: - minimum: 0 - type: integer - required: - - data - - page - - per_page - - total - - cursor - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Get list items - tags: - - Security Lists API - /api/lists/items/_import: - post: - description: > - Import list items from a TXT or CSV file. The maximum file size is 9 - million bytes. - - - You can import items to a new or existing list. - operationId: ImportListItems - parameters: - - description: | - List's id. - - Required when importing to an existing list. - in: query - name: list_id + type: string + - in: query + name: prerelease required: false schema: - $ref: '#/components/schemas/Security_Lists_API_ListId' - - description: > - Type of the importing list. - - - Required when importing a new list that is `list_id` is not - specified. - in: query - name: type + type: boolean + - in: query + name: ignoreMappingUpdateErrors required: false schema: - $ref: '#/components/schemas/Security_Lists_API_ListType' + default: false + type: boolean - in: query - name: serializer + name: skipDataStreamRollover required: false schema: + default: false + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + nullable: true + type: object + properties: + force: + type: boolean + required: + - force + responses: {} + summary: '' + tags: [] + put: + deprecated: true + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' type: string - - in: query - name: deserializer - required: false + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true schema: + example: 'true' type: string - - description: >- - Determines when changes made by the request are made visible to - search - in: query - name: refresh - required: false + - in: path + name: pkgkey + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + keepPoliciesUpToDate: + type: boolean + required: + - keepPoliciesUpToDate + responses: {} + summary: '' + tags: [] + /api/fleet/epm/packages/{pkgName}/{pkgVersion}: + delete: + description: Delete package + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D#3' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version schema: + default: '2023-10-31' enum: - - 'true' - - 'false' - - wait_for + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: pkgName + required: true + schema: + type: string + - in: path + name: pkgVersion + required: true + schema: type: string + - in: query + name: force + required: false + schema: + type: boolean requestBody: content: - multipart/form-data; Elastic-Api-Version=2023-10-31: + application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + nullable: true type: object properties: - file: - description: >- - A `.txt` or `.csv` file containing newline separated list - items - format: binary - type: string - required: true + force: + type: boolean + required: + - force responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Security_Lists_API_List' - description: Successful response + additionalProperties: false + type: object + properties: + items: + items: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + - additionalProperties: false + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + response: + deprecated: true + items: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + - additionalProperties: false + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + required: + - items '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '409': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List with specified list_id does not exist response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Import list items - tags: - - Security Lists API - /api/lists/privileges: - get: - operationId: ReadListPrivileges - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: + additionalProperties: false + description: Generic Error type: object properties: - is_authenticated: - type: boolean - listItems: - $ref: '#/components/schemas/Security_Lists_API_ListItemPrivileges' - lists: - $ref: '#/components/schemas/Security_Lists_API_ListPrivileges' + error: + type: string + message: + type: string + statusCode: + type: number required: - - lists - - listItems - - is_authenticated - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Get list privileges - tags: - - Security Lists API - /api/ml/saved_objects/sync: - get: - description: > - Synchronizes Kibana saved objects for machine learning jobs and trained - models. This API runs automatically when you start Kibana and - periodically thereafter. - operationId: mlSync - parameters: - - $ref: '#/components/parameters/Machine_learning_APIs_simulateParam' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - syncExample: - $ref: '#/components/examples/Machine_learning_APIs_mlSyncExample' - schema: - $ref: '#/components/schemas/Machine_learning_APIs_mlSync200Response' - description: Indicates a successful call - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Machine_learning_APIs_mlSync4xxResponse' - description: Authorization information is missing or invalid. - summary: Sync machine learning saved objects - tags: - - ml - /api/note: - delete: - description: Delete a note from a Timeline using the note ID. - operationId: DeleteNote - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - nullable: true - type: object - properties: - noteId: - type: string - required: - - noteId - - nullable: true - type: object - properties: - noteIds: - items: - type: string - nullable: true - type: array - required: - - noteIds - description: The ID of the note to delete. - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - data: - type: object - description: Indicates the note was successfully deleted. - summary: Delete a note + - message + summary: '' tags: - - Security Timeline API - - access:securitySolution + - Elastic Package Manager (EPM) get: - description: Get all notes for a given document. - operationId: GetNotes + description: Get package + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D#0' parameters: - - in: query - name: documentIds - schema: - $ref: '#/components/schemas/Security_Timeline_API_DocumentIds' - - in: query - name: savedObjectIds + - description: The version of the API to use + in: header + name: elastic-api-version schema: - $ref: '#/components/schemas/Security_Timeline_API_SavedObjectIds' - - in: query - name: page + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: pkgName + required: true schema: - nullable: true type: string - - in: query - name: perPage + - in: path + name: pkgVersion + required: true schema: - nullable: true type: string - in: query - name: search + name: ignoreUnverified + required: false schema: - nullable: true - type: string + type: boolean - in: query - name: sortField + name: prerelease + required: false schema: - nullable: true - type: string + type: boolean - in: query - name: sortOrder + name: full + required: false schema: - nullable: true - type: string + type: boolean - in: query - name: filter + name: withMetadata + required: false schema: - nullable: true - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: '#/components/schemas/Security_Timeline_API_GetNotesResult' - - type: object - description: Indicates the requested notes were returned. - summary: Get notes - tags: - - Security Timeline API - - access:securitySolution - patch: - description: Add a note to a Timeline or update an existing note. - operationId: PersistNoteRoute - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - eventDataView: - nullable: true - type: string - eventIngested: - nullable: true - type: string - eventTimestamp: - nullable: true - type: string - note: - $ref: '#/components/schemas/Security_Timeline_API_BareNote' - noteId: - nullable: true - type: string - overrideOwner: - nullable: true - type: boolean - version: - nullable: true - type: string - required: - - note - description: The note to add or update, along with additional metadata. - required: true + default: false + type: boolean responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - data: + item: + additionalProperties: true type: object properties: - persistNote: - $ref: >- - #/components/schemas/Security_Timeline_API_ResponseNote + agent: + additionalProperties: false + type: object + properties: + privileges: + additionalProperties: false + type: object + properties: + root: + type: boolean + asset_tags: + items: + additionalProperties: false + type: object + properties: + asset_ids: + items: + type: string + type: array + asset_types: + items: + type: string + type: array + text: + type: string + required: + - text + type: array + assets: + additionalProperties: {} + type: object + categories: + items: + type: string + type: array + conditions: + additionalProperties: true + type: object + properties: + elastic: + additionalProperties: true + type: object + properties: + capabilities: + items: + type: string + type: array + subscription: + type: string + kibana: + additionalProperties: true + type: object + properties: + version: + type: string + data_streams: + items: + additionalProperties: {} + type: object + type: array + description: + type: string + download: + type: string + elasticsearch: + additionalProperties: {} + type: object + format_version: + type: string + icons: + items: + additionalProperties: true + type: object + properties: + dark_mode: + type: boolean + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + type: array + installationInfo: + additionalProperties: true + type: object + properties: + additional_spaces_installed_kibana: + additionalProperties: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + type: object + created_at: + type: string + experimental_data_stream_features: + items: + additionalProperties: true + type: object + properties: + data_stream: + type: string + features: + additionalProperties: true + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + install_format_schema_version: + type: string + install_source: + enum: + - registry + - upload + - bundled + - custom + type: string + install_status: + enum: + - installed + - installing + - install_failed + type: string + installed_es: + items: + additionalProperties: true + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + installed_kibana: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + installed_kibana_space_id: + type: string + latest_executed_state: + additionalProperties: true + type: object + properties: + error: + type: string + name: + type: string + started_at: + type: string + required: + - name + - started_at + latest_install_failed_attempts: + items: + additionalProperties: true + type: object + properties: + created_at: + type: string + error: + additionalProperties: true + type: object + properties: + message: + type: string + name: + type: string + stack: + type: string + required: + - name + - message + target_version: + type: string + required: + - created_at + - target_version + - error + type: array + name: + type: string + namespaces: + items: + type: string + type: array + type: + type: string + updated_at: + type: string + verification_key_id: + nullable: true + type: string + verification_status: + enum: + - unverified + - verified + - unknown + type: string + version: + type: string + required: + - type + - installed_kibana + - installed_es + - name + - version + - install_status + - install_source + - verification_status + internal: + type: boolean + keepPoliciesUpToDate: + type: boolean + latestVersion: + type: string + license: + type: string + licensePath: + type: string + name: + type: string + notice: + type: string + owner: + additionalProperties: true + type: object + properties: + github: + type: string + type: + enum: + - elastic + - partner + - community + type: string + path: + type: string + policy_templates: + items: + additionalProperties: {} + type: object + type: array + readme: + type: string + release: + enum: + - ga + - beta + - experimental + type: string + savedObject: {} + screenshots: + items: + additionalProperties: false + type: object + properties: + dark_mode: + type: boolean + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + type: array + signature_path: + type: string + source: + additionalProperties: true + type: object + properties: + license: + type: string + required: + - license + status: + type: string + title: + type: string + type: + enum: + - integration + - input + type: string + vars: + items: + additionalProperties: {} + type: object + type: array + version: + type: string required: - - persistNote - required: - - data - description: Indicates the note was successfully created. - summary: Add or update a note - tags: - - Security Timeline API - - access:securitySolution - /api/osquery/live_queries: - get: - description: Get a list of all live queries. - operationId: OsqueryFindLiveQueries - parameters: - - in: query - name: query - required: true - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_FindLiveQueryRequestQuery - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Get live queries - tags: - - Security Osquery API - post: - description: Create and run a live query. - operationId: OsqueryCreateLiveQuery - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_CreateLiveQueryRequestBody - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Create a live query - tags: - - Security Osquery API - /api/osquery/live_queries/{id}: - get: - description: Get the details of a live query using the query ID. - operationId: OsqueryGetLiveQueryDetails - parameters: - - in: path - name: id - required: true - schema: - $ref: '#/components/schemas/Security_Osquery_API_Id' - - in: query - name: query - schema: - additionalProperties: true - type: object - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Get live query details + - savedObject + - name + - version + - title + - assets + metadata: + additionalProperties: false + type: object + properties: + has_policies: + type: boolean + required: + - has_policies + response: + additionalProperties: true + deprecated: true + type: object + properties: + agent: + additionalProperties: false + type: object + properties: + privileges: + additionalProperties: false + type: object + properties: + root: + type: boolean + asset_tags: + items: + additionalProperties: false + type: object + properties: + asset_ids: + items: + type: string + type: array + asset_types: + items: + type: string + type: array + text: + type: string + required: + - text + type: array + assets: + additionalProperties: {} + type: object + categories: + items: + type: string + type: array + conditions: + additionalProperties: true + type: object + properties: + elastic: + additionalProperties: true + type: object + properties: + capabilities: + items: + type: string + type: array + subscription: + type: string + kibana: + additionalProperties: true + type: object + properties: + version: + type: string + data_streams: + items: + additionalProperties: {} + type: object + type: array + description: + type: string + download: + type: string + elasticsearch: + additionalProperties: {} + type: object + format_version: + type: string + icons: + items: + additionalProperties: true + type: object + properties: + dark_mode: + type: boolean + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + type: array + installationInfo: + additionalProperties: true + type: object + properties: + additional_spaces_installed_kibana: + additionalProperties: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + type: object + created_at: + type: string + experimental_data_stream_features: + items: + additionalProperties: true + type: object + properties: + data_stream: + type: string + features: + additionalProperties: true + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + install_format_schema_version: + type: string + install_source: + enum: + - registry + - upload + - bundled + - custom + type: string + install_status: + enum: + - installed + - installing + - install_failed + type: string + installed_es: + items: + additionalProperties: true + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + installed_kibana: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + installed_kibana_space_id: + type: string + latest_executed_state: + additionalProperties: true + type: object + properties: + error: + type: string + name: + type: string + started_at: + type: string + required: + - name + - started_at + latest_install_failed_attempts: + items: + additionalProperties: true + type: object + properties: + created_at: + type: string + error: + additionalProperties: true + type: object + properties: + message: + type: string + name: + type: string + stack: + type: string + required: + - name + - message + target_version: + type: string + required: + - created_at + - target_version + - error + type: array + name: + type: string + namespaces: + items: + type: string + type: array + type: + type: string + updated_at: + type: string + verification_key_id: + nullable: true + type: string + verification_status: + enum: + - unverified + - verified + - unknown + type: string + version: + type: string + required: + - type + - installed_kibana + - installed_es + - name + - version + - install_status + - install_source + - verification_status + internal: + type: boolean + keepPoliciesUpToDate: + type: boolean + latestVersion: + type: string + license: + type: string + licensePath: + type: string + name: + type: string + notice: + type: string + owner: + additionalProperties: true + type: object + properties: + github: + type: string + type: + enum: + - elastic + - partner + - community + type: string + path: + type: string + policy_templates: + items: + additionalProperties: {} + type: object + type: array + readme: + type: string + release: + enum: + - ga + - beta + - experimental + type: string + savedObject: {} + screenshots: + items: + additionalProperties: false + type: object + properties: + dark_mode: + type: boolean + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + type: array + signature_path: + type: string + source: + additionalProperties: true + type: object + properties: + license: + type: string + required: + - license + status: + type: string + title: + type: string + type: + enum: + - integration + - input + type: string + vars: + items: + additionalProperties: {} + type: object + type: array + version: + type: string + required: + - savedObject + - name + - version + - title + - assets + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Security Osquery API - /api/osquery/live_queries/{id}/results/{actionId}: - get: - description: Get the results of a live query using the query action ID. - operationId: OsqueryGetLiveQueryResults + - Elastic Package Manager (EPM) + post: + description: Install package from registry + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D#2' parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string - in: path - name: id + name: pkgName required: true schema: - $ref: '#/components/schemas/Security_Osquery_API_Id' + type: string - in: path - name: actionId + name: pkgVersion required: true schema: - $ref: '#/components/schemas/Security_Osquery_API_Id' + type: string - in: query - name: query - required: true + name: prerelease + required: false schema: - $ref: >- - #/components/schemas/Security_Osquery_API_GetLiveQueryResultsRequestQuery - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Get live query results - tags: - - Security Osquery API - /api/osquery/packs: - get: - description: Get a list of all query packs. - operationId: OsqueryFindPacks - parameters: + type: boolean - in: query - name: query - required: true + name: ignoreMappingUpdateErrors + required: false schema: - $ref: '#/components/schemas/Security_Osquery_API_FindPacksRequestQuery' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Get packs - tags: - - Security Osquery API - post: - description: Create a query pack. - operationId: OsqueryCreatePacks + default: false + type: boolean + - in: query + name: skipDataStreamRollover + required: false + schema: + default: false + type: boolean requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Security_Osquery_API_CreatePacksRequestBody' - required: true + additionalProperties: false + nullable: true + type: object + properties: + force: + default: false + type: boolean + ignore_constraints: + default: false + type: boolean responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Create a pack - tags: - - Security Osquery API - /api/osquery/packs/{id}: - delete: - description: Delete a query pack using the pack ID. - operationId: OsqueryDeletePacks - parameters: - - in: path - name: id - required: true - schema: - $ref: '#/components/schemas/Security_Osquery_API_PackId' - responses: - '200': + additionalProperties: false + type: object + properties: + _meta: + additionalProperties: false + type: object + properties: + install_source: + type: string + required: + - install_source + items: + items: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + - additionalProperties: false + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + response: + deprecated: true + items: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + - additionalProperties: false + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + required: + - items + - _meta + '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Delete a pack + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Security Osquery API - get: - description: Get the details of a query pack using the pack ID. - operationId: OsqueryGetPacksDetails + - Elastic Package Manager (EPM) + put: + description: Update package settings + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D#1' parameters: - - in: path - name: id + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf required: true schema: - $ref: '#/components/schemas/Security_Osquery_API_PackId' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Get pack details - tags: - - Security Osquery API - put: - description: | - Update a query pack using the pack ID. - > info - > You cannot update a prebuilt pack. - operationId: OsqueryUpdatePacks - parameters: + example: 'true' + type: string - in: path - name: id + name: pkgName required: true schema: - $ref: '#/components/schemas/Security_Osquery_API_PackId' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Osquery_API_UpdatePacksRequestBody' - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Update a pack - tags: - - Security Osquery API - /api/osquery/saved_queries: - get: - description: Get a list of all saved queries. - operationId: OsqueryFindSavedQueries - parameters: - - in: query - name: query + type: string + - in: path + name: pkgVersion required: true schema: - $ref: >- - #/components/schemas/Security_Osquery_API_FindSavedQueryRequestQuery - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Get saved queries - tags: - - Security Osquery API - post: - description: Create and run a saved query. - operationId: OsqueryCreateSavedQuery + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: >- - #/components/schemas/Security_Osquery_API_CreateSavedQueryRequestBody - required: true + additionalProperties: false + type: object + properties: + keepPoliciesUpToDate: + type: boolean + required: + - keepPoliciesUpToDate responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Create a saved query - tags: - - Security Osquery API - /api/osquery/saved_queries/{id}: - delete: - description: Delete a saved query using the query ID. - operationId: OsqueryDeleteSavedQuery - parameters: - - in: path - name: id - required: true - schema: - $ref: '#/components/schemas/Security_Osquery_API_SavedQueryId' - responses: - '200': + additionalProperties: false + type: object + properties: + item: + additionalProperties: true + type: object + properties: + agent: + additionalProperties: false + type: object + properties: + privileges: + additionalProperties: false + type: object + properties: + root: + type: boolean + asset_tags: + items: + additionalProperties: false + type: object + properties: + asset_ids: + items: + type: string + type: array + asset_types: + items: + type: string + type: array + text: + type: string + required: + - text + type: array + assets: + additionalProperties: {} + type: object + categories: + items: + type: string + type: array + conditions: + additionalProperties: true + type: object + properties: + elastic: + additionalProperties: true + type: object + properties: + capabilities: + items: + type: string + type: array + subscription: + type: string + kibana: + additionalProperties: true + type: object + properties: + version: + type: string + data_streams: + items: + additionalProperties: {} + type: object + type: array + description: + type: string + download: + type: string + elasticsearch: + additionalProperties: {} + type: object + format_version: + type: string + icons: + items: + additionalProperties: true + type: object + properties: + dark_mode: + type: boolean + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + type: array + installationInfo: + additionalProperties: true + type: object + properties: + additional_spaces_installed_kibana: + additionalProperties: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + type: object + created_at: + type: string + experimental_data_stream_features: + items: + additionalProperties: true + type: object + properties: + data_stream: + type: string + features: + additionalProperties: true + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + install_format_schema_version: + type: string + install_source: + enum: + - registry + - upload + - bundled + - custom + type: string + install_status: + enum: + - installed + - installing + - install_failed + type: string + installed_es: + items: + additionalProperties: true + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + installed_kibana: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + installed_kibana_space_id: + type: string + latest_executed_state: + additionalProperties: true + type: object + properties: + error: + type: string + name: + type: string + started_at: + type: string + required: + - name + - started_at + latest_install_failed_attempts: + items: + additionalProperties: true + type: object + properties: + created_at: + type: string + error: + additionalProperties: true + type: object + properties: + message: + type: string + name: + type: string + stack: + type: string + required: + - name + - message + target_version: + type: string + required: + - created_at + - target_version + - error + type: array + name: + type: string + namespaces: + items: + type: string + type: array + type: + type: string + updated_at: + type: string + verification_key_id: + nullable: true + type: string + verification_status: + enum: + - unverified + - verified + - unknown + type: string + version: + type: string + required: + - type + - installed_kibana + - installed_es + - name + - version + - install_status + - install_source + - verification_status + internal: + type: boolean + keepPoliciesUpToDate: + type: boolean + latestVersion: + type: string + license: + type: string + licensePath: + type: string + name: + type: string + notice: + type: string + owner: + additionalProperties: true + type: object + properties: + github: + type: string + type: + enum: + - elastic + - partner + - community + type: string + path: + type: string + policy_templates: + items: + additionalProperties: {} + type: object + type: array + readme: + type: string + release: + enum: + - ga + - beta + - experimental + type: string + savedObject: {} + screenshots: + items: + additionalProperties: false + type: object + properties: + dark_mode: + type: boolean + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + type: array + signature_path: + type: string + source: + additionalProperties: true + type: object + properties: + license: + type: string + required: + - license + status: + type: string + title: + type: string + type: + enum: + - integration + - input + type: string + vars: + items: + additionalProperties: {} + type: object + type: array + version: + type: string + required: + - savedObject + - name + - version + - title + - assets + response: + additionalProperties: true + deprecated: true + type: object + properties: + agent: + additionalProperties: false + type: object + properties: + privileges: + additionalProperties: false + type: object + properties: + root: + type: boolean + asset_tags: + items: + additionalProperties: false + type: object + properties: + asset_ids: + items: + type: string + type: array + asset_types: + items: + type: string + type: array + text: + type: string + required: + - text + type: array + assets: + additionalProperties: {} + type: object + categories: + items: + type: string + type: array + conditions: + additionalProperties: true + type: object + properties: + elastic: + additionalProperties: true + type: object + properties: + capabilities: + items: + type: string + type: array + subscription: + type: string + kibana: + additionalProperties: true + type: object + properties: + version: + type: string + data_streams: + items: + additionalProperties: {} + type: object + type: array + description: + type: string + download: + type: string + elasticsearch: + additionalProperties: {} + type: object + format_version: + type: string + icons: + items: + additionalProperties: true + type: object + properties: + dark_mode: + type: boolean + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + type: array + installationInfo: + additionalProperties: true + type: object + properties: + additional_spaces_installed_kibana: + additionalProperties: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + type: object + created_at: + type: string + experimental_data_stream_features: + items: + additionalProperties: true + type: object + properties: + data_stream: + type: string + features: + additionalProperties: true + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + install_format_schema_version: + type: string + install_source: + enum: + - registry + - upload + - bundled + - custom + type: string + install_status: + enum: + - installed + - installing + - install_failed + type: string + installed_es: + items: + additionalProperties: true + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + installed_kibana: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + installed_kibana_space_id: + type: string + latest_executed_state: + additionalProperties: true + type: object + properties: + error: + type: string + name: + type: string + started_at: + type: string + required: + - name + - started_at + latest_install_failed_attempts: + items: + additionalProperties: true + type: object + properties: + created_at: + type: string + error: + additionalProperties: true + type: object + properties: + message: + type: string + name: + type: string + stack: + type: string + required: + - name + - message + target_version: + type: string + required: + - created_at + - target_version + - error + type: array + name: + type: string + namespaces: + items: + type: string + type: array + type: + type: string + updated_at: + type: string + verification_key_id: + nullable: true + type: string + verification_status: + enum: + - unverified + - verified + - unknown + type: string + version: + type: string + required: + - type + - installed_kibana + - installed_es + - name + - version + - install_status + - install_source + - verification_status + internal: + type: boolean + keepPoliciesUpToDate: + type: boolean + latestVersion: + type: string + license: + type: string + licensePath: + type: string + name: + type: string + notice: + type: string + owner: + additionalProperties: true + type: object + properties: + github: + type: string + type: + enum: + - elastic + - partner + - community + type: string + path: + type: string + policy_templates: + items: + additionalProperties: {} + type: object + type: array + readme: + type: string + release: + enum: + - ga + - beta + - experimental + type: string + savedObject: {} + screenshots: + items: + additionalProperties: false + type: object + properties: + dark_mode: + type: boolean + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + type: array + signature_path: + type: string + source: + additionalProperties: true + type: object + properties: + license: + type: string + required: + - license + status: + type: string + title: + type: string + type: + enum: + - integration + - input + type: string + vars: + items: + additionalProperties: {} + type: object + type: array + version: + type: string + required: + - savedObject + - name + - version + - title + - assets + required: + - item + '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Delete a saved query + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Security Osquery API + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/{pkgName}/{pkgVersion}/{filePath*}: get: - description: Get the details of a saved query using the query ID. - operationId: OsqueryGetSavedQueryDetails + description: Get package file + operationId: >- + %2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D%2F%7BfilePath*%7D#0 parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string - in: path - name: id + name: pkgName required: true schema: - $ref: '#/components/schemas/Security_Osquery_API_SavedQueryId' + type: string + - in: path + name: pkgVersion + required: true + schema: + type: string + - in: path + name: filePath + required: true + schema: + type: string responses: '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: {} + '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Get saved query details + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Security Osquery API - put: - description: | - Update a saved query using the query ID. - > info - > You cannot update a prebuilt saved query. - operationId: OsqueryUpdateSavedQuery + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/{pkgName}/{pkgVersion}/transforms/authorize: + post: + description: Authorize transforms + operationId: >- + %2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D%2Ftransforms%2Fauthorize#0 parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string - in: path - name: id + name: pkgName required: true schema: - $ref: '#/components/schemas/Security_Osquery_API_SavedQueryId' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_UpdateSavedQueryRequestBody - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Update a saved query - tags: - - Security Osquery API - /api/pinned_event: - patch: - description: Pin an event to an existing Timeline. - operationId: PersistPinnedEventRoute + type: string + - in: path + name: pkgVersion + required: true + schema: + type: string + - in: query + name: prerelease + required: false + schema: + type: boolean requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - eventId: - type: string - pinnedEventId: - nullable: true - type: string - timelineId: - type: string - required: - - eventId - - timelineId - description: The pinned event to add or update, along with additional metadata. - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - data: + transforms: + items: + additionalProperties: false type: object properties: - persistPinnedEventOnTimeline: - $ref: >- - #/components/schemas/Security_Timeline_API_PersistPinnedEventResponse + transformId: + type: string required: - - persistPinnedEventOnTimeline - required: - - data - description: Indicates the event was successfully pinned to the Timeline. - summary: Pin an event - tags: - - Security Timeline API - - access:securitySolution - /api/risk_score/engine/dangerously_delete_data: - delete: - description: >- - Cleaning up the the Risk Engine by removing the indices, mapping and - transforms - operationId: CleanUpRiskEngine - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - cleanup_successful: - type: boolean - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_TaskManagerUnavailableResponse - description: Task manager is unavailable - default: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_CleanUpRiskEngineErrorResponse - description: Unexpected error - summary: Cleanup the Risk Engine - tags: - - Security Entity Analytics API - /api/risk_score/engine/schedule_now: - post: - description: >- - Schedule the risk scoring engine to run as soon as possible. You can use - this to recalculate entity risk scores after updating their asset - criticality. - operationId: ScheduleRiskEngineNow - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: {} + - transformId + type: array + required: + - transforms responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_RiskEngineScheduleNowResponse - description: Successful response + items: + additionalProperties: false + type: object + properties: + error: + nullable: true + success: + type: boolean + transformId: + type: string + required: + - transformId + - success + - error + type: array '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_TaskManagerUnavailableResponse - description: Task manager is unavailable - default: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_RiskEngineScheduleNowErrorResponse - description: Unexpected error - summary: Run the risk scoring engine + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Security Entity Analytics API - /api/saved_objects/_export: - post: - description: > - Retrieve sets of saved objects that you want to import into Kibana. - - You must include `type` or `objects` in the request body. - - - Exported saved objects are not backwards compatible and cannot be - imported into an older version of Kibana. - - - NOTE: The `savedObjects.maxImportExportSize` configuration setting - limits the number of saved objects which may be exported. - - - This functionality is in technical preview and may be changed or removed - in a future release. Elastic will work to fix any issues, but features - in technical preview are not subject to the support SLA of official GA - features. - operationId: exportSavedObjectsDefault + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/{pkgName}/stats: + get: + description: Get package stats + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2Fstats#0' parameters: - - $ref: '#/components/parameters/Serverless_saved_objects_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - exportSavedObjectsRequest: - $ref: >- - #/components/examples/Serverless_saved_objects_export_objects_request - schema: - type: object - properties: - excludeExportDetails: - default: false - description: Do not add export details entry at the end of the stream. - type: boolean - includeReferencesDeep: - description: >- - Includes all of the referenced objects in the exported - objects. - type: boolean - objects: - description: A list of objects to export. - items: - type: object - type: array - type: - description: >- - The saved object types to include in the export. Use `*` to - export all the types. - oneOf: - - type: string - - items: - type: string - type: array - required: true + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: pkgName + required: true + schema: + type: string responses: '200': content: - application/x-ndjson; Elastic-Api-Version=2023-10-31: - examples: - exportSavedObjectsResponse: - $ref: >- - #/components/examples/Serverless_saved_objects_export_objects_response + application/json; Elastic-Api-Version=2023-10-31: schema: - additionalProperties: true + additionalProperties: false type: object - description: Indicates a successful call. + properties: + response: + additionalProperties: false + type: object + properties: + agent_policy_count: + type: number + required: + - agent_policy_count + required: + - response '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Serverless_saved_objects_400_response' - description: Bad request. - summary: Export saved objects + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - saved objects - /api/saved_objects/_import: - post: - description: > - Create sets of Kibana saved objects from a file created by the export - API. - - Saved objects can be imported only into the same version, a newer minor - on the same major, or the next major. Exported saved objects are not - backwards compatible and cannot be imported into an older version of - Kibana. - - - This functionality is in technical preview and may be changed or removed - in a future release. Elastic will work to fix any issues, but features - in technical preview are not subject to the support SLA of official GA - features. - operationId: importSavedObjectsDefault + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/installed: + get: + description: Get installed packages + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2Finstalled#0' parameters: - - $ref: '#/components/parameters/Serverless_saved_objects_kbn_xsrf' - - description: > - Creates copies of saved objects, regenerates each object ID, and - resets the origin. When used, potential conflict errors are avoided. - NOTE: This option cannot be used with the `overwrite` and - `compatibilityMode` options. - in: query - name: createNewCopies + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: dataStreamType required: false schema: - type: boolean - - description: > - Overwrites saved objects when they already exist. When used, - potential conflict errors are automatically resolved by overwriting - the destination object. NOTE: This option cannot be used with the - `createNewCopies` option. - in: query - name: overwrite + enum: + - logs + - metrics + - traces + - synthetics + - profiling + type: string + - in: query + name: showOnlyActiveDataStreams required: false schema: type: boolean - - description: > - Applies various adjustments to the saved objects that are being - imported to maintain compatibility between different Kibana - versions. Use this option only if you encounter issues with imported - saved objects. NOTE: This option cannot be used with the - `createNewCopies` option. - in: query - name: compatibilityMode + - in: query + name: nameQuery required: false schema: - type: boolean - requestBody: - content: - multipart/form-data; Elastic-Api-Version=2023-10-31: - examples: - importObjectsRequest: - $ref: >- - #/components/examples/Serverless_saved_objects_import_objects_request - schema: - type: object - properties: - file: - description: > - A file exported using the export API. NOTE: The - `savedObjects.maxImportExportSize` configuration setting - limits the number of saved objects which may be included in - this file. Similarly, the - `savedObjects.maxImportPayloadBytes` setting limits the - overall size of the file that can be imported. - required: true + type: string + - in: query + name: searchAfter + required: false + schema: + items: + anyOf: + - type: string + - type: number + type: array + - in: query + name: perPage + required: false + schema: + default: 15 + type: number + - in: query + name: sortOrder + required: false + schema: + default: asc + enum: + - asc + - desc + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: - examples: - importObjectsResponse: - $ref: >- - #/components/examples/Serverless_saved_objects_import_objects_response schema: + additionalProperties: false type: object properties: - errors: - description: > - Indicates the import was unsuccessful and specifies the - objects that failed to import. - - - NOTE: One object may result in multiple errors, which - requires separate steps to resolve. For instance, a - `missing_references` error and conflict error. + items: items: + additionalProperties: false type: object + properties: + dataStreams: + items: + additionalProperties: false + type: object + properties: + name: + type: string + title: + type: string + required: + - name + - title + type: array + description: + type: string + icons: + items: + additionalProperties: false + type: object + properties: + dark_mode: + type: boolean + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + type: array + name: + type: string + status: + type: string + title: + type: string + version: + type: string + required: + - name + - version + - status + - dataStreams type: array - success: - description: > - Indicates when the import was successfully completed. When - set to false, some objects may not have been created. For - additional information, refer to the `errors` and - `successResults` properties. - type: boolean - successCount: - description: Indicates the number of successfully imported records. - type: integer - successResults: - description: > - Indicates the objects that are successfully imported, with - any metadata if applicable. - - - NOTE: Objects are created only when all resolvable errors - are addressed, including conflicts and missing references. - If objects are created as new copies, each entry in the - `successResults` array includes a `destinationId` - attribute. + searchAfter: items: - type: object + anyOf: + - type: string + - type: number + - type: boolean + - enum: [] + nullable: true + - {} type: array - description: Indicates a successful call. + total: + type: number + required: + - items + - total '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Serverless_saved_objects_400_response' - description: Bad request. - summary: Import saved objects + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - saved objects - x-codeSamples: - - label: Import with createNewCopies - lang: cURL - source: | - curl \ - -X POST api/saved_objects/_import?createNewCopies=true - -H "kbn-xsrf: true" - --form file=@file.ndjson - /api/security_ai_assistant/anonymization_fields/_bulk_action: - post: - description: >- - Apply a bulk action to multiple anonymization fields. The bulk action is - applied to all anonymization fields that match the filter or to the list - of anonymization fields by their IDs. - operationId: PerformAnonymizationFieldsBulkAction - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - create: - items: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldCreateProps - type: array - delete: - type: object - properties: - ids: - description: Array of anonymization fields IDs - items: - type: string - minItems: 1 - type: array - query: - description: Query to filter anonymization fields - type: string - update: - items: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldUpdateProps - type: array + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/limited: + get: + description: Get limited package list + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2Flimited#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldsBulkCrudActionResponse - description: Indicates a successful call. + additionalProperties: false + type: object + properties: + items: + items: + type: string + type: array + response: + deprecated: true + items: + type: string + type: array + required: + - items '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: error: @@ -15728,86 +22663,107 @@ paths: type: string statusCode: type: number - description: Generic Error - summary: Apply a bulk action to anonymization fields + required: + - message + summary: '' tags: - - Security AI Assistant API - - Bulk API - /api/security_ai_assistant/anonymization_fields/_find: + - Elastic Package Manager (EPM) + /api/fleet/epm/templates/{pkgName}/{pkgVersion}/inputs: get: - description: Get a list of all anonymization fields. - operationId: FindAnonymizationFields + description: Get inputs template + operationId: >- + %2Fapi%2Ffleet%2Fepm%2Ftemplates%2F%7BpkgName%7D%2F%7BpkgVersion%7D%2Finputs#0 parameters: - - in: query - name: fields - required: false + - description: The version of the API to use + in: header + name: elastic-api-version schema: - items: - type: string - type: array - - description: Search query - in: query - name: filter - required: false + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: pkgName + required: true schema: type: string - - description: Field to sort by - in: query - name: sort_field - required: false + - in: path + name: pkgVersion + required: true schema: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_FindAnonymizationFieldsSortField - - description: Sort order - in: query - name: sort_order + type: string + - in: query + name: format required: false schema: - $ref: '#/components/schemas/Security_AI_Assistant_API_SortOrder' - - description: Page number - in: query - name: page + default: json + enum: + - json + - yml + - yaml + type: string + - in: query + name: prerelease required: false schema: - default: 1 - minimum: 1 - type: integer - - description: AnonymizationFields per page - in: query - name: per_page + type: boolean + - in: query + name: ignoreUnverified required: false schema: - default: 20 - minimum: 0 - type: integer + type: boolean responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - data: - items: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldResponse - type: array - page: - type: integer - perPage: - type: integer - total: - type: integer - required: - - page - - perPage - - total - - data - description: Successful response + anyOf: + - type: string + - additionalProperties: false + type: object + properties: + inputs: + items: + additionalProperties: false + type: object + properties: + id: + type: string + streams: + items: + additionalProperties: true + type: object + properties: + data_stream: + additionalProperties: true + type: object + properties: + dataset: + type: string + type: + type: string + required: + - dataset + id: + type: string + required: + - id + - data_stream + type: array + type: + type: string + required: + - id + - type + type: array + required: + - inputs '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: error: @@ -15816,33 +22772,43 @@ paths: type: string statusCode: type: number - description: Generic Error - summary: Get anonymization fields + required: + - message + summary: '' tags: - - Security AI Assistant API - - AnonymizationFields API - /api/security_ai_assistant/chat/complete: - post: - description: Create a model response for the given chat conversation. - operationId: ChatComplete - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_AI_Assistant_API_ChatCompleteProps' - required: true + - Elastic Package Manager (EPM) + /api/fleet/epm/verification_key_id: + get: + description: Get a package signature verification key ID + operationId: '%2Fapi%2Ffleet%2Fepm%2Fverification_key_id#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string responses: '200': content: - application/octet-stream; Elastic-Api-Version=2023-10-31: + application/json; Elastic-Api-Version=2023-10-31: schema: - format: binary - type: string - description: Indicates a successful call. + additionalProperties: false + type: object + properties: + id: + nullable: true + type: string + required: + - id '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: error: @@ -15851,34 +22817,79 @@ paths: type: string statusCode: type: number - description: Generic Error - summary: Create a model response + required: + - message + summary: '' tags: - - Security AI Assistant API - - Chat Complete API - /api/security_ai_assistant/current_user/conversations: - post: - description: Create a new Security AI Assistant conversation. - operationId: CreateConversation - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_ConversationCreateProps - required: true + - Elastic Package Manager (EPM) + /api/fleet/fleet_server_hosts: + get: + description: List Fleet Server hosts + operationId: '%2Fapi%2Ffleet%2Ffleet_server_hosts#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_ConversationResponse - description: Indicates a successful call. + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + host_urls: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + default: false + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + required: + - id + - name + - host_urls + type: array + page: + type: number + perPage: + type: number + total: + type: number + required: + - items + - total + - page + - perPage '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: error: @@ -15887,86 +22898,104 @@ paths: type: string statusCode: type: number - description: Generic Error - summary: Create a conversation + required: + - message + summary: '' tags: - - Security AI Assistant API - - Conversation API - /api/security_ai_assistant/current_user/conversations/_find: - get: - description: Get a list of all conversations for the current user. - operationId: FindConversations + - Fleet Server hosts + post: + description: Create Fleet Server host + operationId: '%2Fapi%2Ffleet%2Ffleet_server_hosts#1' parameters: - - in: query - name: fields - required: false - schema: - items: - type: string - type: array - - description: Search query - in: query - name: filter - required: false + - description: The version of the API to use + in: header + name: elastic-api-version schema: + default: '2023-10-31' + enum: + - '2023-10-31' type: string - - description: Field to sort by - in: query - name: sort_field - required: false - schema: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_FindConversationsSortField - - description: Sort order - in: query - name: sort_order - required: false - schema: - $ref: '#/components/schemas/Security_AI_Assistant_API_SortOrder' - - description: Page number - in: query - name: page - required: false - schema: - default: 1 - minimum: 1 - type: integer - - description: Conversations per page - in: query - name: per_page - required: false + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true schema: - default: 20 - minimum: 0 - type: integer + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + host_urls: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + default: false + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + required: + - name + - host_urls responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - data: - items: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_ConversationResponse - type: array - page: - type: integer - perPage: - type: integer - total: - type: integer + item: + additionalProperties: false + type: object + properties: + host_urls: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + default: false + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + required: + - id + - name + - host_urls required: - - page - - perPage - - total - - data - description: Successful response + - item '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: error: @@ -15975,34 +23004,54 @@ paths: type: string statusCode: type: number - description: Generic Error - summary: Get conversations + required: + - message + summary: '' tags: - - Security AI Assistant API - - Conversations API - /api/security_ai_assistant/current_user/conversations/{id}: + - Fleet Server hosts + /api/fleet/fleet_server_hosts/{itemId}: delete: - description: Delete an existing conversation using the conversation ID. - operationId: DeleteConversation + description: Delete Fleet Server host by ID + operationId: '%2Fapi%2Ffleet%2Ffleet_server_hosts%2F%7BitemId%7D#1' parameters: - - description: The conversation's `id` value. - in: path - name: id + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf required: true schema: - $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + example: 'true' + type: string + - in: path + name: itemId + required: true + schema: + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_ConversationResponse - description: Indicates a successful call. + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: error: @@ -16011,33 +23060,72 @@ paths: type: string statusCode: type: number - description: Generic Error - summary: Delete a conversation + required: + - message + summary: '' tags: - - Security AI Assistant API - - Conversation API + - Fleet Server hosts get: - description: Get the details of an existing conversation using the conversation ID. - operationId: ReadConversation + description: Get Fleet Server host by ID + operationId: '%2Fapi%2Ffleet%2Ffleet_server_hosts%2F%7BitemId%7D#0' parameters: - - description: The conversation's `id` value. - in: path - name: id + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: itemId required: true schema: - $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_ConversationResponse - description: Indicates a successful call. + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + host_urls: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + default: false + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + required: + - id + - name + - host_urls + required: + - item '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: error: @@ -16046,40 +23134,102 @@ paths: type: string statusCode: type: number - description: Generic Error - summary: Get a conversation + required: + - message + summary: '' tags: - - Security AI Assistant API - - Conversations API + - Fleet Server hosts put: - description: Update an existing conversation using the conversation ID. - operationId: UpdateConversation + description: Update Fleet Server host by ID + operationId: '%2Fapi%2Ffleet%2Ffleet_server_hosts%2F%7BitemId%7D#2' parameters: - - description: The conversation's `id` value. - in: path - name: id + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf required: true schema: - $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + example: 'true' + type: string + - in: path + name: itemId + required: true + schema: + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_ConversationUpdateProps - required: true + additionalProperties: false + type: object + properties: + host_urls: + items: + type: string + minItems: 1 + type: array + is_default: + type: boolean + is_internal: + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + required: + - proxy_id responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_ConversationResponse - description: Indicates a successful call. + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + host_urls: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + default: false + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + required: + - id + - name + - host_urls + required: + - item '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: error: @@ -16088,58 +23238,70 @@ paths: type: string statusCode: type: number - description: Generic Error - summary: Update a conversation + required: + - message + summary: '' tags: - - Security AI Assistant API - - Conversation API - /api/security_ai_assistant/prompts/_bulk_action: + - Fleet Server hosts + /api/fleet/health_check: post: - description: >- - Apply a bulk action to multiple prompts. The bulk action is applied to - all prompts that match the filter or to the list of prompts by their - IDs. - operationId: PerformPromptsBulkAction + description: Check Fleet Server health + operationId: '%2Fapi%2Ffleet%2Fhealth_check#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - create: - items: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_PromptCreateProps - type: array - delete: - type: object - properties: - ids: - description: Array of prompts IDs - items: - type: string - minItems: 1 - type: array - query: - description: Query to filter promps - type: string - update: - items: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_PromptUpdateProps - type: array + host: + format: uri + type: string + id: + type: string + required: + - id responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_PromptsBulkCrudActionResponse - description: Indicates a successful call. + additionalProperties: false + type: object + properties: + host: + deprecated: true + type: string + host_id: + type: string + name: + type: string + status: + type: string + required: + - status '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: error: @@ -16148,86 +23310,73 @@ paths: type: string statusCode: type: number - description: Generic Error - summary: Apply a bulk action to prompts + required: + - message + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Security AI Assistant API - - Bulk API - /api/security_ai_assistant/prompts/_find: + - Fleet internals + /api/fleet/kubernetes: get: - description: Get a list of all prompts. - operationId: FindPrompts + description: Get full K8s agent manifest + operationId: '%2Fapi%2Ffleet%2Fkubernetes#0' parameters: - - in: query - name: fields - required: false - schema: - items: - type: string - type: array - - description: Search query - in: query - name: filter - required: false + - description: The version of the API to use + in: header + name: elastic-api-version schema: + default: '2023-10-31' + enum: + - '2023-10-31' type: string - - description: Field to sort by - in: query - name: sort_field - required: false - schema: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_FindPromptsSortField - - description: Sort order - in: query - name: sort_order + - in: query + name: download required: false schema: - $ref: '#/components/schemas/Security_AI_Assistant_API_SortOrder' - - description: Page number - in: query - name: page + type: boolean + - in: query + name: fleetServer required: false schema: - default: 1 - minimum: 1 - type: integer - - description: Prompts per page - in: query - name: per_page + type: string + - in: query + name: enrolToken required: false schema: - default: 20 - minimum: 0 - type: integer + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - data: - items: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_PromptResponse - type: array - page: - type: integer - perPage: - type: integer - total: - type: integer + item: + type: string required: - - page - - perPage - - total - - data - description: Successful response + - item '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: error: @@ -16236,15 +23385,14 @@ paths: type: string statusCode: type: number - description: Generic Error - summary: Get prompts + required: + - message + summary: '' tags: - - Security AI Assistant API - - Prompts API - /api/spaces/space: + - Elastic Agent policies + /api/fleet/kubernetes/download: get: - description: Get all spaces - operationId: '%2Fapi%2Fspaces%2Fspace#0' + operationId: '%2Fapi%2Ffleet%2Fkubernetes%2Fdownload#0' parameters: - description: The version of the API to use in: header @@ -16255,95 +23403,65 @@ paths: - '2023-10-31' type: string - in: query - name: purpose + name: download required: false schema: - enum: - - any - - copySavedObjectsIntoSpace - - shareSavedObjectsIntoSpace - type: string + type: boolean - in: query - name: include_authorized_purposes - required: true - schema: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - enum: - - false - type: boolean - x-oas-optional: true - - type: boolean - x-oas-optional: true - responses: {} - summary: '' - tags: - - spaces - post: - description: Create a space - operationId: '%2Fapi%2Fspaces%2Fspace#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version + name: fleetServer + required: false schema: - default: '2023-10-31' - enum: - - '2023-10-31' type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true + - in: query + name: enrolToken + required: false schema: - example: 'true' type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - _reserved: - type: boolean - color: - type: string - description: - type: string - disabledFeatures: - default: [] - items: + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: string + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: type: string - type: array - id: - type: string - imageUrl: - type: string - initials: - maxLength: 2 - type: string - name: - minLength: 1 - type: string - required: - - id - - name - responses: {} + message: + type: string + statusCode: + type: number + required: + - message + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message summary: '' tags: - - spaces - /api/spaces/space/{id}: - delete: - description: Delete a space - operationId: '%2Fapi%2Fspaces%2Fspace%2F%7Bid%7D#2' + - Elastic Agent policies + /api/fleet/logstash_api_keys: + post: + description: Generate Logstash API keyy + operationId: '%2Fapi%2Ffleet%2Flogstash_api_keys#0' parameters: - description: The version of the API to use in: header @@ -16360,39 +23478,41 @@ paths: schema: example: 'true' type: string - - in: path - name: id - required: true - schema: - type: string - responses: {} - summary: '' - tags: - - spaces - get: - description: Get a space - operationId: '%2Fapi%2Fspaces%2Fspace%2F%7Bid%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: id - required: true - schema: - type: string - responses: {} + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + api_key: + type: string + required: + - api_key + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message summary: '' tags: - - spaces - put: - description: Update a space - operationId: '%2Fapi%2Fspaces%2Fspace%2F%7Bid%7D#1' + - Fleet outputs + /api/fleet/message_signing_service/rotate_key_pair: + post: + description: Rotate fleet message signing key pair + operationId: '%2Fapi%2Ffleet%2Fmessage_signing_service%2Frotate_key_pair#0' parameters: - description: The version of the API to use in: header @@ -16409,698 +23529,2362 @@ paths: schema: example: 'true' type: string - - in: path - name: id - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - _reserved: - type: boolean - color: - type: string - description: - type: string - disabledFeatures: - default: [] - items: - type: string - type: array - id: - type: string - imageUrl: - type: string - initials: - maxLength: 2 - type: string - name: - minLength: 1 - type: string - required: - - id - - name - responses: {} - summary: '' - tags: - - spaces - /api/status: - get: - operationId: '%2Fapi%2Fstatus#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: Set to "true" to get the response in v7 format. - in: query - name: v7format - required: false - schema: - type: boolean - - description: Set to "true" to get the response in v8 format. - in: query - name: v8format + - in: query + name: acknowledge required: false schema: + default: false type: boolean responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - anyOf: - - $ref: '#/components/schemas/Kibana_HTTP_APIs_core_status_response' - - $ref: >- - #/components/schemas/Kibana_HTTP_APIs_core_status_redactedResponse - description: >- - Kibana's operational status. A minimal response is sent for - unauthorized users. - description: Overall status is OK and Kibana should be functioning normally. - '503': + additionalProperties: false + type: object + properties: + message: + type: string + required: + - message + '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - anyOf: - - $ref: '#/components/schemas/Kibana_HTTP_APIs_core_status_response' - - $ref: >- - #/components/schemas/Kibana_HTTP_APIs_core_status_redactedResponse - description: >- - Kibana's operational status. A minimal response is sent for - unauthorized users. - description: >- - Kibana or some of it's essential services are unavailable. Kibana - may be degraded or unavailable. - summary: Get Kibana's current status - tags: - - system - /api/timeline: - delete: - description: Delete one or more Timelines or Timeline templates. - operationId: DeleteTimelines - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - savedObjectIds: - items: + additionalProperties: false + description: Generic Error + type: object + properties: + error: type: string - type: array - searchIds: - description: >- - Saved search ids that should be deleted alongside the - timelines - items: + message: type: string - type: array - required: - - savedObjectIds - description: The IDs of the Timelines or Timeline templates to delete. - required: true - responses: - '200': + statusCode: + type: number + required: + - message + '500': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - data: - type: object - properties: - deleteTimeline: - type: boolean - required: - - deleteTimeline + error: + type: string + message: + type: string + statusCode: + type: number required: - - data - description: Indicates the Timeline was successfully deleted. - summary: Delete Timelines or Timeline templates + - message + summary: '' tags: - - Security Timeline API - - access:securitySolution + - Message Signing Service + /api/fleet/outputs: get: - description: Get the details of an existing saved Timeline or Timeline template. - operationId: GetTimeline + description: List outputs + operationId: '%2Fapi%2Ffleet%2Foutputs#0' parameters: - - description: The ID of the template timeline to retrieve - in: query - name: template_timeline_id - schema: - type: string - - description: The ID of the Timeline to retrieve. - in: query - name: id + - description: The version of the API to use + in: header + name: elastic-api-version schema: + default: '2023-10-31' + enum: + - '2023-10-31' type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - oneOf: - - type: object - properties: - data: - type: object - properties: - getOneTimeline: - $ref: >- - #/components/schemas/Security_Timeline_API_TimelineResponse - required: - - getOneTimeline - required: - - data - - additionalProperties: false - type: object - description: Indicates that the (template) Timeline was found and returned. - summary: Get Timeline or Timeline template details - tags: - - Security Timeline API - - access:securitySolution - patch: - description: >- - Update an existing Timeline. You can update the title, description, date - range, pinned events, pinned queries, and/or pinned saved queries of an - existing Timeline. - operationId: PatchTimeline - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - timeline: - $ref: '#/components/schemas/Security_Timeline_API_SavedTimeline' - timelineId: - nullable: true - type: string - version: - nullable: true - type: string - required: - - timelineId - - version - - timeline - description: The Timeline updates, along with the Timeline ID and version. - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Timeline_API_PersistTimelineResponse - description: >- - Indicates that the draft Timeline was successfully created. In the - event the user already has a draft Timeline, the existing draft - Timeline is cleared and returned. - '405': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: + additionalProperties: false type: object properties: - body: - type: string - statusCode: + items: + items: + anyOf: + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - elasticsearch + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: true + type: object + properties: + service_token: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + service_token: + nullable: true + type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - remote_elasticsearch + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: true + type: object + properties: + ssl: + additionalProperties: true + type: object + properties: + key: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - logstash + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + auth_type: + enum: + - none + - user_pass + - ssl + - kerberos + type: string + broker_timeout: + type: number + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + client_id: + type: string + compression: + enum: + - gzip + - snappy + - lz4 + - none + type: string + compression_level: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: number + - not: {} + config_yaml: + nullable: true + type: string + connection_type: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - enum: + - plaintext + - encryption + type: string + - not: {} + hash: + additionalProperties: true + type: object + properties: + hash: + type: string + random: + type: boolean + headers: + items: + additionalProperties: true + type: object + properties: + key: + type: string + value: + type: string + required: + - key + - value + type: array + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + key: + type: string + name: + type: string + partition: + enum: + - random + - round_robin + - hash + type: string + password: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - not: {} + - anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + proxy_id: + nullable: true + type: string + random: + additionalProperties: true + type: object + properties: + group_events: + type: number + required_acks: + enum: + - 1 + - 0 + - -1 + type: integer + round_robin: + additionalProperties: true + type: object + properties: + group_events: + type: number + sasl: + additionalProperties: true + nullable: true + type: object + properties: + mechanism: + enum: + - PLAIN + - SCRAM-SHA-256 + - SCRAM-SHA-512 + type: string + secrets: + additionalProperties: true + type: object + properties: + password: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + ssl: + additionalProperties: true + type: object + properties: + key: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + required: + - key + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + timeout: + type: number + topic: + type: string + topics: + items: + additionalProperties: true + type: object + properties: + topic: + type: string + when: + additionalProperties: true + type: object + properties: + condition: + type: string + type: + enum: + - equals + - contains + - regexp + type: string + required: + - topic + minItems: 1 + type: array + type: + enum: + - kafka + type: string + username: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + version: + type: string + required: + - name + - type + - hosts + - compression_level + - auth_type + - connection_type + - username + - password + type: array + page: type: number - description: >- - Indicates that the user does not have the required access to create - a draft Timeline. - summary: Update a Timeline - tags: - - Security Timeline API - - access:securitySolution - post: - description: Create a new Timeline or Timeline template. - operationId: CreateTimelines - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - status: - $ref: '#/components/schemas/Security_Timeline_API_TimelineStatus' - nullable: true - templateTimelineId: - nullable: true - type: string - templateTimelineVersion: - nullable: true - type: number - timeline: - $ref: '#/components/schemas/Security_Timeline_API_SavedTimeline' - timelineId: - nullable: true - type: string - timelineType: - $ref: '#/components/schemas/Security_Timeline_API_TimelineType' - nullable: true - version: - nullable: true - type: string - required: - - timeline - description: >- - The required Timeline fields used to create a new Timeline, along with - optional fields that will be created if not provided. - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Timeline_API_PersistTimelineResponse - description: Indicates the Timeline was successfully created. - '405': + perPage: + type: number + total: + type: number + required: + - items + - total + - page + - perPage + '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - body: + error: + type: string + message: type: string statusCode: type: number - description: Indicates that there was an error in the Timeline creation. - summary: Create a Timeline or Timeline template + required: + - message + summary: '' tags: - - Security Timeline API - - access:securitySolution - /api/timeline/_copy: - get: - description: | - Copies and returns a timeline or timeline template. - operationId: CopyTimeline + - Fleet outputs + post: + description: Create output + operationId: '%2Fapi%2Ffleet%2Foutputs#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - timeline: - $ref: '#/components/schemas/Security_Timeline_API_SavedTimeline' - timelineIdToCopy: - type: string - required: - - timeline - - timelineIdToCopy - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Timeline_API_PersistTimelineResponse - description: Indicates that the timeline has been successfully copied. - summary: Copies timeline or timeline template - tags: - - Security Timeline API - - access:securitySolution - /api/timeline/_draft: - get: - description: >- - Get the details of the draft Timeline or Timeline template for the - current user. If the user doesn't have a draft Timeline, an empty - Timeline is returned. - operationId: GetDraftTimelines - parameters: - - in: query - name: timelineType - required: true - schema: - $ref: '#/components/schemas/Security_Timeline_API_TimelineType' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Timeline_API_PersistTimelineResponse - description: Indicates that the draft Timeline was successfully retrieved. - '403': - content: - application:json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - message: - type: string - status_code: - type: number - description: >- - If a draft Timeline was not found and we attempted to create one, it - indicates that the user does not have the required permissions to - create a draft Timeline. - '409': - content: - application:json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - message: - type: string - status_code: - type: number - description: >- - This should never happen, but if a draft Timeline was not found and - we attempted to create one, it indicates that there is already a - draft Timeline with the given `timelineId`. - summary: Get draft Timeline or Timeline template details - tags: - - Security Timeline API - - access:securitySolution - post: - description: > - Create a clean draft Timeline or Timeline template for the current user. - - > info - - > If the user already has a draft Timeline, the existing draft Timeline - is cleared and returned. - operationId: CleanDraftTimelines - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - timelineType: - $ref: '#/components/schemas/Security_Timeline_API_TimelineType' - required: - - timelineType - description: >- - The type of Timeline to create. Valid values are `default` and - `template`. - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Timeline_API_PersistTimelineResponse - description: >- - Indicates that the draft Timeline was successfully created. In the - event the user already has a draft Timeline, the existing draft - Timeline is cleared and returned. - '403': - content: - application:json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - message: - type: string - status_code: - type: number - description: >- - Indicates that the user does not have the required permissions to - create a draft Timeline. - '409': - content: - application:json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - message: - type: string - status_code: - type: number - description: >- - Indicates that there is already a draft Timeline with the given - `timelineId`. - summary: Create a clean draft Timeline or Timeline template - tags: - - Security Timeline API - - access:securitySolution - /api/timeline/_export: - post: - description: Export Timelines as an NDJSON file. - operationId: ExportTimelines - parameters: - - description: The name of the file to export - in: query - name: file_name - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - ids: - items: - type: string - nullable: true - type: array - description: The IDs of the Timelines to export. - required: true - responses: - '200': - content: - application/ndjson; Elastic-Api-Version=2023-10-31: - schema: - description: NDJSON of the exported Timelines - type: string - description: Indicates the Timelines were successfully exported. - '400': - content: - application/ndjson; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - body: - type: string - statusCode: - type: number - description: Indicates that the export size limit was exceeded. - summary: Export Timelines - tags: - - Security Timeline API - - access:securitySolution - /api/timeline/_favorite: - patch: - description: Favorite a Timeline or Timeline template for the current user. - operationId: PersistFavoriteRoute - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - templateTimelineId: - nullable: true - type: string - templateTimelineVersion: - nullable: true - type: number - timelineId: - nullable: true - type: string - timelineType: - $ref: '#/components/schemas/Security_Timeline_API_TimelineType' - nullable: true - required: - - timelineId - - templateTimelineId - - templateTimelineVersion - - timelineType - description: The required fields used to favorite a (template) Timeline. - required: true + anyOf: + - additionalProperties: false + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + shipper: + additionalProperties: false + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: false + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - elasticsearch + type: string + required: + - name + - type + - hosts + - additionalProperties: false + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: false + type: object + properties: + service_token: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + - type: string + service_token: + nullable: true + type: string + shipper: + additionalProperties: false + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: false + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - remote_elasticsearch + type: string + required: + - name + - type + - hosts + - additionalProperties: false + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: false + type: object + properties: + ssl: + additionalProperties: false + type: object + properties: + key: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + - type: string + shipper: + additionalProperties: false + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: false + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - logstash + type: string + required: + - name + - type + - hosts + - additionalProperties: false + type: object + properties: + allow_edit: + items: + type: string + type: array + auth_type: + enum: + - none + - user_pass + - ssl + - kerberos + type: string + broker_timeout: + type: number + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + client_id: + type: string + compression: + enum: + - gzip + - snappy + - lz4 + - none + type: string + compression_level: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: number + - not: {} + config_yaml: + nullable: true + type: string + connection_type: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - enum: + - plaintext + - encryption + type: string + - not: {} + hash: + additionalProperties: false + type: object + properties: + hash: + type: string + random: + type: boolean + headers: + items: + additionalProperties: false + type: object + properties: + key: + type: string + value: + type: string + required: + - key + - value + type: array + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + key: + type: string + name: + type: string + partition: + enum: + - random + - round_robin + - hash + type: string + password: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - not: {} + - anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + proxy_id: + nullable: true + type: string + random: + additionalProperties: false + type: object + properties: + group_events: + type: number + required_acks: + enum: + - 1 + - 0 + - -1 + type: integer + round_robin: + additionalProperties: false + type: object + properties: + group_events: + type: number + sasl: + additionalProperties: false + nullable: true + type: object + properties: + mechanism: + enum: + - PLAIN + - SCRAM-SHA-256 + - SCRAM-SHA-512 + type: string + secrets: + additionalProperties: false + type: object + properties: + password: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + - type: string + ssl: + additionalProperties: false + type: object + properties: + key: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + - type: string + required: + - key + shipper: + additionalProperties: false + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: false + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + timeout: + type: number + topic: + type: string + topics: + items: + additionalProperties: false + type: object + properties: + topic: + type: string + when: + additionalProperties: false + type: object + properties: + condition: + type: string + type: + enum: + - equals + - contains + - regexp + type: string + required: + - topic + minItems: 1 + type: array + type: + enum: + - kafka + type: string + username: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + version: + type: string + required: + - name + - type + - hosts + - compression_level + - auth_type + - connection_type + - username + - password responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - data: - type: object - properties: - persistFavorite: - $ref: >- - #/components/schemas/Security_Timeline_API_FavoriteTimelineResponse - required: - - persistFavorite - required: - - data - description: Indicates the favorite status was successfully updated. - '403': - content: - application:json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - body: - type: string - statusCode: - type: number - description: >- - Indicates the user does not have the required permissions to persist - the favorite status. - summary: Favorite a Timeline or Timeline template - tags: - - Security Timeline API - - access:securitySolution - /api/timeline/_import: - post: - description: Import Timelines. - operationId: ImportTimelines - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - file: {} - isImmutable: - enum: - - 'true' - - 'false' - type: string - required: - - file - description: The Timelines to import as a readable stream. - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Timeline_API_ImportTimelineResult - description: Indicates the import of Timelines was successful. + item: + anyOf: + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - elasticsearch + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: true + type: object + properties: + service_token: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + service_token: + nullable: true + type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - remote_elasticsearch + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: true + type: object + properties: + ssl: + additionalProperties: true + type: object + properties: + key: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - logstash + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + auth_type: + enum: + - none + - user_pass + - ssl + - kerberos + type: string + broker_timeout: + type: number + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + client_id: + type: string + compression: + enum: + - gzip + - snappy + - lz4 + - none + type: string + compression_level: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: number + - not: {} + config_yaml: + nullable: true + type: string + connection_type: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - enum: + - plaintext + - encryption + type: string + - not: {} + hash: + additionalProperties: true + type: object + properties: + hash: + type: string + random: + type: boolean + headers: + items: + additionalProperties: true + type: object + properties: + key: + type: string + value: + type: string + required: + - key + - value + type: array + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + key: + type: string + name: + type: string + partition: + enum: + - random + - round_robin + - hash + type: string + password: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - not: {} + - anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + proxy_id: + nullable: true + type: string + random: + additionalProperties: true + type: object + properties: + group_events: + type: number + required_acks: + enum: + - 1 + - 0 + - -1 + type: integer + round_robin: + additionalProperties: true + type: object + properties: + group_events: + type: number + sasl: + additionalProperties: true + nullable: true + type: object + properties: + mechanism: + enum: + - PLAIN + - SCRAM-SHA-256 + - SCRAM-SHA-512 + type: string + secrets: + additionalProperties: true + type: object + properties: + password: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + ssl: + additionalProperties: true + type: object + properties: + key: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + required: + - key + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + timeout: + type: number + topic: + type: string + topics: + items: + additionalProperties: true + type: object + properties: + topic: + type: string + when: + additionalProperties: true + type: object + properties: + condition: + type: string + type: + enum: + - equals + - contains + - regexp + type: string + required: + - topic + minItems: 1 + type: array + type: + enum: + - kafka + type: string + username: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + version: + type: string + required: + - name + - type + - hosts + - compression_level + - auth_type + - connection_type + - username + - password + required: + - item '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - body: + error: type: string - id: + message: type: string statusCode: type: number - description: >- - Indicates the import of Timelines was unsuccessful because of an - invalid file extension. - '404': + required: + - message + summary: '' + tags: + - Fleet outputs + /api/fleet/outputs/{outputId}: + delete: + description: Delete output by ID + operationId: '%2Fapi%2Ffleet%2Foutputs%2F%7BoutputId%7D#2' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: outputId + required: true + schema: + type: string + responses: + '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: id: type: string - statusCode: - type: number - description: >- - Indicates that we were unable to locate the saved object client - necessary to handle the import. - '409': + required: + - id + '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - body: + error: type: string - id: + message: type: string statusCode: type: number - description: Indicates the import of Timelines was unsuccessful. - summary: Import Timelines - tags: - - Security Timeline API - - access:securitySolution - /api/timeline/_prepackaged: - post: - description: Install or update prepackaged Timelines. - operationId: InstallPrepackedTimelines - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - prepackagedTimelines: - items: - $ref: >- - #/components/schemas/Security_Timeline_API_TimelineSavedToReturnObject - nullable: true - type: array - timelinesToInstall: - items: - $ref: '#/components/schemas/Security_Timeline_API_ImportTimelines' - nullable: true - type: array - timelinesToUpdate: - items: - $ref: '#/components/schemas/Security_Timeline_API_ImportTimelines' - nullable: true - type: array - required: - - timelinesToInstall - - timelinesToUpdate - - prepackagedTimelines - description: The Timelines to install or update. - required: true - responses: - '200': + required: + - message + '404': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: >- - #/components/schemas/Security_Timeline_API_ImportTimelineResult - description: Indicates the installation of prepackaged Timelines was successful. - '500': - content: - application:json; Elastic-Api-Version=2023-10-31: - schema: + additionalProperties: false + description: Generic Error type: object properties: - body: + error: + type: string + message: type: string statusCode: type: number - description: >- - Indicates the installation of prepackaged Timelines was - unsuccessful. - summary: Install prepackaged Timelines + required: + - message + summary: '' tags: - - Security Timeline API - - access:securitySolution - /api/timeline/resolve: + - Fleet outputs get: - operationId: ResolveTimeline + description: Get output by ID + operationId: '%2Fapi%2Ffleet%2Foutputs%2F%7BoutputId%7D#0' parameters: - - description: The ID of the template timeline to resolve - in: query - name: template_timeline_id + - description: The version of the API to use + in: header + name: elastic-api-version schema: + default: '2023-10-31' + enum: + - '2023-10-31' type: string - - description: The ID of the timeline to resolve - in: query - name: id + - in: path + name: outputId + required: true schema: type: string responses: @@ -17108,4985 +25892,13757 @@ paths: content: application/json; Elastic-Api-Version=2023-10-31: schema: - oneOf: - - type: object - properties: - data: - $ref: >- - #/components/schemas/Security_Timeline_API_ResolvedTimeline - required: - - data - - additionalProperties: false - type: object - description: The (template) Timeline has been found - '400': - description: The request is missing parameters - '404': - description: The (template) Timeline was not found - summary: Get an existing saved Timeline or Timeline template - tags: - - Security Timeline API - - access:securitySolution - /api/timelines: - get: - description: Get a list of all saved Timelines or Timeline templates. - operationId: GetTimelines - parameters: - - description: >- - If true, only timelines that are marked as favorites by the user are - returned. - in: query - name: only_user_favorite - schema: - enum: - - 'true' - - 'false' - nullable: true - type: string - - in: query - name: timeline_type - schema: - $ref: '#/components/schemas/Security_Timeline_API_TimelineType' - nullable: true - - in: query - name: sort_field - schema: - $ref: '#/components/schemas/Security_Timeline_API_SortFieldTimeline' - - in: query - name: sort_order - schema: - enum: - - asc - - desc - type: string - - in: query - name: page_size - schema: - nullable: true - type: string - - in: query - name: page_index - schema: - nullable: true - type: string - - in: query - name: search - schema: - nullable: true - type: string - - in: query - name: status - schema: - $ref: '#/components/schemas/Security_Timeline_API_TimelineStatus' - nullable: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: + additionalProperties: false type: object properties: - customTemplateTimelineCount: - type: number - defaultTimelineCount: - type: number - elasticTemplateTimelineCount: - type: number - favoriteCount: - type: number - templateTimelineCount: - type: number - timeline: - items: - $ref: >- - #/components/schemas/Security_Timeline_API_TimelineResponse - type: array - totalCount: - type: number + item: + anyOf: + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - elasticsearch + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: true + type: object + properties: + service_token: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + service_token: + nullable: true + type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - remote_elasticsearch + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: true + type: object + properties: + ssl: + additionalProperties: true + type: object + properties: + key: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - logstash + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + auth_type: + enum: + - none + - user_pass + - ssl + - kerberos + type: string + broker_timeout: + type: number + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + client_id: + type: string + compression: + enum: + - gzip + - snappy + - lz4 + - none + type: string + compression_level: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: number + - not: {} + config_yaml: + nullable: true + type: string + connection_type: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - enum: + - plaintext + - encryption + type: string + - not: {} + hash: + additionalProperties: true + type: object + properties: + hash: + type: string + random: + type: boolean + headers: + items: + additionalProperties: true + type: object + properties: + key: + type: string + value: + type: string + required: + - key + - value + type: array + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + key: + type: string + name: + type: string + partition: + enum: + - random + - round_robin + - hash + type: string + password: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - not: {} + - anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + proxy_id: + nullable: true + type: string + random: + additionalProperties: true + type: object + properties: + group_events: + type: number + required_acks: + enum: + - 1 + - 0 + - -1 + type: integer + round_robin: + additionalProperties: true + type: object + properties: + group_events: + type: number + sasl: + additionalProperties: true + nullable: true + type: object + properties: + mechanism: + enum: + - PLAIN + - SCRAM-SHA-256 + - SCRAM-SHA-512 + type: string + secrets: + additionalProperties: true + type: object + properties: + password: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + ssl: + additionalProperties: true + type: object + properties: + key: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + required: + - key + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + timeout: + type: number + topic: + type: string + topics: + items: + additionalProperties: true + type: object + properties: + topic: + type: string + when: + additionalProperties: true + type: object + properties: + condition: + type: string + type: + enum: + - equals + - contains + - regexp + type: string + required: + - topic + minItems: 1 + type: array + type: + enum: + - kafka + type: string + username: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + version: + type: string + required: + - name + - type + - hosts + - compression_level + - auth_type + - connection_type + - username + - password required: - - timeline - - totalCount - description: Indicates that the (template) Timelines were found and returned. + - item '400': content: - application:json; Elastic-Api-Version=2023-10-31: + application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - body: + error: + type: string + message: type: string statusCode: type: number - description: Bad request. The user supplied invalid data. - summary: Get Timelines or Timeline templates + required: + - message + summary: '' tags: - - Security Timeline API - - access:securitySolution - /s/{spaceId}/api/observability/slos: - get: - description: > - You must have the `read` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: findSlosOp + - Fleet outputs + put: + description: Update output by ID + operationId: '%2Fapi%2Ffleet%2Foutputs%2F%7BoutputId%7D#1' parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - description: A valid kql query to filter the SLO with - example: 'slo.name:latency* and slo.tags : "prod"' - in: query - name: kqlQuery - schema: - type: string - - description: The page to use for pagination, must be greater or equal than 1 - example: 1 - in: query - name: page - schema: - default: 1 - type: integer - - description: Number of SLOs returned by page - example: 25 - in: query - name: perPage - schema: - default: 25 - maximum: 5000 - type: integer - - description: Sort by field - example: status - in: query - name: sortBy + - description: The version of the API to use + in: header + name: elastic-api-version schema: - default: status + default: '2023-10-31' enum: - - sli_value - - status - - error_budget_consumed - - error_budget_remaining + - '2023-10-31' type: string - - description: Sort order - example: asc - in: query - name: sortDirection + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true schema: - default: asc - enum: - - asc - - desc + example: 'true' type: string - - description: >- - Hide stale SLOs from the list as defined by stale SLO threshold in - SLO settings - in: query - name: hideStale + - in: path + name: outputId + required: true schema: - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_find_slo_response' - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_404_response' - description: Not found response - summary: Get a paginated list of SLOs - tags: - - slo - post: - description: > - You must have `all` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: createSloOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_create_slo_request' - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_create_slo_response' - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '409': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_409_response' - description: Conflict - The SLO id already exists - servers: - - url: https://localhost:5601 - summary: Create an SLO - tags: - - slo - /s/{spaceId}/api/observability/slos/_delete_instances: - post: - description: > - The deletion occurs for the specified list of `sloId` and `instanceId`. - You must have `all` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: deleteSloInstancesOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_delete_slo_instances_request' - required: true - responses: - '204': - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - servers: - - url: https://localhost:5601 - summary: Batch delete rollup and summary data - tags: - - slo - /s/{spaceId}/api/observability/slos/{sloId}: - delete: - description: > - You must have the `write` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: deleteSloOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - $ref: '#/components/parameters/SLOs_slo_id' - responses: - '204': - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_404_response' - description: Not found response - summary: Delete an SLO - tags: - - slo - get: - description: > - You must have the `read` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: getSloOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - $ref: '#/components/parameters/SLOs_slo_id' - - description: the specific instanceId used by the summary calculation - example: host-abcde - in: query - name: instanceId - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_slo_with_summary_response' - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_404_response' - description: Not found response - summary: Get an SLO - tags: - - slo - put: - description: > - You must have the `write` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: updateSloOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - $ref: '#/components/parameters/SLOs_slo_id' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_update_slo_request' - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_slo_definition_response' - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_404_response' - description: Not found response - summary: Update an SLO - tags: - - slo - /s/{spaceId}/api/observability/slos/{sloId}/_reset: - post: - description: > - You must have the `write` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: resetSloOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - $ref: '#/components/parameters/SLOs_slo_id' - responses: - '204': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_slo_definition_response' - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_404_response' - description: Not found response - summary: Reset an SLO - tags: - - slo - /s/{spaceId}/api/observability/slos/{sloId}/disable: - post: - description: > - You must have the `write` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: disableSloOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - $ref: '#/components/parameters/SLOs_slo_id' + anyOf: + - additionalProperties: false + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + type: boolean + is_default_monitoring: + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + shipper: + additionalProperties: false + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: false + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - elasticsearch + type: string + - additionalProperties: false + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + type: boolean + is_default_monitoring: + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: false + type: object + properties: + service_token: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + - type: string + service_token: + nullable: true + type: string + shipper: + additionalProperties: false + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: false + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - remote_elasticsearch + type: string + - additionalProperties: false + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + type: boolean + is_default_monitoring: + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: false + type: object + properties: + ssl: + additionalProperties: false + type: object + properties: + key: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + - type: string + shipper: + additionalProperties: false + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: false + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - logstash + type: string + - additionalProperties: false + type: object + properties: + allow_edit: + items: + type: string + type: array + auth_type: + enum: + - none + - user_pass + - ssl + - kerberos + type: string + broker_timeout: + type: number + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + client_id: + type: string + compression: + enum: + - gzip + - snappy + - lz4 + - none + type: string + compression_level: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: number + - not: {} + config_yaml: + nullable: true + type: string + connection_type: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - enum: + - plaintext + - encryption + type: string + - not: {} + hash: + additionalProperties: false + type: object + properties: + hash: + type: string + random: + type: boolean + headers: + items: + additionalProperties: false + type: object + properties: + key: + type: string + value: + type: string + required: + - key + - value + type: array + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + key: + type: string + name: + type: string + partition: + enum: + - random + - round_robin + - hash + type: string + password: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - not: {} + - anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + proxy_id: + nullable: true + type: string + random: + additionalProperties: false + type: object + properties: + group_events: + type: number + required_acks: + enum: + - 1 + - 0 + - -1 + type: integer + round_robin: + additionalProperties: false + type: object + properties: + group_events: + type: number + sasl: + additionalProperties: false + nullable: true + type: object + properties: + mechanism: + enum: + - PLAIN + - SCRAM-SHA-256 + - SCRAM-SHA-512 + type: string + secrets: + additionalProperties: false + type: object + properties: + password: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + - type: string + ssl: + additionalProperties: false + type: object + properties: + key: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + - type: string + required: + - key + shipper: + additionalProperties: false + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: false + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + timeout: + type: number + topic: + type: string + topics: + items: + additionalProperties: false + type: object + properties: + topic: + type: string + when: + additionalProperties: false + type: object + properties: + condition: + type: string + type: + enum: + - equals + - contains + - regexp + type: string + required: + - topic + minItems: 1 + type: array + type: + enum: + - kafka + type: string + username: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + version: + type: string + required: + - name + - compression_level + - connection_type + - username + - password responses: '200': - description: Successful request - '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '404': + additionalProperties: false + type: object + properties: + item: + anyOf: + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - elasticsearch + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: true + type: object + properties: + service_token: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + service_token: + nullable: true + type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - remote_elasticsearch + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: true + type: object + properties: + ssl: + additionalProperties: true + type: object + properties: + key: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - logstash + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + auth_type: + enum: + - none + - user_pass + - ssl + - kerberos + type: string + broker_timeout: + type: number + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + client_id: + type: string + compression: + enum: + - gzip + - snappy + - lz4 + - none + type: string + compression_level: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: number + - not: {} + config_yaml: + nullable: true + type: string + connection_type: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - enum: + - plaintext + - encryption + type: string + - not: {} + hash: + additionalProperties: true + type: object + properties: + hash: + type: string + random: + type: boolean + headers: + items: + additionalProperties: true + type: object + properties: + key: + type: string + value: + type: string + required: + - key + - value + type: array + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + key: + type: string + name: + type: string + partition: + enum: + - random + - round_robin + - hash + type: string + password: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - not: {} + - anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + proxy_id: + nullable: true + type: string + random: + additionalProperties: true + type: object + properties: + group_events: + type: number + required_acks: + enum: + - 1 + - 0 + - -1 + type: integer + round_robin: + additionalProperties: true + type: object + properties: + group_events: + type: number + sasl: + additionalProperties: true + nullable: true + type: object + properties: + mechanism: + enum: + - PLAIN + - SCRAM-SHA-256 + - SCRAM-SHA-512 + type: string + secrets: + additionalProperties: true + type: object + properties: + password: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + ssl: + additionalProperties: true + type: object + properties: + key: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + required: + - key + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + timeout: + type: number + topic: + type: string + topics: + items: + additionalProperties: true + type: object + properties: + topic: + type: string + when: + additionalProperties: true + type: object + properties: + condition: + type: string + type: + enum: + - equals + - contains + - regexp + type: string + required: + - topic + minItems: 1 + type: array + type: + enum: + - kafka + type: string + username: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + version: + type: string + required: + - name + - type + - hosts + - compression_level + - auth_type + - connection_type + - username + - password + required: + - item + '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_404_response' - description: Not found response - summary: Disable an SLO + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - slo - /s/{spaceId}/api/observability/slos/{sloId}/enable: - post: - description: > - You must have the `write` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: enableSloOp + - Fleet outputs + /api/fleet/outputs/{outputId}/health: + get: + description: Get latest output health + operationId: '%2Fapi%2Ffleet%2Foutputs%2F%7BoutputId%7D%2Fhealth#0' parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - $ref: '#/components/parameters/SLOs_slo_id' + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: outputId + required: true + schema: + type: string responses: - '204': - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': + '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': + additionalProperties: false + type: object + properties: + message: + description: long message if unhealthy + type: string + state: + description: state of output, HEALTHY or DEGRADED + type: string + timestamp: + description: timestamp of reported state + type: string + required: + - state + - message + - timestamp + '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '404': + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet outputs + /api/fleet/package_policies: + get: + description: List package policies + operationId: '%2Fapi%2Ffleet%2Fpackage_policies#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: page + required: false + schema: + type: number + - in: query + name: perPage + required: false + schema: + type: number + - in: query + name: sortField + required: false + schema: + type: string + - in: query + name: sortOrder + required: false + schema: + enum: + - desc + - asc + type: string + - in: query + name: showUpgradeable + required: false + schema: + type: boolean + - in: query + name: kuery + required: false + schema: + type: string + - in: query + name: format + required: false + schema: + enum: + - simplified + - legacy + type: string + - in: query + name: withAgentCount + required: false + schema: + type: boolean + responses: + '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_404_response' - description: Not found response - summary: Enable an SLO - tags: - - slo -components: - examples: - Data_views_create_data_view_request: - summary: Create a data view with runtime fields. - value: - data_view: - name: My Logstash data view - runtimeFieldMap: - runtime_shape_name: - script: - source: emit(doc['shape_name'].value) - type: keyword - title: logstash-* - Data_views_create_runtime_field_request: - summary: Create a runtime field. - value: - name: runtimeFoo - runtimeField: - script: - source: emit(doc["foo"].value) - type: long - Data_views_get_data_view_response: - summary: >- - The get data view API returns a JSON object that contains information - about the data view. - value: - data_view: - allowNoIndex: false - fieldAttrs: - products.manufacturer: - count: 1 - products.price: - count: 1 - products.product_name: - count: 1 - total_quantity: - count: 1 - fieldFormats: - products.base_price: - id: number - params: - pattern: $0,0.00 - products.base_unit_price: - id: number - params: - pattern: $0,0.00 - products.min_price: - id: number - params: - pattern: $0,0.00 - products.price: - id: number - params: - pattern: $0,0.00 - products.taxful_price: - id: number - params: - pattern: $0,0.00 - products.taxless_price: - id: number - params: - pattern: $0,0.00 - taxful_total_price: - id: number - params: - pattern: $0,0.[00] - taxless_total_price: - id: number - params: - pattern: $0,0.00 - fields: - _id: - aggregatable: false - count: 0 - esTypes: - - _id - format: - id: string - isMapped: true - name: _id - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - _index: - aggregatable: true - count: 0 - esTypes: - - _index - format: - id: string - isMapped: true - name: _index - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - _score: - aggregatable: false - count: 0 - format: - id: number - isMapped: true - name: _score - readFromDocValues: false - scripted: false - searchable: false - shortDotsEnable: false - type: number - _source: - aggregatable: false - count: 0 - esTypes: - - _source - format: - id: _source - isMapped: true - name: _source - readFromDocValues: false - scripted: false - searchable: false - shortDotsEnable: false - type: _source - category: - aggregatable: false - count: 0 - esTypes: - - text - format: - id: string - isMapped: true - name: category - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - category.keyword: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: category.keyword - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - subType: - multi: - parent: category - type: string - currency: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: currency - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - customer_birth_date: - aggregatable: true - count: 0 - esTypes: - - date - format: - id: date - isMapped: true - name: customer_birth_date - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: date - customer_first_name: - aggregatable: false - count: 0 - esTypes: - - text - format: - id: string - isMapped: true - name: customer_first_name - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - customer_first_name.keyword: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: customer_first_name.keyword - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - subType: - multi: - parent: customer_first_name - type: string - customer_full_name: - aggregatable: false - count: 0 - esTypes: - - text - format: - id: string - isMapped: true - name: customer_full_name - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - customer_full_name.keyword: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: customer_full_name.keyword - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - subType: - multi: - parent: customer_full_name - type: string - customer_gender: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: customer_gender - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - customer_id: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: customer_id - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - customer_last_name: - aggregatable: false - count: 0 - esTypes: - - text - format: - id: string - isMapped: true - name: customer_last_name - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - customer_last_name.keyword: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: customer_last_name.keyword - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - subType: - multi: - parent: customer_last_name - type: string - customer_phone: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: customer_phone - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - day_of_week: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: day_of_week - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - day_of_week_i: - aggregatable: true - count: 0 - esTypes: - - integer - format: - id: number - isMapped: true - name: day_of_week_i - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - email: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: email - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - event.dataset: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: event.dataset - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - geoip.city_name: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: geoip.city_name - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - geoip.continent_name: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: geoip.continent_name - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - geoip.country_iso_code: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: geoip.country_iso_code - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - geoip.location: - aggregatable: true - count: 0 - esTypes: - - geo_point - format: - id: geo_point - params: - transform: wkt - isMapped: true - name: geoip.location - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: geo_point - geoip.region_name: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: geoip.region_name - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - manufacturer: - aggregatable: false - count: 0 - esTypes: - - text - format: - id: string - isMapped: true - name: manufacturer - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - manufacturer.keyword: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: manufacturer.keyword - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - subType: - multi: - parent: manufacturer - type: string - order_date: - aggregatable: true - count: 0 - esTypes: - - date - format: - id: date - isMapped: true - name: order_date - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: date - order_id: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: order_id - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - products._id: - aggregatable: false - count: 0 - esTypes: - - text - format: - id: string - isMapped: true - name: products._id - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - products._id.keyword: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: products._id.keyword - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - subType: - multi: - parent: products._id - type: string - products.base_price: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - params: - pattern: $0,0.00 - isMapped: true - name: products.base_price - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.base_unit_price: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - params: - pattern: $0,0.00 - isMapped: true - name: products.base_unit_price - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.category: - aggregatable: false - count: 0 - esTypes: - - text - format: - id: string - isMapped: true - name: products.category - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - products.category.keyword: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: products.category.keyword - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - subType: - multi: - parent: products.category - type: string - products.created_on: - aggregatable: true - count: 0 - esTypes: - - date - format: - id: date - isMapped: true - name: products.created_on - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: date - products.discount_amount: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - isMapped: true - name: products.discount_amount - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.discount_percentage: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - isMapped: true - name: products.discount_percentage - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.manufacturer: - aggregatable: false - count: 1 - esTypes: - - text - format: - id: string - isMapped: true - name: products.manufacturer - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - products.manufacturer.keyword: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: products.manufacturer.keyword - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - subType: - multi: - parent: products.manufacturer - type: string - products.min_price: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - params: - pattern: $0,0.00 - isMapped: true - name: products.min_price - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.price: - aggregatable: true - count: 1 - esTypes: - - half_float - format: - id: number - params: - pattern: $0,0.00 - isMapped: true - name: products.price - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.product_id: - aggregatable: true - count: 0 - esTypes: - - long - format: - id: number - isMapped: true - name: products.product_id - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.product_name: - aggregatable: false - count: 1 - esTypes: - - text - format: - id: string - isMapped: true - name: products.product_name - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - products.product_name.keyword: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: products.product_name.keyword - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - subType: - multi: - parent: products.product_name - type: string - products.quantity: - aggregatable: true - count: 0 - esTypes: - - integer - format: - id: number - isMapped: true - name: products.quantity - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.sku: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: products.sku - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - products.tax_amount: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - isMapped: true - name: products.tax_amount - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.taxful_price: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - params: - pattern: $0,0.00 - isMapped: true - name: products.taxful_price - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.taxless_price: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - params: - pattern: $0,0.00 - isMapped: true - name: products.taxless_price - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.unit_discount_amount: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - isMapped: true - name: products.unit_discount_amount - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - sku: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: sku - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - taxful_total_price: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - params: - pattern: $0,0.[00] - isMapped: true - name: taxful_total_price - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - taxless_total_price: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - params: - pattern: $0,0.00 - isMapped: true - name: taxless_total_price - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - total_quantity: - aggregatable: true - count: 1 - esTypes: - - integer - format: - id: number - isMapped: true - name: total_quantity - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - total_unique_products: - aggregatable: true - count: 0 - esTypes: - - integer - format: - id: number - isMapped: true - name: total_unique_products - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - type: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: type - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - user: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: user - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - id: ff959d40-b880-11e8-a6d9-e546fe2bba5f - name: Kibana Sample Data eCommerce - namespaces: - - default - runtimeFieldMap: {} - sourceFilters: [] - timeFieldName: order_date - title: kibana_sample_data_ecommerce - typeMeta: {} - version: WzUsMV0= - Data_views_get_data_views_response: - summary: The get all data views API returns a list of data views. - value: - data_view: - - id: ff959d40-b880-11e8-a6d9-e546fe2bba5f - name: Kibana Sample Data eCommerce - namespaces: - - default - title: kibana_sample_data_ecommerce - typeMeta: {} - - id: d3d7af60-4c81-11e8-b3d7-01146121b73d - name: Kibana Sample Data Flights - namespaces: - - default - title: kibana_sample_data_flights - - id: 90943e30-9a47-11e8-b64d-95841ca0b247 - name: Kibana Sample Data Logs - namespaces: - - default - title: kibana_sample_data_logs - Data_views_get_default_data_view_response: - summary: The get default data view API returns the default data view identifier. - value: - data_view_id: ff959d40-b880-11e8-a6d9-e546fe2bba5f - Data_views_get_runtime_field_response: - summary: >- - The get runtime field API returns a JSON object that contains - information about the runtime field (`hour_of_day`) and the data view - (`d3d7af60-4c81-11e8-b3d7-01146121b73d`). - value: - data_view: - allowNoIndex: false - fieldAttrs: {} - fieldFormats: - AvgTicketPrice: - id: number - params: - pattern: $0,0.[00] - hour_of_day: - id: number - params: - pattern: '00' - fields: - _id: - aggregatable: false - count: 0 - esTypes: - - _id - format: - id: string - isMapped: true - name: _id - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - _index: - aggregatable: true - count: 0 - esTypes: - - _index - format: - id: string - isMapped: true - name: _index - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - _score: - aggregatable: false - count: 0 - format: - id: number - isMapped: true - name: _score - readFromDocValues: false - scripted: false - searchable: false - shortDotsEnable: false - type: number - _source: - aggregatable: false - count: 0 - esTypes: - - _source - format: - id: _source - isMapped: true - name: _source - readFromDocValues: false - scripted: false - searchable: false - shortDotsEnable: false - type: _source - AvgTicketPrice: - aggregatable: true - count: 0 - esTypes: - - float - format: - id: number - params: - pattern: $0,0.[00] - isMapped: true - name: AvgTicketPrice - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - Cancelled: - aggregatable: true - count: 0 - esTypes: - - boolean - format: - id: boolean - isMapped: true - name: Cancelled - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: boolean - Carrier: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: Carrier - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - dayOfWeek: - aggregatable: true - count: 0 - esTypes: - - integer - format: - id: number - isMapped: true - name: dayOfWeek - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - Dest: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: Dest - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - DestAirportID: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: DestAirportID - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - DestCityName: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: DestCityName - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - DestCountry: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: DestCountry - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - DestLocation: - aggregatable: true - count: 0 - esTypes: - - geo_point - format: - id: geo_point - params: - transform: wkt - isMapped: true - name: DestLocation - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: geo_point - DestRegion: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: DestRegion - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - DestWeather: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: DestWeather - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - DistanceKilometers: - aggregatable: true - count: 0 - esTypes: - - float - format: - id: number - isMapped: true - name: DistanceKilometers - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - DistanceMiles: - aggregatable: true - count: 0 - esTypes: - - float - format: - id: number - isMapped: true - name: DistanceMiles - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - FlightDelay: - aggregatable: true - count: 0 - esTypes: - - boolean - format: - id: boolean - isMapped: true - name: FlightDelay - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: boolean - FlightDelayMin: - aggregatable: true - count: 0 - esTypes: - - integer - format: - id: number - isMapped: true - name: FlightDelayMin - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - FlightDelayType: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: FlightDelayType - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - FlightNum: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: FlightNum - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - FlightTimeHour: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: FlightTimeHour - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - FlightTimeMin: - aggregatable: true - count: 0 - esTypes: - - float - format: - id: number - isMapped: true - name: FlightTimeMin - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - hour_of_day: - aggregatable: true - count: 0 - esTypes: - - long - format: - id: number - params: - pattern: '00' - name: hour_of_day - readFromDocValues: false - runtimeField: - script: - source: emit(doc['timestamp'].value.getHour()); - type: long - scripted: false - searchable: true - shortDotsEnable: false - type: number - Origin: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: Origin - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - OriginAirportID: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: OriginAirportID - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - OriginCityName: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: OriginCityName - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - OriginCountry: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: OriginCountry - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - OriginLocation: - aggregatable: true - count: 0 - esTypes: - - geo_point - format: - id: geo_point - params: - transform: wkt - isMapped: true - name: OriginLocation - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: geo_point - OriginRegion: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: OriginRegion - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + agents: + type: number + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + anyOf: + - items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + - additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that input, (default to + true) + type: boolean + streams: + additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that stream, (default + to true) + type: boolean + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see + integration documentation for more + information) + type: object + description: >- + Input streams (see integration + documentation to know what streams are + available) + type: object + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see + integration documentation for more + information) + type: object + description: >- + Package policy inputs (see integration + documentation to know what inputs are available) + type: object + x-oas-optional: true + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to inherit + the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the package + policy. The override option should be used only in + unusual circumstances and not as a routine + procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy will be + added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy will be + added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + spaceIds: + items: + type: string + type: array + updated_at: + type: string + updated_by: + type: string + vars: + anyOf: + - additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration documentation + for more information) + type: object + - additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + x-oas-optional: true + version: + type: string + required: + - name + - enabled + - inputs + - id + - revision + - updated_at + - updated_by + - created_at + - created_by + type: array + page: + type: number + perPage: + type: number + total: + type: number + required: + - items + - total + - page + - perPage + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet package policies + post: + description: Create package policy + operationId: '%2Fapi%2Ffleet%2Fpackage_policies#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: query + name: format + required: false + schema: + enum: + - simplified + - legacy + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + anyOf: + - additionalProperties: false + type: object + properties: + description: + description: Package policy description + type: string + enabled: + type: boolean + force: + description: >- + Force package policy creation even if package is not + verified, or if the agent policy is managed. + type: boolean + id: + description: Package policy unique identifier + type: string + inputs: + items: + additionalProperties: false + type: object + properties: + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration documentation + for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration documentation + for more information) + type: object + required: + - type + - enabled + type: array + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to inherit the + agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the package + policy. The override option should be used only in + unusual circumstances and not as a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: Agent policy ID where that package policy will be added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy will be + added + type: string + type: array + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration documentation for more + information) + type: object + required: + - name + - inputs + - additionalProperties: false + type: object + properties: + description: + type: string + force: + type: boolean + id: + type: string + inputs: + additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: enable or disable that input, (default to true) + type: boolean + streams: + additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that stream, (default to + true) + type: boolean + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + description: >- + Input streams (see integration documentation to + know what streams are available) + type: object + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + description: >- + Package policy inputs (see integration documentation to + know what inputs are available) + type: object + name: + type: string + namespace: + type: string + output_id: + nullable: true + type: string + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + nullable: true + type: string + policy_ids: + items: + type: string + type: array + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + required: + - name + - package + description: >- + You should use inputs as an object and not use the deprecated + inputs array. + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + agents: + type: number + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + anyOf: + - items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + - additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that input, (default to + true) + type: boolean + streams: + additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that stream, (default + to true) + type: boolean + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see + integration documentation for more + information) + type: object + description: >- + Input streams (see integration documentation + to know what streams are available) + type: object + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + description: >- + Package policy inputs (see integration + documentation to know what inputs are available) + type: object + x-oas-optional: true + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to inherit + the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the package + policy. The override option should be used only in + unusual circumstances and not as a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy will be + added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy will be + added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + spaceIds: + items: + type: string + type: array + updated_at: + type: string + updated_by: + type: string + vars: + anyOf: + - additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration documentation + for more information) + type: object + - additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + x-oas-optional: true + version: + type: string + required: + - name + - enabled + - inputs + - id + - revision + - updated_at + - updated_by + - created_at + - created_by + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet package policies + /api/fleet/package_policies/_bulk_get: + post: + description: Bulk get package policies + operationId: '%2Fapi%2Ffleet%2Fpackage_policies%2F_bulk_get#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: query + name: format + required: false + schema: + enum: + - simplified + - legacy + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + ids: + description: list of package policy ids + items: + type: string + type: array + ignoreMissing: + type: boolean + required: + - ids + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + agents: + type: number + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + anyOf: + - items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + - additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that input, (default to + true) + type: boolean + streams: + additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that stream, (default + to true) + type: boolean + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see + integration documentation for more + information) + type: object + description: >- + Input streams (see integration + documentation to know what streams are + available) + type: object + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see + integration documentation for more + information) + type: object + description: >- + Package policy inputs (see integration + documentation to know what inputs are available) + type: object + x-oas-optional: true + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to inherit + the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the package + policy. The override option should be used only in + unusual circumstances and not as a routine + procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy will be + added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy will be + added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + spaceIds: + items: + type: string + type: array + updated_at: + type: string + updated_by: + type: string + vars: + anyOf: + - additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration documentation + for more information) + type: object + - additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + x-oas-optional: true + version: + type: string + required: + - name + - enabled + - inputs + - id + - revision + - updated_at + - updated_by + - created_at + - created_by + type: array + required: + - items + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + message: + type: string + required: + - message + summary: '' + tags: + - Fleet package policies + /api/fleet/package_policies/{packagePolicyId}: + delete: + description: Delete package policy by ID + operationId: '%2Fapi%2Ffleet%2Fpackage_policies%2F%7BpackagePolicyId%7D#2' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: packagePolicyId + required: true + schema: + type: string + - in: query + name: force + required: false + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet package policies + get: + description: Get package policy by ID + operationId: '%2Fapi%2Ffleet%2Fpackage_policies%2F%7BpackagePolicyId%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: packagePolicyId + required: true + schema: + type: string + - in: query + name: format + required: false + schema: + enum: + - simplified + - legacy + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + agents: + type: number + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + anyOf: + - items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + - additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that input, (default to + true) + type: boolean + streams: + additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that stream, (default + to true) + type: boolean + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see + integration documentation for more + information) + type: object + description: >- + Input streams (see integration documentation + to know what streams are available) + type: object + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + description: >- + Package policy inputs (see integration + documentation to know what inputs are available) + type: object + x-oas-optional: true + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to inherit + the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the package + policy. The override option should be used only in + unusual circumstances and not as a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy will be + added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy will be + added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + spaceIds: + items: + type: string + type: array + updated_at: + type: string + updated_by: + type: string + vars: + anyOf: + - additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration documentation + for more information) + type: object + - additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + x-oas-optional: true + version: + type: string + required: + - name + - enabled + - inputs + - id + - revision + - updated_at + - updated_by + - created_at + - created_by + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + message: + type: string + required: + - message + summary: '' + tags: + - Fleet package policies + put: + description: Update package policy by ID + operationId: '%2Fapi%2Ffleet%2Fpackage_policies%2F%7BpackagePolicyId%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: packagePolicyId + required: true + schema: + type: string + - in: query + name: format + required: false + schema: + enum: + - simplified + - legacy + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + anyOf: + - additionalProperties: false + type: object + properties: + description: + description: Package policy description + type: string + enabled: + type: boolean + force: + type: boolean + inputs: + items: + additionalProperties: false + type: object + properties: + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration documentation + for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration documentation + for more information) + type: object + required: + - type + - enabled + type: array + is_managed: + type: boolean + name: + type: string + namespace: + description: >- + The package policy namespace. Leave blank to inherit the + agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the package + policy. The override option should be used only in + unusual circumstances and not as a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: Agent policy ID where that package policy will be added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy will be + added + type: string + type: array + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration documentation for more + information) + type: object + version: + type: string + - additionalProperties: false + type: object + properties: + description: + type: string + force: + type: boolean + id: + type: string + inputs: + additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: enable or disable that input, (default to true) + type: boolean + streams: + additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that stream, (default to + true) + type: boolean + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + description: >- + Input streams (see integration documentation to + know what streams are available) + type: object + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + description: >- + Package policy inputs (see integration documentation to + know what inputs are available) + type: object + name: + type: string + namespace: + type: string + output_id: + nullable: true + type: string + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + nullable: true + type: string + policy_ids: + items: + type: string + type: array + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + required: + - name + - package + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + agents: + type: number + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + anyOf: + - items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + - additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that input, (default to + true) + type: boolean + streams: + additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that stream, (default + to true) + type: boolean + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see + integration documentation for more + information) + type: object + description: >- + Input streams (see integration documentation + to know what streams are available) + type: object + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + description: >- + Package policy inputs (see integration + documentation to know what inputs are available) + type: object + x-oas-optional: true + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to inherit + the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the package + policy. The override option should be used only in + unusual circumstances and not as a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy will be + added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy will be + added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + spaceIds: + items: + type: string + type: array + updated_at: + type: string + updated_by: + type: string + vars: + anyOf: + - additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration documentation + for more information) + type: object + - additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + x-oas-optional: true + version: + type: string + required: + - name + - enabled + - inputs + - id + - revision + - updated_at + - updated_by + - created_at + - created_by + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet package policies + /api/fleet/package_policies/delete: + post: + description: Bulk delete package policies + operationId: '%2Fapi%2Ffleet%2Fpackage_policies%2Fdelete#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + force: + type: boolean + packagePolicyIds: + items: + type: string + type: array + required: + - packagePolicyIds + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + additionalProperties: false + type: object + properties: + body: + additionalProperties: false + type: object + properties: + message: + type: string + required: + - message + id: + type: string + name: + type: string + output_id: + nullable: true + type: string + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: Use `policy_ids` instead + nullable: true + type: string + policy_ids: + items: + type: string + type: array + statusCode: + type: number + success: + type: boolean + required: + - id + - success + - policy_ids + - package + type: array + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet package policies + /api/fleet/package_policies/upgrade: + post: + description: Upgrade package policy to a newer package version + operationId: '%2Fapi%2Ffleet%2Fpackage_policies%2Fupgrade#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + packagePolicyIds: + items: + type: string + type: array + required: + - packagePolicyIds + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + additionalProperties: false + type: object + properties: + body: + additionalProperties: false + type: object + properties: + message: + type: string + required: + - message + id: + type: string + name: + type: string + statusCode: + type: number + success: + type: boolean + required: + - id + - success + type: array + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet package policies + /api/fleet/package_policies/upgrade/dryrun: + post: + description: Dry run package policy upgrade + operationId: '%2Fapi%2Ffleet%2Fpackage_policies%2Fupgrade%2Fdryrun#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + packagePolicyIds: + items: + type: string + type: array + packageVersion: + type: string + required: + - packagePolicyIds + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + additionalProperties: false + type: object + properties: + agent_diff: + items: + items: + additionalProperties: true + type: object + properties: + data_stream: + additionalProperties: true + type: object + properties: + namespace: + type: string + required: + - namespace + id: + type: string + meta: + additionalProperties: true + type: object + properties: + package: + additionalProperties: true + type: object + properties: + name: + type: string + version: + type: string + required: + - name + - version + required: + - package + name: + type: string + package_policy_id: + type: string + processors: + items: + additionalProperties: true + type: object + properties: + add_fields: + additionalProperties: true + type: object + properties: + fields: + additionalProperties: + anyOf: + - type: string + - type: number + type: object + target: + type: string + required: + - target + - fields + required: + - add_fields + type: array + revision: + type: number + streams: + items: + additionalProperties: true + type: object + properties: + data_stream: + additionalProperties: true + type: object + properties: + dataset: + type: string + type: + type: string + required: + - dataset + id: + type: string + required: + - id + - data_stream + type: array + type: + type: string + use_output: + type: string + required: + - id + - name + - revision + - type + - data_stream + - use_output + - package_policy_id + type: array + type: array + body: + additionalProperties: false + type: object + properties: + message: + type: string + required: + - message + diff: + items: + anyOf: + - additionalProperties: false + type: object + properties: + agents: + type: number + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + anyOf: + - items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + - additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that input, (default + to true) + type: boolean + streams: + additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that stream, (default + to true) + type: boolean + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see + integration documentation for more + information) + type: object + description: >- + Input streams (see integration + documentation to know what streams are + available) + type: object + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see + integration documentation for more + information) + type: object + description: >- + Package policy inputs (see integration + documentation to know what inputs are + available) + type: object + x-oas-optional: true + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to + inherit the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the + package policy. The override option should be + used only in unusual circumstances and not as + a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy will + be added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy + will be added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + spaceIds: + items: + type: string + type: array + updated_at: + type: string + updated_by: + type: string + vars: + anyOf: + - additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + - additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see + integration documentation for more + information) + type: object + x-oas-optional: true + version: + type: string + required: + - name + - enabled + - inputs + - revision + - updated_at + - updated_by + - created_at + - created_by + - additionalProperties: false + type: object + properties: + description: + description: Package policy description + type: string + enabled: + type: boolean + errors: + items: + additionalProperties: false + type: object + properties: + key: + type: string + message: + type: string + required: + - message + type: array + force: + type: boolean + id: + type: string + inputs: + items: + additionalProperties: false + type: object + properties: + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + type: array + is_managed: + type: boolean + missingVars: + items: + type: string + type: array + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to + inherit the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the + package policy. The override option should be + used only in unusual circumstances and not as + a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy will + be added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy + will be added + type: string + type: array + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - name + - enabled + - inputs + type: array + hasErrors: + type: boolean + name: + type: string + statusCode: + type: number + required: + - hasErrors + type: array + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet package policies + /api/fleet/proxies: + get: + description: List proxies + operationId: '%2Fapi%2Ffleet%2Fproxies#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + certificate: + nullable: true + type: string + certificate_authorities: + nullable: true + type: string + certificate_key: + nullable: true + type: string + id: + type: string + is_preconfigured: + default: false + type: boolean + name: + type: string + proxy_headers: + additionalProperties: + anyOf: + - type: string + - type: boolean + - type: number + nullable: true + type: object + url: + type: string + required: + - id + - url + - name + type: array + page: + type: number + perPage: + type: number + total: + type: number + required: + - items + - total + - page + - perPage + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet proxies + post: + description: Create proxy + operationId: '%2Fapi%2Ffleet%2Fproxies#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + certificate: + nullable: true + type: string + certificate_authorities: + nullable: true + type: string + certificate_key: + nullable: true + type: string + id: + type: string + is_preconfigured: + default: false + type: boolean + name: + type: string + proxy_headers: + additionalProperties: + anyOf: + - type: string + - type: boolean + - type: number + nullable: true + type: object + url: + type: string + required: + - url + - name + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + certificate: + nullable: true + type: string + certificate_authorities: + nullable: true + type: string + certificate_key: + nullable: true + type: string + id: + type: string + is_preconfigured: + default: false + type: boolean + name: + type: string + proxy_headers: + additionalProperties: + anyOf: + - type: string + - type: boolean + - type: number + nullable: true + type: object + url: + type: string + required: + - id + - url + - name + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet proxies + /api/fleet/proxies/{itemId}: + delete: + description: Delete proxy by ID + operationId: '%2Fapi%2Ffleet%2Fproxies%2F%7BitemId%7D#2' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: itemId + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet proxies + get: + description: Get proxy by ID + operationId: '%2Fapi%2Ffleet%2Fproxies%2F%7BitemId%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: itemId + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + certificate: + nullable: true + type: string + certificate_authorities: + nullable: true + type: string + certificate_key: + nullable: true + type: string + id: + type: string + is_preconfigured: + default: false + type: boolean + name: + type: string + proxy_headers: + additionalProperties: + anyOf: + - type: string + - type: boolean + - type: number + nullable: true + type: object + url: + type: string + required: + - id + - url + - name + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet proxies + put: + description: Update proxy by ID + operationId: '%2Fapi%2Ffleet%2Fproxies%2F%7BitemId%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: itemId + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + certificate: + nullable: true + type: string + certificate_authorities: + nullable: true + type: string + certificate_key: + nullable: true + type: string + name: + type: string + proxy_headers: + additionalProperties: + anyOf: + - type: string + - type: boolean + - type: number + nullable: true + type: object + url: + type: string + required: + - proxy_headers + - certificate_authorities + - certificate + - certificate_key + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + certificate: + nullable: true + type: string + certificate_authorities: + nullable: true + type: string + certificate_key: + nullable: true + type: string + id: + type: string + is_preconfigured: + default: false + type: boolean + name: + type: string + proxy_headers: + additionalProperties: + anyOf: + - type: string + - type: boolean + - type: number + nullable: true + type: object + url: + type: string + required: + - id + - url + - name + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet proxies + /api/fleet/service_tokens: + post: + description: Create a service token + operationId: '%2Fapi%2Ffleet%2Fservice_tokens#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + nullable: true + type: object + properties: + remote: + default: false + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + name: + type: string + value: + type: string + required: + - name + - value + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet service tokens + /api/fleet/service-tokens: + post: + deprecated: true + description: Create a service token + operationId: '%2Fapi%2Ffleet%2Fservice-tokens#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + responses: {} + summary: '' + tags: [] + /api/fleet/settings: + get: + description: Get settings + operationId: '%2Fapi%2Ffleet%2Fsettings#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + fleet_server_hosts: + items: + type: string + type: array + has_seen_add_data_notice: + type: boolean + id: + type: string + output_secret_storage_requirements_met: + type: boolean + preconfigured_fields: + items: + enum: + - fleet_server_hosts + type: string + type: array + prerelease_integrations_enabled: + type: boolean + secret_storage_requirements_met: + type: boolean + use_space_awareness_migration_started_at: + type: string + use_space_awareness_migration_status: + enum: + - pending + - success + - error + type: string + version: + type: string + required: + - prerelease_integrations_enabled + - id + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + message: + type: string + required: + - message + summary: '' + tags: + - Fleet internals + put: + description: Update settings + operationId: '%2Fapi%2Ffleet%2Fsettings#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + additional_yaml_config: + type: string + fleet_server_hosts: + items: + format: uri + type: string + type: array + has_seen_add_data_notice: + type: boolean + kibana_ca_sha256: + type: string + kibana_urls: + items: + format: uri + type: string + type: array + prerelease_integrations_enabled: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + fleet_server_hosts: + items: + type: string + type: array + has_seen_add_data_notice: + type: boolean + id: + type: string + output_secret_storage_requirements_met: + type: boolean + preconfigured_fields: + items: + enum: + - fleet_server_hosts + type: string + type: array + prerelease_integrations_enabled: + type: boolean + secret_storage_requirements_met: + type: boolean + use_space_awareness_migration_started_at: + type: string + use_space_awareness_migration_status: + enum: + - pending + - success + - error + type: string + version: + type: string + required: + - prerelease_integrations_enabled + - id + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + message: + type: string + required: + - message + summary: '' + tags: + - Fleet internals + /api/fleet/setup: + post: + description: Initiate Fleet setup + operationId: '%2Fapi%2Ffleet%2Fsetup#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: >- + A summary of the result of Fleet's `setup` lifecycle. If + `isInitialized` is true, Fleet is ready to accept agent + enrollment. `nonFatalErrors` may include useful insight into + non-blocking issues with Fleet setup. + type: object + properties: + isInitialized: + type: boolean + nonFatalErrors: + items: + additionalProperties: false + type: object + properties: + message: + type: string + name: + type: string + required: + - name + - message + type: array + required: + - isInitialized + - nonFatalErrors + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Internal Server Error + type: object + properties: + message: + type: string + required: + - message + summary: '' + tags: + - Fleet internals + /api/fleet/uninstall_tokens: + get: + description: List metadata for latest uninstall tokens per agent policy + operationId: '%2Fapi%2Ffleet%2Funinstall_tokens#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: Partial match filtering for policy IDs + in: query + name: policyId + required: false + schema: + maxLength: 50 + type: string + - in: query + name: search + required: false + schema: + maxLength: 50 + type: string + - description: The number of items to return + in: query + name: perPage + required: false + schema: + minimum: 5 + type: number + - in: query + name: page + required: false + schema: + minimum: 1 + type: number + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + created_at: + type: string + id: + type: string + namespaces: + items: + type: string + type: array + policy_id: + type: string + policy_name: + nullable: true + type: string + required: + - id + - policy_id + - created_at + type: array + page: + type: number + perPage: + type: number + total: + type: number + required: + - items + - total + - page + - perPage + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet uninstall tokens + /api/fleet/uninstall_tokens/{uninstallTokenId}: + get: + description: Get one decrypted uninstall token by its ID + operationId: '%2Fapi%2Ffleet%2Funinstall_tokens%2F%7BuninstallTokenId%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: uninstallTokenId + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + created_at: + type: string + id: + type: string + namespaces: + items: + type: string + type: array + policy_id: + type: string + policy_name: + nullable: true + type: string + token: + type: string + required: + - id + - policy_id + - created_at + - token + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet uninstall tokens + /api/lists: + delete: + description: | + Delete a list using the list ID. + > info + > When you delete a list, all of its list items are also deleted. + operationId: DeleteList + parameters: + - description: List's `id` value + in: query + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Lists_API_ListId' + - in: query + name: deleteReferences + required: false + schema: + default: false + type: boolean + - in: query + name: ignoreReferences + required: false + schema: + default: false + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Delete a list + tags: + - Security Lists API + get: + description: Get the details of a list using the list ID. + operationId: ReadList + parameters: + - description: List's `id` value + in: query + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Lists_API_ListId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Get list details + tags: + - Security Lists API + patch: + description: Update specific fields of an existing list using the list ID. + operationId: PatchList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + description: + $ref: '#/components/schemas/Security_Lists_API_ListDescription' + id: + $ref: '#/components/schemas/Security_Lists_API_ListId' + meta: + $ref: '#/components/schemas/Security_Lists_API_ListMetadata' + name: + $ref: '#/components/schemas/Security_Lists_API_ListName' + version: + minimum: 1 + type: integer + required: + - id + description: List's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Patch a list + tags: + - Security Lists API + post: + description: Create a new list. + operationId: CreateList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + description: + $ref: '#/components/schemas/Security_Lists_API_ListDescription' + deserializer: + type: string + id: + $ref: '#/components/schemas/Security_Lists_API_ListId' + meta: + $ref: '#/components/schemas/Security_Lists_API_ListMetadata' + name: + $ref: '#/components/schemas/Security_Lists_API_ListName' + serializer: + type: string + type: + $ref: '#/components/schemas/Security_Lists_API_ListType' + version: + default: 1 + minimum: 1 + type: integer + required: + - name + - description + - type + description: List's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List already exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Create a list + tags: + - Security Lists API + put: + description: > + Update a list using the list ID. The original list is replaced, and all + unspecified fields are deleted. + + > info + + > You cannot modify the `id` value. + operationId: UpdateList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + description: + $ref: '#/components/schemas/Security_Lists_API_ListDescription' + id: + $ref: '#/components/schemas/Security_Lists_API_ListId' + meta: + $ref: '#/components/schemas/Security_Lists_API_ListMetadata' + name: + $ref: '#/components/schemas/Security_Lists_API_ListName' + version: + minimum: 1 + type: integer + required: + - id + - name + - description + description: List's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Update a list + tags: + - Security Lists API + /api/lists/_find: + get: + description: >- + Get a paginated subset of lists. By default, the first page is returned, + with 20 results per page. + operationId: FindLists + parameters: + - description: The page number to return + in: query + name: page + required: false + schema: + type: integer + - description: The number of lists to return per page + in: query + name: per_page + required: false + schema: + type: integer + - description: Determines which field is used to sort the results + in: query + name: sort_field + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_NonEmptyString' + - description: Determines the sort order, which can be `desc` or `asc` + in: query + name: sort_order + required: false + schema: + enum: + - desc + - asc + type: string + - description: > + Returns the list that come after the last list returned in the + previous call + + (use the cursor value returned in the previous call). This parameter + uses + + the `tie_breaker_id` field to ensure all lists are sorted and + returned correctly. + in: query + name: cursor + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_FindListsCursor' + - description: > + Filters the returned results according to the value of the specified + field, + + using the : syntax. + in: query + name: filter + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_FindListsFilter' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + cursor: + $ref: '#/components/schemas/Security_Lists_API_FindListsCursor' + data: + items: + $ref: '#/components/schemas/Security_Lists_API_List' + type: array + page: + minimum: 0 + type: integer + per_page: + minimum: 0 + type: integer + total: + minimum: 0 + type: integer + required: + - data + - page + - per_page + - total + - cursor + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Get lists + tags: + - Security Lists API + /api/lists/index: + delete: + description: Delete the `.lists` and `.items` data streams. + operationId: DeleteListIndex + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + acknowledged: + type: boolean + required: + - acknowledged + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List data stream not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Delete list data streams + tags: + - Security Lists API + get: + description: Verify that `.lists` and `.items` data streams exist. + operationId: ReadListIndex + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + list_index: + type: boolean + list_item_index: + type: boolean + required: + - list_index + - list_item_index + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List data stream(s) not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Get status of list data streams + tags: + - Security Lists API + post: + description: Create `.lists` and `.items` data streams in the relevant space. + operationId: CreateListIndex + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + acknowledged: + type: boolean + required: + - acknowledged + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List data stream exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Create list data streams + tags: + - Security Lists API + /api/lists/items: + delete: + description: Delete a list item using its `id`, or its `list_id` and `value` fields. + operationId: DeleteListItem + parameters: + - description: Required if `list_id` and `value` are not specified + in: query + name: id + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_ListId' + - description: Required if `id` is not specified + in: query + name: list_id + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_ListId' + - description: Required if `id` is not specified + in: query + name: value + required: false + schema: + type: string + - description: >- + Determines when changes made by the request are made visible to + search + in: query + name: refresh + required: false + schema: + default: 'false' + enum: + - 'true' + - 'false' + - wait_for + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: '#/components/schemas/Security_Lists_API_ListItem' + - items: + $ref: '#/components/schemas/Security_Lists_API_ListItem' + type: array + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Delete a list item + tags: + - Security Lists API + get: + description: Get the details of a list item. + operationId: ReadListItem + parameters: + - description: Required if `list_id` and `value` are not specified + in: query + name: id + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_ListId' + - description: Required if `id` is not specified + in: query + name: list_id + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_ListId' + - description: Required if `id` is not specified + in: query + name: value + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: '#/components/schemas/Security_Lists_API_ListItem' + - items: + $ref: '#/components/schemas/Security_Lists_API_ListItem' + type: array + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Get a list item + tags: + - Security Lists API + patch: + description: Update specific fields of an existing list item using the list item ID. + operationId: PatchListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + id: + $ref: '#/components/schemas/Security_Lists_API_ListItemId' + meta: + $ref: '#/components/schemas/Security_Lists_API_ListItemMetadata' + refresh: + description: >- + Determines when changes made by the request are made visible + to search + enum: + - 'true' + - 'false' + - wait_for + type: string + value: + $ref: '#/components/schemas/Security_Lists_API_ListItemValue' + required: + - id + description: List item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_ListItem' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Patch a list item + tags: + - Security Lists API + post: + description: > + Create a list item and associate it with the specified list. + + + All list items in the same list must be the same type. For example, each + list item in an `ip` list must define a specific IP address. + + > info + + > Before creating a list item, you must create a list. + operationId: CreateListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + id: + $ref: '#/components/schemas/Security_Lists_API_ListItemId' + list_id: + $ref: '#/components/schemas/Security_Lists_API_ListId' + meta: + $ref: '#/components/schemas/Security_Lists_API_ListItemMetadata' + refresh: + description: >- + Determines when changes made by the request are made visible + to search + enum: + - 'true' + - 'false' + - wait_for + type: string + value: + $ref: '#/components/schemas/Security_Lists_API_ListItemValue' + required: + - list_id + - value + description: List item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_ListItem' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List item already exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Create a list item + tags: + - Security Lists API + put: + description: > + Update a list item using the list item ID. The original list item is + replaced, and all unspecified fields are deleted. + + > info + + > You cannot modify the `id` value. + operationId: UpdateListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + id: + $ref: '#/components/schemas/Security_Lists_API_ListItemId' + meta: + $ref: '#/components/schemas/Security_Lists_API_ListItemMetadata' + value: + $ref: '#/components/schemas/Security_Lists_API_ListItemValue' + required: + - id + - value + description: List item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_ListItem' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Update a list item + tags: + - Security Lists API + /api/lists/items/_export: + post: + description: Export list item values from the specified list. + operationId: ExportListItems + parameters: + - description: List's id to export + in: query + name: list_id + required: true + schema: + $ref: '#/components/schemas/Security_Lists_API_ListId' + responses: + '200': + content: + application/ndjson; Elastic-Api-Version=2023-10-31: + schema: + description: A `.txt` file containing list items from the specified list + format: binary + type: string + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Export list items + tags: + - Security Lists API + /api/lists/items/_find: + get: + description: Get all list items in the specified list. + operationId: FindListItems + parameters: + - description: List's id + in: query + name: list_id + required: true + schema: + $ref: '#/components/schemas/Security_Lists_API_ListId' + - description: The page number to return + in: query + name: page + required: false + schema: + type: integer + - description: The number of list items to return per page + in: query + name: per_page + required: false + schema: + type: integer + - description: Determines which field is used to sort the results + in: query + name: sort_field + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_NonEmptyString' + - description: Determines the sort order, which can be `desc` or `asc` + in: query + name: sort_order + required: false + schema: + enum: + - desc + - asc + type: string + - description: > + Returns the list that come after the last list returned in the + previous call + + (use the cursor value returned in the previous call). This parameter + uses + + the `tie_breaker_id` field to ensure all lists are sorted and + returned correctly. + in: query + name: cursor + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_FindListItemsCursor' + - description: > + Filters the returned results according to the value of the specified + field, + + using the : syntax. + in: query + name: filter + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_FindListItemsFilter' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + cursor: + $ref: >- + #/components/schemas/Security_Lists_API_FindListItemsCursor + data: + items: + $ref: '#/components/schemas/Security_Lists_API_ListItem' + type: array + page: + minimum: 0 + type: integer + per_page: + minimum: 0 + type: integer + total: + minimum: 0 + type: integer + required: + - data + - page + - per_page + - total + - cursor + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Get list items + tags: + - Security Lists API + /api/lists/items/_import: + post: + description: > + Import list items from a TXT or CSV file. The maximum file size is 9 + million bytes. + + + You can import items to a new or existing list. + operationId: ImportListItems + parameters: + - description: | + List's id. + + Required when importing to an existing list. + in: query + name: list_id + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_ListId' + - description: > + Type of the importing list. + + + Required when importing a new list that is `list_id` is not + specified. + in: query + name: type + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_ListType' + - in: query + name: serializer + required: false + schema: + type: string + - in: query + name: deserializer + required: false + schema: + type: string + - description: >- + Determines when changes made by the request are made visible to + search + in: query + name: refresh + required: false + schema: + enum: + - 'true' + - 'false' + - wait_for + type: string + requestBody: + content: + multipart/form-data; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + file: + description: >- + A `.txt` or `.csv` file containing newline separated list + items + format: binary + type: string + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List with specified list_id does not exist response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Import list items + tags: + - Security Lists API + /api/lists/privileges: + get: + operationId: ReadListPrivileges + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + is_authenticated: + type: boolean + listItems: + $ref: '#/components/schemas/Security_Lists_API_ListItemPrivileges' + lists: + $ref: '#/components/schemas/Security_Lists_API_ListPrivileges' + required: + - lists + - listItems + - is_authenticated + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Get list privileges + tags: + - Security Lists API + /api/ml/saved_objects/sync: + get: + description: > + Synchronizes Kibana saved objects for machine learning jobs and trained + models. This API runs automatically when you start Kibana and + periodically thereafter. + operationId: mlSync + parameters: + - $ref: '#/components/parameters/Machine_learning_APIs_simulateParam' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + syncExample: + $ref: '#/components/examples/Machine_learning_APIs_mlSyncExample' + schema: + $ref: '#/components/schemas/Machine_learning_APIs_mlSync200Response' + description: Indicates a successful call + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Machine_learning_APIs_mlSync4xxResponse' + description: Authorization information is missing or invalid. + summary: Sync machine learning saved objects + tags: + - ml + /api/note: + delete: + description: Delete a note from a Timeline using the note ID. + operationId: DeleteNote + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - nullable: true + type: object + properties: + noteId: + type: string + required: + - noteId + - nullable: true + type: object + properties: + noteIds: + items: + type: string + nullable: true + type: array + required: + - noteIds + description: The ID of the note to delete. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + description: Indicates the note was successfully deleted. + summary: Delete a note + tags: + - Security Timeline API + - access:securitySolution + get: + description: Get all notes for a given document. + operationId: GetNotes + parameters: + - in: query + name: documentIds + schema: + $ref: '#/components/schemas/Security_Timeline_API_DocumentIds' + - in: query + name: savedObjectIds + schema: + $ref: '#/components/schemas/Security_Timeline_API_SavedObjectIds' + - in: query + name: page + schema: + nullable: true + type: string + - in: query + name: perPage + schema: + nullable: true + type: string + - in: query + name: search + schema: + nullable: true + type: string + - in: query + name: sortField + schema: + nullable: true + type: string + - in: query + name: sortOrder + schema: + nullable: true + type: string + - in: query + name: filter + schema: + nullable: true + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: '#/components/schemas/Security_Timeline_API_GetNotesResult' + - type: object + description: Indicates the requested notes were returned. + summary: Get notes + tags: + - Security Timeline API + - access:securitySolution + patch: + description: Add a note to a Timeline or update an existing note. + operationId: PersistNoteRoute + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + eventDataView: + nullable: true + type: string + eventIngested: + nullable: true + type: string + eventTimestamp: + nullable: true + type: string + note: + $ref: '#/components/schemas/Security_Timeline_API_BareNote' + noteId: + nullable: true + type: string + overrideOwner: + nullable: true + type: boolean + version: + nullable: true + type: string + required: + - note + description: The note to add or update, along with additional metadata. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistNote: + $ref: >- + #/components/schemas/Security_Timeline_API_ResponseNote + required: + - persistNote + required: + - data + description: Indicates the note was successfully created. + summary: Add or update a note + tags: + - Security Timeline API + - access:securitySolution + /api/osquery/live_queries: + get: + description: Get a list of all live queries. + operationId: OsqueryFindLiveQueries + parameters: + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_FindLiveQueryRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get live queries + tags: + - Security Osquery API + post: + description: Create and run a live query. + operationId: OsqueryCreateLiveQuery + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_CreateLiveQueryRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Create a live query + tags: + - Security Osquery API + /api/osquery/live_queries/{id}: + get: + description: Get the details of a live query using the query ID. + operationId: OsqueryGetLiveQueryDetails + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Osquery_API_Id' + - in: query + name: query + schema: + additionalProperties: true + type: object + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get live query details + tags: + - Security Osquery API + /api/osquery/live_queries/{id}/results/{actionId}: + get: + description: Get the results of a live query using the query action ID. + operationId: OsqueryGetLiveQueryResults + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Osquery_API_Id' + - in: path + name: actionId + required: true + schema: + $ref: '#/components/schemas/Security_Osquery_API_Id' + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_GetLiveQueryResultsRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get live query results + tags: + - Security Osquery API + /api/osquery/packs: + get: + description: Get a list of all query packs. + operationId: OsqueryFindPacks + parameters: + - in: query + name: query + required: true + schema: + $ref: '#/components/schemas/Security_Osquery_API_FindPacksRequestQuery' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get packs + tags: + - Security Osquery API + post: + description: Create a query pack. + operationId: OsqueryCreatePacks + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Osquery_API_CreatePacksRequestBody' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Create a pack + tags: + - Security Osquery API + /api/osquery/packs/{id}: + delete: + description: Delete a query pack using the pack ID. + operationId: OsqueryDeletePacks + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Osquery_API_PackId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Delete a pack + tags: + - Security Osquery API + get: + description: Get the details of a query pack using the pack ID. + operationId: OsqueryGetPacksDetails + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Osquery_API_PackId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get pack details + tags: + - Security Osquery API + put: + description: | + Update a query pack using the pack ID. + > info + > You cannot update a prebuilt pack. + operationId: OsqueryUpdatePacks + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Osquery_API_PackId' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Osquery_API_UpdatePacksRequestBody' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Update a pack + tags: + - Security Osquery API + /api/osquery/saved_queries: + get: + description: Get a list of all saved queries. + operationId: OsqueryFindSavedQueries + parameters: + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_FindSavedQueryRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get saved queries + tags: + - Security Osquery API + post: + description: Create and run a saved query. + operationId: OsqueryCreateSavedQuery + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_CreateSavedQueryRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Create a saved query + tags: + - Security Osquery API + /api/osquery/saved_queries/{id}: + delete: + description: Delete a saved query using the query ID. + operationId: OsqueryDeleteSavedQuery + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Osquery_API_SavedQueryId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Delete a saved query + tags: + - Security Osquery API + get: + description: Get the details of a saved query using the query ID. + operationId: OsqueryGetSavedQueryDetails + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Osquery_API_SavedQueryId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get saved query details + tags: + - Security Osquery API + put: + description: | + Update a saved query using the query ID. + > info + > You cannot update a prebuilt saved query. + operationId: OsqueryUpdateSavedQuery + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Osquery_API_SavedQueryId' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_UpdateSavedQueryRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Update a saved query + tags: + - Security Osquery API + /api/pinned_event: + patch: + description: Pin an event to an existing Timeline. + operationId: PersistPinnedEventRoute + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + eventId: + type: string + pinnedEventId: + nullable: true + type: string + timelineId: + type: string + required: + - eventId + - timelineId + description: The pinned event to add or update, along with additional metadata. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistPinnedEventOnTimeline: + $ref: >- + #/components/schemas/Security_Timeline_API_PersistPinnedEventResponse + required: + - persistPinnedEventOnTimeline + required: + - data + description: Indicates the event was successfully pinned to the Timeline. + summary: Pin an event + tags: + - Security Timeline API + - access:securitySolution + /api/risk_score/engine/dangerously_delete_data: + delete: + description: >- + Cleaning up the the Risk Engine by removing the indices, mapping and + transforms + operationId: CleanUpRiskEngine + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + cleanup_successful: + type: boolean + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_TaskManagerUnavailableResponse + description: Task manager is unavailable + default: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_CleanUpRiskEngineErrorResponse + description: Unexpected error + summary: Cleanup the Risk Engine + tags: + - Security Entity Analytics API + /api/risk_score/engine/schedule_now: + post: + description: >- + Schedule the risk scoring engine to run as soon as possible. You can use + this to recalculate entity risk scores after updating their asset + criticality. + operationId: ScheduleRiskEngineNow + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: {} + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_RiskEngineScheduleNowResponse + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_TaskManagerUnavailableResponse + description: Task manager is unavailable + default: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_RiskEngineScheduleNowErrorResponse + description: Unexpected error + summary: Run the risk scoring engine + tags: + - Security Entity Analytics API + /api/saved_objects/_export: + post: + description: > + Retrieve sets of saved objects that you want to import into Kibana. + + You must include `type` or `objects` in the request body. + + + Exported saved objects are not backwards compatible and cannot be + imported into an older version of Kibana. + + + NOTE: The `savedObjects.maxImportExportSize` configuration setting + limits the number of saved objects which may be exported. + + + This functionality is in technical preview and may be changed or removed + in a future release. Elastic will work to fix any issues, but features + in technical preview are not subject to the support SLA of official GA + features. + operationId: exportSavedObjectsDefault + parameters: + - $ref: '#/components/parameters/Serverless_saved_objects_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + exportSavedObjectsRequest: + $ref: >- + #/components/examples/Serverless_saved_objects_export_objects_request + schema: + type: object + properties: + excludeExportDetails: + default: false + description: Do not add export details entry at the end of the stream. + type: boolean + includeReferencesDeep: + description: >- + Includes all of the referenced objects in the exported + objects. + type: boolean + objects: + description: A list of objects to export. + items: + type: object + type: array + type: + description: >- + The saved object types to include in the export. Use `*` to + export all the types. + oneOf: + - type: string + - items: + type: string + type: array + required: true + responses: + '200': + content: + application/x-ndjson; Elastic-Api-Version=2023-10-31: + examples: + exportSavedObjectsResponse: + $ref: >- + #/components/examples/Serverless_saved_objects_export_objects_response + schema: + additionalProperties: true + type: object + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Serverless_saved_objects_400_response' + description: Bad request. + summary: Export saved objects + tags: + - saved objects + /api/saved_objects/_import: + post: + description: > + Create sets of Kibana saved objects from a file created by the export + API. + + Saved objects can be imported only into the same version, a newer minor + on the same major, or the next major. Exported saved objects are not + backwards compatible and cannot be imported into an older version of + Kibana. + + + This functionality is in technical preview and may be changed or removed + in a future release. Elastic will work to fix any issues, but features + in technical preview are not subject to the support SLA of official GA + features. + operationId: importSavedObjectsDefault + parameters: + - $ref: '#/components/parameters/Serverless_saved_objects_kbn_xsrf' + - description: > + Creates copies of saved objects, regenerates each object ID, and + resets the origin. When used, potential conflict errors are avoided. + NOTE: This option cannot be used with the `overwrite` and + `compatibilityMode` options. + in: query + name: createNewCopies + required: false + schema: + type: boolean + - description: > + Overwrites saved objects when they already exist. When used, + potential conflict errors are automatically resolved by overwriting + the destination object. NOTE: This option cannot be used with the + `createNewCopies` option. + in: query + name: overwrite + required: false + schema: + type: boolean + - description: > + Applies various adjustments to the saved objects that are being + imported to maintain compatibility between different Kibana + versions. Use this option only if you encounter issues with imported + saved objects. NOTE: This option cannot be used with the + `createNewCopies` option. + in: query + name: compatibilityMode + required: false + schema: + type: boolean + requestBody: + content: + multipart/form-data; Elastic-Api-Version=2023-10-31: + examples: + importObjectsRequest: + $ref: >- + #/components/examples/Serverless_saved_objects_import_objects_request + schema: + type: object + properties: + file: + description: > + A file exported using the export API. NOTE: The + `savedObjects.maxImportExportSize` configuration setting + limits the number of saved objects which may be included in + this file. Similarly, the + `savedObjects.maxImportPayloadBytes` setting limits the + overall size of the file that can be imported. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + importObjectsResponse: + $ref: >- + #/components/examples/Serverless_saved_objects_import_objects_response + schema: + type: object + properties: + errors: + description: > + Indicates the import was unsuccessful and specifies the + objects that failed to import. + + + NOTE: One object may result in multiple errors, which + requires separate steps to resolve. For instance, a + `missing_references` error and conflict error. + items: + type: object + type: array + success: + description: > + Indicates when the import was successfully completed. When + set to false, some objects may not have been created. For + additional information, refer to the `errors` and + `successResults` properties. + type: boolean + successCount: + description: Indicates the number of successfully imported records. + type: integer + successResults: + description: > + Indicates the objects that are successfully imported, with + any metadata if applicable. + + + NOTE: Objects are created only when all resolvable errors + are addressed, including conflicts and missing references. + If objects are created as new copies, each entry in the + `successResults` array includes a `destinationId` + attribute. + items: + type: object + type: array + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Serverless_saved_objects_400_response' + description: Bad request. + summary: Import saved objects + tags: + - saved objects + x-codeSamples: + - label: Import with createNewCopies + lang: cURL + source: | + curl \ + -X POST api/saved_objects/_import?createNewCopies=true + -H "kbn-xsrf: true" + --form file=@file.ndjson + /api/security_ai_assistant/anonymization_fields/_bulk_action: + post: + description: >- + Apply a bulk action to multiple anonymization fields. The bulk action is + applied to all anonymization fields that match the filter or to the list + of anonymization fields by their IDs. + operationId: PerformAnonymizationFieldsBulkAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + create: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldCreateProps + type: array + delete: + type: object + properties: + ids: + description: Array of anonymization fields IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter anonymization fields + type: string + update: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldUpdateProps + type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldsBulkCrudActionResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Apply a bulk action to anonymization fields + tags: + - Security AI Assistant API + - Bulk API + /api/security_ai_assistant/anonymization_fields/_find: + get: + description: Get a list of all anonymization fields. + operationId: FindAnonymizationFields + parameters: + - in: query + name: fields + required: false + schema: + items: type: string - OriginWeather: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: OriginWeather - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false + type: array + - description: Search query + in: query + name: filter + required: false + schema: + type: string + - description: Field to sort by + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_FindAnonymizationFieldsSortField + - description: Sort order + in: query + name: sort_order + required: false + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_SortOrder' + - description: Page number + in: query + name: page + required: false + schema: + default: 1 + minimum: 1 + type: integer + - description: AnonymizationFields per page + in: query + name: per_page + required: false + schema: + default: 20 + minimum: 0 + type: integer + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldResponse + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + required: + - page + - perPage + - total + - data + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Get anonymization fields + tags: + - Security AI Assistant API + - AnonymizationFields API + /api/security_ai_assistant/chat/complete: + post: + description: Create a model response for the given chat conversation. + operationId: ChatComplete + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_ChatCompleteProps' + required: true + responses: + '200': + content: + application/octet-stream; Elastic-Api-Version=2023-10-31: + schema: + format: binary + type: string + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Create a model response + tags: + - Security AI Assistant API + - Chat Complete API + /api/security_ai_assistant/current_user/conversations: + post: + description: Create a new Security AI Assistant conversation. + operationId: CreateConversation + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationCreateProps + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Create a conversation + tags: + - Security AI Assistant API + - Conversation API + /api/security_ai_assistant/current_user/conversations/_find: + get: + description: Get a list of all conversations for the current user. + operationId: FindConversations + parameters: + - in: query + name: fields + required: false + schema: + items: type: string - timestamp: - aggregatable: true - count: 0 - esTypes: - - date - format: - id: date - isMapped: true - name: timestamp - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: date - id: d3d7af60-4c81-11e8-b3d7-01146121b73d - name: Kibana Sample Data Flights - runtimeFieldMap: - hour_of_day: - script: - source: emit(doc['timestamp'].value.getHour()); - type: long - sourceFilters: [] - timeFieldName: timestamp - title: kibana_sample_data_flights - version: WzM2LDJd - fields: - - aggregatable: true - count: 0 - esTypes: - - long - name: hour_of_day - readFromDocValues: false - runtimeField: - script: - source: emit(doc['timestamp'].value.getHour()); - type: long - scripted: false - searchable: true - shortDotsEnable: false - type: number - Data_views_preview_swap_data_view_request: - summary: Preview swapping references from data view ID "abcd-efg" to "xyz-123". - value: - fromId: abcd-efg - toId: xyz-123 - Data_views_set_default_data_view_request: - summary: Set the default data view identifier. - value: - data_view_id: ff959d40-b880-11e8-a6d9-e546fe2bba5f - force: true - Data_views_swap_data_view_request: - summary: >- - Swap references from data view ID "abcd-efg" to "xyz-123" and remove the - data view that is no longer referenced. - value: - delete: true - fromId: abcd-efg - toId: xyz-123 - Data_views_update_data_view_request: - summary: Update some properties for a data view. - value: - data_view: - allowNoIndex: false - name: Kibana Sample Data eCommerce - timeFieldName: order_date - title: kibana_sample_data_ecommerce - refresh_fields: true - Data_views_update_field_metadata_request: - summary: Update metadata for multiple fields. - value: - fields: - field1: - count: 123 - customLabel: Field 1 label - field2: - customDescription: Field 2 description - customLabel: Field 2 label - Data_views_update_runtime_field_request: - summary: Update an existing runtime field on a data view. - value: - runtimeField: - script: - source: emit(doc["bar"].value) - Machine_learning_APIs_mlSyncExample: - summary: Two anomaly detection jobs required synchronization in this example. - value: - datafeedsAdded: {} - datafeedsRemoved: {} - savedObjectsCreated: - anomaly-detector: - myjob1: - success: true - myjob2: - success: true - savedObjectsDeleted: {} - Serverless_saved_objects_export_objects_request: - summary: Export a specific saved object. - value: - excludeExportDetails: true - includeReferencesDeep: false - objects: - - id: de71f4f0-1902-11e9-919b-ffe5949a18d2 - type: map - Serverless_saved_objects_export_objects_response: - summary: >- - The export objects API response contains a JSON record for each exported - object. - value: - attributes: - description: '' - layerListJSON: >- - [{"id":"0hmz5","alpha":1,"sourceDescriptor":{"type":"EMS_TMS","isAutoSelect":true,"lightModeDefault":"road_map_desaturated"},"visible":true,"style":{},"type":"EMS_VECTOR_TILE","minZoom":0,"maxZoom":24},{"id":"edh66","label":"Total - Requests by - Destination","minZoom":0,"maxZoom":24,"alpha":0.5,"sourceDescriptor":{"type":"EMS_FILE","id":"world_countries","tooltipProperties":["name","iso2"]},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"DYNAMIC","options":{"field":{"name":"__kbnjoin__count__673ff994-fc75-4c67-909b-69fcb0e1060e","origin":"join"},"color":"Greys","fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"lineColor":{"type":"STATIC","options":{"color":"#FFFFFF"}},"lineWidth":{"type":"STATIC","options":{"size":1}},"iconSize":{"type":"STATIC","options":{"size":10}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR","joins":[{"leftField":"iso2","right":{"type":"ES_TERM_SOURCE","id":"673ff994-fc75-4c67-909b-69fcb0e1060e","indexPatternTitle":"kibana_sample_data_logs","term":"geo.dest","indexPatternRefName":"layer_1_join_0_index_pattern","metrics":[{"type":"count","label":"web - logs - count"}],"applyGlobalQuery":true}}]},{"id":"gaxya","label":"Actual - Requests","minZoom":9,"maxZoom":24,"alpha":1,"sourceDescriptor":{"id":"b7486535-171b-4d3b-bb2e-33c1a0a2854c","type":"ES_SEARCH","geoField":"geo.coordinates","limit":2048,"filterByMapBounds":true,"tooltipProperties":["clientip","timestamp","host","request","response","machine.os","agent","bytes"],"indexPatternRefName":"layer_2_source_index_pattern","applyGlobalQuery":true,"scalingType":"LIMIT"},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"STATIC","options":{"color":"#2200ff"}},"lineColor":{"type":"STATIC","options":{"color":"#FFFFFF"}},"lineWidth":{"type":"STATIC","options":{"size":2}},"iconSize":{"type":"DYNAMIC","options":{"field":{"name":"bytes","origin":"source"},"minSize":1,"maxSize":23,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR"},{"id":"tfi3f","label":"Total - Requests and - Bytes","minZoom":0,"maxZoom":9,"alpha":1,"sourceDescriptor":{"type":"ES_GEO_GRID","resolution":"COARSE","id":"8aaa65b5-a4e9-448b-9560-c98cb1c5ac5b","geoField":"geo.coordinates","requestType":"point","metrics":[{"type":"count","label":"web - logs - count"},{"type":"sum","field":"bytes"}],"indexPatternRefName":"layer_3_source_index_pattern","applyGlobalQuery":true},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"color":"Blues","fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"lineColor":{"type":"STATIC","options":{"color":"#cccccc"}},"lineWidth":{"type":"STATIC","options":{"size":1}},"iconSize":{"type":"DYNAMIC","options":{"field":{"name":"sum_of_bytes","origin":"source"},"minSize":7,"maxSize":25,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"labelText":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"labelSize":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"minSize":12,"maxSize":24,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR"}] - mapStateJSON: >- - {"zoom":3.64,"center":{"lon":-88.92107,"lat":42.16337},"timeFilters":{"from":"now-7d","to":"now"},"refreshConfig":{"isPaused":true,"interval":0},"query":{"language":"kuery","query":""},"settings":{"autoFitToDataBounds":false}} - title: '[Logs] Total Requests and Bytes' - uiStateJSON: '{"isDarkMode":false}' - coreMigrationVersion: 8.8.0 - created_at: '2023-08-23T20:03:32.204Z' - id: de71f4f0-1902-11e9-919b-ffe5949a18d2 - managed: false - references: - - id: 90943e30-9a47-11e8-b64d-95841ca0b247 - name: layer_1_join_0_index_pattern - type: index-pattern - - id: 90943e30-9a47-11e8-b64d-95841ca0b247 - name: layer_2_source_index_pattern - type: index-pattern - - id: 90943e30-9a47-11e8-b64d-95841ca0b247 - name: layer_3_source_index_pattern - type: index-pattern - type: map - typeMigrationVersion: 8.4.0 - updated_at: '2023-08-23T20:03:32.204Z' - version: WzEzLDFd - Serverless_saved_objects_import_objects_request: + type: array + - description: Search query + in: query + name: filter + required: false + schema: + type: string + - description: Field to sort by + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_FindConversationsSortField + - description: Sort order + in: query + name: sort_order + required: false + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_SortOrder' + - description: Page number + in: query + name: page + required: false + schema: + default: 1 + minimum: 1 + type: integer + - description: Conversations per page + in: query + name: per_page + required: false + schema: + default: 20 + minimum: 0 + type: integer + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + required: + - page + - perPage + - total + - data + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Get conversations + tags: + - Security AI Assistant API + - Conversations API + /api/security_ai_assistant/current_user/conversations/{id}: + delete: + description: Delete an existing conversation using the conversation ID. + operationId: DeleteConversation + parameters: + - description: The conversation's `id` value. + in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Delete a conversation + tags: + - Security AI Assistant API + - Conversation API + get: + description: Get the details of an existing conversation using the conversation ID. + operationId: ReadConversation + parameters: + - description: The conversation's `id` value. + in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Get a conversation + tags: + - Security AI Assistant API + - Conversations API + put: + description: Update an existing conversation using the conversation ID. + operationId: UpdateConversation + parameters: + - description: The conversation's `id` value. + in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationUpdateProps + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Update a conversation + tags: + - Security AI Assistant API + - Conversation API + /api/security_ai_assistant/prompts/_bulk_action: + post: + description: >- + Apply a bulk action to multiple prompts. The bulk action is applied to + all prompts that match the filter or to the list of prompts by their + IDs. + operationId: PerformPromptsBulkAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + create: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptCreateProps + type: array + delete: + type: object + properties: + ids: + description: Array of prompts IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter promps + type: string + update: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptUpdateProps + type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptsBulkCrudActionResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Apply a bulk action to prompts + tags: + - Security AI Assistant API + - Bulk API + /api/security_ai_assistant/prompts/_find: + get: + description: Get a list of all prompts. + operationId: FindPrompts + parameters: + - in: query + name: fields + required: false + schema: + items: + type: string + type: array + - description: Search query + in: query + name: filter + required: false + schema: + type: string + - description: Field to sort by + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_FindPromptsSortField + - description: Sort order + in: query + name: sort_order + required: false + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_SortOrder' + - description: Page number + in: query + name: page + required: false + schema: + default: 1 + minimum: 1 + type: integer + - description: Prompts per page + in: query + name: per_page + required: false + schema: + default: 20 + minimum: 0 + type: integer + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptResponse + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + required: + - page + - perPage + - total + - data + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Get prompts + tags: + - Security AI Assistant API + - Prompts API + /api/spaces/space: + get: + description: Get all spaces + operationId: '%2Fapi%2Fspaces%2Fspace#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: purpose + required: false + schema: + enum: + - any + - copySavedObjectsIntoSpace + - shareSavedObjectsIntoSpace + type: string + - in: query + name: include_authorized_purposes + required: true + schema: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - enum: + - false + type: boolean + x-oas-optional: true + - type: boolean + x-oas-optional: true + responses: {} + summary: '' + tags: + - spaces + post: + description: Create a space + operationId: '%2Fapi%2Fspaces%2Fspace#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + _reserved: + type: boolean + color: + type: string + description: + type: string + disabledFeatures: + default: [] + items: + type: string + type: array + id: + type: string + imageUrl: + type: string + initials: + maxLength: 2 + type: string + name: + minLength: 1 + type: string + required: + - id + - name + responses: {} + summary: '' + tags: + - spaces + /api/spaces/space/{id}: + delete: + description: Delete a space + operationId: '%2Fapi%2Fspaces%2Fspace%2F%7Bid%7D#2' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: id + required: true + schema: + type: string + responses: {} + summary: '' + tags: + - spaces + get: + description: Get a space + operationId: '%2Fapi%2Fspaces%2Fspace%2F%7Bid%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: id + required: true + schema: + type: string + responses: {} + summary: '' + tags: + - spaces + put: + description: Update a space + operationId: '%2Fapi%2Fspaces%2Fspace%2F%7Bid%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: id + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + _reserved: + type: boolean + color: + type: string + description: + type: string + disabledFeatures: + default: [] + items: + type: string + type: array + id: + type: string + imageUrl: + type: string + initials: + maxLength: 2 + type: string + name: + minLength: 1 + type: string + required: + - id + - name + responses: {} + summary: '' + tags: + - spaces + /api/status: + get: + operationId: '%2Fapi%2Fstatus#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: Set to "true" to get the response in v7 format. + in: query + name: v7format + required: false + schema: + type: boolean + - description: Set to "true" to get the response in v8 format. + in: query + name: v8format + required: false + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + anyOf: + - $ref: '#/components/schemas/Kibana_HTTP_APIs_core_status_response' + - $ref: >- + #/components/schemas/Kibana_HTTP_APIs_core_status_redactedResponse + description: >- + Kibana's operational status. A minimal response is sent for + unauthorized users. + description: Overall status is OK and Kibana should be functioning normally. + '503': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + anyOf: + - $ref: '#/components/schemas/Kibana_HTTP_APIs_core_status_response' + - $ref: >- + #/components/schemas/Kibana_HTTP_APIs_core_status_redactedResponse + description: >- + Kibana's operational status. A minimal response is sent for + unauthorized users. + description: >- + Kibana or some of it's essential services are unavailable. Kibana + may be degraded or unavailable. + summary: Get Kibana's current status + tags: + - system + /api/timeline: + delete: + description: Delete one or more Timelines or Timeline templates. + operationId: DeleteTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + savedObjectIds: + items: + type: string + type: array + searchIds: + description: >- + Saved search ids that should be deleted alongside the + timelines + items: + type: string + type: array + required: + - savedObjectIds + description: The IDs of the Timelines or Timeline templates to delete. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + deleteTimeline: + type: boolean + required: + - deleteTimeline + required: + - data + description: Indicates the Timeline was successfully deleted. + summary: Delete Timelines or Timeline templates + tags: + - Security Timeline API + - access:securitySolution + get: + description: Get the details of an existing saved Timeline or Timeline template. + operationId: GetTimeline + parameters: + - description: The ID of the template timeline to retrieve + in: query + name: template_timeline_id + schema: + type: string + - description: The ID of the Timeline to retrieve. + in: query + name: id + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - type: object + properties: + data: + type: object + properties: + getOneTimeline: + $ref: >- + #/components/schemas/Security_Timeline_API_TimelineResponse + required: + - getOneTimeline + required: + - data + - additionalProperties: false + type: object + description: Indicates that the (template) Timeline was found and returned. + summary: Get Timeline or Timeline template details + tags: + - Security Timeline API + - access:securitySolution + patch: + description: >- + Update an existing Timeline. You can update the title, description, date + range, pinned events, pinned queries, and/or pinned saved queries of an + existing Timeline. + operationId: PatchTimeline + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + timeline: + $ref: '#/components/schemas/Security_Timeline_API_SavedTimeline' + timelineId: + nullable: true + type: string + version: + nullable: true + type: string + required: + - timelineId + - version + - timeline + description: The Timeline updates, along with the Timeline ID and version. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Timeline_API_PersistTimelineResponse + description: >- + Indicates that the draft Timeline was successfully created. In the + event the user already has a draft Timeline, the existing draft + Timeline is cleared and returned. + '405': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: >- + Indicates that the user does not have the required access to create + a draft Timeline. + summary: Update a Timeline + tags: + - Security Timeline API + - access:securitySolution + post: + description: Create a new Timeline or Timeline template. + operationId: CreateTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + status: + $ref: '#/components/schemas/Security_Timeline_API_TimelineStatus' + nullable: true + templateTimelineId: + nullable: true + type: string + templateTimelineVersion: + nullable: true + type: number + timeline: + $ref: '#/components/schemas/Security_Timeline_API_SavedTimeline' + timelineId: + nullable: true + type: string + timelineType: + $ref: '#/components/schemas/Security_Timeline_API_TimelineType' + nullable: true + version: + nullable: true + type: string + required: + - timeline + description: >- + The required Timeline fields used to create a new Timeline, along with + optional fields that will be created if not provided. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Timeline_API_PersistTimelineResponse + description: Indicates the Timeline was successfully created. + '405': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: Indicates that there was an error in the Timeline creation. + summary: Create a Timeline or Timeline template + tags: + - Security Timeline API + - access:securitySolution + /api/timeline/_copy: + get: + description: | + Copies and returns a timeline or timeline template. + operationId: CopyTimeline + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + timeline: + $ref: '#/components/schemas/Security_Timeline_API_SavedTimeline' + timelineIdToCopy: + type: string + required: + - timeline + - timelineIdToCopy + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Timeline_API_PersistTimelineResponse + description: Indicates that the timeline has been successfully copied. + summary: Copies timeline or timeline template + tags: + - Security Timeline API + - access:securitySolution + /api/timeline/_draft: + get: + description: >- + Get the details of the draft Timeline or Timeline template for the + current user. If the user doesn't have a draft Timeline, an empty + Timeline is returned. + operationId: GetDraftTimelines + parameters: + - in: query + name: timelineType + required: true + schema: + $ref: '#/components/schemas/Security_Timeline_API_TimelineType' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Timeline_API_PersistTimelineResponse + description: Indicates that the draft Timeline was successfully retrieved. + '403': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + message: + type: string + status_code: + type: number + description: >- + If a draft Timeline was not found and we attempted to create one, it + indicates that the user does not have the required permissions to + create a draft Timeline. + '409': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + message: + type: string + status_code: + type: number + description: >- + This should never happen, but if a draft Timeline was not found and + we attempted to create one, it indicates that there is already a + draft Timeline with the given `timelineId`. + summary: Get draft Timeline or Timeline template details + tags: + - Security Timeline API + - access:securitySolution + post: + description: > + Create a clean draft Timeline or Timeline template for the current user. + + > info + + > If the user already has a draft Timeline, the existing draft Timeline + is cleared and returned. + operationId: CleanDraftTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + timelineType: + $ref: '#/components/schemas/Security_Timeline_API_TimelineType' + required: + - timelineType + description: >- + The type of Timeline to create. Valid values are `default` and + `template`. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Timeline_API_PersistTimelineResponse + description: >- + Indicates that the draft Timeline was successfully created. In the + event the user already has a draft Timeline, the existing draft + Timeline is cleared and returned. + '403': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + message: + type: string + status_code: + type: number + description: >- + Indicates that the user does not have the required permissions to + create a draft Timeline. + '409': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + message: + type: string + status_code: + type: number + description: >- + Indicates that there is already a draft Timeline with the given + `timelineId`. + summary: Create a clean draft Timeline or Timeline template + tags: + - Security Timeline API + - access:securitySolution + /api/timeline/_export: + post: + description: Export Timelines as an NDJSON file. + operationId: ExportTimelines + parameters: + - description: The name of the file to export + in: query + name: file_name + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + ids: + items: + type: string + nullable: true + type: array + description: The IDs of the Timelines to export. + required: true + responses: + '200': + content: + application/ndjson; Elastic-Api-Version=2023-10-31: + schema: + description: NDJSON of the exported Timelines + type: string + description: Indicates the Timelines were successfully exported. + '400': + content: + application/ndjson; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: Indicates that the export size limit was exceeded. + summary: Export Timelines + tags: + - Security Timeline API + - access:securitySolution + /api/timeline/_favorite: + patch: + description: Favorite a Timeline or Timeline template for the current user. + operationId: PersistFavoriteRoute + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + templateTimelineId: + nullable: true + type: string + templateTimelineVersion: + nullable: true + type: number + timelineId: + nullable: true + type: string + timelineType: + $ref: '#/components/schemas/Security_Timeline_API_TimelineType' + nullable: true + required: + - timelineId + - templateTimelineId + - templateTimelineVersion + - timelineType + description: The required fields used to favorite a (template) Timeline. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistFavorite: + $ref: >- + #/components/schemas/Security_Timeline_API_FavoriteTimelineResponse + required: + - persistFavorite + required: + - data + description: Indicates the favorite status was successfully updated. + '403': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: >- + Indicates the user does not have the required permissions to persist + the favorite status. + summary: Favorite a Timeline or Timeline template + tags: + - Security Timeline API + - access:securitySolution + /api/timeline/_import: + post: + description: Import Timelines. + operationId: ImportTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + file: {} + isImmutable: + enum: + - 'true' + - 'false' + type: string + required: + - file + description: The Timelines to import as a readable stream. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Timeline_API_ImportTimelineResult + description: Indicates the import of Timelines was successful. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + id: + type: string + statusCode: + type: number + description: >- + Indicates the import of Timelines was unsuccessful because of an + invalid file extension. + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + id: + type: string + statusCode: + type: number + description: >- + Indicates that we were unable to locate the saved object client + necessary to handle the import. + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + id: + type: string + statusCode: + type: number + description: Indicates the import of Timelines was unsuccessful. + summary: Import Timelines + tags: + - Security Timeline API + - access:securitySolution + /api/timeline/_prepackaged: + post: + description: Install or update prepackaged Timelines. + operationId: InstallPrepackedTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + prepackagedTimelines: + items: + $ref: >- + #/components/schemas/Security_Timeline_API_TimelineSavedToReturnObject + nullable: true + type: array + timelinesToInstall: + items: + $ref: '#/components/schemas/Security_Timeline_API_ImportTimelines' + nullable: true + type: array + timelinesToUpdate: + items: + $ref: '#/components/schemas/Security_Timeline_API_ImportTimelines' + nullable: true + type: array + required: + - timelinesToInstall + - timelinesToUpdate + - prepackagedTimelines + description: The Timelines to install or update. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Timeline_API_ImportTimelineResult + description: Indicates the installation of prepackaged Timelines was successful. + '500': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: >- + Indicates the installation of prepackaged Timelines was + unsuccessful. + summary: Install prepackaged Timelines + tags: + - Security Timeline API + - access:securitySolution + /api/timeline/resolve: + get: + operationId: ResolveTimeline + parameters: + - description: The ID of the template timeline to resolve + in: query + name: template_timeline_id + schema: + type: string + - description: The ID of the timeline to resolve + in: query + name: id + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - type: object + properties: + data: + $ref: >- + #/components/schemas/Security_Timeline_API_ResolvedTimeline + required: + - data + - additionalProperties: false + type: object + description: The (template) Timeline has been found + '400': + description: The request is missing parameters + '404': + description: The (template) Timeline was not found + summary: Get an existing saved Timeline or Timeline template + tags: + - Security Timeline API + - access:securitySolution + /api/timelines: + get: + description: Get a list of all saved Timelines or Timeline templates. + operationId: GetTimelines + parameters: + - description: >- + If true, only timelines that are marked as favorites by the user are + returned. + in: query + name: only_user_favorite + schema: + enum: + - 'true' + - 'false' + nullable: true + type: string + - in: query + name: timeline_type + schema: + $ref: '#/components/schemas/Security_Timeline_API_TimelineType' + nullable: true + - in: query + name: sort_field + schema: + $ref: '#/components/schemas/Security_Timeline_API_SortFieldTimeline' + - in: query + name: sort_order + schema: + enum: + - asc + - desc + type: string + - in: query + name: page_size + schema: + nullable: true + type: string + - in: query + name: page_index + schema: + nullable: true + type: string + - in: query + name: search + schema: + nullable: true + type: string + - in: query + name: status + schema: + $ref: '#/components/schemas/Security_Timeline_API_TimelineStatus' + nullable: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + customTemplateTimelineCount: + type: number + defaultTimelineCount: + type: number + elasticTemplateTimelineCount: + type: number + favoriteCount: + type: number + templateTimelineCount: + type: number + timeline: + items: + $ref: >- + #/components/schemas/Security_Timeline_API_TimelineResponse + type: array + totalCount: + type: number + required: + - timeline + - totalCount + description: Indicates that the (template) Timelines were found and returned. + '400': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: Bad request. The user supplied invalid data. + summary: Get Timelines or Timeline templates + tags: + - Security Timeline API + - access:securitySolution + /s/{spaceId}/api/observability/slos: + get: + description: > + You must have the `read` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: findSlosOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - description: A valid kql query to filter the SLO with + example: 'slo.name:latency* and slo.tags : "prod"' + in: query + name: kqlQuery + schema: + type: string + - description: The page to use for pagination, must be greater or equal than 1 + example: 1 + in: query + name: page + schema: + default: 1 + type: integer + - description: Number of SLOs returned by page + example: 25 + in: query + name: perPage + schema: + default: 25 + maximum: 5000 + type: integer + - description: Sort by field + example: status + in: query + name: sortBy + schema: + default: status + enum: + - sli_value + - status + - error_budget_consumed + - error_budget_remaining + type: string + - description: Sort order + example: asc + in: query + name: sortDirection + schema: + default: asc + enum: + - asc + - desc + type: string + - description: >- + Hide stale SLOs from the list as defined by stale SLO threshold in + SLO settings + in: query + name: hideStale + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_find_slo_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Get a paginated list of SLOs + tags: + - slo + post: + description: > + You must have `all` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: createSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_create_slo_request' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_create_slo_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_409_response' + description: Conflict - The SLO id already exists + servers: + - url: https://localhost:5601 + summary: Create an SLO + tags: + - slo + /s/{spaceId}/api/observability/slos/_delete_instances: + post: + description: > + The deletion occurs for the specified list of `sloId` and `instanceId`. + You must have `all` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: deleteSloInstancesOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_delete_slo_instances_request' + required: true + responses: + '204': + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + servers: + - url: https://localhost:5601 + summary: Batch delete rollup and summary data + tags: + - slo + /s/{spaceId}/api/observability/slos/{sloId}: + delete: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: deleteSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + responses: + '204': + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Delete an SLO + tags: + - slo + get: + description: > + You must have the `read` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: getSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + - description: the specific instanceId used by the summary calculation + example: host-abcde + in: query + name: instanceId + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_slo_with_summary_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Get an SLO + tags: + - slo + put: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: updateSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_update_slo_request' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_slo_definition_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Update an SLO + tags: + - slo + /s/{spaceId}/api/observability/slos/{sloId}/_reset: + post: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: resetSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + responses: + '204': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_slo_definition_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Reset an SLO + tags: + - slo + /s/{spaceId}/api/observability/slos/{sloId}/disable: + post: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: disableSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + responses: + '200': + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Disable an SLO + tags: + - slo + /s/{spaceId}/api/observability/slos/{sloId}/enable: + post: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: enableSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + responses: + '204': + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Enable an SLO + tags: + - slo +components: + examples: + Data_views_create_data_view_request: + summary: Create a data view with runtime fields. value: - file: file.ndjson - Serverless_saved_objects_import_objects_response: + data_view: + name: My Logstash data view + runtimeFieldMap: + runtime_shape_name: + script: + source: emit(doc['shape_name'].value) + type: keyword + title: logstash-* + Data_views_create_runtime_field_request: + summary: Create a runtime field. + value: + name: runtimeFoo + runtimeField: + script: + source: emit(doc["foo"].value) + type: long + Data_views_get_data_view_response: summary: >- - The import objects API response indicates a successful import and the - objects are created. Since these objects are created as new copies, each - entry in the successResults array includes a destinationId attribute. + The get data view API returns a JSON object that contains information + about the data view. value: - success: true - successCount: 1 - successResults: - - destinationId: 82d2760c-468f-49cf-83aa-b9a35b6a8943 - id: 90943e30-9a47-11e8-b64d-95841ca0b247 - managed: false - meta: - icon: indexPatternApp - title: Kibana Sample Data Logs - type: index-pattern - parameters: - Data_views_field_name: - description: The name of the runtime field. - in: path - name: fieldName - required: true - schema: - example: hour_of_day - type: string - Data_views_kbn_xsrf: - description: Cross-site request forgery protection - in: header - name: kbn-xsrf - required: true - schema: - type: string - Data_views_view_id: - description: An identifier for the data view. - in: path - name: viewId - required: true - schema: - example: ff959d40-b880-11e8-a6d9-e546fe2bba5f - type: string - Fleet_format: - description: Simplified or legacy format for package inputs - in: query - name: format - required: false - schema: - enum: - - simplified - - legacy - type: string - Fleet_kbn_xsrf: - description: Kibana's anti Cross-Site Request Forgery token. Can be any string value. - in: header - name: kbn-xsrf - required: true - schema: - type: string - Fleet_kuery: - in: query - name: kuery - required: false - schema: - type: string - Fleet_page_index: - in: query - name: page - required: false - schema: - default: 1 - type: integer - Fleet_page_size: - description: The number of items to return - in: query - name: perPage - required: false - schema: - default: 20 - type: integer - Fleet_show_inactive: - in: query - name: showInactive - required: false - schema: - type: boolean - Fleet_show_upgradeable: - in: query - name: showUpgradeable - required: false - schema: - type: boolean - Fleet_sort_field: - in: query - name: sortField - required: false - schema: - deprecated: true - type: string - Fleet_sort_order: - in: query - name: sortOrder - required: false - schema: - enum: - - asc - - desc - type: string - Fleet_with_metrics: - description: Return agent metrics, false by default - in: query - name: withMetrics - required: false - schema: - type: boolean - Machine_learning_APIs_simulateParam: - description: >- - When true, simulates the synchronization by returning only the list of - actions that would be performed. - example: 'true' - in: query - name: simulate - required: false - schema: - type: boolean - Serverless_saved_objects_kbn_xsrf: - description: Cross-site request forgery protection - in: header - name: kbn-xsrf - required: true - schema: - type: string - SLOs_kbn_xsrf: - description: Cross-site request forgery protection - in: header - name: kbn-xsrf - required: true - schema: - type: string - SLOs_slo_id: - description: An identifier for the slo. - in: path - name: sloId - required: true - schema: - example: 9c235211-6834-11ea-a78c-6feb38a34414 - type: string - SLOs_space_id: - description: >- - An identifier for the space. If `/s/` and the identifier are omitted - from the path, the default space is used. - in: path - name: spaceId - required: true - schema: - example: default - type: string - responses: - Fleet_error: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - description: Generic Error - schemas: - Data_views_400_response: - title: Bad request - type: object - properties: - error: - example: Bad Request - type: string - message: - type: string - statusCode: - example: 400 - type: number - required: - - statusCode - - error - - message - Data_views_404_response: - type: object - properties: - error: - enum: - - Not Found - example: Not Found - type: string - message: - example: >- - Saved object [index-pattern/caaad6d0-920c-11ed-b36a-874bd1548a00] - not found - type: string - statusCode: - enum: - - 404 - example: 404 - type: integer - Data_views_allownoindex: - description: Allows the data view saved object to exist before the data is available. - type: boolean - Data_views_create_data_view_request_object: - title: Create data view request - type: object - properties: - data_view: - description: The data view object. - type: object - properties: - allowNoIndex: - $ref: '#/components/schemas/Data_views_allownoindex' - fieldAttrs: - additionalProperties: - $ref: '#/components/schemas/Data_views_fieldattrs' - type: object - fieldFormats: - $ref: '#/components/schemas/Data_views_fieldformats' - fields: - type: object - id: - type: string - name: - description: The data view name. - type: string - namespaces: - $ref: '#/components/schemas/Data_views_namespaces' - runtimeFieldMap: - additionalProperties: - $ref: '#/components/schemas/Data_views_runtimefieldmap' - type: object - sourceFilters: - $ref: '#/components/schemas/Data_views_sourcefilters' - timeFieldName: - $ref: '#/components/schemas/Data_views_timefieldname' - title: - $ref: '#/components/schemas/Data_views_title' - type: - $ref: '#/components/schemas/Data_views_type' - typeMeta: - $ref: '#/components/schemas/Data_views_typemeta' - version: - type: string - required: - - title - override: - default: false - description: >- - Override an existing data view if a data view with the provided - title already exists. - type: boolean - required: - - data_view - Data_views_data_view_response_object: - title: Data view response properties - type: object - properties: - data_view: - type: object - properties: - allowNoIndex: - $ref: '#/components/schemas/Data_views_allownoindex' - fieldAttrs: - additionalProperties: - $ref: '#/components/schemas/Data_views_fieldattrs' - type: object - fieldFormats: - $ref: '#/components/schemas/Data_views_fieldformats' - fields: - type: object - id: - example: ff959d40-b880-11e8-a6d9-e546fe2bba5f - type: string - name: - description: The data view name. - type: string - namespaces: - $ref: '#/components/schemas/Data_views_namespaces' - runtimeFieldMap: - additionalProperties: - $ref: '#/components/schemas/Data_views_runtimefieldmap' - type: object - sourceFilters: - $ref: '#/components/schemas/Data_views_sourcefilters' - timeFieldName: - $ref: '#/components/schemas/Data_views_timefieldname' - title: - $ref: '#/components/schemas/Data_views_title' - typeMeta: - $ref: '#/components/schemas/Data_views_typemeta_response' - version: - example: WzQ2LDJd - type: string - Data_views_fieldattrs: - description: A map of field attributes by field name. - type: object - properties: - count: - description: Popularity count for the field. - type: integer - customDescription: - description: Custom description for the field. - maxLength: 300 - type: string - customLabel: - description: Custom label for the field. - type: string - Data_views_fieldformats: - description: A map of field formats by field name. - type: object - Data_views_namespaces: - description: >- - An array of space identifiers for sharing the data view between multiple - spaces. - items: - default: default - type: string - type: array - Data_views_runtimefieldmap: - description: A map of runtime field definitions by field name. - type: object - properties: - script: - type: object - properties: - source: - description: Script for the runtime field. - type: string - type: - description: Mapping type of the runtime field. - type: string - required: - - script - - type - Data_views_sourcefilters: - description: The array of field names you want to filter out in Discover. - items: - type: object - properties: - value: - type: string - required: - - value - type: array - Data_views_swap_data_view_request_object: - title: Data view reference swap request - type: object - properties: - delete: - description: Deletes referenced saved object if all references are removed. - type: boolean - forId: - description: Limit the affected saved objects to one or more by identifier. - oneOf: - - type: string - - items: - type: string - type: array - forType: - description: Limit the affected saved objects by type. - type: string - fromId: - description: The saved object reference to change. - type: string - fromType: - description: > - Specify the type of the saved object reference to alter. The default - value is `index-pattern` for data views. - type: string - toId: - description: New saved object reference value to replace the old value. - type: string - required: - - fromId - - toId - Data_views_timefieldname: - description: The timestamp field name, which you use for time-based data views. - type: string - Data_views_title: - description: >- - Comma-separated list of data streams, indices, and aliases that you want - to search. Supports wildcards (`*`). - type: string - Data_views_type: - description: When set to `rollup`, identifies the rollup data views. - type: string - Data_views_typemeta: - description: >- - When you use rollup indices, contains the field list for the rollup data - view API endpoints. - type: object - properties: - aggs: - description: A map of rollup restrictions by aggregation type and field name. - type: object - params: - description: Properties for retrieving rollup fields. - type: object - required: - - aggs - - params - Data_views_typemeta_response: - description: >- - When you use rollup indices, contains the field list for the rollup data - view API endpoints. - nullable: true - type: object - properties: - aggs: - description: A map of rollup restrictions by aggregation type and field name. - type: object - params: - description: Properties for retrieving rollup fields. - type: object - Data_views_update_data_view_request_object: - title: Update data view request - type: object - properties: data_view: - description: > - The data view properties you want to update. Only the specified - properties are updated in the data view. Unspecified fields stay as - they are persisted. - type: object - properties: - allowNoIndex: - $ref: '#/components/schemas/Data_views_allownoindex' - fieldFormats: - $ref: '#/components/schemas/Data_views_fieldformats' - fields: - type: object - name: - type: string - runtimeFieldMap: - additionalProperties: - $ref: '#/components/schemas/Data_views_runtimefieldmap' - type: object - sourceFilters: - $ref: '#/components/schemas/Data_views_sourcefilters' - timeFieldName: - $ref: '#/components/schemas/Data_views_timefieldname' - title: - $ref: '#/components/schemas/Data_views_title' - type: - $ref: '#/components/schemas/Data_views_type' - typeMeta: - $ref: '#/components/schemas/Data_views_typemeta' - refresh_fields: - default: false - description: Reloads the data view fields after the data view is updated. - type: boolean - required: - - data_view - Fleet_agent: - title: Agent - type: object - properties: - access_api_key: - type: string - access_api_key_id: - type: string - active: - type: boolean - components: - items: - $ref: '#/components/schemas/Fleet_agent_component' - type: array - default_api_key: - type: string - default_api_key_id: - type: string - enrolled_at: - type: string - id: - type: string - last_checkin: - type: string - local_metadata: - $ref: '#/components/schemas/Fleet_agent_metadata' - metrics: - type: object - properties: - cpu_avg: - description: >- - Average agent CPU usage during the last 5 minutes, number - between 0-1 - type: number - memory_size_byte_avg: - description: Average agent memory consumption during the last 5 minutes - type: number - policy_id: - type: string - policy_revision: - type: number - status: - $ref: '#/components/schemas/Fleet_agent_status' - type: - $ref: '#/components/schemas/Fleet_agent_type' - unenrolled_at: - type: string - unenrollment_started_at: - type: string - user_provided_metadata: - $ref: '#/components/schemas/Fleet_agent_metadata' - required: - - type - - active - - enrolled_at - - id - - status - Fleet_agent_action: - oneOf: - - properties: - ack_data: - type: string - data: - type: string - type: - enum: - - UNENROLL - - UPGRADE - - POLICY_REASSIGN - type: string - - properties: - data: - type: object - properties: - log_level: - enum: - - debug - - info - - warning - - error - nullable: true - type: string - type: + allowNoIndex: false + fieldAttrs: + products.manufacturer: + count: 1 + products.price: + count: 1 + products.product_name: + count: 1 + total_quantity: + count: 1 + fieldFormats: + products.base_price: + id: number + params: + pattern: $0,0.00 + products.base_unit_price: + id: number + params: + pattern: $0,0.00 + products.min_price: + id: number + params: + pattern: $0,0.00 + products.price: + id: number + params: + pattern: $0,0.00 + products.taxful_price: + id: number + params: + pattern: $0,0.00 + products.taxless_price: + id: number + params: + pattern: $0,0.00 + taxful_total_price: + id: number + params: + pattern: $0,0.[00] + taxless_total_price: + id: number + params: + pattern: $0,0.00 + fields: + _id: + aggregatable: false + count: 0 + esTypes: + - _id + format: + id: string + isMapped: true + name: _id + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false type: string - title: Agent action - Fleet_agent_component: - title: Agent component - type: object - properties: - id: - type: string - message: - type: string - status: - $ref: '#/components/schemas/Fleet_agent_component_status' - type: - type: string - units: - items: - $ref: '#/components/schemas/Fleet_agent_component_unit' - type: array - Fleet_agent_component_status: - enum: - - starting - - configuring - - healthy - - degraded - - failed - - stopping - - stopped - title: Agent component status - type: string - Fleet_agent_component_unit: - title: Agent component unit - type: object - properties: - id: - type: string - message: - type: string - payload: - type: object - status: - $ref: '#/components/schemas/Fleet_agent_component_status' - type: - $ref: '#/components/schemas/Fleet_agent_component_unit_type' - Fleet_agent_component_unit_type: - enum: - - input - - output - title: Agent component unit type - type: string - Fleet_agent_diagnostics: - title: Agent diagnostics - type: object - properties: - actionId: - type: string - createTime: - type: string - filePath: - type: string - id: - type: string - name: - type: string - status: - enum: - - READY - - AWAITING_UPLOAD - - DELETED - - IN_PROGRESS - required: - - id - - name - - createTime - - filePath - - actionId - - status - Fleet_agent_get_by_actions: - items: - items: - type: string - type: array - title: Agents get by action ids - type: array - Fleet_agent_metadata: - title: Agent metadata - type: object - Fleet_agent_policy: - title: Agent Policy - type: object - properties: - advanced_settings: - description: >- - Advanced settings stored in the agent policy, e.g. - agent_limits_go_max_procs - nullable: true - type: object - agent_features: - items: - type: object - properties: - enabled: - type: boolean - name: - type: string - required: - - name - - enabled - type: array - agents: - type: number - data_output_id: - nullable: true - type: string - description: - type: string - download_source_id: - nullable: true - type: string - fleet_server_host_id: - nullable: true - type: string - global_data_tags: - items: - additionalProperties: - oneOf: - - type: string - - type: number - description: >- - User defined data tags that are added to all of the inputs. The - values can be strings or numbers. - type: object - type: array - id: - type: string - inactivity_timeout: - type: integer - is_protected: - description: >- - Indicates whether the agent policy has tamper protection enabled. - Default false. - type: boolean - keep_monitoring_alive: - description: >- - When set to true, monitoring will be enabled but logs/metrics - collection will be disabled - nullable: true - type: boolean - monitoring_diagnostics: - type: object - properties: - limit: - type: object - properties: - burst: - type: number - interval: - type: string - uploader: - type: object - properties: - init_dur: - type: string - max_dur: - type: string - max_retries: - type: number - monitoring_enabled: - items: - enum: - - metrics - - logs - type: string - type: array - monitoring_http: - type: object - properties: - enabled: - type: boolean - host: + _index: + aggregatable: true + count: 0 + esTypes: + - _index + format: + id: string + isMapped: true + name: _index + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false type: string - port: + _score: + aggregatable: false + count: 0 + format: + id: number + isMapped: true + name: _score + readFromDocValues: false + scripted: false + searchable: false + shortDotsEnable: false type: number - required: - - enabled - monitoring_output_id: - nullable: true - type: string - monitoring_pprof_enabled: - type: boolean - name: - type: string - namespace: - type: string - overrides: - description: >- - Override settings that are defined in the agent policy. Input - settings cannot be overridden. The override option should be used - only in unusual circumstances and not as a routine procedure. - nullable: true - type: object - package_policies: - description: >- - This field is present only when retrieving a single agent policy, or - when retrieving a list of agent policies with the ?full=true - parameter - items: - $ref: '#/components/schemas/Fleet_package_policy' - type: array - revision: - type: number - supports_agentless: - description: >- - Indicates whether the agent policy supports agentless integrations. - Only allowed in a serverless environment. - type: boolean - unenroll_timeout: - type: integer - unprivileged_agents: - type: number - updated_by: - type: string - updated_on: - format: date-time - type: string - required: - - id - - status - - name - - namespace - Fleet_agent_policy_create_request: - title: Create agent policy request - type: object - properties: - agent_features: - items: - type: object - properties: - enabled: - type: boolean - name: - type: string - required: - - name - - enabled - type: array - data_output_id: - nullable: true - type: string - description: - type: string - download_source_id: - nullable: true - type: string - fleet_server_host_id: - nullable: true - type: string - force: - description: Force agent policy creation even if packages are not verified. - type: boolean - global_data_tags: - items: - additionalProperties: - oneOf: - - type: string - - type: number - description: >- - User defined data tags that are added to all of the inputs. The - values can be strings or numbers. - type: object - type: array - id: - type: string - inactivity_timeout: - type: integer - is_protected: - type: boolean - monitoring_enabled: - items: - enum: - - metrics - - logs - type: string - type: array - monitoring_output_id: - nullable: true - type: string - name: - type: string - namespace: - type: string - unenroll_timeout: - type: integer - required: - - name - - namespace - Fleet_agent_policy_full: - oneOf: - - type: object - properties: - item: - type: string - - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_full_agent_policy' - title: Agent policy full response - type: object - Fleet_agent_policy_update_request: - title: Update agent policy request - type: object - properties: - agent_features: - items: - type: object - properties: - enabled: - type: boolean - name: - type: string - required: - - name - - enabled - type: array - data_output_id: - nullable: true - type: string - description: - type: string - download_source_id: - nullable: true - type: string - fleet_server_host_id: - nullable: true - type: string - force: - description: Force agent policy creation even if packages are not verified. - type: boolean - global_data_tags: - items: - additionalProperties: - oneOf: - - type: string - - type: number - description: >- - User defined data tags that are added to all of the inputs. The - values can be strings or numbers. - type: object - type: array - inactivity_timeout: - type: integer - is_protected: - type: boolean - monitoring_enabled: - items: - enum: - - metrics - - logs - type: string - type: array - monitoring_output_id: - nullable: true - type: string - name: - type: string - namespace: - type: string - unenroll_timeout: - type: integer - required: - - name - - namespace - Fleet_agent_status: - enum: - - offline - - error - - online - - inactive - - warning - title: Elastic Agent status - type: string - Fleet_agent_type: - enum: - - PERMANENT - - EPHEMERAL - - TEMPORARY - title: Agent type - type: string - Fleet_bulk_install_packages_response: - title: Bulk install packages response - type: object - properties: - items: - items: - type: object - properties: - name: - type: string - version: - type: string - type: array - response: - deprecated: true - items: - type: object - properties: - name: - type: string - version: - type: string - type: array - required: - - items - Fleet_bulk_upgrade_agents: - title: Bulk upgrade agents - type: object - properties: - agents: - oneOf: - - description: KQL query string, leave empty to action all agents - type: string - - description: list of agent IDs - items: - type: string - type: array - force: - description: Force upgrade, skipping validation (should be used with caution) - type: boolean - rollout_duration_seconds: - description: rolling upgrade window duration in seconds - type: number - skipRateLimitCheck: - description: Skip rate limit check for upgrade - type: boolean - source_uri: - description: alternative upgrade binary download url - type: string - start_time: - description: start time of upgrade in ISO 8601 format - type: string - version: - description: version to upgrade to - type: string - required: - - agents - - version - Fleet_data_stream: - title: Data stream - type: object - properties: - dashboard: - items: - type: object - properties: - id: - type: string - title: - type: string - type: array - dataset: - type: string - index: - type: string - last_activity_ms: - type: number - namespace: - type: string - package: - type: string - package_version: - type: string - size_in_bytes: - type: number - size_in_bytes_formatted: - type: string - type: - type: string - Fleet_download_sources: - title: Download Source - type: object - properties: - host: - type: string - id: - type: string - is_default: - type: boolean - name: - type: string - proxy_id: - description: >- - The ID of the proxy to use for this download source. See the proxies - API for more information. - nullable: true - type: string - required: - - is_default - - name - - host - Fleet_elasticsearch_asset_type: - enum: - - component_template - - ingest_pipeline - - index_template - - ilm_policy - - transform - - data_stream_ilm_policy - title: Elasticsearch asset type - type: string - Fleet_enrollment_api_key: - title: Enrollment API key - type: object - properties: - active: - description: >- - When false, the enrollment API key is revoked and cannot be used for - enrolling Elastic Agents. - type: boolean - api_key: - description: The enrollment API key (token) used for enrolling Elastic Agents. - type: string - api_key_id: - description: The ID of the API key in the Security API. - type: string - created_at: - type: string - id: - type: string - name: - description: The name of the enrollment API key. - type: string - policy_id: - description: The ID of the agent policy the Elastic Agent will be enrolled in. - type: string - required: - - id - - api_key_id - - api_key - - active - - created_at - Fleet_fleet_server_host: - title: Fleet Server Host - type: object - properties: - host_urls: - items: - type: string - type: array - id: - type: string - is_default: - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - name: - type: string - proxy_id: - type: string - required: - - fleet_server_hosts - - id - - is_default - - is_preconfigured - - host_urls - Fleet_fleet_settings_response: - title: Fleet settings response - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_settings' - required: - - item - Fleet_fleet_setup_response: - title: Fleet Setup response - type: object - properties: - isInitialized: - type: boolean - nonFatalErrors: - items: - type: object - properties: - message: - type: string - name: - type: string - required: - - name - - message - type: array - required: - - isInitialized - - nonFatalErrors - Fleet_fleet_status_response: - title: Fleet status response - type: object - properties: - isReady: - type: boolean - missing_optional_features: - items: - enum: - - encrypted_saved_object_encryption_key_required - type: string - type: array - missing_requirements: - items: - enum: - - tls_required - - api_keys - - fleet_admin_user - - fleet_server - type: string - type: array - package_verification_key_id: - type: string - required: - - isReady - - missing_requirements - - missing_optional_features - Fleet_full_agent_policy: - title: Full agent policy - type: object - properties: - agent: - nullable: true - type: string - fleet: - oneOf: - - type: object - properties: - hosts: - items: - type: string - type: array - proxy_headers: {} - proxy_url: - type: string - ssl: - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - renegotiation: - type: string - verification_mode: - type: string - - type: object - properties: - kibana: - type: object - properties: - hosts: - items: - type: string - type: array - path: - type: string - protocol: - type: string - id: - type: string - inputs: - type: string - monitoring: - type: object - properties: - diagnostics: - type: object - properties: - limit: - type: object - properties: - burst: - type: number - interval: - type: string - uploader: - type: object - properties: - init_dur: - type: string - max_dur: - type: string - max_retries: - type: number - enabled: - type: boolean - http: - type: object - properties: - enabled: - type: boolean - host: - type: string - port: - type: number - required: - - enabled - logs: - type: boolean - metrics: - type: boolean - namespace: + _source: + aggregatable: false + count: 0 + esTypes: + - _source + format: + id: _source + isMapped: true + name: _source + readFromDocValues: false + scripted: false + searchable: false + shortDotsEnable: false + type: _source + category: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: category + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false type: string - pprof: - type: object - properties: - enabled: - type: boolean - required: - - enabled - traces: - type: boolean - use_output: + category.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: category.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: category type: string - required: - - enabled - - metrics - - logs - - traces - output_permissions: - additionalProperties: - type: object - properties: - data: - $ref: >- - #/components/schemas/Fleet_full_agent_policy_output_permissions - output: - type: integer - type: object - outputs: - additionalProperties: - $ref: '#/components/schemas/Fleet_full_agent_policy_output' - type: object - revision: - type: number - secret_references: - items: - type: object - properties: - id: - type: string - type: array - required: - - id - - outputs - - inputs - Fleet_full_agent_policy_input: - allOf: - - additionalProperties: true - type: object - properties: - data_stream: - type: object - properties: - namespace: - type: string - required: - - namespace - id: + currency: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: currency + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: string - meta: - additionalProperties: true - type: object - properties: - package: - type: object - properties: - name: - type: string - version: - type: string - required: - - name - - version - name: + customer_birth_date: + aggregatable: true + count: 0 + esTypes: + - date + format: + id: date + isMapped: true + name: customer_birth_date + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: date + customer_first_name: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: customer_first_name + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false type: string - revision: - type: number - streams: - $ref: '#/components/schemas/Fleet_full_agent_policy_input_stream' - type: + customer_first_name.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_first_name.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: customer_first_name + type: string + customer_full_name: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: customer_full_name + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false type: string - use_output: + customer_full_name.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_full_name.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: customer_full_name type: string - required: - - id - - name - - revision - - type - - data_stream - - use_output - title: Full agent policy input - Fleet_full_agent_policy_input_stream: - allOf: - - additionalProperties: true - type: object - properties: - data_stream: - type: object - properties: - dataset: - type: string - type: - type: string - required: - - dataset - - type - id: + customer_gender: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_gender + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: string - required: - - id - - data_stream - title: Full agent policy input stream - Fleet_full_agent_policy_output: - title: Full agent policy - type: object - properties: - additionalProperties: - type: object - properties: - text: {} - ca_sha256: - nullable: true - type: string - hosts: - items: - type: string - type: array - proxy_headers: {} - proxy_url: - type: string - type: {} - required: - - type - - hosts - - ca_sha256 - Fleet_full_agent_policy_output_permissions: - additionalProperties: - type: object - properties: - data: - type: object - properties: - cluster: - items: - type: string - type: array - indices: - items: - type: object - properties: - names: - items: - type: string - type: array - privileges: - items: - type: string - type: array - type: array - packagePolicyName: - type: string - title: Full agent policy output permissions - Fleet_get_agent_tags_response: - title: Get Agent Tags response - type: object - properties: - items: - items: - type: string - type: array - Fleet_get_agents_response: - title: Get Agent response - type: object - properties: - items: - items: - $ref: '#/components/schemas/Fleet_agent' - type: array - list: - deprecated: true - items: - $ref: '#/components/schemas/Fleet_agent' - type: array - page: - type: number - perPage: - type: number - statusSummary: - type: object - properties: - degraded': - type: number - enrolling: - type: number - error: - type: number - inactive: - type: number - offline: - type: number - online: - type: number - unenrolled: - type: number - unenrolling: - type: number - updating: + customer_id: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_id + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_last_name: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: customer_last_name + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_last_name.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_last_name.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: customer_last_name + type: string + customer_phone: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_phone + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + day_of_week: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: day_of_week + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + day_of_week_i: + aggregatable: true + count: 0 + esTypes: + - integer + format: + id: number + isMapped: true + name: day_of_week_i + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: number - total: - type: number - required: - - items - - total - - page - - perPage - Fleet_get_bulk_assets_response: - deprecated: true - properties: - items: - items: - type: object - properties: - appLink: - type: string - attributes: - type: object - properties: - description: - type: string - title: - type: string - id: - type: string - type: - $ref: '#/components/schemas/Fleet_saved_object_type' - updatedAt: - type: string - type: array - required: - - items - title: Bulk get assets response - type: object - Fleet_get_categories_response: - title: Get categories response - type: object - properties: - items: - items: - type: object - properties: - count: - type: number - id: - type: string - title: - type: string - required: - - id - - title - - count - type: array - response: - items: - deprecated: true - type: object - properties: - count: - type: number - id: - type: string - title: - type: string - required: - - id - - title - - count - type: array - required: - - items - Fleet_get_packages_response: - title: Get Packages response - type: object - properties: - items: - items: - $ref: '#/components/schemas/Fleet_search_result' - type: array - response: - deprecated: true - items: - $ref: '#/components/schemas/Fleet_search_result' - type: array - required: - - items - Fleet_installation_info: - title: Installation info object - type: object - properties: - created_at: - type: string - experimental_data_stream_features: - type: array - properties: - data_stream: + email: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: email + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: string - features: - type: object - properties: - doc_value_only_numeric: - nullable: true - type: boolean - doc_value_only_other: - nullable: true - type: boolean - synthetic_source: - nullable: true - type: boolean - tsdb: - nullable: true - type: boolean - install_format_schema_version: - type: string - install_kibana_space_id: - type: string - install_source: - enum: - - registry - - upload - - bundled - type: string - install_status: - enum: - - installed - - installing - - install_failed - type: string - installed_es: - type: object - properties: - deferred: - type: boolean - id: + event.dataset: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: event.dataset + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + geoip.city_name: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: geoip.city_name + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + geoip.continent_name: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: geoip.continent_name + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + geoip.country_iso_code: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: geoip.country_iso_code + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + geoip.location: + aggregatable: true + count: 0 + esTypes: + - geo_point + format: + id: geo_point + params: + transform: wkt + isMapped: true + name: geoip.location + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: geo_point + geoip.region_name: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: geoip.region_name + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + manufacturer: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: manufacturer + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false type: string - type: - $ref: '#/components/schemas/Fleet_elasticsearch_asset_type' - installed_kibana: - type: object - properties: - id: + manufacturer.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: manufacturer.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: manufacturer type: string - type: - $ref: '#/components/schemas/Fleet_kibana_saved_object_type' - latest_executed_state: - description: Latest successfully executed state in package install state machine - type: object - properties: - error: + order_date: + aggregatable: true + count: 0 + esTypes: + - date + format: + id: date + isMapped: true + name: order_date + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: date + order_id: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: order_id + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: string - name: - enum: - - create_restart_installation - - install_kibana_assets - - install_ilm_policies - - install_ml_model - - install_index_template_pipelines - - remove_legacy_templates - - update_current_write_indices - - install_transforms - - delete_previous_pipelines - - save_archive_entries_from_assets_map - - update_so + products._id: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: products._id + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false type: string - started_at: + products._id.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: products._id.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: products._id type: string - latest_install_failed_attempts: - description: Latest failed install errors - items: - type: object - properties: - created_at: - type: string - error: - type: object - properties: - message: - type: string - name: - type: string - stack: - type: string - target_version: - type: string - type: array - name: - type: string - namespaces: - items: - type: string - type: array - type: - type: string - updated_at: - type: string - verification_key_id: - nullable: true - type: string - verification_status: - enum: - - verified - - unverified - - unknown - type: string - version: - type: string - required: - - installed_kibana - - installed_es - - name - - version - - install_status - - install_version - - install_started_at - - install_source - - verification_status - - latest_install_failed_attempts - Fleet_kibana_saved_object_type: - enum: - - dashboard - - visualization - - search - - index-pattern - - map - - lens - - ml-module - - security-rule - - csp_rule_template - title: Kibana saved object asset type - type: string - Fleet_new_package_policy: - description: '' - properties: - description: - type: string - enabled: - type: boolean - inputs: - items: - type: object - properties: - config: - type: object - enabled: - type: boolean - processors: - items: - type: string - type: array - streams: - items: {} - type: array - type: - type: string - vars: - type: object - required: - - type - - enabled - type: array - name: - type: string - namespace: - type: string - output_id: - type: string - overrides: - type: object - package: - type: object - properties: - name: + products.base_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: products.base_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.base_unit_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: products.base_unit_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.category: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: products.category + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false type: string - requires_root: - type: boolean - title: + products.category.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: products.category.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: products.category type: string - version: + products.created_on: + aggregatable: true + count: 0 + esTypes: + - date + format: + id: date + isMapped: true + name: products.created_on + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: date + products.discount_amount: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + isMapped: true + name: products.discount_amount + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.discount_percentage: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + isMapped: true + name: products.discount_percentage + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.manufacturer: + aggregatable: false + count: 1 + esTypes: + - text + format: + id: string + isMapped: true + name: products.manufacturer + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false type: string - required: - - name - - version - policy_id: - deprecated: true - nullable: true - type: string - policy_ids: - items: - type: string - type: array - required: - - inputs - - name - title: New package policy - type: object - Fleet_output_create_request: - discriminator: - mapping: - elasticsearch: '#/components/schemas/Fleet_output_create_request_elasticsearch' - kafka: '#/components/schemas/Fleet_output_create_request_kafka' - logstash: '#/components/schemas/Fleet_output_create_request_logstash' - remote_elasticsearch: >- - #/components/schemas/Fleet_output_create_request_remote_elasticsearch - propertyName: type - oneOf: - - $ref: '#/components/schemas/Fleet_output_create_request_elasticsearch' - - $ref: '#/components/schemas/Fleet_output_create_request_kafka' - - $ref: '#/components/schemas/Fleet_output_create_request_logstash' - - $ref: >- - #/components/schemas/Fleet_output_create_request_remote_elasticsearch - title: Output - Fleet_output_create_request_elasticsearch: - title: elasticsearch - type: object - properties: - ca_sha256: - type: string - ca_trusted_fingerprint: - type: string - config: - type: object - config_yaml: - type: string - hosts: - items: - type: string - type: array - id: - type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: - type: boolean - name: - type: string - preset: - enum: - - balanced - - custom - - throughput - - scale - - latency - type: string - proxy_id: - type: string - shipper: - type: object - properties: - compression_level: + products.manufacturer.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: products.manufacturer.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: products.manufacturer + type: string + products.min_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: products.min_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: number - disk_queue_compression_enabled: - type: boolean - disk_queue_enabled: - type: boolean - disk_queue_encryption_enabled: - type: boolean - disk_queue_max_size: + products.price: + aggregatable: true + count: 1 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: products.price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.product_id: + aggregatable: true + count: 0 + esTypes: + - long + format: + id: number + isMapped: true + name: products.product_id + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: number - disk_queue_path: + products.product_name: + aggregatable: false + count: 1 + esTypes: + - text + format: + id: string + isMapped: true + name: products.product_name + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false type: string - loadbalance: - type: boolean - ssl: - type: object - properties: - certificate: + products.product_name.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: products.product_name.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: products.product_name type: string - certificate_authorities: - items: - type: string - type: array - key: + products.quantity: + aggregatable: true + count: 0 + esTypes: + - integer + format: + id: number + isMapped: true + name: products.quantity + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.sku: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: products.sku + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: string - type: - enum: - - elasticsearch - type: string - required: - - name - Fleet_output_create_request_kafka: - title: kafka - type: object - properties: - auth_type: - type: string - broker_timeout: - type: number - ca_sha256: - type: string - ca_trusted_fingerprint: - type: string - client_id: - type: string - compression: - type: string - compression_level: - type: number - config: - type: object - config_yaml: - type: string - connection_type: - enum: - - plaintext - - encryption - type: string - headers: - items: - type: object - properties: - key: - type: string - value: - type: string - type: array - hosts: - items: - type: string - type: array - id: - type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: - type: boolean - key: - type: string - name: - type: string - partition: - type: string - password: - type: string - proxy_id: - type: string - random: - type: object - properties: - group_events: + products.tax_amount: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + isMapped: true + name: products.tax_amount + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.taxful_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: products.taxful_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.taxless_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: products.taxless_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: number - required_acks: - type: number - round_robin: - type: object - properties: - group_events: + products.unit_discount_amount: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + isMapped: true + name: products.unit_discount_amount + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: number - sasl: - type: object - properties: - mechanism: - type: string - secrets: - type: object - properties: - password: + sku: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: sku + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: string - ssl: - type: object - properties: - key: - type: string - shipper: - type: object - properties: - compression_level: + taxful_total_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.[00] + isMapped: true + name: taxful_total_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: number - disk_queue_compression_enabled: - type: boolean - disk_queue_enabled: - type: boolean - disk_queue_encryption_enabled: - type: boolean - disk_queue_max_size: + taxless_total_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: taxless_total_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + total_quantity: + aggregatable: true + count: 1 + esTypes: + - integer + format: + id: number + isMapped: true + name: total_quantity + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + total_unique_products: + aggregatable: true + count: 0 + esTypes: + - integer + format: + id: number + isMapped: true + name: total_unique_products + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: number - disk_queue_path: + type: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: type + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: string - loadbalance: - type: boolean - ssl: - type: object - properties: - certificate: + user: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: user + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: string - certificate_authorities: - items: - type: string - type: array - key: + id: ff959d40-b880-11e8-a6d9-e546fe2bba5f + name: Kibana Sample Data eCommerce + namespaces: + - default + runtimeFieldMap: {} + sourceFilters: [] + timeFieldName: order_date + title: kibana_sample_data_ecommerce + typeMeta: {} + version: WzUsMV0= + Data_views_get_data_views_response: + summary: The get all data views API returns a list of data views. + value: + data_view: + - id: ff959d40-b880-11e8-a6d9-e546fe2bba5f + name: Kibana Sample Data eCommerce + namespaces: + - default + title: kibana_sample_data_ecommerce + typeMeta: {} + - id: d3d7af60-4c81-11e8-b3d7-01146121b73d + name: Kibana Sample Data Flights + namespaces: + - default + title: kibana_sample_data_flights + - id: 90943e30-9a47-11e8-b64d-95841ca0b247 + name: Kibana Sample Data Logs + namespaces: + - default + title: kibana_sample_data_logs + Data_views_get_default_data_view_response: + summary: The get default data view API returns the default data view identifier. + value: + data_view_id: ff959d40-b880-11e8-a6d9-e546fe2bba5f + Data_views_get_runtime_field_response: + summary: >- + The get runtime field API returns a JSON object that contains + information about the runtime field (`hour_of_day`) and the data view + (`d3d7af60-4c81-11e8-b3d7-01146121b73d`). + value: + data_view: + allowNoIndex: false + fieldAttrs: {} + fieldFormats: + AvgTicketPrice: + id: number + params: + pattern: $0,0.[00] + hour_of_day: + id: number + params: + pattern: '00' + fields: + _id: + aggregatable: false + count: 0 + esTypes: + - _id + format: + id: string + isMapped: true + name: _id + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false type: string - verification_mode: - enum: - - none - - full - - certificate - - strict + _index: + aggregatable: true + count: 0 + esTypes: + - _index + format: + id: string + isMapped: true + name: _index + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false type: string - timeout: - type: number - topic: - type: string - topics: - deprecated: true - description: Use topic instead. - items: - type: object - properties: - topic: - type: string - when: - deprecated: true - description: >- - Deprecated, kafka output do not support conditionnal topics - anymore. - type: object - properties: - condition: - type: string - type: - type: string - type: array - type: - enum: - - kafka - type: string - username: - type: string - version: - type: string - required: - - name - - type - - topics - - auth_type - - hosts - Fleet_output_create_request_logstash: - title: logstash - type: object - properties: - ca_sha256: - type: string - ca_trusted_fingerprint: - type: string - config: - type: object - config_yaml: - type: string - hosts: - items: - type: string - type: array - id: - type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: - type: boolean - name: - type: string - proxy_id: - type: string - secrets: - type: object - properties: - ssl: - type: object - properties: - key: - type: string - shipper: - type: object - properties: - compression_level: + _score: + aggregatable: false + count: 0 + format: + id: number + isMapped: true + name: _score + readFromDocValues: false + scripted: false + searchable: false + shortDotsEnable: false type: number - disk_queue_compression_enabled: - type: boolean - disk_queue_enabled: - type: boolean - disk_queue_encryption_enabled: + _source: + aggregatable: false + count: 0 + esTypes: + - _source + format: + id: _source + isMapped: true + name: _source + readFromDocValues: false + scripted: false + searchable: false + shortDotsEnable: false + type: _source + AvgTicketPrice: + aggregatable: true + count: 0 + esTypes: + - float + format: + id: number + params: + pattern: $0,0.[00] + isMapped: true + name: AvgTicketPrice + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + Cancelled: + aggregatable: true + count: 0 + esTypes: + - boolean + format: + id: boolean + isMapped: true + name: Cancelled + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: boolean - disk_queue_max_size: + Carrier: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: Carrier + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + dayOfWeek: + aggregatable: true + count: 0 + esTypes: + - integer + format: + id: number + isMapped: true + name: dayOfWeek + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: number - disk_queue_path: + Dest: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: Dest + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: string - loadbalance: - type: boolean - ssl: - type: object - properties: - certificate: + DestAirportID: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: DestAirportID + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: string - certificate_authorities: - items: - type: string - type: array - key: + DestCityName: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: DestCityName + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: string - type: - enum: - - logstash - type: string - required: - - name - - hosts - - type - Fleet_output_create_request_remote_elasticsearch: - title: remote_elasticsearch - type: object - properties: - hosts: - items: - type: string - type: array - id: - type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: - type: boolean - name: - type: string - secrets: - type: object - properties: - service_token: + DestCountry: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: DestCountry + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: string - service_token: - type: string - type: - enum: - - remote_elasticsearch - type: string - required: - - name - Fleet_output_update_request: - discriminator: - mapping: - elasticsearch: '#/components/schemas/Fleet_output_update_request_elasticsearch' - kafka: '#/components/schemas/Fleet_output_update_request_kafka' - logstash: '#/components/schemas/Fleet_output_update_request_logstash' - propertyName: type - oneOf: - - $ref: '#/components/schemas/Fleet_output_update_request_elasticsearch' - - $ref: '#/components/schemas/Fleet_output_update_request_kafka' - - $ref: '#/components/schemas/Fleet_output_update_request_logstash' - title: Output - Fleet_output_update_request_elasticsearch: - title: elasticsearch - type: object - properties: - ca_sha256: - type: string - ca_trusted_fingerprint: - type: string - config: - type: object - config_yaml: - type: string - hosts: - items: - type: string - type: array - id: - type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: - type: boolean - name: - type: string - preset: - enum: - - balanced - - custom - - throughput - - scale - - latency - type: string - proxy_id: - type: string - shipper: - type: object - properties: - compression_level: + DestLocation: + aggregatable: true + count: 0 + esTypes: + - geo_point + format: + id: geo_point + params: + transform: wkt + isMapped: true + name: DestLocation + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: geo_point + DestRegion: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: DestRegion + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DestWeather: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: DestWeather + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DistanceKilometers: + aggregatable: true + count: 0 + esTypes: + - float + format: + id: number + isMapped: true + name: DistanceKilometers + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: number - disk_queue_compression_enabled: - type: boolean - disk_queue_enabled: - type: boolean - disk_queue_encryption_enabled: + DistanceMiles: + aggregatable: true + count: 0 + esTypes: + - float + format: + id: number + isMapped: true + name: DistanceMiles + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + FlightDelay: + aggregatable: true + count: 0 + esTypes: + - boolean + format: + id: boolean + isMapped: true + name: FlightDelay + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: boolean - disk_queue_max_size: + FlightDelayMin: + aggregatable: true + count: 0 + esTypes: + - integer + format: + id: number + isMapped: true + name: FlightDelayMin + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: number - disk_queue_path: + FlightDelayType: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: FlightDelayType + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: string - loadbalance: - type: boolean - ssl: - type: object - properties: - certificate: + FlightNum: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: FlightNum + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: string - certificate_authorities: - items: - type: string - type: array - key: + FlightTimeHour: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: FlightTimeHour + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: string - type: - enum: - - elasticsearch - type: string - required: - - name - - hosts - - type - Fleet_output_update_request_kafka: - title: kafka - type: object - properties: - auth_type: - type: string - broker_timeout: - type: number - ca_sha256: - type: string - ca_trusted_fingerprint: - type: string - client_id: - type: string - compression: - type: string - compression_level: - type: number - config: - type: object - config_yaml: - type: string - connection_type: - enum: - - plaintext - - encryption - type: string - headers: - items: - type: object - properties: - key: - type: string - value: - type: string - type: array - hosts: - items: - type: string - type: array - id: - type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: - type: boolean - key: - type: string - name: - type: string - partition: - type: string - password: - type: string - proxy_id: - type: string - random: - type: object - properties: - group_events: + FlightTimeMin: + aggregatable: true + count: 0 + esTypes: + - float + format: + id: number + isMapped: true + name: FlightTimeMin + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: number - required_acks: - type: number - round_robin: - type: object - properties: - group_events: + hour_of_day: + aggregatable: true + count: 0 + esTypes: + - long + format: + id: number + params: + pattern: '00' + name: hour_of_day + readFromDocValues: false + runtimeField: + script: + source: emit(doc['timestamp'].value.getHour()); + type: long + scripted: false + searchable: true + shortDotsEnable: false type: number - sasl: - type: object - properties: - mechanism: + Origin: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: Origin + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: string - shipper: - type: object - properties: - compression_level: - type: number - disk_queue_compression_enabled: - type: boolean - disk_queue_enabled: - type: boolean - disk_queue_encryption_enabled: - type: boolean - disk_queue_max_size: - type: number - disk_queue_path: + OriginAirportID: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: OriginAirportID + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: string - loadbalance: - type: boolean - ssl: - type: object - properties: - certificate: + OriginCityName: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: OriginCityName + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: string - certificate_authorities: - items: - type: string - type: array - key: + OriginCountry: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: OriginCountry + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: string - verification_mode: - enum: - - none - - full - - certificate - - strict + OriginLocation: + aggregatable: true + count: 0 + esTypes: + - geo_point + format: + id: geo_point + params: + transform: wkt + isMapped: true + name: OriginLocation + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: geo_point + OriginRegion: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: OriginRegion + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: string - timeout: - type: number - topic: - type: string - topics: - deprecated: true - description: Use topic instead. - items: - type: object - properties: - topic: - type: string - when: - deprecated: true - description: >- - Deprecated, kafka output do not support conditionnal topics - anymore. - type: object - properties: - condition: - type: string - type: - type: string - type: array - type: - enum: - - kafka - type: string - username: + OriginWeather: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: OriginWeather + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + timestamp: + aggregatable: true + count: 0 + esTypes: + - date + format: + id: date + isMapped: true + name: timestamp + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: date + id: d3d7af60-4c81-11e8-b3d7-01146121b73d + name: Kibana Sample Data Flights + runtimeFieldMap: + hour_of_day: + script: + source: emit(doc['timestamp'].value.getHour()); + type: long + sourceFilters: [] + timeFieldName: timestamp + title: kibana_sample_data_flights + version: WzM2LDJd + fields: + - aggregatable: true + count: 0 + esTypes: + - long + name: hour_of_day + readFromDocValues: false + runtimeField: + script: + source: emit(doc['timestamp'].value.getHour()); + type: long + scripted: false + searchable: true + shortDotsEnable: false + type: number + Data_views_preview_swap_data_view_request: + summary: Preview swapping references from data view ID "abcd-efg" to "xyz-123". + value: + fromId: abcd-efg + toId: xyz-123 + Data_views_set_default_data_view_request: + summary: Set the default data view identifier. + value: + data_view_id: ff959d40-b880-11e8-a6d9-e546fe2bba5f + force: true + Data_views_swap_data_view_request: + summary: >- + Swap references from data view ID "abcd-efg" to "xyz-123" and remove the + data view that is no longer referenced. + value: + delete: true + fromId: abcd-efg + toId: xyz-123 + Data_views_update_data_view_request: + summary: Update some properties for a data view. + value: + data_view: + allowNoIndex: false + name: Kibana Sample Data eCommerce + timeFieldName: order_date + title: kibana_sample_data_ecommerce + refresh_fields: true + Data_views_update_field_metadata_request: + summary: Update metadata for multiple fields. + value: + fields: + field1: + count: 123 + customLabel: Field 1 label + field2: + customDescription: Field 2 description + customLabel: Field 2 label + Data_views_update_runtime_field_request: + summary: Update an existing runtime field on a data view. + value: + runtimeField: + script: + source: emit(doc["bar"].value) + Machine_learning_APIs_mlSyncExample: + summary: Two anomaly detection jobs required synchronization in this example. + value: + datafeedsAdded: {} + datafeedsRemoved: {} + savedObjectsCreated: + anomaly-detector: + myjob1: + success: true + myjob2: + success: true + savedObjectsDeleted: {} + Serverless_saved_objects_export_objects_request: + summary: Export a specific saved object. + value: + excludeExportDetails: true + includeReferencesDeep: false + objects: + - id: de71f4f0-1902-11e9-919b-ffe5949a18d2 + type: map + Serverless_saved_objects_export_objects_response: + summary: >- + The export objects API response contains a JSON record for each exported + object. + value: + attributes: + description: '' + layerListJSON: >- + [{"id":"0hmz5","alpha":1,"sourceDescriptor":{"type":"EMS_TMS","isAutoSelect":true,"lightModeDefault":"road_map_desaturated"},"visible":true,"style":{},"type":"EMS_VECTOR_TILE","minZoom":0,"maxZoom":24},{"id":"edh66","label":"Total + Requests by + Destination","minZoom":0,"maxZoom":24,"alpha":0.5,"sourceDescriptor":{"type":"EMS_FILE","id":"world_countries","tooltipProperties":["name","iso2"]},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"DYNAMIC","options":{"field":{"name":"__kbnjoin__count__673ff994-fc75-4c67-909b-69fcb0e1060e","origin":"join"},"color":"Greys","fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"lineColor":{"type":"STATIC","options":{"color":"#FFFFFF"}},"lineWidth":{"type":"STATIC","options":{"size":1}},"iconSize":{"type":"STATIC","options":{"size":10}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR","joins":[{"leftField":"iso2","right":{"type":"ES_TERM_SOURCE","id":"673ff994-fc75-4c67-909b-69fcb0e1060e","indexPatternTitle":"kibana_sample_data_logs","term":"geo.dest","indexPatternRefName":"layer_1_join_0_index_pattern","metrics":[{"type":"count","label":"web + logs + count"}],"applyGlobalQuery":true}}]},{"id":"gaxya","label":"Actual + Requests","minZoom":9,"maxZoom":24,"alpha":1,"sourceDescriptor":{"id":"b7486535-171b-4d3b-bb2e-33c1a0a2854c","type":"ES_SEARCH","geoField":"geo.coordinates","limit":2048,"filterByMapBounds":true,"tooltipProperties":["clientip","timestamp","host","request","response","machine.os","agent","bytes"],"indexPatternRefName":"layer_2_source_index_pattern","applyGlobalQuery":true,"scalingType":"LIMIT"},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"STATIC","options":{"color":"#2200ff"}},"lineColor":{"type":"STATIC","options":{"color":"#FFFFFF"}},"lineWidth":{"type":"STATIC","options":{"size":2}},"iconSize":{"type":"DYNAMIC","options":{"field":{"name":"bytes","origin":"source"},"minSize":1,"maxSize":23,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR"},{"id":"tfi3f","label":"Total + Requests and + Bytes","minZoom":0,"maxZoom":9,"alpha":1,"sourceDescriptor":{"type":"ES_GEO_GRID","resolution":"COARSE","id":"8aaa65b5-a4e9-448b-9560-c98cb1c5ac5b","geoField":"geo.coordinates","requestType":"point","metrics":[{"type":"count","label":"web + logs + count"},{"type":"sum","field":"bytes"}],"indexPatternRefName":"layer_3_source_index_pattern","applyGlobalQuery":true},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"color":"Blues","fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"lineColor":{"type":"STATIC","options":{"color":"#cccccc"}},"lineWidth":{"type":"STATIC","options":{"size":1}},"iconSize":{"type":"DYNAMIC","options":{"field":{"name":"sum_of_bytes","origin":"source"},"minSize":7,"maxSize":25,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"labelText":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"labelSize":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"minSize":12,"maxSize":24,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR"}] + mapStateJSON: >- + {"zoom":3.64,"center":{"lon":-88.92107,"lat":42.16337},"timeFilters":{"from":"now-7d","to":"now"},"refreshConfig":{"isPaused":true,"interval":0},"query":{"language":"kuery","query":""},"settings":{"autoFitToDataBounds":false}} + title: '[Logs] Total Requests and Bytes' + uiStateJSON: '{"isDarkMode":false}' + coreMigrationVersion: 8.8.0 + created_at: '2023-08-23T20:03:32.204Z' + id: de71f4f0-1902-11e9-919b-ffe5949a18d2 + managed: false + references: + - id: 90943e30-9a47-11e8-b64d-95841ca0b247 + name: layer_1_join_0_index_pattern + type: index-pattern + - id: 90943e30-9a47-11e8-b64d-95841ca0b247 + name: layer_2_source_index_pattern + type: index-pattern + - id: 90943e30-9a47-11e8-b64d-95841ca0b247 + name: layer_3_source_index_pattern + type: index-pattern + type: map + typeMigrationVersion: 8.4.0 + updated_at: '2023-08-23T20:03:32.204Z' + version: WzEzLDFd + Serverless_saved_objects_import_objects_request: + value: + file: file.ndjson + Serverless_saved_objects_import_objects_response: + summary: >- + The import objects API response indicates a successful import and the + objects are created. Since these objects are created as new copies, each + entry in the successResults array includes a destinationId attribute. + value: + success: true + successCount: 1 + successResults: + - destinationId: 82d2760c-468f-49cf-83aa-b9a35b6a8943 + id: 90943e30-9a47-11e8-b64d-95841ca0b247 + managed: false + meta: + icon: indexPatternApp + title: Kibana Sample Data Logs + type: index-pattern + parameters: + Data_views_field_name: + description: The name of the runtime field. + in: path + name: fieldName + required: true + schema: + example: hour_of_day + type: string + Data_views_kbn_xsrf: + description: Cross-site request forgery protection + in: header + name: kbn-xsrf + required: true + schema: + type: string + Data_views_view_id: + description: An identifier for the data view. + in: path + name: viewId + required: true + schema: + example: ff959d40-b880-11e8-a6d9-e546fe2bba5f + type: string + Machine_learning_APIs_simulateParam: + description: >- + When true, simulates the synchronization by returning only the list of + actions that would be performed. + example: 'true' + in: query + name: simulate + required: false + schema: + type: boolean + Serverless_saved_objects_kbn_xsrf: + description: Cross-site request forgery protection + in: header + name: kbn-xsrf + required: true + schema: + type: string + SLOs_kbn_xsrf: + description: Cross-site request forgery protection + in: header + name: kbn-xsrf + required: true + schema: + type: string + SLOs_slo_id: + description: An identifier for the slo. + in: path + name: sloId + required: true + schema: + example: 9c235211-6834-11ea-a78c-6feb38a34414 + type: string + SLOs_space_id: + description: >- + An identifier for the space. If `/s/` and the identifier are omitted + from the path, the default space is used. + in: path + name: spaceId + required: true + schema: + example: default + type: string + schemas: + Data_views_400_response: + title: Bad request + type: object + properties: + error: + example: Bad Request type: string - version: + message: type: string + statusCode: + example: 400 + type: number required: - - name - Fleet_output_update_request_logstash: - title: logstash + - statusCode + - error + - message + Data_views_404_response: type: object properties: - ca_sha256: - type: string - ca_trusted_fingerprint: - type: string - config: - type: object - config_yaml: - type: string - hosts: - items: - type: string - type: array - id: - type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: - type: boolean - name: + error: + enum: + - Not Found + example: Not Found type: string - proxy_id: + message: + example: >- + Saved object [index-pattern/caaad6d0-920c-11ed-b36a-874bd1548a00] + not found type: string - shipper: - type: object - properties: - compression_level: - type: number - disk_queue_compression_enabled: - type: boolean - disk_queue_enabled: - type: boolean - disk_queue_encryption_enabled: - type: boolean - disk_queue_max_size: - type: number - disk_queue_path: - type: string - loadbalance: - type: boolean - ssl: - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - type: + statusCode: enum: - - logstash - type: string - required: - - name - Fleet_package_info: - title: Package information + - 404 + example: 404 + type: integer + Data_views_allownoindex: + description: Allows the data view saved object to exist before the data is available. + type: boolean + Data_views_create_data_view_request_object: + title: Create data view request type: object properties: - assets: - items: - type: string - type: array - categories: - items: - type: string - type: array - conditions: + data_view: + description: The data view object. type: object properties: - elasticsearch: - type: object - properties: - subscription: - enum: - - basic - - gold - - platinum - - enterprise - type: string - kibana: + allowNoIndex: + $ref: '#/components/schemas/Data_views_allownoindex' + fieldAttrs: + additionalProperties: + $ref: '#/components/schemas/Data_views_fieldattrs' type: object - properties: - versions: - type: string - data_streams: - items: - type: object - properties: - ingeset_pipeline: - type: string - name: - type: string - package: - type: string - release: - type: string - title: - type: string - type: - type: string - vars: - items: - type: object - properties: - default: - type: string - name: - type: string - required: - - name - - default - type: array - required: - - title - - name - - release - - ingeset_pipeline - - type - - package - type: array - description: - type: string - download: - type: string - elasticsearch: - type: object - properties: - privileges: + fieldFormats: + $ref: '#/components/schemas/Data_views_fieldformats' + fields: type: object - properties: - cluster: - items: - type: string - type: array - format_version: - type: string - icons: - items: - type: string - type: array - internal: - type: boolean - name: - type: string - path: - type: string - readme: - type: string - release: - deprecated: true - description: >- - release label is deprecated, derive from the version instead - (packages follow semver) - enum: - - experimental - - beta - - ga - type: string - screenshots: - items: - type: object - properties: - path: - type: string - size: - type: string - src: - type: string - title: - type: string - type: - type: string - required: - - src - - path - type: array - source: - type: object - properties: - license: - enum: - - Apache-2.0 - - Elastic-2.0 - type: string - title: - type: string - type: - type: string - version: - type: string - required: - - name - - title - - version - - description - - type - - categories - - conditions - - assets - - format_version - - download - - path - Fleet_package_policy: - allOf: - - type: object - properties: id: type: string - inputs: - oneOf: - - items: {} - type: array - - type: object - revision: - type: number + name: + description: The data view name. + type: string + namespaces: + $ref: '#/components/schemas/Data_views_namespaces' + runtimeFieldMap: + additionalProperties: + $ref: '#/components/schemas/Data_views_runtimefieldmap' + type: object + sourceFilters: + $ref: '#/components/schemas/Data_views_sourcefilters' + timeFieldName: + $ref: '#/components/schemas/Data_views_timefieldname' + title: + $ref: '#/components/schemas/Data_views_title' + type: + $ref: '#/components/schemas/Data_views_type' + typeMeta: + $ref: '#/components/schemas/Data_views_typemeta' + version: + type: string required: - - id - - revision - - $ref: '#/components/schemas/Fleet_new_package_policy' - title: Package policy - Fleet_package_policy_request: - title: Package Policy Request - type: object - properties: - description: - description: Package policy description - example: my description - type: string - force: + - title + override: + default: false description: >- - Force package policy creation even if package is not verified, or if - the agent policy is managed. + Override an existing data view if a data view with the provided + title already exists. type: boolean - id: - description: Package policy unique identifier - type: string - inputs: - additionalProperties: - type: object - properties: - enabled: - description: enable or disable that input, (default to true) - type: boolean - streams: - additionalProperties: - type: object - properties: - enabled: - description: enable or disable that stream, (default to true) - type: boolean - vars: - description: >- - Stream level variable (see integration documentation for - more information) - type: object - description: >- - Input streams (see integration documentation to know what - streams are available) - type: object - vars: - description: >- - Input level variable (see integration documentation for more - information) - type: object - description: >- - Package policy inputs (see integration documentation to know what - inputs are available) - example: - nginx-logfile: - enabled: true - streams: - nginx.access: - enabled: true - vars: - ignore_older: 72h - paths: - - /var/log/nginx/access.log* - preserve_original_event: false - tags: - - nginx-access - type: object - name: - description: Package policy name (should be unique) - example: nginx-123 - type: string - namespace: - description: >- - The package policy namespace. Leave blank to inherit the agent - policy's namespace. - example: customnamespace - type: string - output_id: - description: Output ID to send package data to - example: output-id - nullable: true - type: string - overrides: - description: >- - Override settings that are defined in the package policy. The - override option should be used only in unusual circumstances and not - as a routine procedure. - nullable: true + required: + - data_view + Data_views_data_view_response_object: + title: Data view response properties + type: object + properties: + data_view: type: object properties: - inputs: + allowNoIndex: + $ref: '#/components/schemas/Data_views_allownoindex' + fieldAttrs: + additionalProperties: + $ref: '#/components/schemas/Data_views_fieldattrs' type: object - package: - type: object - properties: + fieldFormats: + $ref: '#/components/schemas/Data_views_fieldformats' + fields: + type: object + id: + example: ff959d40-b880-11e8-a6d9-e546fe2bba5f + type: string name: - description: Package name - example: nginx + description: The data view name. type: string + namespaces: + $ref: '#/components/schemas/Data_views_namespaces' + runtimeFieldMap: + additionalProperties: + $ref: '#/components/schemas/Data_views_runtimefieldmap' + type: object + sourceFilters: + $ref: '#/components/schemas/Data_views_sourcefilters' + timeFieldName: + $ref: '#/components/schemas/Data_views_timefieldname' + title: + $ref: '#/components/schemas/Data_views_title' + typeMeta: + $ref: '#/components/schemas/Data_views_typemeta_response' version: - description: Package version - example: 1.6.0 + example: WzQ2LDJd type: string - required: - - name - - version - policy_id: - deprecated: true - description: Agent policy ID where that package policy will be added - example: agent-policy-id - nullable: true - type: string - policy_ids: - description: Agent policy IDs where that package policy will be added - example: - - agent-policy-id - items: - type: string - type: array - vars: - description: >- - Package root level variable (see integration documentation for more - information) - type: object - required: - - name - - package - Fleet_package_usage_stats: - title: Package usage stats + Data_views_fieldattrs: + description: A map of field attributes by field name. type: object properties: - agent_policy_count: + count: + description: Popularity count for the field. type: integer - required: - - agent_policy_count - Fleet_proxies: - title: Fleet Proxy - type: object - properties: - certificate: - type: string - certificate_authorities: - type: string - certificate_key: - type: string - id: + customDescription: + description: Custom description for the field. + maxLength: 300 type: string - name: + customLabel: + description: Custom label for the field. type: string - proxy_headers: + Data_views_fieldformats: + description: A map of field formats by field name. + type: object + Data_views_namespaces: + description: >- + An array of space identifiers for sharing the data view between multiple + spaces. + items: + default: default + type: string + type: array + Data_views_runtimefieldmap: + description: A map of runtime field definitions by field name. + type: object + properties: + script: type: object - url: + properties: + source: + description: Script for the runtime field. + type: string + type: + description: Mapping type of the runtime field. type: string required: - - name - - url - Fleet_saved_object_type: - oneOf: - - enum: - - dashboard - - visualization - - search - - index_pattern - - map - - lens - - security_rule - - csp_rule_template - - ml_module - - tag - - osquery_pack_asset - - osquery_saved_query - type: string - - enum: - - index - - component_template - - ingest_pipeline - - index_template - - ilm_policy - - transform - - data_stream_ilm_policy - - ml_model - type: string - title: Saved Object type - Fleet_search_result: - title: Search result + - script + - type + Data_views_sourcefilters: + description: The array of field names you want to filter out in Discover. + items: + type: object + properties: + value: + type: string + required: + - value + type: array + Data_views_swap_data_view_request_object: + title: Data view reference swap request type: object properties: - description: - type: string - download: - type: string - icons: - type: string - installationInfo: - $ref: '#/components/schemas/Fleet_installation_info' - name: - type: string - path: - type: string - savedObject: - deprecated: true - type: object - status: + delete: + description: Deletes referenced saved object if all references are removed. + type: boolean + forId: + description: Limit the affected saved objects to one or more by identifier. + oneOf: + - type: string + - items: + type: string + type: array + forType: + description: Limit the affected saved objects by type. type: string - title: + fromId: + description: The saved object reference to change. type: string - type: + fromType: + description: > + Specify the type of the saved object reference to alter. The default + value is `index-pattern` for data views. type: string - version: + toId: + description: New saved object reference value to replace the old value. type: string required: - - description - - download - - icons - - name - - path - - title - - type - - version - - status - Fleet_settings: - title: Settings + - fromId + - toId + Data_views_timefieldname: + description: The timestamp field name, which you use for time-based data views. + type: string + Data_views_title: + description: >- + Comma-separated list of data streams, indices, and aliases that you want + to search. Supports wildcards (`*`). + type: string + Data_views_type: + description: When set to `rollup`, identifies the rollup data views. + type: string + Data_views_typemeta: + description: >- + When you use rollup indices, contains the field list for the rollup data + view API endpoints. type: object properties: - fleet_server_hosts: - deprecated: true - items: - type: string - type: array - has_seen_add_data_notice: - type: boolean - id: - type: string - prerelease_integrations_enabled: - type: boolean + aggs: + description: A map of rollup restrictions by aggregation type and field name. + type: object + params: + description: Properties for retrieving rollup fields. + type: object required: - - fleet_server_hosts - - id - Fleet_upgrade_agent: - title: Upgrade agent + - aggs + - params + Data_views_typemeta_response: + description: >- + When you use rollup indices, contains the field list for the rollup data + view API endpoints. + nullable: true type: object properties: - force: - description: Force upgrade, skipping validation (should be used with caution) - type: boolean - skipRateLimitCheck: - description: Skip rate limit check for upgrade + aggs: + description: A map of rollup restrictions by aggregation type and field name. + type: object + params: + description: Properties for retrieving rollup fields. + type: object + Data_views_update_data_view_request_object: + title: Update data view request + type: object + properties: + data_view: + description: > + The data view properties you want to update. Only the specified + properties are updated in the data view. Unspecified fields stay as + they are persisted. + type: object + properties: + allowNoIndex: + $ref: '#/components/schemas/Data_views_allownoindex' + fieldFormats: + $ref: '#/components/schemas/Data_views_fieldformats' + fields: + type: object + name: + type: string + runtimeFieldMap: + additionalProperties: + $ref: '#/components/schemas/Data_views_runtimefieldmap' + type: object + sourceFilters: + $ref: '#/components/schemas/Data_views_sourcefilters' + timeFieldName: + $ref: '#/components/schemas/Data_views_timefieldname' + title: + $ref: '#/components/schemas/Data_views_title' + type: + $ref: '#/components/schemas/Data_views_type' + typeMeta: + $ref: '#/components/schemas/Data_views_typemeta' + refresh_fields: + default: false + description: Reloads the data view fields after the data view is updated. type: boolean - source_uri: - type: string - version: - type: string required: - - version - Fleet_upgrade_agent_diff: - items: - items: - $ref: '#/components/schemas/Fleet_full_agent_policy_input' - type: array - title: Package policy Upgrade dryrun - type: array - Fleet_upgrade_diff: - items: - allOf: - - $ref: '#/components/schemas/Fleet_package_policy' - - allOf: - - $ref: '#/components/schemas/Fleet_new_package_policy' - - type: object - properties: - errors: - items: - type: object - properties: - key: - type: string - message: - type: string - type: array - missingVars: - items: - type: string - type: array - type: object - title: Package policy Upgrade dryrun - type: array + - data_view Kibana_HTTP_APIs_core_status_redactedResponse: additionalProperties: false description: A minimal representation of Kibana's operational status. @@ -26655,6 +44211,7 @@ components: - id - rule_id - immutable + - rule_source - updated_at - updated_by - created_at @@ -33472,13 +51029,13 @@ tags: - name: Elastic Package Manager (EPM) - name: Fleet enrollment API keys - name: Fleet internals - - name: Fleet Kubernetes - name: Fleet outputs - name: Fleet package policies - name: Fleet proxies - name: Fleet Server hosts - name: Fleet service tokens - name: Fleet uninstall tokens + - name: Message Signing Service - description: Machine learning name: ml - description: > @@ -33502,33 +51059,42 @@ tags: x-displayName: Saved objects - description: Manage and interact with Security Assistant resources. name: Security AI Assistant API + x-displayName: Security AI assistant - description: >- You can create rules that automatically turn events and external alerts sent to Elastic Security into detection alerts. These alerts are displayed on the Detections page. name: Security Detections API + x-displayName: Security detections - description: >- Endpoint Exceptions API allows you to manage detection rule endpoint exceptions to prevent a rule from generating an alert from incoming events even when the rule's other criteria are met. name: Security Endpoint Exceptions API + x-displayName: Security endpoint exceptions - description: Interact with and manage endpoints running the Elastic Defend integration. name: Security Endpoint Management API + x-displayName: Security endpoint management - description: '' name: Security Entity Analytics API + x-displayName: Security entity analytics - description: >- Exceptions API allows you to manage detection rule exceptions to prevent a rule from generating an alert from incoming events even when the rule's other criteria are met. name: Security Exceptions API + x-displayName: Security exceptions - description: Lists API allows you to manage lists of keywords, IPs or IP ranges items. name: Security Lists API + x-displayName: Security lists - description: Run live queries, manage packs and saved queries. name: Security Osquery API + x-displayName: Security Osquery - description: >- You can create Timelines and Timeline templates via the API, as well as import new Timelines from an ndjson file. name: Security Timeline API + x-displayName: Security timeline - description: SLO APIs enable you to define, manage and track service-level objectives name: slo - name: spaces diff --git a/oas_docs/output/kibana.serverless.yaml b/oas_docs/output/kibana.serverless.yaml index c30f683b3bf97..8bd9bd198e5e1 100644 --- a/oas_docs/output/kibana.serverless.yaml +++ b/oas_docs/output/kibana.serverless.yaml @@ -79,7 +79,6 @@ servers: kibana_url: default: localhost:5601 - url: / - - url: http://KIBANA_HOST:5601 - description: local url: http://localhost:5601 paths: @@ -5402,6 +5401,270 @@ paths: summary: Search for annotations tags: - APM annotations + /api/asset_criticality: + delete: + description: Delete the asset criticality record for a specific entity. + operationId: DeleteAssetCriticalityRecord + parameters: + - description: The ID value of the asset. + in: query + name: id_value + required: true + schema: + type: string + - description: The field representing the ID. + example: host.name + in: query + name: id_field + required: true + schema: + $ref: '#/components/schemas/Security_Entity_Analytics_API_IdField' + - description: If 'wait_for' the request will wait for the index refresh. + in: query + name: refresh + required: false + schema: + enum: + - wait_for + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + deleted: + description: >- + True if the record was deleted or false if the record did + not exist. + type: boolean + record: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityRecord + description: The deleted record if it existed. + required: + - deleted + description: Successful response + '400': + description: Invalid request + summary: Delete an asset criticality record + tags: + - Security Entity Analytics API + get: + description: Get the asset criticality record for a specific entity. + operationId: GetAssetCriticalityRecord + parameters: + - description: The ID value of the asset. + in: query + name: id_value + required: true + schema: + type: string + - description: The field representing the ID. + example: host.name + in: query + name: id_field + required: true + schema: + $ref: '#/components/schemas/Security_Entity_Analytics_API_IdField' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityRecord + description: Successful response + '400': + description: Invalid request + '404': + description: Criticality record not found + summary: Get an asset criticality record + tags: + - Security Entity Analytics API + post: + description: > + Create or update an asset criticality record for a specific entity. + + + If a record already exists for the specified entity, that record is + overwritten with the specified value. If a record doesn't exist for the + specified entity, a new record is created. + operationId: CreateAssetCriticalityRecord + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + allOf: + - $ref: >- + #/components/schemas/Security_Entity_Analytics_API_CreateAssetCriticalityRecord + - type: object + properties: + refresh: + description: >- + If 'wait_for' the request will wait for the index + refresh. + enum: + - wait_for + type: string + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityRecord + description: Successful response + '400': + description: Invalid request + summary: Upsert an asset criticality record + tags: + - Security Entity Analytics API + /api/asset_criticality/bulk: + post: + description: > + Bulk upsert up to 1000 asset criticality records. + + + If asset criticality records already exist for the specified entities, + those records are overwritten with the specified values. If asset + criticality records don't exist for the specified entities, new records + are created. + operationId: BulkUpsertAssetCriticalityRecords + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + example: + records: + - criticality_level: low_impact + id_field: host.name + id_value: host-1 + - criticality_level: medium_impact + id_field: host.name + id_value: host-2 + type: object + properties: + records: + items: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_CreateAssetCriticalityRecord + maxItems: 1000 + minItems: 1 + type: array + required: + - records + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + example: + errors: + - index: 0 + message: Invalid ID field + stats: + failed: 1 + successful: 1 + total: 2 + type: object + properties: + errors: + items: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityBulkUploadErrorItem + type: array + stats: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityBulkUploadStats + required: + - errors + - stats + description: Bulk upload successful + '413': + description: File too large + summary: Bulk upsert asset criticality records + tags: + - Security Entity Analytics API + /api/asset_criticality/list: + get: + description: List asset criticality records, paging, sorting and filtering as needed. + operationId: FindAssetCriticalityRecords + parameters: + - description: The field to sort by. + in: query + name: sort_field + required: false + schema: + enum: + - id_value + - id_field + - criticality_level + - \@timestamp + type: string + - description: The order to sort by. + in: query + name: sort_direction + required: false + schema: + enum: + - asc + - desc + type: string + - description: The page number to return. + in: query + name: page + required: false + schema: + minimum: 1 + type: integer + - description: The number of records to return per page. + in: query + name: per_page + required: false + schema: + maximum: 1000 + minimum: 1 + type: integer + - description: The kuery to filter by. + in: query + name: kuery + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + page: + minimum: 1 + type: integer + per_page: + maximum: 1000 + minimum: 1 + type: integer + records: + items: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityRecord + type: array + total: + minimum: 0 + type: integer + required: + - records + - page + - per_page + - total + description: Bulk upload successful + summary: List asset criticality records + tags: + - Security Entity Analytics API /api/data_views: get: operationId: getAllDataViewsDefault @@ -5926,9 +6189,18 @@ paths: summary: Preview a saved object reference swap tags: - data views - /api/fleet/agent_download_sources: + /api/detection_engine/privileges: get: - operationId: get-download-sources + description: > + Retrieves whether or not the user is authenticated, and the user's + Kibana + + space and index privileges, which determine if the user can create an + + index for the Elastic Security alerts generated by + + detection engine rules. + operationId: ReadPrivileges responses: '200': content: @@ -5936,265 +6208,311 @@ paths: schema: type: object properties: - items: - items: - $ref: '#/components/schemas/Fleet_download_sources' - type: array - page: - type: integer - perPage: - type: integer - total: - type: integer - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: List agent binary download sources - tags: - - Elastic Agent binary download sources - post: - operationId: post-download-sources - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - host: - type: string - id: - type: string - is_default: - type: boolean - name: - type: string - required: - - name - - host - - is_default - responses: - '200': + has_encryption_key: + type: boolean + is_authenticated: + type: boolean + required: + - is_authenticated + - has_encryption_key + description: Successful response + '401': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_download_sources' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Create agent binary download source + $ref: >- + #/components/schemas/Security_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' + description: Internal server error response + summary: Returns user privileges for the Kibana space tags: - - Elastic Agent binary download sources - /api/fleet/agent_download_sources/{sourceId}: + - Security Detections API + - Privileges API + /api/detection_engine/rules: delete: - operationId: delete-download-source + description: Delete a detection rule using the `rule_id` or `id` field. + operationId: DeleteRule parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: The rule's `id` value. + in: query + name: id + required: false + schema: + $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' + - description: The rule's `rule_id` value. + in: query + name: rule_id + required: false + schema: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - id: - type: string - required: - - id - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete agent binary download source by ID + $ref: '#/components/schemas/Security_Detections_API_RuleResponse' + description: Indicates a successful call. + summary: Delete a detection rule tags: - - Elastic Agent binary download sources + - Security Detections API + - Rules API get: - operationId: get-one-download-source + description: Retrieve a detection rule using the `rule_id` or `id` field. + operationId: ReadRule + parameters: + - description: The rule's `id` value. + in: query + name: id + required: false + schema: + $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' + - description: The rule's `rule_id` value. + in: query + name: rule_id + required: false + schema: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_download_sources' - required: - - item - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get agent binary download source by ID + $ref: '#/components/schemas/Security_Detections_API_RuleResponse' + description: Indicates a successful call. + summary: Retrieve a detection rule tags: - - Elastic Agent binary download sources - parameters: - - in: path - name: sourceId - required: true - schema: - type: string - put: - operationId: update-download-source - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - Security Detections API + - Rules API + patch: + description: >- + Update specific fields of an existing detection rule using the `rule_id` + or `id` field. + operationId: PatchRule requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - host: - type: string - is_default: - type: boolean - name: - type: string - required: - - name - - is_default - - host + $ref: '#/components/schemas/Security_Detections_API_RulePatchProps' + required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_download_sources' - required: - - item - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Update agent binary download source by ID + $ref: '#/components/schemas/Security_Detections_API_RuleResponse' + description: Indicates a successful call. + summary: Patch a detection rule tags: - - Elastic Agent binary download sources - /api/fleet/agent_policies: - get: - description: '' - operationId: agent-policy-list - parameters: - - $ref: '#/components/parameters/Fleet_page_size' - - $ref: '#/components/parameters/Fleet_page_index' - - $ref: '#/components/parameters/Fleet_kuery' - - $ref: '#/components/parameters/Fleet_format' - - description: >- - When set to true, retrieve the related package policies for each - agent policy. - in: query - name: full - schema: - type: boolean - - description: >- - When set to true, do not count how many agents are in the agent - policy, this can improve performance if you are searching over a - large number of agent policies. The "agents" property will always be - 0 if set to true. - in: query - name: noAgentCount - schema: - type: boolean + - Security Detections API + - Rules API + post: + description: Create a new detection rule. + operationId: CreateRule + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Detections_API_RuleCreateProps' + required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - items: - items: - $ref: '#/components/schemas/Fleet_agent_policy' - type: array - page: - type: number - perPage: - type: number - total: - type: number - required: - - items - - total - - page - - perPage - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: List agent policies + $ref: '#/components/schemas/Security_Detections_API_RuleResponse' + description: Indicates a successful call. + summary: Create a detection rule tags: - - Elastic Agent policies + - Security Detections API + - Rules API + put: + description: > + Update a detection rule using the `rule_id` or `id` field. The original + rule is replaced, and all unspecified fields are deleted. + + > info + + > You cannot modify the `id` or `rule_id` values. + operationId: UpdateRule + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Detections_API_RuleUpdateProps' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Detections_API_RuleResponse' + description: Indicates a successful call. + summary: Update a detection rule + tags: + - Security Detections API + - Rules API + /api/detection_engine/rules/_bulk_action: post: - operationId: create-agent-policy + description: >- + Apply a bulk action, such as bulk edit, duplicate, or delete, to + multiple detection rules. The bulk action is applied to all rules that + match the query or to the rules listed by their IDs. + operationId: PerformRulesBulkAction parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: Enables dry run mode for the request call. + in: query + name: dry_run + required: false + schema: + type: boolean requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Fleet_agent_policy_create_request' + oneOf: + - $ref: '#/components/schemas/Security_Detections_API_BulkDeleteRules' + - $ref: >- + #/components/schemas/Security_Detections_API_BulkDisableRules + - $ref: '#/components/schemas/Security_Detections_API_BulkEnableRules' + - $ref: '#/components/schemas/Security_Detections_API_BulkExportRules' + - $ref: >- + #/components/schemas/Security_Detections_API_BulkDuplicateRules + - $ref: >- + #/components/schemas/Security_Detections_API_BulkManualRuleRun + - $ref: '#/components/schemas/Security_Detections_API_BulkEditRules' responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_agent_policy' + oneOf: + - $ref: >- + #/components/schemas/Security_Detections_API_BulkEditActionResponse + - $ref: >- + #/components/schemas/Security_Detections_API_BulkExportActionResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Create agent policy + summary: Apply a bulk action to detection rules tags: - - Elastic Agent policies - /api/fleet/agent_policies/_bulk_get: + - Security Detections API + - Bulk API + /api/detection_engine/rules/_export: post: - operationId: bulk-get-agent-policies + description: > + Export detection rules to an `.ndjson` file. The following configuration + items are also included in the `.ndjson` file: + + - Actions + + - Exception lists + + > info + + > You cannot export prebuilt rules. + operationId: ExportRules parameters: - - $ref: '#/components/parameters/Fleet_format' + - description: Determines whether a summary of the exported rules is returned. + in: query + name: exclude_export_details + required: false + schema: + default: false + type: boolean + - description: File name for saving the exported rules. + in: query + name: file_name + required: false + schema: + default: export.ndjson + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: + nullable: true type: object properties: - full: - description: get full policies with package policies populated - type: boolean - ids: - description: list of agent policy ids + objects: + description: >- + Array of `rule_id` fields. Exports all rules when + unspecified. items: - type: string + type: object + properties: + rule_id: + $ref: >- + #/components/schemas/Security_Detections_API_RuleSignatureId + required: + - rule_id type: array - ignoreMissing: - type: boolean required: - - ids + - objects + required: false responses: '200': content: - application/json; Elastic-Api-Version=2023-10-31: + application/ndjson; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - items: - items: - $ref: '#/components/schemas/Fleet_agent_policy' - type: array - required: - - items - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Bulk get agent policies + description: An `.ndjson` file containing the returned rules. + format: binary + type: string + description: Indicates a successful call. + summary: Export detection rules tags: - - Elastic Agent policies - /api/fleet/agent_policies/{agentPolicyId}: + - Security Detections API + - Import/Export API + /api/detection_engine/rules/_find: get: - description: Get one agent policy - operationId: agent-policy-info - parameters: [] + description: >- + Retrieve a paginated list of detection rules. By default, the first page + is returned, with 20 results per page. + operationId: FindRules + parameters: + - in: query + name: fields + required: false + schema: + items: + type: string + type: array + - description: Search query + in: query + name: filter + required: false + schema: + type: string + - description: Field to sort by + in: query + name: sort_field + required: false + schema: + $ref: '#/components/schemas/Security_Detections_API_FindRulesSortField' + - description: Sort order + in: query + name: sort_order + required: false + schema: + $ref: '#/components/schemas/Security_Detections_API_SortOrder' + - description: Page number + in: query + name: page + required: false + schema: + default: 1 + minimum: 1 + type: integer + - description: Rules per page + in: query + name: per_page + required: false + schema: + default: 20 + minimum: 0 + type: integer responses: '200': content: @@ -6202,192 +6520,275 @@ paths: schema: type: object properties: - item: - $ref: '#/components/schemas/Fleet_agent_policy' + data: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RuleResponse + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer required: - - item - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get agent policy by ID + - page + - perPage + - total + - data + description: Successful response + summary: List all detection rules tags: - - Elastic Agent policies - parameters: - - in: path - name: agentPolicyId - required: true - schema: - type: string - - $ref: '#/components/parameters/Fleet_format' - put: - operationId: update-agent-policy + - Security Detections API + - Rules API + /api/detection_engine/rules/_import: + post: + description: > + Import detection rules from an `.ndjson` file, including actions and + exception lists. The request must include: + + - The `Content-Type: multipart/form-data` HTTP header. + + - A link to the `.ndjson` file containing the rules. + operationId: ImportRules parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: >- + Determines whether existing rules with the same `rule_id` are + overwritten. + in: query + name: overwrite + required: false + schema: + default: false + type: boolean + - description: >- + Determines whether existing exception lists with the same `list_id` + are overwritten. + in: query + name: overwrite_exceptions + required: false + schema: + default: false + type: boolean + - description: >- + Determines whether existing actions with the same + `kibana.alert.rule.actions.id` are overwritten. + in: query + name: overwrite_action_connectors + required: false + schema: + default: false + type: boolean + - description: Generates a new list ID for each imported exception list. + in: query + name: as_new_list + required: false + schema: + default: false + type: boolean requestBody: content: - application/json; Elastic-Api-Version=2023-10-31: + multipart/form-data; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Fleet_agent_policy_update_request' + type: object + properties: + file: + description: The `.ndjson` file containing the rules. + format: binary + type: string + required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - item: - $ref: '#/components/schemas/Fleet_agent_policy' + action_connectors_errors: + items: + $ref: '#/components/schemas/Security_Detections_API_ErrorSchema' + type: array + action_connectors_success: + type: boolean + action_connectors_success_count: + minimum: 0 + type: integer + action_connectors_warnings: + items: + $ref: >- + #/components/schemas/Security_Detections_API_WarningSchema + type: array + errors: + items: + $ref: '#/components/schemas/Security_Detections_API_ErrorSchema' + type: array + exceptions_errors: + items: + $ref: '#/components/schemas/Security_Detections_API_ErrorSchema' + type: array + exceptions_success: + type: boolean + exceptions_success_count: + minimum: 0 + type: integer + rules_count: + minimum: 0 + type: integer + success: + type: boolean + success_count: + minimum: 0 + type: integer required: - - item - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Update agent policy by ID + - exceptions_success + - exceptions_success_count + - exceptions_errors + - rules_count + - success + - success_count + - errors + - action_connectors_errors + - action_connectors_warnings + - action_connectors_success + - action_connectors_success_count + description: Indicates a successful call. + summary: Import detection rules tags: - - Elastic Agent policies - /api/fleet/agent_policies/{agentPolicyId}/copy: - parameters: - - in: path - name: agentPolicyId - required: true - schema: - type: string - - $ref: '#/components/parameters/Fleet_format' + - Security Detections API + - Import/Export API + /api/detection_engine/rules/{id}/exceptions: post: - operationId: agent-policy-copy + description: Create exception items that apply to a single detection rule. + operationId: CreateRuleExceptionListItems parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: Detection rule's identifier + in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Exceptions_API_RuleId' requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: type: object properties: - description: - type: string - name: - type: string + items: + items: + $ref: >- + #/components/schemas/Security_Exceptions_API_CreateRuleExceptionListItemProps + type: array required: - - name - description: '' + - items + description: Rule exception list items + required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_agent_policy' - required: - - item - description: OK + items: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItem + type: array + description: Successful response '400': - $ref: '#/components/responses/Fleet_error' - summary: Copy agent policy by ID - tags: - - Elastic Agent policies - /api/fleet/agent_policies/{agentPolicyId}/download: - get: - operationId: agent-policy-download - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - item: - type: string - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Download agent policy by ID - tags: - - Elastic Agent policies - parameters: - - in: path - name: agentPolicyId - required: true - schema: - type: string - - in: query - name: download - required: false - schema: - type: string - - in: query - name: standalone - required: false - schema: - type: string - - in: query - name: kubernetes - required: false - schema: - type: string - /api/fleet/agent_policies/{agentPolicyId}/full: - get: - operationId: agent-policy-full - responses: - '200': + oneOf: + - $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - item: - oneOf: - - type: string - - $ref: '#/components/schemas/Fleet_agent_policy_full' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get full agent policy by ID + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Internal server error response + summary: Create rule exception list items tags: - - Elastic Agent policies - parameters: - - in: path - name: agentPolicyId - required: true - schema: - type: string - - in: query - name: download - required: false - schema: - type: string - - in: query - name: standalone - required: false - schema: - type: string - - in: query - name: kubernetes - required: false - schema: - type: string - /api/fleet/agent_policies/delete: - parameters: [] + - Security Exceptions API + /api/detection_engine/rules/preview: post: - operationId: delete-agent-policy + operationId: RulePreview parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: >- + Enables logging and returning in response ES queries, performed + during rule execution + in: query + name: enable_logged_requests + required: false + schema: + type: boolean requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - agentPolicyId: - type: string - force: - description: >- - bypass validation checks that can prevent agent policy - deletion - type: boolean - required: - - agentPolicyId + anyOf: + - allOf: + - $ref: >- + #/components/schemas/Security_Detections_API_EqlRuleCreateProps + - $ref: >- + #/components/schemas/Security_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Detections_API_QueryRuleCreateProps + - $ref: >- + #/components/schemas/Security_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Detections_API_SavedQueryRuleCreateProps + - $ref: >- + #/components/schemas/Security_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Detections_API_ThresholdRuleCreateProps + - $ref: >- + #/components/schemas/Security_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Detections_API_ThreatMatchRuleCreateProps + - $ref: >- + #/components/schemas/Security_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Detections_API_MachineLearningRuleCreateProps + - $ref: >- + #/components/schemas/Security_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Detections_API_NewTermsRuleCreateProps + - $ref: >- + #/components/schemas/Security_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Detections_API_EsqlRuleCreateProps + - $ref: >- + #/components/schemas/Security_Detections_API_RulePreviewParams + discriminator: + propertyName: type + description: >- + An object containing tags to add or remove and alert ids the changes + will be applied + required: true responses: '200': content: @@ -6395,874 +6796,717 @@ paths: schema: type: object properties: - id: - type: string - success: + isAborted: type: boolean + logs: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RulePreviewLogs + type: array + previewId: + $ref: >- + #/components/schemas/Security_Detections_API_NonEmptyString required: - - id - - success - description: OK + - logs + description: Successful response '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete agent policy by ID - tags: - - Elastic Agent policies - /api/fleet/agent_status: - get: - operationId: get-agent-status - parameters: - - in: query - name: policyId - required: false - schema: - type: string - - deprecated: true - in: query - name: kuery - required: false - schema: - type: string - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - active: - type: integer - all: - type: integer - error: - type: integer - events: - type: integer - inactive: - type: integer - offline: - type: integer - online: - type: integer - other: - type: integer - total: - deprecated: true - type: integer - unenrolled: - type: integer - updating: - type: integer - required: - - active - - all - - error - - events - - inactive - - offline - - online - - other - - total - - updating - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get agent status summary - tags: - - Elastic Agent status - /api/fleet/agent_status/data: - get: - operationId: get-agent-data - parameters: - - in: query - name: agentsIds - required: true - schema: - items: - type: string - type: array - responses: - '200': + oneOf: + - $ref: >- + #/components/schemas/Security_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - items: - items: - additionalProperties: - type: object - properties: - data: - type: boolean - type: object - type: array - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get incoming agent data - tags: - - Elastic Agent status - /api/fleet/agent-status: - get: - deprecated: true - operationId: get-agent-status-deprecated - parameters: - - in: query - name: policyId - required: false - schema: - type: string - responses: - '200': + $ref: >- + #/components/schemas/Security_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - error: - type: integer - events: - type: integer - inactive: - type: integer - offline: - type: integer - online: - type: integer - other: - type: integer - total: - type: integer - updating: - type: integer - required: - - error - - events - - inactive - - offline - - online - - other - - total - - updating - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get agent status summary + $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' + description: Internal server error response + summary: Preview rule alerts generated on specified time range tags: - - Elastic Agent status - /api/fleet/agents: - get: - operationId: get-agents - parameters: - - $ref: '#/components/parameters/Fleet_page_size' - - $ref: '#/components/parameters/Fleet_page_index' - - $ref: '#/components/parameters/Fleet_kuery' - - $ref: '#/components/parameters/Fleet_show_inactive' - - $ref: '#/components/parameters/Fleet_show_upgradeable' - - $ref: '#/components/parameters/Fleet_sort_field' - - $ref: '#/components/parameters/Fleet_sort_order' - - $ref: '#/components/parameters/Fleet_with_metrics' - - in: query - name: getStatusSummary - required: false - schema: - type: boolean + - Security Detections API + - Rule preview API + /api/detection_engine/signals/assignees: + post: + description: | + Assign users to detection alerts, and unassign them from alerts. + > info + > You cannot add and remove the same assignee in the same request. + operationId: SetAlertAssignees + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + assignees: + $ref: '#/components/schemas/Security_Detections_API_AlertAssignees' + description: Details about the assignees to assign and unassign. + ids: + $ref: '#/components/schemas/Security_Detections_API_AlertIds' + description: List of alerts ids to assign and unassign passed assignees. + required: + - assignees + - ids + required: true responses: '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Fleet_get_agents_response' - description: OK + description: Indicates a successful call. '400': - $ref: '#/components/responses/Fleet_error' - summary: List agents + description: Invalid request. + summary: Assign and unassign users from detection alerts tags: - - Elastic Agents + - Security Detections API + /api/detection_engine/signals/search: post: - operationId: get-agents-by-actions - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + description: Find and/or aggregate detection alerts that match the given query. + operationId: SearchAlerts requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: + description: Elasticsearch query and aggregation request type: object properties: - actionIds: + _source: + oneOf: + - type: boolean + - type: string + - items: + type: string + type: array + aggs: + additionalProperties: true + type: object + fields: items: type: string type: array - required: - - policy_id + query: + additionalProperties: true + type: object + runtime_mappings: + additionalProperties: true + type: object + size: + minimum: 0 + type: integer + sort: + $ref: '#/components/schemas/Security_Detections_API_AlertsSort' + track_total_hits: + type: boolean + description: Search and/or aggregation query required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Fleet_agent_get_by_actions' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: List agents by action ids - tags: - - Elastic Agents - /api/fleet/agents/{agentId}: - delete: - operationId: delete-agent - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: + additionalProperties: true + description: Elasticsearch search response type: object - properties: - action: - enum: - - deleted - type: string - required: - - action - description: OK + description: Successful response '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete agent by ID - tags: - - Elastic Agents - get: - operationId: get-agent - parameters: - - $ref: '#/components/parameters/Fleet_with_metrics' - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_agent' - required: - - item - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get agent by ID - tags: - - Elastic Agents - parameters: - - in: path - name: agentId - required: true - schema: - type: string - put: - operationId: update-agent - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - tags: - items: - type: string - type: array - user_provided_metadata: - type: object - required: true - responses: - '200': + oneOf: + - $ref: >- + #/components/schemas/Security_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_agent' - required: - - item - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Update agent by ID + $ref: >- + #/components/schemas/Security_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' + description: Internal server error response + summary: Find and/or aggregate detection alerts tags: - - Elastic Agents - /api/fleet/agents/{agentId}/actions: - parameters: - - in: path - name: agentId - required: true - schema: - type: string + - Security Detections API + - Alerts API + /api/detection_engine/signals/status: post: - operationId: new-agent-action - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + description: Set the status of one or more detection alerts. + operationId: SetAlertsStatus requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - action: - $ref: '#/components/schemas/Fleet_agent_action' + oneOf: + - $ref: >- + #/components/schemas/Security_Detections_API_SetAlertsStatusByIds + - $ref: >- + #/components/schemas/Security_Detections_API_SetAlertsStatusByQuery + description: >- + An object containing desired status and explicit alert ids or a query + to select alerts required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: true + description: Elasticsearch update by query response type: object - properties: - body: - items: - type: number - type: array - headers: - type: string - statusCode: - type: number - description: OK + description: Successful response '400': - $ref: '#/components/responses/Fleet_error' - summary: Create agent action + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' + description: Internal server error response + summary: Set a detection alert status tags: - - Elastic Agent actions - /api/fleet/agents/{agentId}/reassign: - parameters: - - in: path - name: agentId - required: true - schema: - type: string + - Security Detections API + - Alerts API + /api/detection_engine/signals/tags: post: - operationId: reassign-agent - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + description: | + And tags to detection alerts, and remove them from alerts. + > info + > You cannot add and remove the same alert tag in the same request. + operationId: SetAlertTags requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: type: object properties: - policy_id: - type: string + ids: + $ref: '#/components/schemas/Security_Detections_API_AlertIds' + tags: + $ref: '#/components/schemas/Security_Detections_API_SetAlertTags' required: - - policy_id + - ids + - tags + description: >- + An object containing tags to add or remove and alert ids the changes + will be applied required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: true + description: Elasticsearch update by query response type: object - description: OK + description: Successful response '400': - $ref: '#/components/responses/Fleet_error' - summary: Reassign agent - tags: - - Elastic Agents - put: - deprecated: true - operationId: reassign-agent-deprecated - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - policy_id: - type: string - required: - - policy_id - required: true - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Reassign agent + oneOf: + - $ref: >- + #/components/schemas/Security_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' + description: Internal server error response + summary: Add and remove detection alert tags tags: - - Elastic Agents - /api/fleet/agents/{agentId}/request_diagnostics: - parameters: - - in: path - name: agentId - required: true - schema: - type: string - post: - operationId: request-diagnostics-agent - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - additional_metrics: - items: - oneOf: - - enum: - - CPU - type: string - type: array + - Security Detections API + - Alerts API + /api/detection_engine/tags: + get: + description: List all unique tags from all detection rules. + operationId: ReadTags responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - actionId: - type: string - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Request agent diagnostics + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + description: Indicates a successful call + summary: List all detection rule tags tags: - - Elastic Agents - /api/fleet/agents/{agentId}/unenroll: - parameters: - - in: path - name: agentId - required: true - schema: - type: string + - Security Detections API + - Tags API + /api/endpoint_list: post: - operationId: unenroll-agent - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - force: - type: boolean - revoke: - type: boolean + description: >- + Create an endpoint exception list, which groups endpoint exception list + items. If an endpoint exception list already exists, an empty response + is returned. + operationId: CreateEndpointList responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - description: OK + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_EndpointList + description: Successful response '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - enum: - - 400 - type: number - description: BAD REQUEST - summary: Unenroll agent - tags: - - Elastic Agents - /api/fleet/agents/{agentId}/upgrade: - parameters: - - in: path - name: agentId - required: true - schema: - type: string - post: - operationId: upgrade-agent - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Fleet_upgrade_agent' - required: true - responses: - '200': + oneOf: + - $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Fleet_upgrade_agent' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Upgrade agent - tags: - - Elastic Agents - /api/fleet/agents/{agentId}/uploads: - get: - operationId: list-agent-uploads - responses: - '200': + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - body: - type: object - properties: - item: - items: - $ref: '#/components/schemas/Fleet_agent_diagnostics' - type: array - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: List agent uploads + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Create an endpoint exception list tags: - - Elastic Agents - parameters: - - in: path - name: agentId - required: true - schema: - type: string - /api/fleet/agents/action_status: - get: - operationId: agents-action-status + - Security Endpoint Exceptions API + /api/endpoint_list/items: + delete: + description: >- + Delete an endpoint exception list item using the `id` or `item_id` + field. + operationId: DeleteEndpointListItem parameters: - - $ref: '#/components/parameters/Fleet_page_size' - - $ref: '#/components/parameters/Fleet_page_index' - - in: query - name: errorSize + - description: Either `id` or `item_id` must be specified + in: query + name: id + required: false schema: - default: 5 - type: integer + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemId + - description: Either `id` or `item_id` must be specified + in: query + name: item_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemHumanId responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - items: - items: - type: object - properties: - actionId: - type: string - cancellationTime: - type: string - completionTime: - type: string - creationTime: - description: creation time of action - type: string - expiration: - type: string - latestErrors: - description: >- - latest errors that happened when the agents executed - the action - items: - type: object - properties: - agentId: - type: string - error: - type: string - timestamp: - type: string - type: array - nbAgentsAck: - description: number of agents that acknowledged the action - type: number - nbAgentsActionCreated: - description: number of agents included in action from kibana - type: number - nbAgentsActioned: - description: number of agents actioned - type: number - nbAgentsFailed: - description: number of agents that failed to execute the action - type: number - newPolicyId: - description: new policy id (POLICY_REASSIGN action) - type: string - policyId: - description: policy id (POLICY_CHANGE action) - type: string - revision: - description: new policy revision (POLICY_CHANGE action) - type: string - startTime: - description: start time of action (scheduled actions) - type: string - status: - enum: - - COMPLETE - - EXPIRED - - CANCELLED - - FAILED - - IN_PROGRESS - - ROLLOUT_PASSED - type: string - type: - enum: - - POLICY_REASSIGN - - UPGRADE - - UNENROLL - - FORCE_UNENROLL - - UPDATE_TAGS - - CANCEL - - REQUEST_DIAGNOSTICS - - SETTINGS - - POLICY_CHANGE - - INPUT_ACTION - type: string - version: - description: agent version number (UPGRADE action) - type: string - required: - - actionId - - complete - - nbAgentsActioned - - nbAgentsActionCreated - - nbAgentsAck - - nbAgentsFailed - - status - - creationTime - - type - type: array - required: - - items - description: OK + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_EndpointListItem + description: Successful response '400': - $ref: '#/components/responses/Fleet_error' - summary: Get agent action status - tags: - - Elastic Agent actions - /api/fleet/agents/actions/{actionId}/cancel: - parameters: - - in: path - name: actionId - required: true - schema: - type: string - post: - operationId: agent-action-cancel - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_agent_action' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Cancel agent action + oneOf: + - $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse + description: Endpoint list item not found + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Delete an endpoint exception list item tags: - - Elastic Agent actions - /api/fleet/agents/bulk_reassign: - post: - operationId: bulk-reassign-agents + - Security Endpoint Exceptions API + get: + description: >- + Get the details of an endpoint exception list item using the `id` or + `item_id` field. + operationId: ReadEndpointListItem parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - example: - agents: 'fleet-agents.policy_id : ("policy1" or "policy2")' - policy_id: policy_id - schema: - type: object - properties: - agents: - oneOf: - - description: KQL query string, leave empty to action all agents - type: string - - description: list of agent IDs - items: - type: string - type: array - policy_id: - description: new agent policy id - type: string - required: - - policy_id - - agents + - description: Either `id` or `item_id` must be specified + in: query + name: id + required: false + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemId + - description: Either `id` or `item_id` must be specified + in: query + name: item_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemHumanId responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - actionId: - type: string - description: OK + items: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_EndpointListItem + type: array + description: Successful response '400': - $ref: '#/components/responses/Fleet_error' - summary: Bulk reassign agents + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse + description: Endpoint list item not found + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Get an endpoint exception list item tags: - - Elastic Agents - /api/fleet/agents/bulk_request_diagnostics: + - Security Endpoint Exceptions API post: - operationId: bulk-request-diagnostics - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + description: >- + Create an endpoint exception list item, and associate it with the + endpoint exception list. + operationId: CreateEndpointListItem requestBody: content: application/json; Elastic-Api-Version=2023-10-31: - example: - agents: 'fleet-agents.policy_id : ("policy1" or "policy2")' schema: type: object properties: - additional_metrics: - items: - oneOf: - - enum: - - CPU - type: string - type: array - agents: - oneOf: - - description: KQL query string, leave empty to action all agents - type: string - - description: list of agent IDs - items: - type: string - type: array - batchSize: - type: number + comments: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemCommentArray + default: [] + description: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryArray + item_id: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemHumanId + meta: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemName + os_types: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemTags + default: [] + type: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemType required: - - agents + - type + - name + - description + - entries + description: Exception list item's properties + required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - actionId: - type: string - description: OK + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_EndpointListItem + description: Successful response '400': - $ref: '#/components/responses/Fleet_error' - summary: Bulk request diagnostics from agents + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse + description: Endpoint list item already exists + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Create an endpoint exception list item tags: - - Elastic Agents - /api/fleet/agents/bulk_unenroll: - post: - operationId: bulk-unenroll-agents - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - Security Endpoint Exceptions API + put: + description: >- + Update an endpoint exception list item using the `id` or `item_id` + field. + operationId: UpdateEndpointListItem requestBody: content: application/json; Elastic-Api-Version=2023-10-31: - example: - agents: - - agent1 - - agent2 - force: false - revoke: true schema: type: object properties: - agents: - oneOf: - - description: KQL query string, leave empty to action all agents - type: string - - description: list of agent IDs - items: - type: string - type: array - force: - description: Unenrolls hosted agents too - type: boolean - includeInactive: - description: >- - When passing agents by KQL query, unenrolls inactive agents - too - type: boolean - revoke: - description: Revokes API keys of agents - type: boolean + _version: + type: string + comments: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemCommentArray + default: [] + description: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryArray + id: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemId + description: Either `id` or `item_id` must be specified + item_id: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemHumanId + description: Either `id` or `item_id` must be specified + meta: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemName + os_types: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemTags + type: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemType required: - - agents + - type + - name + - description + - entries + description: Exception list item's properties + required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - actionId: - type: string - description: OK + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_EndpointListItem + description: Successful response '400': - $ref: '#/components/responses/Fleet_error' - summary: Bulk unenroll agents + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse + description: Endpoint list item not found + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Update an endpoint exception list item tags: - - Elastic Agents - /api/fleet/agents/bulk_update_agent_tags: - post: - operationId: bulk-update-agent-tags + - Security Endpoint Exceptions API + /api/endpoint_list/items/_find: + get: + description: Get a list of all endpoint exception list items. + operationId: FindEndpointListItems parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - example: - agents: - - agent1 - - agent2 - tagsToAdd: - - newTag - tagsToRemove: - - existingTag - schema: - type: object - properties: - agents: - oneOf: - - description: KQL query string, leave empty to action all agents - type: string - - description: list of agent IDs - items: - type: string - type: array - batchSize: - type: number - tagsToAdd: - items: - type: string - type: array - tagsToRemove: - items: - type: string - type: array - required: - - agents + - description: > + Filters the returned results according to the value of the specified + field, + + using the `:` syntax. + in: query + name: filter + required: false + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_FindEndpointListItemsFilter + - description: The page number to return + in: query + name: page + required: false + schema: + minimum: 0 + type: integer + - description: The number of exception list items to return per page + in: query + name: per_page + required: false + schema: + minimum: 0 + type: integer + - description: Determines which field is used to sort the results + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString + - description: Determines the sort order, which can be `desc` or `asc` + in: query + name: sort_order + required: false + schema: + enum: + - desc + - asc + type: string responses: '200': content: @@ -7270,677 +7514,596 @@ paths: schema: type: object properties: - actionId: + data: + items: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_EndpointListItem + type: array + page: + minimum: 0 + type: integer + per_page: + minimum: 0 + type: integer + pit: type: string - description: OK + total: + minimum: 0 + type: integer + required: + - data + - page + - per_page + - total + description: Successful response '400': - $ref: '#/components/responses/Fleet_error' - summary: Bulk update agent tags + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse + description: Endpoint list not found + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Get endpoint exception list items tags: - - Elastic Agents - /api/fleet/agents/bulk_upgrade: - post: - operationId: bulk-upgrade-agents + - Security Endpoint Exceptions API + /api/endpoint/action: + get: + description: Get a list of all response actions. + operationId: EndpointGetActionsList parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - example: - agents: - - agent1 - - agent2 - rollout_duration_seconds: 3600 - source_uri: https://artifacts.elastic.co/downloads/beats/elastic-agent - start_time: '2022-08-03T14:00:00.000Z' - version: 8.4.0 - schema: - $ref: '#/components/schemas/Fleet_bulk_upgrade_agents' - required: true + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_GetEndpointActionListRouteQuery responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - actionId: - type: string + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_SuccessResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Bulk upgrade agents + summary: Get response actions tags: - - Elastic Agents - /api/fleet/agents/files/{fileId}: - delete: - operationId: delete-agent-upload-file + - Security Endpoint Management API + /api/endpoint/action_log/{agent_id}: + get: + deprecated: true + description: Get an action request log for the specified agent ID. + operationId: EndpointGetActionLog + parameters: + - in: path + name: agent_id + required: true + schema: + $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentId' + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_ActionLogRequestQuery responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - body: - type: object - properties: - deleted: - type: boolean - id: - type: string + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_SuccessResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete file uploaded by agent + summary: Get an action request log tags: - - Elastic Agents - parameters: - - in: path - name: fileId - required: true - schema: - type: string - /api/fleet/agents/files/{fileId}/{fileName}: + - Security Endpoint Management API + /api/endpoint/action_status: get: - operationId: get-agent-upload-file + description: Get the status of response actions for the specified agent IDs. + operationId: EndpointGetActionsStatus + parameters: + - in: query + name: query + required: true + schema: + type: object + properties: + agent_ids: + $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentIds' responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - body: - type: object - properties: - items: - type: object - properties: - body: {} - headers: {} + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_ActionStatusSuccessResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get file uploaded by agent + summary: Get response actions status tags: - - Elastic Agents - parameters: - - in: path - name: fileId - required: true - schema: - type: string - - in: path - name: fileName - required: true - schema: - type: string - /api/fleet/agents/setup: + - Security Endpoint Management API + /api/endpoint/action/{action_id}: get: - operationId: get-agents-setup-status + description: Get the details of a response action using the action ID. + operationId: EndpointGetActionsDetails + parameters: + - in: path + name: action_id + required: true + schema: + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Fleet_fleet_status_response' + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_SuccessResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get agent setup info + summary: Get action details tags: - - Elastic Agents - post: - operationId: setup-agents + - Security Endpoint Management API + /api/endpoint/action/{action_id}/file/{file_id}: + get: + description: Get information for the specified file using the file ID. + operationId: EndpointFileInfo parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - admin_password: - type: string - admin_username: - type: string - required: - - admin_username - - admin_password + - in: path + name: action_id + required: true + schema: + type: string + - in: path + name: file_id + required: true + schema: + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Fleet_fleet_setup_response' + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_SuccessResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Initiate agent setup + summary: Get file information tags: - - Elastic Agents - /api/fleet/agents/tags: + - Security Endpoint Management API + /api/endpoint/action/{action_id}/file/{file_id}/download: get: - operationId: get-agent-tags + description: Download a file from an endpoint. + operationId: EndpointFileDownload + parameters: + - in: path + name: action_id + required: true + schema: + type: string + - in: path + name: file_id + required: true + schema: + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Fleet_get_agent_tags_response' + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_SuccessResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: List agent tags + summary: Download a file tags: - - Elastic Agents - /api/fleet/data_streams: - get: - operationId: data-streams-list + - Security Endpoint Management API + /api/endpoint/action/execute: + post: + description: Run a shell command on an endpoint. + operationId: EndpointExecuteAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_ExecuteRouteRequestBody + required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - data_streams: - items: - $ref: '#/components/schemas/Fleet_data_stream' - type: array + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_SuccessResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: List data streams + summary: Run a command tags: - - Data streams - parameters: [] - /api/fleet/enrollment_api_keys: - get: - operationId: get-enrollment-api-keys - parameters: - - $ref: '#/components/parameters/Fleet_page_size' - - $ref: '#/components/parameters/Fleet_page_index' - - $ref: '#/components/parameters/Fleet_kuery' + - Security Endpoint Management API + /api/endpoint/action/get_file: + post: + description: Get a file from an endpoint. + operationId: EndpointGetFileAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_GetFileRouteRequestBody + required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - items: - items: - $ref: '#/components/schemas/Fleet_enrollment_api_key' - type: array - list: - deprecated: true - items: - $ref: '#/components/schemas/Fleet_enrollment_api_key' - type: array - page: - type: number - perPage: - type: number - total: - type: number - required: - - items - - page - - perPage - - total + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_SuccessResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: List enrollment API keys + summary: Get a file tags: - - Fleet enrollment API keys + - Security Endpoint Management API + /api/endpoint/action/isolate: post: - operationId: create-enrollment-api-keys - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + description: >- + Isolate an endpoint from the network. The endpoint remains isolated + until it's released. + operationId: EndpointIsolateAction requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - name: - description: The name of the enrollment API key. Must be unique. - type: string - policy_id: - description: >- - The ID of the agent policy the Elastic Agent will be - enrolled in. - type: string - required: - - policy_id + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_IsolateRouteRequestBody + required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - action: - enum: - - created - type: string - item: - $ref: '#/components/schemas/Fleet_enrollment_api_key' + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_SuccessResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Create enrollment API key + summary: Isolate an endpoint tags: - - Fleet enrollment API keys - /api/fleet/enrollment_api_keys/{keyId}: - delete: - operationId: delete-enrollment-api-key - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - Security Endpoint Management API + /api/endpoint/action/kill_process: + post: + description: Terminate a running process on an endpoint. + operationId: EndpointKillProcessAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_KillProcessRouteRequestBody + required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - action: - enum: - - deleted - type: string - required: - - action + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_SuccessResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Revoke enrollment API key by ID by marking it as inactive + summary: Terminate a process tags: - - Fleet enrollment API keys - get: - operationId: get-enrollment-api-key + - Security Endpoint Management API + /api/endpoint/action/running_procs: + post: + description: Get a list of all processes running on an endpoint. + operationId: EndpointGetProcessesAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_GetProcessesRouteRequestBody + required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_enrollment_api_key' - required: - - item + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_SuccessResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get enrollment API key by ID + summary: Get running processes tags: - - Fleet enrollment API keys - parameters: - - in: path - name: keyId + - Security Endpoint Management API + /api/endpoint/action/scan: + post: + description: Scan a specific file or directory on an endpoint for malware. + operationId: EndpointScanAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_ScanRouteRequestBody required: true - schema: - type: string - /api/fleet/enrollment-api-keys: - get: - deprecated: true - operationId: get-enrollment-api-keys-deprecated - parameters: [] responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - items: - items: - $ref: '#/components/schemas/Fleet_enrollment_api_key' - type: array - list: - deprecated: true - items: - $ref: '#/components/schemas/Fleet_enrollment_api_key' - type: array - page: - type: number - perPage: - type: number - total: - type: number - required: - - items - - page - - perPage - - total + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_SuccessResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: List enrollment API keys + summary: Scan a file or directory tags: - - Fleet enrollment API keys - post: - deprecated: true - operationId: create-enrollment-api-keys-deprecated - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - Security Endpoint Management API + /api/endpoint/action/state: + get: + description: >- + Get a response actions state, which reports whether encryption is + enabled. + operationId: EndpointGetActionsState responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - action: - enum: - - created - type: string - item: - $ref: '#/components/schemas/Fleet_enrollment_api_key' + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_ActionStateSuccessResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Create enrollment API key + summary: Get actions state tags: - - Fleet enrollment API keys - /api/fleet/enrollment-api-keys/{keyId}: - delete: - deprecated: true - operationId: delete-enrollment-api-key-deprecated - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - Security Endpoint Management API + /api/endpoint/action/suspend_process: + post: + description: Suspend a running process on an endpoint. + operationId: EndpointSuspendProcessAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_SuspendProcessRouteRequestBody + required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - action: - enum: - - deleted - type: string - required: - - action + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_SuccessResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete enrollment API key by ID + summary: Suspend a process tags: - - Fleet enrollment API keys - get: - deprecated: true - operationId: get-enrollment-api-key-deprecated + - Security Endpoint Management API + /api/endpoint/action/unisolate: + post: + description: Release an isolated endpoint, allowing it to rejoin a network. + operationId: EndpointUnisolateAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_UnisolateRouteRequestBody + required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_enrollment_api_key' - required: - - item + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_SuccessResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get enrollment API key by ID + summary: Release an isolated endpoint tags: - - Fleet enrollment API keys - parameters: - - in: path - name: keyId - required: true - schema: - type: string - /api/fleet/epm/bulk_assets: + - Security Endpoint Management API + /api/endpoint/action/upload: post: - operationId: bulk-get-assets + description: Upload a file to an endpoint. + operationId: EndpointUploadAction requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - assetIds: - description: list of items necessary to fetch assets - items: - type: object - properties: - id: - type: string - type: - type: string - type: array - required: - - assetIds + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_UploadRouteRequestBody + required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Fleet_get_bulk_assets_response' + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_SuccessResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Bulk get assets + summary: Upload a file tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/categories: + - Security Endpoint Management API + /api/endpoint/metadata: get: - operationId: get-package-categories + operationId: GetEndpointMetadataList + parameters: + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_ListRequestQuery responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Fleet_get_categories_response' + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_SuccessResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: List package categories + summary: Get a metadata list tags: - - Elastic Package Manager (EPM) - parameters: - - description: >- - Whether to include prerelease packages in categories count (e.g. beta, - rc, preview) - in: query - name: prerelease - schema: - default: false - type: boolean - - deprecated: true - in: query - name: experimental - schema: - default: false - type: boolean - - in: query - name: include_policy_templates - schema: - default: false - type: boolean - /api/fleet/epm/packages: + - Security Endpoint Management API + /api/endpoint/metadata/{id}: get: - operationId: list-all-packages + operationId: GetEndpointMetadata parameters: - - description: >- - Whether to exclude the install status of each package. Enabling this - option will opt in to caching for the response via `cache-control` - headers. If you don't need up-to-date installation info for a - package, and are querying for a list of available packages, - providing this flag can improve performance substantially. - in: query - name: excludeInstallStatus + - in: path + name: id + required: true schema: - default: false - type: boolean - - description: >- - Whether to return prerelease versions of packages (e.g. beta, rc, - preview) - in: query - name: prerelease - schema: - default: false - type: boolean - - deprecated: true - in: query - name: experimental - schema: - default: false - type: boolean + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get metadata + tags: + - Security Endpoint Management API + /api/endpoint/metadata/transforms: + get: + operationId: GetEndpointMetadataTransform + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get metadata transforms + tags: + - Security Endpoint Management API + /api/endpoint/policy_response: + get: + operationId: GetPolicyResponse + parameters: - in: query - name: category + name: query + required: true schema: - type: string + type: object + properties: + agentId: + $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentId' responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Fleet_get_packages_response' + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_SuccessResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: List packages + summary: Get a policy response tags: - - Elastic Package Manager (EPM) - post: - description: '' - operationId: install-package-by-upload + - Security Endpoint Management API + /api/endpoint/policy/summaries: + get: + deprecated: true + operationId: GetAgentPolicySummary parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - - description: avoid erroring out on unexpected mapping update errors - in: query - name: ignoreMappingUpdateErrors + - in: query + name: query + required: true schema: - default: false - type: boolean - - description: >- - Skip data stream rollover during index template mapping or settings - update - in: query - name: skipDataStreamRollover + type: object + properties: + package_name: + type: string + policy_id: + nullable: true + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get an agent policy summary + tags: + - Security Endpoint Management API + /api/endpoint/protection_updates_note/{package_policy_id}: + get: + operationId: GetProtectionUpdatesNote + parameters: + - in: path + name: package_policy_id + required: true schema: - default: false - type: boolean - requestBody: - content: - application/gzip; Elastic-Api-Version=2023-10-31: - schema: - format: binary - type: string - application/zip; Elastic-Api-Version=2023-10-31: - schema: - format: binary - type: string + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - _meta: - type: object - properties: - install_source: - enum: - - upload - - registry - - bundled - type: string - items: - items: - type: object - properties: - id: - type: string - type: - oneOf: - - $ref: >- - #/components/schemas/Fleet_kibana_saved_object_type - - $ref: >- - #/components/schemas/Fleet_elasticsearch_asset_type - required: - - id - - type - type: array - required: - - items + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_ProtectionUpdatesNoteResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - '429': - $ref: '#/components/responses/Fleet_error' - summary: Install by package by direct upload + summary: Get a protection updates note tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/packages/_bulk: + - Security Endpoint Management API post: - operationId: bulk-install-packages + operationId: CreateUpdateProtectionUpdatesNote parameters: - - description: >- - Whether to return prerelease versions of packages (e.g. beta, rc, - preview) - in: query - name: prerelease + - in: path + name: package_policy_id + required: true schema: - default: false - type: boolean + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: type: object properties: - force: - description: force install to ignore package verification errors - type: boolean - packages: - description: list of packages to install - items: - oneOf: - - description: package name - type: string - - type: object - properties: - name: - description: package name - type: string - version: - description: package version - type: string - type: array - required: - - packages + note: + type: string + required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Fleet_bulk_install_packages_response' + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_ProtectionUpdatesNoteResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Bulk install packages + summary: Create or update a protection updates note tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/packages/{pkgkey}: - delete: - deprecated: true - operationId: delete-package-deprecated + - Security Endpoint Management API + /api/endpoint/suggestions/{suggestion_type}: + post: + operationId: GetEndpointSuggestions parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - in: path - name: pkgkey + name: suggestion_type required: true schema: + enum: + - eventFilters type: string requestBody: content: @@ -7948,8 +8111,29 @@ paths: schema: type: object properties: - force: - type: boolean + field: + type: string + fieldMeta: {} + filters: {} + query: + type: string + required: + - parameters + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get suggestions + tags: + - Security Endpoint Management API + /api/entity_store/engines: + get: + operationId: ListEntityEngines responses: '200': content: @@ -7957,290 +8141,133 @@ paths: schema: type: object properties: - response: + count: + type: integer + engines: items: - type: object - properties: - id: - type: string - type: - oneOf: - - $ref: >- - #/components/schemas/Fleet_kibana_saved_object_type - - $ref: >- - #/components/schemas/Fleet_elasticsearch_asset_type - required: - - id - - type + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_EngineDescriptor type: array - required: - - response - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete ackage + description: Successful response + summary: List the Entity Engines tags: - - Elastic Package Manager (EPM) - get: - deprecated: true - operationId: get-package-deprecated + - Security Entity Analytics API + /api/entity_store/engines/{entityType}: + delete: + operationId: DeleteEntityEngine parameters: - - in: path - name: pkgkey + - description: The entity type of the engine (either 'user' or 'host'). + in: path + name: entityType required: true schema: - type: string - - description: >- - Whether to return prerelease versions of packages (e.g. beta, rc, - preview) + $ref: '#/components/schemas/Security_Entity_Analytics_API_EntityType' + - description: Control flag to also delete the entity data. in: query - name: prerelease + name: data + required: false schema: - default: false type: boolean responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - allOf: - - properties: - response: - $ref: '#/components/schemas/Fleet_package_info' - - properties: - savedObject: - type: string - status: - enum: - - installed - - installing - - install_failed - - not_installed - type: string - required: - - status - - savedObject type: object - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get package + properties: + deleted: + type: boolean + description: Successful response + summary: Delete the Entity Engine tags: - - Elastic Package Manager (EPM) - post: - deprecated: true - description: '' - operationId: install-package-deprecated + - Security Entity Analytics API + get: + operationId: GetEntityEngine parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - - in: path - name: pkgkey + - description: The entity type of the engine (either 'user' or 'host'). + in: path + name: entityType required: true schema: - type: string - - description: avoid erroring out on unexpected mapping update errors - in: query - name: ignoreMappingUpdateErrors - schema: - default: false - type: boolean - - description: >- - Skip data stream rollover during index template mapping or settings - update - in: query - name: skipDataStreamRollover - schema: - default: false - type: boolean - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - force: - type: boolean + $ref: '#/components/schemas/Security_Entity_Analytics_API_EntityType' responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - response: - items: - type: object - properties: - id: - type: string - type: - oneOf: - - $ref: >- - #/components/schemas/Fleet_kibana_saved_object_type - - $ref: >- - #/components/schemas/Fleet_elasticsearch_asset_type - required: - - id - - type - type: array - required: - - response - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Install package + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_EngineDescriptor + description: Successful response + summary: Get an Entity Engine tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/packages/{pkgName}/{pkgVersion}: - delete: - operationId: delete-package + - Security Entity Analytics API + /api/entity_store/engines/{entityType}/init: + post: + operationId: InitEntityEngine parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - - description: delete package even if policies used by agents - in: query - name: force + - description: The entity type of the engine (either 'user' or 'host'). + in: path + name: entityType + required: true schema: - type: boolean + $ref: '#/components/schemas/Security_Entity_Analytics_API_EntityType' requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: - deprecated: true type: object properties: - force: - type: boolean + filter: + type: string + indexPattern: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_IndexPattern + description: Schema for the engine initialization + required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - items: - items: - type: object - properties: - id: - type: string - type: - oneOf: - - $ref: >- - #/components/schemas/Fleet_kibana_saved_object_type - - $ref: >- - #/components/schemas/Fleet_elasticsearch_asset_type - required: - - id - - type - type: array - required: - - items - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete package + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_EngineDescriptor + description: Successful response + summary: Initialize an Entity Engine tags: - - Elastic Package Manager (EPM) - get: - operationId: get-package + - Security Entity Analytics API + /api/entity_store/engines/{entityType}/start: + post: + operationId: StartEntityEngine + parameters: + - description: The entity type of the engine (either 'user' or 'host'). + in: path + name: entityType + required: true + schema: + $ref: '#/components/schemas/Security_Entity_Analytics_API_EntityType' responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - allOf: - - properties: - item: - $ref: '#/components/schemas/Fleet_package_info' - - properties: - keepPoliciesUpToDate: - type: boolean - latestVersion: - type: string - licensePath: - type: string - notice: - type: string - savedObject: - deprecated: true - type: object - status: - enum: - - installed - - installing - - install_failed - - not_installed - type: string - required: - - status - - savedObject type: object - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get package + properties: + started: + type: boolean + description: Successful response + summary: Start an Entity Engine tags: - - Elastic Package Manager (EPM) - parameters: - - in: path - name: pkgName - required: true - schema: - type: string - - in: path - name: pkgVersion - required: true - schema: - type: string - - description: Ignore if the package is fails signature verification - in: query - name: ignoreUnverified - schema: - type: boolean - - description: >- - Return all fields from the package manifest, not just those supported - by the Elastic Package Registry - in: query - name: full - schema: - type: boolean - - description: >- - Whether to return prerelease versions of packages (e.g. beta, rc, - preview) - in: query - name: prerelease - schema: - default: false - type: boolean + - Security Entity Analytics API + /api/entity_store/engines/{entityType}/stats: post: - description: '' - operationId: install-package + operationId: GetEntityEngineStats parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - - description: avoid erroring out on unexpected mapping update errors - in: query - name: ignoreMappingUpdateErrors - schema: - default: false - type: boolean - - description: >- - Skip data stream rollover during index template mapping or settings - update - in: query - name: skipDataStreamRollover + - description: The entity type of the engine (either 'user' or 'host'). + in: path + name: entityType + required: true schema: - default: false - type: boolean - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - force: - type: boolean - ignore_constraints: - type: boolean + $ref: '#/components/schemas/Security_Entity_Analytics_API_EntityType' responses: '200': content: @@ -8248,84 +8275,37 @@ paths: schema: type: object properties: - _meta: - type: object - properties: - install_source: - enum: - - registry - - upload - - bundled - type: string - items: + indexPattern: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_IndexPattern + indices: items: type: object - properties: - id: - type: string - type: - oneOf: - - $ref: >- - #/components/schemas/Fleet_kibana_saved_object_type - - $ref: >- - #/components/schemas/Fleet_elasticsearch_asset_type - required: - - id - - type type: array - required: - - items - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Install package - tags: - - Elastic Package Manager (EPM) - put: - description: '' - operationId: update-package - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - keepPoliciesUpToDate: - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - items: + status: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_EngineStatus + transforms: items: type: object - properties: - id: - type: string - type: - oneOf: - - $ref: >- - #/components/schemas/Fleet_kibana_saved_object_type - - $ref: >- - #/components/schemas/Fleet_elasticsearch_asset_type - required: - - id - - type type: array - required: - - items - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Update package settings + type: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_EntityType + description: Successful response + summary: Get Entity Engine stats tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/packages/{pkgName}/{pkgVersion}/{filePath}: - get: - operationId: packages-get-file + - Security Entity Analytics API + /api/entity_store/engines/{entityType}/stop: + post: + operationId: StopEntityEngine + parameters: + - description: The entity type of the engine (either 'user' or 'host'). + in: path + name: entityType + required: true + schema: + $ref: '#/components/schemas/Security_Entity_Analytics_API_EntityType' responses: '200': content: @@ -8333,71 +8313,56 @@ paths: schema: type: object properties: - body: - type: object - headers: - type: object - statusCode: - type: number - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get package file + stopped: + type: boolean + description: Successful response + summary: Stop an Entity Engine tags: - - Elastic Package Manager (EPM) - parameters: - - in: path - name: pkgName - required: true - schema: - type: string - - in: path - name: pkgVersion - required: true - schema: - type: string - - in: path - name: filePath - required: true - schema: - type: string - /api/fleet/epm/packages/{pkgName}/{pkgVersion}/transforms/authorize: - post: - description: '' - operationId: reauthorize-transforms + - Security Entity Analytics API + /api/entity_store/entities/list: + get: + description: List entities records, paging, sorting and filtering as needed. + operationId: ListEntities parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - - in: path - name: pkgName - required: true + - in: query + name: sort_field + required: false schema: type: string - - in: path - name: pkgVersion - required: true + - in: query + name: sort_order + required: false schema: + enum: + - asc + - desc type: string - - description: >- - Whether to include prerelease packages in categories count (e.g. - beta, rc, preview) + - in: query + name: page + required: false + schema: + minimum: 1 + type: integer + - in: query + name: per_page + required: false + schema: + maximum: 10000 + minimum: 1 + type: integer + - description: An ES query to filter by. in: query - name: prerelease + name: filterQuery + required: false schema: - default: false - type: boolean - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - transforms: - items: - type: object - properties: - transformId: - type: string - type: array + type: string + - in: query + name: entities_types + required: true + schema: + items: + $ref: '#/components/schemas/Security_Entity_Analytics_API_EntityType' + type: array responses: '200': content: @@ -8405,402 +8370,597 @@ paths: schema: type: object properties: - items: + inspect: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_InspectQuery + page: + minimum: 1 + type: integer + per_page: + maximum: 1000 + minimum: 1 + type: integer + records: items: - type: object - properties: - error: - type: string - success: - type: boolean - transformId: - type: string - required: - - transformId - - error + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_Entity type: array + total: + minimum: 0 + type: integer required: - - items - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Authorize transforms + - records + - page + - per_page + - total + description: Entities returned successfully + summary: List Entity Store Entities tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/packages/{pkgName}/stats: - get: - operationId: get-package-stats + - Security Entity Analytics API + /api/exception_lists: + delete: + description: Delete an exception list using the `id` or `list_id` field. + operationId: DeleteExceptionList + parameters: + - description: Either `id` or `list_id` must be specified + in: query + name: id + required: false + schema: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListId' + - description: Either `id` or `list_id` must be specified + in: query + name: list_id + required: false + schema: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListHumanId' + - in: query + name: namespace_type + required: false + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType + default: single responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - response: - $ref: '#/components/schemas/Fleet_package_usage_stats' - required: - - response - description: OK + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionList' + description: Successful response '400': - $ref: '#/components/responses/Fleet_error' - summary: Get package stats - tags: - - Elastic Package Manager (EPM) - parameters: - - in: path - name: pkgName - required: true - schema: - type: string - /api/fleet/epm/packages/limited: - get: - operationId: list-limited-packages - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - items: - items: - type: string - type: array - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get limited package list - tags: - - Elastic Package Manager (EPM) - parameters: [] - /api/fleet/epm/templates/{pkgName}/{pkgVersion}/inputs: - get: - operationId: get-inputs-template - responses: - '200': - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get inputs template - tags: - - Elastic Package Manager (EPM) - parameters: - - in: path - name: pkgName - required: true - schema: - type: string - - in: path - name: pkgVersion - required: true - schema: - type: string - - description: Format of response - json or yaml - in: query - name: format - schema: - enum: - - json - - yaml - - yml - type: string - - description: Specify if version is prerelease - in: query - name: prerelease - schema: - type: boolean - - description: Ignore if the package is fails signature verification - in: query - name: ignoreUnverified - schema: - type: boolean - /api/fleet/epm/verification_key_id: - get: - operationId: packages-get-verification-key-id - responses: - '200': + oneOf: + - $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - body: - type: object - properties: - id: - description: >- - the key ID of the GPG key used to verify package - signatures - nullable: true - type: string - headers: - type: object - statusCode: - type: number - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get package signature verification key ID + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Exception list not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Internal server error response + summary: Delete an exception list tags: - - Elastic Package Manager (EPM) - parameters: [] - /api/fleet/fleet_server_hosts: + - Security Exceptions API get: - operationId: get-fleet-server-hosts + description: Get the details of an exception list using the `id` or `list_id` field. + operationId: ReadExceptionList + parameters: + - description: Either `id` or `list_id` must be specified + in: query + name: id + required: false + schema: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListId' + - description: Either `id` or `list_id` must be specified + in: query + name: list_id + required: false + schema: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListHumanId' + - in: query + name: namespace_type + required: false + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType + default: single responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - items: - items: - $ref: '#/components/schemas/Fleet_fleet_server_host' - type: array - page: - type: integer - perPage: - type: integer - total: - type: integer - description: OK + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionList' + description: Successful response '400': - $ref: '#/components/responses/Fleet_error' - summary: List Fleet Server hosts + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Exception list item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Internal server error response + summary: Get exception list details tags: - - Fleet Server hosts + - Security Exceptions API post: - operationId: post-fleet-server-hosts + description: > + An exception list groups exception items and can be associated with + detection rules. You can assign detection rules with multiple exception + lists. + + > info + + > All exception items added to the same list are evaluated using `OR` + logic. That is, if any of the items in a list evaluate to `true`, the + exception prevents the rule from generating an alert. Likewise, `OR` + logic is used for evaluating exceptions when more than one exception + list is assigned to a rule. To use the `AND` operator, you can define + multiple clauses (`entries`) in a single exception item. + operationId: CreateExceptionList requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: type: object properties: - host_urls: - items: - type: string - type: array - id: - type: string - is_default: - type: boolean - is_internal: - type: boolean + description: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListDescription + list_id: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListMeta name: - type: string - proxy_id: - description: >- - The ID of the proxy to use for this fleet server host. See - the proxies API for more information. - type: string + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListName + namespace_type: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType + default: single + os_types: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListOsTypeArray + tags: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListTags + default: [] + type: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListType + version: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListVersion + default: 1 required: - name - - host_urls + - description + - type + description: Exception list's properties + required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_fleet_server_host' - description: OK + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionList' + description: Successful response '400': - $ref: '#/components/responses/Fleet_error' - summary: Create Fleet Server host - tags: - - Fleet Server hosts - /api/fleet/fleet_server_hosts/{itemId}: - delete: - operationId: delete-fleet-server-hosts - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - id: - type: string - required: - - id - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete Fleet Server host by ID - tags: - - Fleet Server hosts - get: - operationId: get-one-fleet-server-hosts - responses: - '200': + oneOf: + - $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_fleet_server_host' - required: - - item - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get Fleet Server host by ID - tags: - - Fleet Server hosts - parameters: - - in: path - name: itemId - required: true - schema: - type: string - put: - operationId: update-fleet-server-hosts - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - host_urls: - items: - type: string - type: array - is_default: - type: boolean - is_internal: - type: boolean - name: - type: string - proxy_id: - description: >- - The ID of the proxy to use for this fleet server host. See - the proxies API for more information. - nullable: true - type: string - responses: - '200': + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_fleet_server_host' - required: - - item - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Update Fleet Server host by ID + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Exception list already exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Internal server error response + summary: Create an exception list tags: - - Fleet Server hosts - /api/fleet/health_check: - post: - operationId: fleet-server-health-check - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - Security Exceptions API + put: + description: Update an exception list using the `id` or `list_id` field. + operationId: UpdateExceptionList requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: type: object properties: - host: - deprecated: true + _version: type: string + description: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListDescription id: - type: string + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListId' + list_id: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListMeta + name: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListName + namespace_type: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType + default: single + os_types: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListTags + type: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListType + version: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListVersion required: - - id + - name + - description + - type + description: Exception list's properties required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - host: - deprecated: true - type: string - id: - description: Fleet Server host id - type: string - status: - type: string - description: OK + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionList' + description: Successful response '400': - $ref: '#/components/responses/Fleet_error' - summary: Fleet Server health check + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Exception list not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Internal server error response + summary: Update an exception list tags: - - Fleet internals - /api/fleet/kubernetes: - get: - operationId: get-full-k8s-manifest + - Security Exceptions API + /api/exception_lists/_duplicate: + post: + description: Duplicate an existing exception list. + operationId: DuplicateExceptionList parameters: - - in: query - name: download - required: false + - description: Exception list's human identifier + in: query + name: list_id + required: true schema: - type: boolean + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListHumanId' - in: query - name: fleetServer - required: false + name: namespace_type + required: true schema: - type: string - - in: query - name: enrolToken - required: false + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType + - description: >- + Determines whether to include expired exceptions in the exported + list + in: query + name: include_expired_exceptions + required: true schema: + default: 'true' + enum: + - 'true' + - 'false' type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - item: - type: string - description: OK + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionList' + description: Successful response '400': - $ref: '#/components/responses/Fleet_error' - summary: Get full K8s agent manifest + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '405': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Exception list to duplicate not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Internal server error response + summary: Duplicate an exception list tags: - - Fleet Kubernetes - /api/fleet/logstash_api_keys: + - Security Exceptions API + /api/exception_lists/_export: post: - operationId: generate-logstash-api-key + description: Export an exception list and its associated items to an NDJSON file. + operationId: ExportExceptionList parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: Exception list's identifier + in: query + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListId' + - description: Exception list's human identifier + in: query + name: list_id + required: true + schema: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListHumanId' + - in: query + name: namespace_type + required: true + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType + - description: >- + Determines whether to include expired exceptions in the exported + list + in: query + name: include_expired_exceptions + required: true + schema: + default: 'true' + enum: + - 'true' + - 'false' + type: string responses: '200': content: - application/json; Elastic-Api-Version=2023-10-31: + application/ndjson; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - api_key: - type: string - description: OK + description: >- + A `.ndjson` file containing specified exception list and its + items + format: binary + type: string + description: Successful response '400': - $ref: '#/components/responses/Fleet_error' - summary: Generate Logstash API key + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Exception list not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Internal server error response + summary: Export an exception list tags: - - Fleet outputs - /api/fleet/outputs: + - Security Exceptions API + /api/exception_lists/_find: get: - operationId: get-outputs + description: Get a list of all exception lists. + operationId: FindExceptionLists + parameters: + - description: > + Filters the returned results according to the value of the specified + field. + + + Uses the `so type.field name:field` value syntax, where `so type` + can be: + + + - `exception-list`: Specify a space-aware exception list. + + - `exception-list-agnostic`: Specify an exception list that is + shared across spaces. + in: query + name: filter + required: false + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_FindExceptionListsFilter + - description: > + Determines whether the returned containers are Kibana associated + with a Kibana space + + or available in all spaces (`agnostic` or `single`) + in: query + name: namespace_type + required: false + schema: + default: + - single + items: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType + type: array + - description: The page number to return + in: query + name: page + required: false + schema: + minimum: 1 + type: integer + - description: The number of exception lists to return per page + in: query + name: per_page + required: false + schema: + minimum: 1 + type: integer + - description: Determines which field is used to sort the results + in: query + name: sort_field + required: false + schema: + type: string + - description: Determines the sort order, which can be `desc` or `asc` + in: query + name: sort_order + required: false + schema: + enum: + - desc + - asc + type: string responses: '200': content: @@ -8808,29 +8968,112 @@ paths: schema: type: object properties: - items: + data: items: - $ref: '#/components/schemas/Fleet_output_create_request' + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionList type: array page: + minimum: 1 type: integer - perPage: + per_page: + minimum: 1 type: integer total: + minimum: 0 type: integer - description: OK + required: + - data + - page + - per_page + - total + description: Successful response '400': - $ref: '#/components/responses/Fleet_error' - summary: List outputs + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Internal server error response + summary: Get exception lists tags: - - Fleet outputs + - Security Exceptions API + /api/exception_lists/_import: post: - operationId: post-outputs + description: Import an exception list and its associated items from an NDJSON file. + operationId: ImportExceptionList + parameters: + - description: > + Determines whether existing exception lists with the same `list_id` + are overwritten. + + If any exception items have the same `item_id`, those are also + overwritten. + in: query + name: overwrite + required: false + schema: + default: false + type: boolean + - in: query + name: overwrite_exceptions + required: false + schema: + default: false + type: boolean + - in: query + name: overwrite_action_connectors + required: false + schema: + default: false + type: boolean + - description: > + Determines whether the list being imported will have a new `list_id` + generated. + + Additional `item_id`'s are generated for each exception item. Both + the exception + + list and its items are overwritten. + in: query + name: as_new_list + required: false + schema: + default: false + type: boolean requestBody: content: - application/json; Elastic-Api-Version=2023-10-31: + multipart/form-data; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Fleet_output_create_request' + type: object + properties: + file: + description: A `.ndjson` file containing the exception list + format: binary + type: string required: true responses: '200': @@ -8839,227 +9082,503 @@ paths: schema: type: object properties: - item: - $ref: '#/components/schemas/Fleet_output_create_request' - description: OK + errors: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListsImportBulkErrorArray + success: + type: boolean + success_count: + minimum: 0 + type: integer + success_count_exception_list_items: + minimum: 0 + type: integer + success_count_exception_lists: + minimum: 0 + type: integer + success_exception_list_items: + type: boolean + success_exception_lists: + type: boolean + required: + - errors + - success + - success_count + - success_exception_lists + - success_count_exception_lists + - success_exception_list_items + - success_count_exception_list_items + description: Successful response '400': - $ref: '#/components/responses/Fleet_error' - summary: Create output - tags: - - Fleet outputs - /api/fleet/outputs/{outputId}: - delete: - operationId: delete-output - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - id: - type: string - required: - - id - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete output by ID - tags: - - Fleet outputs - get: - operationId: get-output - responses: - '200': + oneOf: + - $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_output_create_request' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get output by ID + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Internal server error response + summary: Import an exception list tags: - - Fleet outputs - parameters: - - in: path - name: outputId - required: true - schema: - type: string - put: - operationId: update-output + - Security Exceptions API + /api/exception_lists/items: + delete: + description: Delete an exception list item using the `id` or `item_id` field. + operationId: DeleteExceptionListItem parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Fleet_output_update_request' + - description: Either `id` or `item_id` must be specified + in: query + name: id + required: false + schema: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemId' + - description: Either `id` or `item_id` must be specified + in: query + name: item_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemHumanId + - in: query + name: namespace_type + required: false + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType + default: single responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_output_update_request' - description: OK + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItem' + description: Successful response '400': - $ref: '#/components/responses/Fleet_error' - summary: Update output by ID - tags: - - Fleet outputs - /api/fleet/outputs/{outputId}/health: - get: - operationId: get-output-health - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - message: - description: long message if unhealthy - type: string - state: - description: state of output, HEALTHY or DEGRADED - type: string - timestamp: - description: timestamp of reported state - type: string - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get latest output health + oneOf: + - $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Exception list item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Internal server error response + summary: Delete an exception list item tags: - - Fleet outputs - parameters: - - in: path - name: outputId - required: true - schema: - type: string - /api/fleet/package_policies: + - Security Exceptions API get: - operationId: get-package-policies + description: >- + Get the details of an exception list item using the `id` or `item_id` + field. + operationId: ReadExceptionListItem parameters: - - $ref: '#/components/parameters/Fleet_page_size' - - $ref: '#/components/parameters/Fleet_page_index' - - $ref: '#/components/parameters/Fleet_kuery' - - $ref: '#/components/parameters/Fleet_format' + - description: Either `id` or `item_id` must be specified + in: query + name: id + required: false + schema: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemId' + - description: Either `id` or `item_id` must be specified + in: query + name: item_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemHumanId + - in: query + name: namespace_type + required: false + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType + default: single responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - items: - items: - $ref: '#/components/schemas/Fleet_package_policy' - type: array - page: - type: number - perPage: - type: number - total: - type: number - required: - - items - description: OK + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItem' + description: Successful response '400': - $ref: '#/components/responses/Fleet_error' - summary: List package policies + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Exception list item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Internal server error response + summary: Get an exception list item tags: - - Fleet package policies - parameters: [] + - Security Exceptions API post: - operationId: create-package-policy - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - - $ref: '#/components/parameters/Fleet_format' + description: > + Create an exception item and associate it with the specified exception + list. + + > info + + > Before creating exception items, you must create an exception list. + operationId: CreateExceptionListItem requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Fleet_package_policy_request' - description: >- - You should use inputs as an object and not use the deprecated inputs - array. + type: object + properties: + comments: + $ref: >- + #/components/schemas/Security_Exceptions_API_CreateExceptionListItemCommentArray + default: [] + description: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryArray + expire_time: + format: date-time + type: string + item_id: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemHumanId + list_id: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemName + namespace_type: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType + default: single + os_types: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemTags + default: [] + type: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemType + required: + - list_id + - type + - name + - description + - entries + description: Exception list item's properties + required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_package_policy' - required: - - item - description: OK + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItem' + description: Successful response '400': - $ref: '#/components/responses/Fleet_error' + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response '409': - $ref: '#/components/responses/Fleet_error' - summary: Create package policy + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Exception list item already exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Internal server error response + summary: Create an exception list item tags: - - Fleet package policies - /api/fleet/package_policies/_bulk_get: - post: - operationId: bulk-get-package-policies - parameters: - - $ref: '#/components/parameters/Fleet_format' + - Security Exceptions API + put: + description: Update an exception list item using the `id` or `item_id` field. + operationId: UpdateExceptionListItem requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: type: object properties: - ids: - description: list of package policy ids - items: - type: string - type: array - ignoreMissing: - type: boolean + _version: + type: string + comments: + $ref: >- + #/components/schemas/Security_Exceptions_API_UpdateExceptionListItemCommentArray + default: [] + description: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryArray + expire_time: + format: date-time + type: string + id: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemId + description: Either `id` or `item_id` must be specified + item_id: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemHumanId + description: Either `id` or `item_id` must be specified + list_id: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemName + namespace_type: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType + default: single + os_types: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemTags + type: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemType required: - - ids + - type + - name + - description + - entries + description: Exception list item's properties + required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - items: - items: - $ref: '#/components/schemas/Fleet_package_policy' - type: array - required: - - items - description: OK + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItem' + description: Successful response '400': - $ref: '#/components/responses/Fleet_error' - summary: Bulk get package policies + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Exception list item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Internal server error response + summary: Update an exception list item tags: - - Fleet package policies - /api/fleet/package_policies/{packagePolicyId}: - delete: - operationId: delete-package-policy + - Security Exceptions API + /api/exception_lists/items/_find: + get: + description: Get a list of all exception list items in the specified list. + operationId: FindExceptionListItems parameters: + - description: List's id + in: query + name: list_id + required: true + schema: + items: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListHumanId + type: array + - description: > + Filters the returned results according to the value of the specified + field, + + using the `:` syntax. + in: query + name: filter + required: false + schema: + default: [] + items: + $ref: >- + #/components/schemas/Security_Exceptions_API_FindExceptionListItemsFilter + type: array + - description: > + Determines whether the returned containers are Kibana associated + with a Kibana space + + or available in all spaces (`agnostic` or `single`) + in: query + name: namespace_type + required: false + schema: + default: + - single + items: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType + type: array - in: query - name: force + name: search + required: false schema: - type: boolean + type: string + - description: The page number to return + in: query + name: page + required: false + schema: + minimum: 0 + type: integer + - description: The number of exception list items to return per page + in: query + name: per_page + required: false + schema: + minimum: 0 + type: integer + - description: Determines which field is used to sort the results + in: query + name: sort_field + required: false + schema: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' + - description: Determines the sort order, which can be `desc` or `asc` + in: query + name: sort_order + required: false + schema: + enum: + - desc + - asc + type: string responses: '200': content: @@ -9067,20 +9586,97 @@ paths: schema: type: object properties: - id: + data: + items: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItem + type: array + page: + minimum: 1 + type: integer + per_page: + minimum: 1 + type: integer + pit: type: string + total: + minimum: 0 + type: integer required: - - id - description: OK + - data + - page + - per_page + - total + description: Successful response '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete package policy by ID + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Exception list not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Internal server error response + summary: Get exception list items tags: - - Fleet package policies + - Security Exceptions API + /api/exception_lists/summary: get: - operationId: get-package-policy + description: Get a summary of the specified exception list. + operationId: ReadExceptionListSummary parameters: - - $ref: '#/components/parameters/Fleet_format' + - description: Exception list's identifier generated upon creation + in: query + name: id + required: false + schema: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListId' + - description: Exception list's human readable identifier + in: query + name: list_id + required: false + schema: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListHumanId' + - in: query + name: namespace_type + required: false + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType + default: single + - description: Search filter clause + in: query + name: filter + required: false + schema: + type: string responses: '200': content: @@ -9088,782 +9684,1884 @@ paths: schema: type: object properties: - item: - $ref: '#/components/schemas/Fleet_package_policy' - required: - - item - description: OK + linux: + minimum: 0 + type: integer + macos: + minimum: 0 + type: integer + total: + minimum: 0 + type: integer + windows: + minimum: 0 + type: integer + description: Successful response '400': - $ref: '#/components/responses/Fleet_error' - summary: Get package policy by ID - tags: - - Fleet package policies - parameters: - - in: path - name: packagePolicyId - required: true - schema: - type: string - put: - operationId: update-package-policy - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - - $ref: '#/components/parameters/Fleet_format' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Fleet_package_policy_request' - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_package_policy' - required: - - item - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Update package policy by ID - tags: - - Fleet package policies - /api/fleet/package_policies/delete: - post: - operationId: post-delete-package-policy - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - force: - type: boolean - packagePolicyIds: - items: - type: string - type: array - required: - - packagePolicyIds - responses: - '200': + oneOf: + - $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': content: application/json; Elastic-Api-Version=2023-10-31: schema: - items: - type: object - properties: - id: - type: string - name: - type: string - success: - type: boolean - required: - - id - - success - type: array - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete package policy + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Exception list not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Internal server error response + summary: Get an exception list summary tags: - - Fleet package policies - /api/fleet/package_policies/upgrade: + - Security Exceptions API + /api/exceptions/shared: post: - operationId: upgrade-package-policy + description: > + An exception list groups exception items and can be associated with + detection rules. A shared exception list can apply to multiple detection + rules. + + > info + + > All exception items added to the same list are evaluated using `OR` + logic. That is, if any of the items in a list evaluate to `true`, the + exception prevents the rule from generating an alert. Likewise, `OR` + logic is used for evaluating exceptions when more than one exception + list is assigned to a rule. To use the `AND` operator, you can define + multiple clauses (`entries`) in a single exception item. + operationId: CreateSharedExceptionList requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: type: object properties: - packagePolicyIds: - items: - type: string - type: array + description: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListDescription + name: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListName required: - - packagePolicyIds + - name + - description + required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - items: - type: object - properties: - id: - type: string - name: - type: string - success: - type: boolean - required: - - id - - success - type: array - description: OK + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionList' + description: Successful response '400': - $ref: '#/components/responses/Fleet_error' - '409': - $ref: '#/components/responses/Fleet_error' - summary: Upgrade package policy to a newer package version - tags: - - Fleet package policies - /api/fleet/package_policies/upgrade/dryrun: - post: - operationId: upgrade-package-policy-dry-run - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - packagePolicyIds: - items: - type: string - type: array - packageVersion: - type: string - required: - - packagePolicyIds - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - items: - type: object - properties: - agent_diff: - $ref: '#/components/schemas/Fleet_upgrade_agent_diff' - diff: - $ref: '#/components/schemas/Fleet_upgrade_diff' - hasErrors: - type: boolean - required: - - hasErrors - type: array - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Dry run package policy upgrade + oneOf: + - $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Exception list already exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Internal server error response + summary: Create a shared exception list tags: - - Fleet package policies - /api/fleet/proxies: + - Security Exceptions API + /api/fleet/agent_download_sources: get: - operationId: get-fleet-proxies + description: List agent binary download sources + operationId: '%2Fapi%2Ffleet%2Fagent_download_sources#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: items: items: - $ref: '#/components/schemas/Fleet_proxies' + additionalProperties: false + type: object + properties: + host: + format: uri + type: string + id: + type: string + is_default: + default: false + type: boolean + name: + type: string + proxy_id: + description: >- + The ID of the proxy to use for this download source. + See the proxies API for more information. + nullable: true + type: string + required: + - id + - name + - host type: array page: - type: integer + type: number perPage: - type: integer + type: number total: - type: integer - description: OK + type: number + required: + - items + - total + - page + - perPage '400': - $ref: '#/components/responses/Fleet_error' - summary: List proxies + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Fleet proxies + - Elastic Agent binary download sources post: - operationId: post-fleet-proxies + description: Create agent binary download source + operationId: '%2Fapi%2Ffleet%2Fagent_download_sources#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - certificate: - type: string - certificate_authorities: - type: string - certificate_key: + host: + format: uri type: string id: type: string + is_default: + default: false + type: boolean name: type: string - proxy_headers: - type: object - url: + proxy_id: + description: >- + The ID of the proxy to use for this download source. See the + proxies API for more information. + nullable: true type: string required: - name - - url + - host responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: item: - $ref: '#/components/schemas/Fleet_proxies' - description: OK + additionalProperties: false + type: object + properties: + host: + format: uri + type: string + id: + type: string + is_default: + default: false + type: boolean + name: + type: string + proxy_id: + description: >- + The ID of the proxy to use for this download source. + See the proxies API for more information. + nullable: true + type: string + required: + - id + - name + - host + required: + - item '400': - $ref: '#/components/responses/Fleet_error' - summary: Create proxy + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Fleet proxies - /api/fleet/proxies/{itemId}: + - Elastic Agent binary download sources + /api/fleet/agent_download_sources/{sourceId}: delete: - operationId: delete-fleet-proxies + description: Delete agent binary download source by ID + operationId: '%2Fapi%2Ffleet%2Fagent_download_sources%2F%7BsourceId%7D#2' parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: sourceId + required: true + schema: + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: id: type: string required: - id - description: OK '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete proxy by ID - tags: - - Fleet proxies - get: - operationId: get-one-fleet-proxies - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - item: - $ref: '#/components/schemas/Fleet_proxies' + error: + type: string + message: + type: string + statusCode: + type: number required: - - item - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get proxy by ID + - message + summary: '' tags: - - Fleet proxies - parameters: - - in: path - name: itemId - required: true - schema: - type: string - put: - operationId: update-fleet-proxies + - Elastic Agent binary download sources + get: + description: Get agent binary download source by ID + operationId: '%2Fapi%2Ffleet%2Fagent_download_sources%2F%7BsourceId%7D#0' parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - certificate: - type: string - certificate_authorities: - type: string - certificate_key: - type: string - name: - type: string - proxy_headers: - type: object - url: - type: string + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: sourceId + required: true + schema: + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: item: - $ref: '#/components/schemas/Fleet_proxies' - required: - - item - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Update proxy by ID - tags: - - Fleet proxies - /api/fleet/service_tokens: - post: - operationId: generate-service-token - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - name: - type: string - value: - type: string - description: OK + additionalProperties: false + type: object + properties: + host: + format: uri + type: string + id: + type: string + is_default: + default: false + type: boolean + name: + type: string + proxy_id: + description: >- + The ID of the proxy to use for this download source. + See the proxies API for more information. + nullable: true + type: string + required: + - id + - name + - host + required: + - item '400': - $ref: '#/components/responses/Fleet_error' - summary: Create service token - tags: - - Fleet service tokens - /api/fleet/service-tokens: - post: - deprecated: true - operationId: generate-service-token-deprecated - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - name: + error: type: string - value: + message: type: string - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Create service token - tags: - - Fleet service tokens - /api/fleet/settings: - get: - operationId: get-settings - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Fleet_fleet_settings_response' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get settings + statusCode: + type: number + required: + - message + summary: '' tags: - - Fleet internals + - Elastic Agent binary download sources put: - operationId: update-settings + description: Update agent binary download source by ID + operationId: '%2Fapi%2Ffleet%2Fagent_download_sources%2F%7BsourceId%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: sourceId + required: true + schema: + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - additional_yaml_config: + host: + format: uri type: string - fleet_server_hosts: - description: Protocol and path must be the same for each URL - items: - type: string - type: array - has_seen_add_data_notice: + id: + type: string + is_default: + default: false type: boolean + name: + type: string + proxy_id: + description: >- + The ID of the proxy to use for this download source. See the + proxies API for more information. + nullable: true + type: string + required: + - name + - host responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Fleet_fleet_settings_response' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Update settings - tags: - - Fleet internals - /api/fleet/setup: - post: - operationId: setup - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Fleet_fleet_setup_response' - description: OK + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + host: + format: uri + type: string + id: + type: string + is_default: + default: false + type: boolean + name: + type: string + proxy_id: + description: >- + The ID of the proxy to use for this download source. + See the proxies API for more information. + nullable: true + type: string + required: + - id + - name + - host + required: + - item '400': - $ref: '#/components/responses/Fleet_error' - '500': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: + error: + type: string message: type: string - description: Internal Server Error - summary: Initiate Fleet setup + statusCode: + type: number + required: + - message + summary: '' tags: - - Fleet internals - /api/fleet/uninstall_tokens: + - Elastic Agent binary download sources + /api/fleet/agent_policies: get: - operationId: get-uninstall-tokens + description: List agent policies + operationId: '%2Fapi%2Ffleet%2Fagent_policies#0' parameters: - - description: The number of items to return - in: query + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: page + required: false + schema: + type: number + - in: query name: perPage required: false schema: - default: 20 - minimum: 5 - type: integer - - $ref: '#/components/parameters/Fleet_page_index' - - description: Partial match filtering for policy IDs - in: query - name: policyId + type: number + - in: query + name: sortField + required: false + schema: + type: string + - in: query + name: sortOrder + required: false + schema: + enum: + - desc + - asc + type: string + - in: query + name: showUpgradeable + required: false + schema: + type: boolean + - in: query + name: kuery + required: false + schema: + type: string + - in: query + name: noAgentCount + required: false + schema: + type: boolean + - in: query + name: full + required: false + schema: + type: boolean + - in: query + name: format required: false schema: + enum: + - simplified + - legacy type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: items: items: + additionalProperties: false type: object properties: - created_at: + advanced_settings: + additionalProperties: false + type: object + properties: + agent_download_target_directory: + nullable: true + agent_download_timeout: + default: 2h + nullable: true + agent_limits_go_max_procs: + nullable: true + agent_logging_level: + default: info + nullable: true + agent_logging_metrics_period: + default: 30s + nullable: true + agent_features: + items: + additionalProperties: false + type: object + properties: + enabled: + type: boolean + name: + type: string + required: + - name + - enabled + type: array + agents: + type: number + data_output_id: + nullable: true type: string - id: + description: type: string - policy_id: + download_source_id: + nullable: true type: string - required: - - id - - policy_id - - created_at - type: array - page: - type: number - perPage: - type: number - total: - type: number - required: - - items - - total - - page - - perPage - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: List metadata for latest uninstall tokens per agent policy - tags: - - Fleet uninstall tokens - /api/fleet/uninstall_tokens/{uninstallTokenId}: - get: - operationId: get-uninstall-token - parameters: - - in: path - name: uninstallTokenId - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - item: - type: object - properties: - created_at: - type: string - id: - type: string - policy_id: - type: string - token: - type: string - required: - - id - - token - - policy_id - - created_at + fleet_server_host_id: + nullable: true + type: string + global_data_tags: + description: >- + User defined data tags that are added to all of the + inputs. The values can be strings or numbers. + items: + additionalProperties: false + type: object + properties: + name: + type: string + value: + anyOf: + - type: string + - type: number + required: + - name + - value + type: array + has_fleet_server: + type: boolean + id: + type: string + inactivity_timeout: + default: 1209600 + minimum: 0 + type: number + is_default: + type: boolean + is_default_fleet_server: + type: boolean + is_managed: + type: boolean + is_preconfigured: + type: boolean + is_protected: + description: >- + Indicates whether the agent policy has tamper + protection enabled. Default false. + type: boolean + keep_monitoring_alive: + default: false + description: >- + When set to true, monitoring will be enabled but + logs/metrics collection will be disabled + nullable: true + type: boolean + monitoring_diagnostics: + additionalProperties: false + type: object + properties: + limit: + additionalProperties: false + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + additionalProperties: false + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number + monitoring_enabled: + items: + enum: + - logs + - metrics + - traces + type: string + type: array + monitoring_http: + additionalProperties: false + type: object + properties: + buffer: + additionalProperties: false + type: object + properties: + enabled: + default: false + type: boolean + enabled: + type: boolean + host: + type: string + port: + maximum: 65353 + minimum: 0 + type: number + required: + - enabled + monitoring_output_id: + nullable: true + type: string + monitoring_pprof_enabled: + type: boolean + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + overrides: + additionalProperties: {} + description: >- + Override settings that are defined in the agent + policy. Input settings cannot be overridden. The + override option should be used only in unusual + circumstances and not as a routine procedure. + nullable: true + type: object + package_policies: + anyOf: + - items: + type: string + type: array + - description: >- + This field is present only when retrieving a + single agent policy, or when retrieving a list + of agent policies with the ?full=true parameter + items: + additionalProperties: false + type: object + properties: + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank + to inherit the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the + package policy. The override option should + be used only in unusual circumstances and + not as a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy + will be added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package + policy will be added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + updated_at: + type: string + updated_by: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + version: + type: string + required: + - name + - enabled + - inputs + - id + - revision + - updated_at + - updated_by + - created_at + - created_by + type: array + revision: + type: number + schema_version: + type: string + space_ids: + items: + type: string + type: array + status: + enum: + - active + - inactive + type: string + supports_agentless: + default: false + description: >- + Indicates whether the agent policy supports + agentless integrations. + nullable: true + type: boolean + unenroll_timeout: + minimum: 0 + type: number + unprivileged_agents: + type: number + updated_at: + type: string + updated_by: + type: string + version: + type: string + required: + - id + - name + - namespace + - is_managed + - is_protected + - status + - updated_at + - updated_by + - revision + type: array + page: + type: number + perPage: + type: number + total: + type: number required: - - item - description: OK + - items + - total + - page + - perPage '400': - $ref: '#/components/responses/Fleet_error' - summary: Get one decrypted uninstall token by its ID - tags: - - Fleet uninstall tokens - /api/ml/saved_objects/sync: - get: - description: > - Synchronizes Kibana saved objects for machine learning jobs and trained - models. This API runs automatically when you start Kibana and - periodically thereafter. - operationId: mlSync - parameters: - - $ref: '#/components/parameters/Machine_learning_APIs_simulateParam' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - syncExample: - $ref: '#/components/examples/Machine_learning_APIs_mlSyncExample' - schema: - $ref: '#/components/schemas/Machine_learning_APIs_mlSync200Response' - description: Indicates a successful call - '401': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Machine_learning_APIs_mlSync4xxResponse' - description: Authorization information is missing or invalid. - summary: Sync machine learning saved objects + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - ml - /api/saved_objects/_export: + - Elastic Agent policies post: - description: > - Retrieve sets of saved objects that you want to import into Kibana. - - You must include `type` or `objects` in the request body. - - - Exported saved objects are not backwards compatible and cannot be - imported into an older version of Kibana. - - - NOTE: The `savedObjects.maxImportExportSize` configuration setting - limits the number of saved objects which may be exported. - - - This functionality is in technical preview and may be changed or removed - in a future release. Elastic will work to fix any issues, but features - in technical preview are not subject to the support SLA of official GA - features. - operationId: exportSavedObjectsDefault + description: Create an agent policy + operationId: '%2Fapi%2Ffleet%2Fagent_policies#1' parameters: - - $ref: '#/components/parameters/Serverless_saved_objects_kbn_xsrf' + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: query + name: sys_monitoring + required: false + schema: + type: boolean requestBody: content: application/json; Elastic-Api-Version=2023-10-31: - examples: - exportSavedObjectsRequest: - $ref: >- - #/components/examples/Serverless_saved_objects_export_objects_request schema: + additionalProperties: false type: object properties: - excludeExportDetails: - default: false - description: Do not add export details entry at the end of the stream. + advanced_settings: + additionalProperties: false + type: object + properties: + agent_download_target_directory: + nullable: true + agent_download_timeout: + default: 2h + nullable: true + agent_limits_go_max_procs: + nullable: true + agent_logging_level: + default: info + nullable: true + agent_logging_metrics_period: + default: 30s + nullable: true + agent_features: + items: + additionalProperties: false + type: object + properties: + enabled: + type: boolean + name: + type: string + required: + - name + - enabled + type: array + data_output_id: + nullable: true + type: string + description: + type: string + download_source_id: + nullable: true + type: string + fleet_server_host_id: + nullable: true + type: string + force: type: boolean - includeReferencesDeep: + global_data_tags: description: >- - Includes all of the referenced objects in the exported - objects. - type: boolean - objects: - description: A list of objects to export. + User defined data tags that are added to all of the inputs. + The values can be strings or numbers. items: + additionalProperties: false type: object + properties: + name: + type: string + value: + anyOf: + - type: string + - type: number + required: + - name + - value type: array - type: + has_fleet_server: + type: boolean + id: + type: string + inactivity_timeout: + default: 1209600 + minimum: 0 + type: number + is_default: + type: boolean + is_default_fleet_server: + type: boolean + is_managed: + type: boolean + is_protected: + type: boolean + keep_monitoring_alive: + default: false description: >- - The saved object types to include in the export. Use `*` to - export all the types. - oneOf: - - type: string - - items: - type: string - type: array - required: true - responses: - '200': - content: - application/x-ndjson; Elastic-Api-Version=2023-10-31: - examples: - exportSavedObjectsResponse: - $ref: >- - #/components/examples/Serverless_saved_objects_export_objects_response - schema: - additionalProperties: true - type: object - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Serverless_saved_objects_400_response' - description: Bad request. - summary: Export saved objects - tags: - - saved objects - /api/saved_objects/_import: - post: - description: > - Create sets of Kibana saved objects from a file created by the export - API. - - Saved objects can be imported only into the same version, a newer minor - on the same major, or the next major. Exported saved objects are not - backwards compatible and cannot be imported into an older version of - Kibana. - - - This functionality is in technical preview and may be changed or removed - in a future release. Elastic will work to fix any issues, but features - in technical preview are not subject to the support SLA of official GA - features. - operationId: importSavedObjectsDefault - parameters: - - $ref: '#/components/parameters/Serverless_saved_objects_kbn_xsrf' - - description: > - Creates copies of saved objects, regenerates each object ID, and - resets the origin. When used, potential conflict errors are avoided. - NOTE: This option cannot be used with the `overwrite` and - `compatibilityMode` options. - in: query - name: createNewCopies - required: false - schema: - type: boolean - - description: > - Overwrites saved objects when they already exist. When used, - potential conflict errors are automatically resolved by overwriting - the destination object. NOTE: This option cannot be used with the - `createNewCopies` option. - in: query - name: overwrite - required: false - schema: - type: boolean - - description: > - Applies various adjustments to the saved objects that are being - imported to maintain compatibility between different Kibana - versions. Use this option only if you encounter issues with imported - saved objects. NOTE: This option cannot be used with the - `createNewCopies` option. - in: query - name: compatibilityMode - required: false - schema: - type: boolean - requestBody: - content: - multipart/form-data; Elastic-Api-Version=2023-10-31: - examples: - importObjectsRequest: - $ref: >- - #/components/examples/Serverless_saved_objects_import_objects_request - schema: - type: object - properties: - file: - description: > - A file exported using the export API. NOTE: The - `savedObjects.maxImportExportSize` configuration setting - limits the number of saved objects which may be included in - this file. Similarly, the - `savedObjects.maxImportPayloadBytes` setting limits the - overall size of the file that can be imported. - required: true + When set to true, monitoring will be enabled but + logs/metrics collection will be disabled + nullable: true + type: boolean + monitoring_diagnostics: + additionalProperties: false + type: object + properties: + limit: + additionalProperties: false + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + additionalProperties: false + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number + monitoring_enabled: + items: + enum: + - logs + - metrics + - traces + type: string + type: array + monitoring_http: + additionalProperties: false + type: object + properties: + buffer: + additionalProperties: false + type: object + properties: + enabled: + default: false + type: boolean + enabled: + type: boolean + host: + type: string + port: + maximum: 65353 + minimum: 0 + type: number + required: + - enabled + monitoring_output_id: + nullable: true + type: string + monitoring_pprof_enabled: + type: boolean + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + overrides: + additionalProperties: {} + description: >- + Override settings that are defined in the agent policy. + Input settings cannot be overridden. The override option + should be used only in unusual circumstances and not as a + routine procedure. + nullable: true + type: object + space_ids: + items: + type: string + type: array + supports_agentless: + default: false + description: >- + Indicates whether the agent policy supports agentless + integrations. + nullable: true + type: boolean + unenroll_timeout: + minimum: 0 + type: number + required: + - name + - namespace responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: - examples: - importObjectsResponse: - $ref: >- - #/components/examples/Serverless_saved_objects_import_objects_response schema: + additionalProperties: false type: object properties: - errors: - description: > - Indicates the import was unsuccessful and specifies the - objects that failed to import. - - - NOTE: One object may result in multiple errors, which - requires separate steps to resolve. For instance, a - `missing_references` error and conflict error. - items: - type: object - type: array - success: - description: > - Indicates when the import was successfully completed. When - set to false, some objects may not have been created. For - additional information, refer to the `errors` and - `successResults` properties. - type: boolean - successCount: - description: Indicates the number of successfully imported records. - type: integer - successResults: - description: > - Indicates the objects that are successfully imported, with - any metadata if applicable. - - - NOTE: Objects are created only when all resolvable errors - are addressed, including conflicts and missing references. - If objects are created as new copies, each entry in the - `successResults` array includes a `destinationId` - attribute. - items: - type: object - type: array - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Serverless_saved_objects_400_response' - description: Bad request. - summary: Import saved objects - tags: - - saved objects - x-codeSamples: - - label: Import with createNewCopies - lang: cURL - source: | - curl \ - -X POST api/saved_objects/_import?createNewCopies=true - -H "kbn-xsrf: true" - --form file=@file.ndjson - /api/spaces/space: - get: - description: Get all spaces - operationId: '%2Fapi%2Fspaces%2Fspace#0' + item: + additionalProperties: false + type: object + properties: + advanced_settings: + additionalProperties: false + type: object + properties: + agent_download_target_directory: + nullable: true + agent_download_timeout: + default: 2h + nullable: true + agent_limits_go_max_procs: + nullable: true + agent_logging_level: + default: info + nullable: true + agent_logging_metrics_period: + default: 30s + nullable: true + agent_features: + items: + additionalProperties: false + type: object + properties: + enabled: + type: boolean + name: + type: string + required: + - name + - enabled + type: array + agents: + type: number + data_output_id: + nullable: true + type: string + description: + type: string + download_source_id: + nullable: true + type: string + fleet_server_host_id: + nullable: true + type: string + global_data_tags: + description: >- + User defined data tags that are added to all of the + inputs. The values can be strings or numbers. + items: + additionalProperties: false + type: object + properties: + name: + type: string + value: + anyOf: + - type: string + - type: number + required: + - name + - value + type: array + has_fleet_server: + type: boolean + id: + type: string + inactivity_timeout: + default: 1209600 + minimum: 0 + type: number + is_default: + type: boolean + is_default_fleet_server: + type: boolean + is_managed: + type: boolean + is_preconfigured: + type: boolean + is_protected: + description: >- + Indicates whether the agent policy has tamper + protection enabled. Default false. + type: boolean + keep_monitoring_alive: + default: false + description: >- + When set to true, monitoring will be enabled but + logs/metrics collection will be disabled + nullable: true + type: boolean + monitoring_diagnostics: + additionalProperties: false + type: object + properties: + limit: + additionalProperties: false + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + additionalProperties: false + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number + monitoring_enabled: + items: + enum: + - logs + - metrics + - traces + type: string + type: array + monitoring_http: + additionalProperties: false + type: object + properties: + buffer: + additionalProperties: false + type: object + properties: + enabled: + default: false + type: boolean + enabled: + type: boolean + host: + type: string + port: + maximum: 65353 + minimum: 0 + type: number + required: + - enabled + monitoring_output_id: + nullable: true + type: string + monitoring_pprof_enabled: + type: boolean + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + overrides: + additionalProperties: {} + description: >- + Override settings that are defined in the agent + policy. Input settings cannot be overridden. The + override option should be used only in unusual + circumstances and not as a routine procedure. + nullable: true + type: object + package_policies: + anyOf: + - items: + type: string + type: array + - description: >- + This field is present only when retrieving a + single agent policy, or when retrieving a list of + agent policies with the ?full=true parameter + items: + additionalProperties: false + type: object + properties: + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to + inherit the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the + package policy. The override option should + be used only in unusual circumstances and + not as a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy + will be added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy + will be added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + updated_at: + type: string + updated_by: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + version: + type: string + required: + - name + - enabled + - inputs + - id + - revision + - updated_at + - updated_by + - created_at + - created_by + type: array + revision: + type: number + schema_version: + type: string + space_ids: + items: + type: string + type: array + status: + enum: + - active + - inactive + type: string + supports_agentless: + default: false + description: >- + Indicates whether the agent policy supports agentless + integrations. + nullable: true + type: boolean + unenroll_timeout: + minimum: 0 + type: number + unprivileged_agents: + type: number + updated_at: + type: string + updated_by: + type: string + version: + type: string + required: + - id + - name + - namespace + - is_managed + - is_protected + - status + - updated_at + - updated_by + - revision + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agent policies + /api/fleet/agent_policies/_bulk_get: + post: + description: Bulk get agent policies + operationId: '%2Fapi%2Ffleet%2Fagent_policies%2F_bulk_get#0' parameters: - description: The version of the API to use in: header @@ -9873,56 +11571,20 @@ paths: enum: - '2023-10-31' type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string - in: query - name: purpose + name: format required: false schema: enum: - - any - - copySavedObjectsIntoSpace - - shareSavedObjectsIntoSpace - type: string - - in: query - name: include_authorized_purposes - required: true - schema: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - enum: - - false - type: boolean - x-oas-optional: true - - type: boolean - x-oas-optional: true - responses: {} - summary: '' - tags: - - spaces - post: - description: Create a space - operationId: '%2Fapi%2Fspaces%2Fspace#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' + - simplified + - legacy type: string requestBody: content: @@ -9931,38 +11593,555 @@ paths: additionalProperties: false type: object properties: - _reserved: + full: + description: get full policies with package policies populated type: boolean - color: - type: string - description: - type: string - disabledFeatures: - default: [] + ids: + description: list of package policy ids items: type: string type: array - id: - type: string - imageUrl: - type: string - initials: - maxLength: 2 - type: string - name: - minLength: 1 - type: string + ignoreMissing: + type: boolean required: - - id - - name - responses: {} + - ids + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + advanced_settings: + additionalProperties: false + type: object + properties: + agent_download_target_directory: + nullable: true + agent_download_timeout: + default: 2h + nullable: true + agent_limits_go_max_procs: + nullable: true + agent_logging_level: + default: info + nullable: true + agent_logging_metrics_period: + default: 30s + nullable: true + agent_features: + items: + additionalProperties: false + type: object + properties: + enabled: + type: boolean + name: + type: string + required: + - name + - enabled + type: array + agents: + type: number + data_output_id: + nullable: true + type: string + description: + type: string + download_source_id: + nullable: true + type: string + fleet_server_host_id: + nullable: true + type: string + global_data_tags: + description: >- + User defined data tags that are added to all of the + inputs. The values can be strings or numbers. + items: + additionalProperties: false + type: object + properties: + name: + type: string + value: + anyOf: + - type: string + - type: number + required: + - name + - value + type: array + has_fleet_server: + type: boolean + id: + type: string + inactivity_timeout: + default: 1209600 + minimum: 0 + type: number + is_default: + type: boolean + is_default_fleet_server: + type: boolean + is_managed: + type: boolean + is_preconfigured: + type: boolean + is_protected: + description: >- + Indicates whether the agent policy has tamper + protection enabled. Default false. + type: boolean + keep_monitoring_alive: + default: false + description: >- + When set to true, monitoring will be enabled but + logs/metrics collection will be disabled + nullable: true + type: boolean + monitoring_diagnostics: + additionalProperties: false + type: object + properties: + limit: + additionalProperties: false + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + additionalProperties: false + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number + monitoring_enabled: + items: + enum: + - logs + - metrics + - traces + type: string + type: array + monitoring_http: + additionalProperties: false + type: object + properties: + buffer: + additionalProperties: false + type: object + properties: + enabled: + default: false + type: boolean + enabled: + type: boolean + host: + type: string + port: + maximum: 65353 + minimum: 0 + type: number + required: + - enabled + monitoring_output_id: + nullable: true + type: string + monitoring_pprof_enabled: + type: boolean + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + overrides: + additionalProperties: {} + description: >- + Override settings that are defined in the agent + policy. Input settings cannot be overridden. The + override option should be used only in unusual + circumstances and not as a routine procedure. + nullable: true + type: object + package_policies: + anyOf: + - items: + type: string + type: array + - description: >- + This field is present only when retrieving a + single agent policy, or when retrieving a list + of agent policies with the ?full=true parameter + items: + additionalProperties: false + type: object + properties: + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank + to inherit the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the + package policy. The override option should + be used only in unusual circumstances and + not as a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy + will be added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package + policy will be added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + updated_at: + type: string + updated_by: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + version: + type: string + required: + - name + - enabled + - inputs + - id + - revision + - updated_at + - updated_by + - created_at + - created_by + type: array + revision: + type: number + schema_version: + type: string + space_ids: + items: + type: string + type: array + status: + enum: + - active + - inactive + type: string + supports_agentless: + default: false + description: >- + Indicates whether the agent policy supports + agentless integrations. + nullable: true + type: boolean + unenroll_timeout: + minimum: 0 + type: number + unprivileged_agents: + type: number + updated_at: + type: string + updated_by: + type: string + version: + type: string + required: + - id + - name + - namespace + - is_managed + - is_protected + - status + - updated_at + - updated_by + - revision + type: array + required: + - items + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message summary: '' tags: - - spaces - /api/spaces/space/{id}: - delete: - description: Delete a space - operationId: '%2Fapi%2Fspaces%2Fspace%2F%7Bid%7D#2' + - Elastic Agent policies + /api/fleet/agent_policies/{agentPolicyId}: + get: + description: Get an agent policy by ID + operationId: '%2Fapi%2Ffleet%2Fagent_policies%2F%7BagentPolicyId%7D#0' parameters: - description: The version of the API to use in: header @@ -9972,46 +12151,553 @@ paths: enum: - '2023-10-31' type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf + - in: path + name: agentPolicyId required: true schema: - example: 'true' type: string - - in: path - name: id - required: true - schema: - type: string - responses: {} - summary: '' - tags: - - spaces - get: - description: Get a space - operationId: '%2Fapi%2Fspaces%2Fspace%2F%7Bid%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version + - in: query + name: format + required: false schema: - default: '2023-10-31' enum: - - '2023-10-31' - type: string - - in: path - name: id - required: true - schema: + - simplified + - legacy type: string - responses: {} + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + advanced_settings: + additionalProperties: false + type: object + properties: + agent_download_target_directory: + nullable: true + agent_download_timeout: + default: 2h + nullable: true + agent_limits_go_max_procs: + nullable: true + agent_logging_level: + default: info + nullable: true + agent_logging_metrics_period: + default: 30s + nullable: true + agent_features: + items: + additionalProperties: false + type: object + properties: + enabled: + type: boolean + name: + type: string + required: + - name + - enabled + type: array + agents: + type: number + data_output_id: + nullable: true + type: string + description: + type: string + download_source_id: + nullable: true + type: string + fleet_server_host_id: + nullable: true + type: string + global_data_tags: + description: >- + User defined data tags that are added to all of the + inputs. The values can be strings or numbers. + items: + additionalProperties: false + type: object + properties: + name: + type: string + value: + anyOf: + - type: string + - type: number + required: + - name + - value + type: array + has_fleet_server: + type: boolean + id: + type: string + inactivity_timeout: + default: 1209600 + minimum: 0 + type: number + is_default: + type: boolean + is_default_fleet_server: + type: boolean + is_managed: + type: boolean + is_preconfigured: + type: boolean + is_protected: + description: >- + Indicates whether the agent policy has tamper + protection enabled. Default false. + type: boolean + keep_monitoring_alive: + default: false + description: >- + When set to true, monitoring will be enabled but + logs/metrics collection will be disabled + nullable: true + type: boolean + monitoring_diagnostics: + additionalProperties: false + type: object + properties: + limit: + additionalProperties: false + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + additionalProperties: false + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number + monitoring_enabled: + items: + enum: + - logs + - metrics + - traces + type: string + type: array + monitoring_http: + additionalProperties: false + type: object + properties: + buffer: + additionalProperties: false + type: object + properties: + enabled: + default: false + type: boolean + enabled: + type: boolean + host: + type: string + port: + maximum: 65353 + minimum: 0 + type: number + required: + - enabled + monitoring_output_id: + nullable: true + type: string + monitoring_pprof_enabled: + type: boolean + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + overrides: + additionalProperties: {} + description: >- + Override settings that are defined in the agent + policy. Input settings cannot be overridden. The + override option should be used only in unusual + circumstances and not as a routine procedure. + nullable: true + type: object + package_policies: + anyOf: + - items: + type: string + type: array + - description: >- + This field is present only when retrieving a + single agent policy, or when retrieving a list of + agent policies with the ?full=true parameter + items: + additionalProperties: false + type: object + properties: + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to + inherit the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the + package policy. The override option should + be used only in unusual circumstances and + not as a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy + will be added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy + will be added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + updated_at: + type: string + updated_by: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + version: + type: string + required: + - name + - enabled + - inputs + - id + - revision + - updated_at + - updated_by + - created_at + - created_by + type: array + revision: + type: number + schema_version: + type: string + space_ids: + items: + type: string + type: array + status: + enum: + - active + - inactive + type: string + supports_agentless: + default: false + description: >- + Indicates whether the agent policy supports agentless + integrations. + nullable: true + type: boolean + unenroll_timeout: + minimum: 0 + type: number + unprivileged_agents: + type: number + updated_at: + type: string + updated_by: + type: string + version: + type: string + required: + - id + - name + - namespace + - is_managed + - is_protected + - status + - updated_at + - updated_by + - revision + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message summary: '' tags: - - spaces + - Elastic Agent policies put: - description: Update a space - operationId: '%2Fapi%2Fspaces%2Fspace%2F%7Bid%7D#1' + description: Update an agent policy by ID + operationId: '%2Fapi%2Ffleet%2Fagent_policies%2F%7BagentPolicyId%7D#1' parameters: - description: The version of the API to use in: header @@ -10029,10 +12715,18 @@ paths: example: 'true' type: string - in: path - name: id + name: agentPolicyId required: true schema: type: string + - in: query + name: format + required: false + schema: + enum: + - simplified + - legacy + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: @@ -10040,692 +12734,25801 @@ paths: additionalProperties: false type: object properties: - _reserved: - type: boolean - color: - type: string - description: - type: string - disabledFeatures: - default: [] - items: - type: string + advanced_settings: + additionalProperties: false + type: object + properties: + agent_download_target_directory: + nullable: true + agent_download_timeout: + default: 2h + nullable: true + agent_limits_go_max_procs: + nullable: true + agent_logging_level: + default: info + nullable: true + agent_logging_metrics_period: + default: 30s + nullable: true + agent_features: + items: + additionalProperties: false + type: object + properties: + enabled: + type: boolean + name: + type: string + required: + - name + - enabled type: array - id: + data_output_id: + nullable: true type: string - imageUrl: + description: type: string - initials: - maxLength: 2 + download_source_id: + nullable: true + type: string + fleet_server_host_id: + nullable: true + type: string + force: + type: boolean + global_data_tags: + description: >- + User defined data tags that are added to all of the inputs. + The values can be strings or numbers. + items: + additionalProperties: false + type: object + properties: + name: + type: string + value: + anyOf: + - type: string + - type: number + required: + - name + - value + type: array + has_fleet_server: + type: boolean + id: + type: string + inactivity_timeout: + default: 1209600 + minimum: 0 + type: number + is_default: + type: boolean + is_default_fleet_server: + type: boolean + is_managed: + type: boolean + is_protected: + type: boolean + keep_monitoring_alive: + default: false + description: >- + When set to true, monitoring will be enabled but + logs/metrics collection will be disabled + nullable: true + type: boolean + monitoring_diagnostics: + additionalProperties: false + type: object + properties: + limit: + additionalProperties: false + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + additionalProperties: false + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number + monitoring_enabled: + items: + enum: + - logs + - metrics + - traces + type: string + type: array + monitoring_http: + additionalProperties: false + type: object + properties: + buffer: + additionalProperties: false + type: object + properties: + enabled: + default: false + type: boolean + enabled: + type: boolean + host: + type: string + port: + maximum: 65353 + minimum: 0 + type: number + required: + - enabled + monitoring_output_id: + nullable: true type: string + monitoring_pprof_enabled: + type: boolean name: minLength: 1 type: string + namespace: + minLength: 1 + type: string + overrides: + additionalProperties: {} + description: >- + Override settings that are defined in the agent policy. + Input settings cannot be overridden. The override option + should be used only in unusual circumstances and not as a + routine procedure. + nullable: true + type: object + space_ids: + items: + type: string + type: array + supports_agentless: + default: false + description: >- + Indicates whether the agent policy supports agentless + integrations. + nullable: true + type: boolean + unenroll_timeout: + minimum: 0 + type: number required: - - id - name - responses: {} - summary: '' - tags: - - spaces - /api/status: - get: - operationId: '%2Fapi%2Fstatus#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: Set to "true" to get the response in v7 format. - in: query - name: v7format - required: false - schema: - type: boolean - - description: Set to "true" to get the response in v8 format. - in: query - name: v8format - required: false - schema: - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - anyOf: - - $ref: '#/components/schemas/Kibana_HTTP_APIs_core_status_response' - - $ref: >- - #/components/schemas/Kibana_HTTP_APIs_core_status_redactedResponse - description: >- - Kibana's operational status. A minimal response is sent for - unauthorized users. - description: Overall status is OK and Kibana should be functioning normally. - '503': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - anyOf: - - $ref: '#/components/schemas/Kibana_HTTP_APIs_core_status_response' - - $ref: >- - #/components/schemas/Kibana_HTTP_APIs_core_status_redactedResponse - description: >- - Kibana's operational status. A minimal response is sent for - unauthorized users. - description: >- - Kibana or some of it's essential services are unavailable. Kibana - may be degraded or unavailable. - summary: Get Kibana's current status - tags: - - system - /s/{spaceId}/api/observability/slos: - get: - description: > - You must have the `read` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: findSlosOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - description: A valid kql query to filter the SLO with - example: 'slo.name:latency* and slo.tags : "prod"' - in: query - name: kqlQuery - schema: - type: string - - description: The page to use for pagination, must be greater or equal than 1 - example: 1 - in: query - name: page - schema: - default: 1 - type: integer - - description: Number of SLOs returned by page - example: 25 - in: query - name: perPage - schema: - default: 25 - maximum: 5000 - type: integer - - description: Sort by field - example: status - in: query - name: sortBy - schema: - default: status - enum: - - sli_value - - status - - error_budget_consumed - - error_budget_remaining - type: string - - description: Sort order - example: asc - in: query - name: sortDirection - schema: - default: asc - enum: - - asc - - desc - type: string - - description: >- - Hide stale SLOs from the list as defined by stale SLO threshold in - SLO settings - in: query - name: hideStale - schema: - type: boolean + - namespace responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_find_slo_response' - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_404_response' - description: Not found response - summary: Get a paginated list of SLOs - tags: - - slo - post: - description: > - You must have `all` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: createSloOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_create_slo_request' - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_create_slo_response' - description: Successful request + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + advanced_settings: + additionalProperties: false + type: object + properties: + agent_download_target_directory: + nullable: true + agent_download_timeout: + default: 2h + nullable: true + agent_limits_go_max_procs: + nullable: true + agent_logging_level: + default: info + nullable: true + agent_logging_metrics_period: + default: 30s + nullable: true + agent_features: + items: + additionalProperties: false + type: object + properties: + enabled: + type: boolean + name: + type: string + required: + - name + - enabled + type: array + agents: + type: number + data_output_id: + nullable: true + type: string + description: + type: string + download_source_id: + nullable: true + type: string + fleet_server_host_id: + nullable: true + type: string + global_data_tags: + description: >- + User defined data tags that are added to all of the + inputs. The values can be strings or numbers. + items: + additionalProperties: false + type: object + properties: + name: + type: string + value: + anyOf: + - type: string + - type: number + required: + - name + - value + type: array + has_fleet_server: + type: boolean + id: + type: string + inactivity_timeout: + default: 1209600 + minimum: 0 + type: number + is_default: + type: boolean + is_default_fleet_server: + type: boolean + is_managed: + type: boolean + is_preconfigured: + type: boolean + is_protected: + description: >- + Indicates whether the agent policy has tamper + protection enabled. Default false. + type: boolean + keep_monitoring_alive: + default: false + description: >- + When set to true, monitoring will be enabled but + logs/metrics collection will be disabled + nullable: true + type: boolean + monitoring_diagnostics: + additionalProperties: false + type: object + properties: + limit: + additionalProperties: false + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + additionalProperties: false + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number + monitoring_enabled: + items: + enum: + - logs + - metrics + - traces + type: string + type: array + monitoring_http: + additionalProperties: false + type: object + properties: + buffer: + additionalProperties: false + type: object + properties: + enabled: + default: false + type: boolean + enabled: + type: boolean + host: + type: string + port: + maximum: 65353 + minimum: 0 + type: number + required: + - enabled + monitoring_output_id: + nullable: true + type: string + monitoring_pprof_enabled: + type: boolean + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + overrides: + additionalProperties: {} + description: >- + Override settings that are defined in the agent + policy. Input settings cannot be overridden. The + override option should be used only in unusual + circumstances and not as a routine procedure. + nullable: true + type: object + package_policies: + anyOf: + - items: + type: string + type: array + - description: >- + This field is present only when retrieving a + single agent policy, or when retrieving a list of + agent policies with the ?full=true parameter + items: + additionalProperties: false + type: object + properties: + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to + inherit the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the + package policy. The override option should + be used only in unusual circumstances and + not as a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy + will be added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy + will be added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + updated_at: + type: string + updated_by: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + version: + type: string + required: + - name + - enabled + - inputs + - id + - revision + - updated_at + - updated_by + - created_at + - created_by + type: array + revision: + type: number + schema_version: + type: string + space_ids: + items: + type: string + type: array + status: + enum: + - active + - inactive + type: string + supports_agentless: + default: false + description: >- + Indicates whether the agent policy supports agentless + integrations. + nullable: true + type: boolean + unenroll_timeout: + minimum: 0 + type: number + unprivileged_agents: + type: number + updated_at: + type: string + updated_by: + type: string + version: + type: string + required: + - id + - name + - namespace + - is_managed + - is_protected + - status + - updated_at + - updated_by + - revision + required: + - item '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '409': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_409_response' - description: Conflict - The SLO id already exists - servers: - - url: https://localhost:5601 - summary: Create an SLO + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - slo - /s/{spaceId}/api/observability/slos/_delete_instances: + - Elastic Agent policies + /api/fleet/agent_policies/{agentPolicyId}/copy: post: - description: > - The deletion occurs for the specified list of `sloId` and `instanceId`. - You must have `all` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: deleteSloInstancesOp + description: Copy an agent policy by ID + operationId: '%2Fapi%2Ffleet%2Fagent_policies%2F%7BagentPolicyId%7D%2Fcopy#0' parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_delete_slo_instances_request' - required: true - responses: - '204': - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - servers: - - url: https://localhost:5601 - summary: Batch delete rollup and summary data - tags: - - slo - /s/{spaceId}/api/observability/slos/{sloId}: - delete: - description: > - You must have the `write` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: deleteSloOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - $ref: '#/components/parameters/SLOs_slo_id' - responses: - '204': - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_404_response' - description: Not found response - summary: Delete an SLO - tags: - - slo - get: - description: > - You must have the `read` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: getSloOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - $ref: '#/components/parameters/SLOs_slo_id' - - description: the specific instanceId used by the summary calculation - example: host-abcde - in: query - name: instanceId + - description: The version of the API to use + in: header + name: elastic-api-version schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: agentPolicyId + required: true + schema: + type: string + - in: query + name: format + required: false + schema: + enum: + - simplified + - legacy type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_slo_with_summary_response' - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_404_response' - description: Not found response - summary: Get an SLO - tags: - - slo - put: - description: > - You must have the `write` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: updateSloOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - $ref: '#/components/parameters/SLOs_slo_id' requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_update_slo_request' - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_slo_definition_response' - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_404_response' - description: Not found response - summary: Update an SLO - tags: - - slo - /s/{spaceId}/api/observability/slos/{sloId}/_reset: - post: - description: > - You must have the `write` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: resetSloOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - $ref: '#/components/parameters/SLOs_slo_id' - responses: - '204': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_slo_definition_response' - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_404_response' - description: Not found response - summary: Reset an SLO - tags: - - slo - /s/{spaceId}/api/observability/slos/{sloId}/disable: - post: - description: > - You must have the `write` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: disableSloOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - $ref: '#/components/parameters/SLOs_slo_id' + additionalProperties: false + type: object + properties: + description: + type: string + name: + minLength: 1 + type: string + required: + - name responses: '200': - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '404': + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + advanced_settings: + additionalProperties: false + type: object + properties: + agent_download_target_directory: + nullable: true + agent_download_timeout: + default: 2h + nullable: true + agent_limits_go_max_procs: + nullable: true + agent_logging_level: + default: info + nullable: true + agent_logging_metrics_period: + default: 30s + nullable: true + agent_features: + items: + additionalProperties: false + type: object + properties: + enabled: + type: boolean + name: + type: string + required: + - name + - enabled + type: array + agents: + type: number + data_output_id: + nullable: true + type: string + description: + type: string + download_source_id: + nullable: true + type: string + fleet_server_host_id: + nullable: true + type: string + global_data_tags: + description: >- + User defined data tags that are added to all of the + inputs. The values can be strings or numbers. + items: + additionalProperties: false + type: object + properties: + name: + type: string + value: + anyOf: + - type: string + - type: number + required: + - name + - value + type: array + has_fleet_server: + type: boolean + id: + type: string + inactivity_timeout: + default: 1209600 + minimum: 0 + type: number + is_default: + type: boolean + is_default_fleet_server: + type: boolean + is_managed: + type: boolean + is_preconfigured: + type: boolean + is_protected: + description: >- + Indicates whether the agent policy has tamper + protection enabled. Default false. + type: boolean + keep_monitoring_alive: + default: false + description: >- + When set to true, monitoring will be enabled but + logs/metrics collection will be disabled + nullable: true + type: boolean + monitoring_diagnostics: + additionalProperties: false + type: object + properties: + limit: + additionalProperties: false + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + additionalProperties: false + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number + monitoring_enabled: + items: + enum: + - logs + - metrics + - traces + type: string + type: array + monitoring_http: + additionalProperties: false + type: object + properties: + buffer: + additionalProperties: false + type: object + properties: + enabled: + default: false + type: boolean + enabled: + type: boolean + host: + type: string + port: + maximum: 65353 + minimum: 0 + type: number + required: + - enabled + monitoring_output_id: + nullable: true + type: string + monitoring_pprof_enabled: + type: boolean + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + overrides: + additionalProperties: {} + description: >- + Override settings that are defined in the agent + policy. Input settings cannot be overridden. The + override option should be used only in unusual + circumstances and not as a routine procedure. + nullable: true + type: object + package_policies: + anyOf: + - items: + type: string + type: array + - description: >- + This field is present only when retrieving a + single agent policy, or when retrieving a list of + agent policies with the ?full=true parameter + items: + additionalProperties: false + type: object + properties: + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to + inherit the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the + package policy. The override option should + be used only in unusual circumstances and + not as a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy + will be added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy + will be added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + updated_at: + type: string + updated_by: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + version: + type: string + required: + - name + - enabled + - inputs + - id + - revision + - updated_at + - updated_by + - created_at + - created_by + type: array + revision: + type: number + schema_version: + type: string + space_ids: + items: + type: string + type: array + status: + enum: + - active + - inactive + type: string + supports_agentless: + default: false + description: >- + Indicates whether the agent policy supports agentless + integrations. + nullable: true + type: boolean + unenroll_timeout: + minimum: 0 + type: number + unprivileged_agents: + type: number + updated_at: + type: string + updated_by: + type: string + version: + type: string + required: + - id + - name + - namespace + - is_managed + - is_protected + - status + - updated_at + - updated_by + - revision + required: + - item + '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_404_response' - description: Not found response - summary: Disable an SLO + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - slo - /s/{spaceId}/api/observability/slos/{sloId}/enable: - post: - description: > - You must have the `write` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: enableSloOp + - Elastic Agent policies + /api/fleet/agent_policies/{agentPolicyId}/download: + get: + description: Download an agent policy by ID + operationId: '%2Fapi%2Ffleet%2Fagent_policies%2F%7BagentPolicyId%7D%2Fdownload#0' parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - $ref: '#/components/parameters/SLOs_slo_id' + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: agentPolicyId + required: true + schema: + type: string + - in: query + name: download + required: false + schema: + type: boolean + - in: query + name: standalone + required: false + schema: + type: boolean + - in: query + name: kubernetes + required: false + schema: + type: boolean responses: - '204': - description: Successful request - '400': + '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': + type: string + '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + '404': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '404': + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agent policies + /api/fleet/agent_policies/{agentPolicyId}/full: + get: + description: Get a full agent policy by ID + operationId: '%2Fapi%2Ffleet%2Fagent_policies%2F%7BagentPolicyId%7D%2Ffull#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: agentPolicyId + required: true + schema: + type: string + - in: query + name: download + required: false + schema: + type: boolean + - in: query + name: standalone + required: false + schema: + type: boolean + - in: query + name: kubernetes + required: false + schema: + type: boolean + responses: + '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_404_response' - description: Not found response - summary: Enable an SLO + additionalProperties: false + type: object + properties: + item: + anyOf: + - type: string + - additionalProperties: false + type: object + properties: + agent: + additionalProperties: false + type: object + properties: + download: + additionalProperties: false + type: object + properties: + sourceURI: + type: string + required: + - sourceURI + features: + additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + type: boolean + required: + - enabled + type: object + monitoring: + additionalProperties: false + type: object + properties: + enabled: + type: boolean + logs: + type: boolean + metrics: + type: boolean + namespace: + type: string + traces: + type: boolean + use_output: + type: string + required: + - enabled + - metrics + - logs + - traces + protection: + additionalProperties: false + type: object + properties: + enabled: + type: boolean + signing_key: + type: string + uninstall_token_hash: + type: string + required: + - enabled + - uninstall_token_hash + - signing_key + required: + - monitoring + - download + - features + fleet: + anyOf: + - additionalProperties: false + type: object + properties: + hosts: + items: + type: string + type: array + proxy_headers: {} + proxy_url: + type: string + ssl: + additionalProperties: false + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + renegotiation: + type: string + verification_mode: + type: string + required: + - hosts + - proxy_headers + - additionalProperties: false + type: object + properties: + kibana: + additionalProperties: false + type: object + properties: + hosts: + items: + type: string + type: array + path: + type: string + protocol: + type: string + required: + - hosts + - protocol + required: + - kibana + id: + type: string + inputs: + items: + additionalProperties: true + type: object + properties: + data_stream: + additionalProperties: true + type: object + properties: + namespace: + type: string + required: + - namespace + id: + type: string + meta: + additionalProperties: true + type: object + properties: + package: + additionalProperties: true + type: object + properties: + name: + type: string + version: + type: string + required: + - name + - version + name: + type: string + package_policy_id: + type: string + processors: + items: + additionalProperties: true + type: object + properties: + add_fields: + additionalProperties: true + type: object + properties: + fields: + additionalProperties: + anyOf: + - type: string + - type: number + type: object + target: + type: string + required: + - target + - fields + required: + - add_fields + type: array + revision: + type: number + streams: + items: + additionalProperties: true + type: object + properties: + data_stream: + additionalProperties: true + type: object + properties: + dataset: + type: string + type: + type: string + required: + - dataset + id: + type: string + required: + - id + - data_stream + type: array + type: + type: string + use_output: + type: string + required: + - id + - name + - revision + - type + - data_stream + - use_output + - package_policy_id + type: array + namespaces: + items: + type: string + type: array + output_permissions: + additionalProperties: + additionalProperties: {} + type: object + type: object + outputs: + additionalProperties: + additionalProperties: true + type: object + properties: + ca_sha256: + nullable: true + type: string + hosts: + items: + type: string + type: array + proxy_headers: {} + proxy_url: + type: string + type: + type: string + required: + - type + - proxy_headers + type: object + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + signed: + additionalProperties: false + type: object + properties: + data: + type: string + signature: + type: string + required: + - data + - signature + required: + - id + - outputs + - inputs + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - slo -components: - examples: - Data_views_create_data_view_request: - summary: Create a data view with runtime fields. - value: - data_view: - name: My Logstash data view - runtimeFieldMap: - runtime_shape_name: - script: - source: emit(doc['shape_name'].value) - type: keyword - title: logstash-* - Data_views_create_runtime_field_request: - summary: Create a runtime field. - value: - name: runtimeFoo - runtimeField: - script: - source: emit(doc["foo"].value) - type: long - Data_views_get_data_view_response: - summary: >- - The get data view API returns a JSON object that contains information - about the data view. - value: - data_view: - allowNoIndex: false - fieldAttrs: - products.manufacturer: - count: 1 - products.price: - count: 1 - products.product_name: - count: 1 - total_quantity: - count: 1 - fieldFormats: - products.base_price: - id: number - params: - pattern: $0,0.00 - products.base_unit_price: - id: number - params: - pattern: $0,0.00 + - Elastic Agent policies + /api/fleet/agent_policies/delete: + post: + description: Delete agent policy by ID + operationId: '%2Fapi%2Ffleet%2Fagent_policies%2Fdelete#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + agentPolicyId: + type: string + force: + description: >- + bypass validation checks that can prevent agent policy + deletion + type: boolean + required: + - agentPolicyId + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + id: + type: string + name: + type: string + required: + - id + - name + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agent policies + /api/fleet/agent_status: + get: + description: Get agent status summary + operationId: '%2Fapi%2Ffleet%2Fagent_status#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: policyId + required: false + schema: + type: string + - in: query + name: policyIds + required: false + schema: + anyOf: + - items: + type: string + type: array + - type: string + - in: query + name: kuery + required: false + schema: + deprecated: true + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + results: + additionalProperties: false + type: object + properties: + active: + type: number + all: + type: number + error: + type: number + events: + type: number + inactive: + type: number + offline: + type: number + online: + type: number + other: + type: number + total: + deprecated: true + type: number + unenrolled: + type: number + updating: + type: number + required: + - events + - total + - online + - error + - offline + - other + - updating + - inactive + - unenrolled + - all + - active + required: + - results + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agent status + /api/fleet/agent_status/data: + get: + description: Get incoming agent data + operationId: '%2Fapi%2Ffleet%2Fagent_status%2Fdata#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: agentsIds + required: true + schema: + anyOf: + - items: + type: string + type: array + - type: string + - in: query + name: previewData + required: false + schema: + default: false + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + dataPreview: + items: {} + type: array + items: + items: + additionalProperties: + additionalProperties: false + type: object + properties: + data: + type: boolean + required: + - data + type: object + type: array + required: + - items + - dataPreview + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agents + /api/fleet/agent-status: + get: + deprecated: true + operationId: '%2Fapi%2Ffleet%2Fagent-status#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: policyId + required: false + schema: + type: string + - in: query + name: policyIds + required: false + schema: + anyOf: + - items: + type: string + type: array + - type: string + - in: query + name: kuery + required: false + schema: + deprecated: true + type: string + responses: {} + summary: '' + tags: [] + /api/fleet/agents: + get: + description: List agents + operationId: '%2Fapi%2Ffleet%2Fagents#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: page + required: false + schema: + default: 1 + type: number + - in: query + name: perPage + required: false + schema: + default: 20 + type: number + - in: query + name: kuery + required: false + schema: + type: string + - in: query + name: showInactive + required: false + schema: + default: false + type: boolean + - in: query + name: withMetrics + required: false + schema: + default: false + type: boolean + - in: query + name: showUpgradeable + required: false + schema: + default: false + type: boolean + - in: query + name: getStatusSummary + required: false + schema: + default: false + type: boolean + - in: query + name: sortField + required: false + schema: + type: string + - in: query + name: sortOrder + required: false + schema: + enum: + - asc + - desc + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + access_api_key: + type: string + access_api_key_id: + type: string + active: + type: boolean + agent: + additionalProperties: true + type: object + properties: + id: + type: string + version: + type: string + required: + - id + - version + components: + items: + additionalProperties: false + type: object + properties: + id: + type: string + message: + type: string + status: + enum: + - STARTING + - CONFIGURING + - HEALTHY + - DEGRADED + - FAILED + - STOPPING + - STOPPED + type: string + type: + type: string + units: + items: + additionalProperties: false + type: object + properties: + id: + type: string + message: + type: string + payload: + additionalProperties: {} + type: object + status: + enum: + - STARTING + - CONFIGURING + - HEALTHY + - DEGRADED + - FAILED + - STOPPING + - STOPPED + type: string + type: + enum: + - input + - output + type: string + required: + - id + - type + - status + - message + type: array + required: + - id + - type + - status + - message + type: array + default_api_key: + type: string + default_api_key_history: + items: + additionalProperties: false + deprecated: true + type: object + properties: + id: + type: string + retired_at: + type: string + required: + - id + - retired_at + type: array + default_api_key_id: + type: string + enrolled_at: + type: string + id: + type: string + last_checkin: + type: string + last_checkin_message: + type: string + last_checkin_status: + enum: + - error + - online + - degraded + - updating + - starting + type: string + local_metadata: + additionalProperties: {} + type: object + metrics: + additionalProperties: false + type: object + properties: + cpu_avg: + type: number + memory_size_byte_avg: + type: number + namespaces: + items: + type: string + type: array + outputs: + additionalProperties: + additionalProperties: false + type: object + properties: + api_key_id: + type: string + to_retire_api_key_ids: + items: + additionalProperties: false + type: object + properties: + id: + type: string + retired_at: + type: string + required: + - id + - retired_at + type: array + type: + type: string + required: + - api_key_id + - type + type: object + packages: + items: + type: string + type: array + policy_id: + type: string + policy_revision: + nullable: true + type: number + sort: + items: + anyOf: + - type: number + - type: string + - enum: [] + nullable: true + type: array + status: + enum: + - offline + - error + - online + - inactive + - enrolling + - unenrolling + - unenrolled + - updating + - degraded + type: string + tags: + items: + type: string + type: array + type: + enum: + - PERMANENT + - EPHEMERAL + - TEMPORARY + type: string + unenrolled_at: + type: string + unenrollment_started_at: + type: string + unhealthy_reason: + items: + enum: + - input + - output + - other + type: string + nullable: true + type: array + upgrade_details: + additionalProperties: false + type: object + properties: + action_id: + type: string + metadata: + additionalProperties: false + type: object + properties: + download_percent: + type: number + download_rate: + type: number + error_msg: + type: string + failed_state: + enum: + - UPG_REQUESTED + - UPG_SCHEDULED + - UPG_DOWNLOADING + - UPG_EXTRACTING + - UPG_REPLACING + - UPG_RESTARTING + - UPG_FAILED + - UPG_WATCHING + - UPG_ROLLBACK + type: string + retry_error_msg: + type: string + retry_until: + type: string + scheduled_at: + type: string + state: + enum: + - UPG_REQUESTED + - UPG_SCHEDULED + - UPG_DOWNLOADING + - UPG_EXTRACTING + - UPG_REPLACING + - UPG_RESTARTING + - UPG_FAILED + - UPG_WATCHING + - UPG_ROLLBACK + type: string + target_version: + type: string + required: + - target_version + - action_id + - state + upgrade_started_at: + nullable: true + type: string + upgraded_at: + nullable: true + type: string + user_provided_metadata: + additionalProperties: {} + type: object + required: + - id + - packages + - type + - active + - enrolled_at + - local_metadata + type: array + list: + deprecated: true + items: + additionalProperties: false + type: object + properties: + access_api_key: + type: string + access_api_key_id: + type: string + active: + type: boolean + agent: + additionalProperties: true + type: object + properties: + id: + type: string + version: + type: string + required: + - id + - version + components: + items: + additionalProperties: false + type: object + properties: + id: + type: string + message: + type: string + status: + enum: + - STARTING + - CONFIGURING + - HEALTHY + - DEGRADED + - FAILED + - STOPPING + - STOPPED + type: string + type: + type: string + units: + items: + additionalProperties: false + type: object + properties: + id: + type: string + message: + type: string + payload: + additionalProperties: {} + type: object + status: + enum: + - STARTING + - CONFIGURING + - HEALTHY + - DEGRADED + - FAILED + - STOPPING + - STOPPED + type: string + type: + enum: + - input + - output + type: string + required: + - id + - type + - status + - message + type: array + required: + - id + - type + - status + - message + type: array + default_api_key: + type: string + default_api_key_history: + items: + additionalProperties: false + deprecated: true + type: object + properties: + id: + type: string + retired_at: + type: string + required: + - id + - retired_at + type: array + default_api_key_id: + type: string + enrolled_at: + type: string + id: + type: string + last_checkin: + type: string + last_checkin_message: + type: string + last_checkin_status: + enum: + - error + - online + - degraded + - updating + - starting + type: string + local_metadata: + additionalProperties: {} + type: object + metrics: + additionalProperties: false + type: object + properties: + cpu_avg: + type: number + memory_size_byte_avg: + type: number + namespaces: + items: + type: string + type: array + outputs: + additionalProperties: + additionalProperties: false + type: object + properties: + api_key_id: + type: string + to_retire_api_key_ids: + items: + additionalProperties: false + type: object + properties: + id: + type: string + retired_at: + type: string + required: + - id + - retired_at + type: array + type: + type: string + required: + - api_key_id + - type + type: object + packages: + items: + type: string + type: array + policy_id: + type: string + policy_revision: + nullable: true + type: number + sort: + items: + anyOf: + - type: number + - type: string + - enum: [] + nullable: true + type: array + status: + enum: + - offline + - error + - online + - inactive + - enrolling + - unenrolling + - unenrolled + - updating + - degraded + type: string + tags: + items: + type: string + type: array + type: + enum: + - PERMANENT + - EPHEMERAL + - TEMPORARY + type: string + unenrolled_at: + type: string + unenrollment_started_at: + type: string + unhealthy_reason: + items: + enum: + - input + - output + - other + type: string + nullable: true + type: array + upgrade_details: + additionalProperties: false + type: object + properties: + action_id: + type: string + metadata: + additionalProperties: false + type: object + properties: + download_percent: + type: number + download_rate: + type: number + error_msg: + type: string + failed_state: + enum: + - UPG_REQUESTED + - UPG_SCHEDULED + - UPG_DOWNLOADING + - UPG_EXTRACTING + - UPG_REPLACING + - UPG_RESTARTING + - UPG_FAILED + - UPG_WATCHING + - UPG_ROLLBACK + type: string + retry_error_msg: + type: string + retry_until: + type: string + scheduled_at: + type: string + state: + enum: + - UPG_REQUESTED + - UPG_SCHEDULED + - UPG_DOWNLOADING + - UPG_EXTRACTING + - UPG_REPLACING + - UPG_RESTARTING + - UPG_FAILED + - UPG_WATCHING + - UPG_ROLLBACK + type: string + target_version: + type: string + required: + - target_version + - action_id + - state + upgrade_started_at: + nullable: true + type: string + upgraded_at: + nullable: true + type: string + user_provided_metadata: + additionalProperties: {} + type: object + required: + - id + - packages + - type + - active + - enrolled_at + - local_metadata + type: array + page: + type: number + perPage: + type: number + statusSummary: + additionalProperties: + type: number + type: object + total: + type: number + required: + - items + - total + - page + - perPage + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agents + post: + description: List agents by action ids + operationId: '%2Fapi%2Ffleet%2Fagents#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + actionIds: + items: + type: string + type: array + required: + - actionIds + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + type: string + type: array + required: + - items + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agents + /api/fleet/agents/{agentId}: + delete: + description: Delete agent by ID + operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D#2' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: agentId + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + action: + enum: + - deleted + type: string + required: + - action + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agents + get: + description: Get agent by ID + operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: agentId + required: true + schema: + type: string + - in: query + name: withMetrics + required: false + schema: + default: false + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + access_api_key: + type: string + access_api_key_id: + type: string + active: + type: boolean + agent: + additionalProperties: true + type: object + properties: + id: + type: string + version: + type: string + required: + - id + - version + components: + items: + additionalProperties: false + type: object + properties: + id: + type: string + message: + type: string + status: + enum: + - STARTING + - CONFIGURING + - HEALTHY + - DEGRADED + - FAILED + - STOPPING + - STOPPED + type: string + type: + type: string + units: + items: + additionalProperties: false + type: object + properties: + id: + type: string + message: + type: string + payload: + additionalProperties: {} + type: object + status: + enum: + - STARTING + - CONFIGURING + - HEALTHY + - DEGRADED + - FAILED + - STOPPING + - STOPPED + type: string + type: + enum: + - input + - output + type: string + required: + - id + - type + - status + - message + type: array + required: + - id + - type + - status + - message + type: array + default_api_key: + type: string + default_api_key_history: + items: + additionalProperties: false + deprecated: true + type: object + properties: + id: + type: string + retired_at: + type: string + required: + - id + - retired_at + type: array + default_api_key_id: + type: string + enrolled_at: + type: string + id: + type: string + last_checkin: + type: string + last_checkin_message: + type: string + last_checkin_status: + enum: + - error + - online + - degraded + - updating + - starting + type: string + local_metadata: + additionalProperties: {} + type: object + metrics: + additionalProperties: false + type: object + properties: + cpu_avg: + type: number + memory_size_byte_avg: + type: number + namespaces: + items: + type: string + type: array + outputs: + additionalProperties: + additionalProperties: false + type: object + properties: + api_key_id: + type: string + to_retire_api_key_ids: + items: + additionalProperties: false + type: object + properties: + id: + type: string + retired_at: + type: string + required: + - id + - retired_at + type: array + type: + type: string + required: + - api_key_id + - type + type: object + packages: + items: + type: string + type: array + policy_id: + type: string + policy_revision: + nullable: true + type: number + sort: + items: + anyOf: + - type: number + - type: string + - enum: [] + nullable: true + type: array + status: + enum: + - offline + - error + - online + - inactive + - enrolling + - unenrolling + - unenrolled + - updating + - degraded + type: string + tags: + items: + type: string + type: array + type: + enum: + - PERMANENT + - EPHEMERAL + - TEMPORARY + type: string + unenrolled_at: + type: string + unenrollment_started_at: + type: string + unhealthy_reason: + items: + enum: + - input + - output + - other + type: string + nullable: true + type: array + upgrade_details: + additionalProperties: false + type: object + properties: + action_id: + type: string + metadata: + additionalProperties: false + type: object + properties: + download_percent: + type: number + download_rate: + type: number + error_msg: + type: string + failed_state: + enum: + - UPG_REQUESTED + - UPG_SCHEDULED + - UPG_DOWNLOADING + - UPG_EXTRACTING + - UPG_REPLACING + - UPG_RESTARTING + - UPG_FAILED + - UPG_WATCHING + - UPG_ROLLBACK + type: string + retry_error_msg: + type: string + retry_until: + type: string + scheduled_at: + type: string + state: + enum: + - UPG_REQUESTED + - UPG_SCHEDULED + - UPG_DOWNLOADING + - UPG_EXTRACTING + - UPG_REPLACING + - UPG_RESTARTING + - UPG_FAILED + - UPG_WATCHING + - UPG_ROLLBACK + type: string + target_version: + type: string + required: + - target_version + - action_id + - state + upgrade_started_at: + nullable: true + type: string + upgraded_at: + nullable: true + type: string + user_provided_metadata: + additionalProperties: {} + type: object + required: + - id + - packages + - type + - active + - enrolled_at + - local_metadata + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agents + put: + description: Update agent by ID + operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: agentId + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + tags: + items: + type: string + type: array + user_provided_metadata: + additionalProperties: {} + type: object + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + access_api_key: + type: string + access_api_key_id: + type: string + active: + type: boolean + agent: + additionalProperties: true + type: object + properties: + id: + type: string + version: + type: string + required: + - id + - version + components: + items: + additionalProperties: false + type: object + properties: + id: + type: string + message: + type: string + status: + enum: + - STARTING + - CONFIGURING + - HEALTHY + - DEGRADED + - FAILED + - STOPPING + - STOPPED + type: string + type: + type: string + units: + items: + additionalProperties: false + type: object + properties: + id: + type: string + message: + type: string + payload: + additionalProperties: {} + type: object + status: + enum: + - STARTING + - CONFIGURING + - HEALTHY + - DEGRADED + - FAILED + - STOPPING + - STOPPED + type: string + type: + enum: + - input + - output + type: string + required: + - id + - type + - status + - message + type: array + required: + - id + - type + - status + - message + type: array + default_api_key: + type: string + default_api_key_history: + items: + additionalProperties: false + deprecated: true + type: object + properties: + id: + type: string + retired_at: + type: string + required: + - id + - retired_at + type: array + default_api_key_id: + type: string + enrolled_at: + type: string + id: + type: string + last_checkin: + type: string + last_checkin_message: + type: string + last_checkin_status: + enum: + - error + - online + - degraded + - updating + - starting + type: string + local_metadata: + additionalProperties: {} + type: object + metrics: + additionalProperties: false + type: object + properties: + cpu_avg: + type: number + memory_size_byte_avg: + type: number + namespaces: + items: + type: string + type: array + outputs: + additionalProperties: + additionalProperties: false + type: object + properties: + api_key_id: + type: string + to_retire_api_key_ids: + items: + additionalProperties: false + type: object + properties: + id: + type: string + retired_at: + type: string + required: + - id + - retired_at + type: array + type: + type: string + required: + - api_key_id + - type + type: object + packages: + items: + type: string + type: array + policy_id: + type: string + policy_revision: + nullable: true + type: number + sort: + items: + anyOf: + - type: number + - type: string + - enum: [] + nullable: true + type: array + status: + enum: + - offline + - error + - online + - inactive + - enrolling + - unenrolling + - unenrolled + - updating + - degraded + type: string + tags: + items: + type: string + type: array + type: + enum: + - PERMANENT + - EPHEMERAL + - TEMPORARY + type: string + unenrolled_at: + type: string + unenrollment_started_at: + type: string + unhealthy_reason: + items: + enum: + - input + - output + - other + type: string + nullable: true + type: array + upgrade_details: + additionalProperties: false + type: object + properties: + action_id: + type: string + metadata: + additionalProperties: false + type: object + properties: + download_percent: + type: number + download_rate: + type: number + error_msg: + type: string + failed_state: + enum: + - UPG_REQUESTED + - UPG_SCHEDULED + - UPG_DOWNLOADING + - UPG_EXTRACTING + - UPG_REPLACING + - UPG_RESTARTING + - UPG_FAILED + - UPG_WATCHING + - UPG_ROLLBACK + type: string + retry_error_msg: + type: string + retry_until: + type: string + scheduled_at: + type: string + state: + enum: + - UPG_REQUESTED + - UPG_SCHEDULED + - UPG_DOWNLOADING + - UPG_EXTRACTING + - UPG_REPLACING + - UPG_RESTARTING + - UPG_FAILED + - UPG_WATCHING + - UPG_ROLLBACK + type: string + target_version: + type: string + required: + - target_version + - action_id + - state + upgrade_started_at: + nullable: true + type: string + upgraded_at: + nullable: true + type: string + user_provided_metadata: + additionalProperties: {} + type: object + required: + - id + - packages + - type + - active + - enrolled_at + - local_metadata + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agents + /api/fleet/agents/{agentId}/actions: + post: + description: Create agent action + operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Factions#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: agentId + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + action: + anyOf: + - additionalProperties: false + type: object + properties: + ack_data: {} + data: {} + type: + enum: + - UNENROLL + - UPGRADE + - POLICY_REASSIGN + type: string + required: + - type + - data + - ack_data + - additionalProperties: false + type: object + properties: + data: + additionalProperties: false + type: object + properties: + log_level: + enum: + - debug + - info + - warning + - error + nullable: true + type: string + required: + - log_level + type: + enum: + - SETTINGS + type: string + required: + - type + - data + required: + - action + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + ack_data: {} + agents: + items: + type: string + type: array + created_at: + type: string + data: {} + expiration: + type: string + id: + type: string + minimum_execution_duration: + type: number + namespaces: + items: + type: string + type: array + rollout_duration_seconds: + type: number + sent_at: + type: string + source_uri: + type: string + start_time: + type: string + total: + type: number + type: + type: string + required: + - id + - type + - data + - created_at + - ack_data + - agents + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agent actions + /api/fleet/agents/{agentId}/reassign: + post: + description: Reassign agent + operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Freassign#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: agentId + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + policy_id: + type: string + required: + - policy_id + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: {} + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agent actions + put: + deprecated: true + operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Freassign#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: agentId + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + policy_id: + type: string + required: + - policy_id + responses: {} + summary: '' + tags: [] + /api/fleet/agents/{agentId}/request_diagnostics: + post: + description: Request agent diagnostics + operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Frequest_diagnostics#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: agentId + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + nullable: true + type: object + properties: + additional_metrics: + items: + enum: + - CPU + type: string + type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + actionId: + type: string + required: + - actionId + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agent actions + /api/fleet/agents/{agentId}/unenroll: + post: + description: Unenroll agent + operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Funenroll#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: agentId + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + nullable: true + type: object + properties: + force: + type: boolean + revoke: + type: boolean + responses: {} + summary: '' + tags: + - Elastic Agent actions + /api/fleet/agents/{agentId}/upgrade: + post: + description: Upgrade agent + operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Fupgrade#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: agentId + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + force: + type: boolean + skipRateLimitCheck: + type: boolean + source_uri: + type: string + version: + type: string + required: + - version + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: {} + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agent actions + /api/fleet/agents/{agentId}/uploads: + get: + description: List agent uploads + operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Fuploads#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: agentId + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + actionId: + type: string + createTime: + type: string + error: + type: string + filePath: + type: string + id: + type: string + name: + type: string + status: + enum: + - READY + - AWAITING_UPLOAD + - DELETED + - EXPIRED + - IN_PROGRESS + - FAILED + type: string + required: + - id + - name + - filePath + - createTime + - status + - actionId + type: array + required: + - items + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agents + /api/fleet/agents/action_status: + get: + description: Get agent action status + operationId: '%2Fapi%2Ffleet%2Fagents%2Faction_status#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: page + required: false + schema: + default: 0 + type: number + - in: query + name: perPage + required: false + schema: + default: 20 + type: number + - in: query + name: date + required: false + schema: + type: string + - in: query + name: latest + required: false + schema: + type: number + - in: query + name: errorSize + required: false + schema: + default: 5 + type: number + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + actionId: + type: string + cancellationTime: + type: string + completionTime: + type: string + creationTime: + description: creation time of action + type: string + expiration: + type: string + hasRolloutPeriod: + type: boolean + latestErrors: + items: + additionalProperties: false + description: >- + latest errors that happened when the agents + executed the action + type: object + properties: + agentId: + type: string + error: + type: string + hostname: + type: string + timestamp: + type: string + required: + - agentId + - error + - timestamp + type: array + nbAgentsAck: + description: number of agents that acknowledged the action + type: number + nbAgentsActionCreated: + description: number of agents included in action from kibana + type: number + nbAgentsActioned: + description: number of agents actioned + type: number + nbAgentsFailed: + description: number of agents that failed to execute the action + type: number + newPolicyId: + description: new policy id (POLICY_REASSIGN action) + type: string + policyId: + description: policy id (POLICY_CHANGE action) + type: string + revision: + description: new policy revision (POLICY_CHANGE action) + type: number + startTime: + description: start time of action (scheduled actions) + type: string + status: + enum: + - COMPLETE + - EXPIRED + - CANCELLED + - FAILED + - IN_PROGRESS + - ROLLOUT_PASSED + type: string + type: + enum: + - UPGRADE + - UNENROLL + - SETTINGS + - POLICY_REASSIGN + - CANCEL + - FORCE_UNENROLL + - REQUEST_DIAGNOSTICS + - UPDATE_TAGS + - POLICY_CHANGE + - INPUT_ACTION + type: string + version: + description: agent version number (UPGRADE action) + type: string + required: + - actionId + - nbAgentsActionCreated + - nbAgentsAck + - nbAgentsFailed + - type + - nbAgentsActioned + - status + - creationTime + type: array + required: + - items + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agent actions + /api/fleet/agents/actions/{actionId}/cancel: + post: + description: Cancel agent action + operationId: '%2Fapi%2Ffleet%2Fagents%2Factions%2F%7BactionId%7D%2Fcancel#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: actionId + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + ack_data: {} + agents: + items: + type: string + type: array + created_at: + type: string + data: {} + expiration: + type: string + id: + type: string + minimum_execution_duration: + type: number + namespaces: + items: + type: string + type: array + rollout_duration_seconds: + type: number + sent_at: + type: string + source_uri: + type: string + start_time: + type: string + total: + type: number + type: + type: string + required: + - id + - type + - data + - created_at + - ack_data + - agents + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agent actions + /api/fleet/agents/available_versions: + get: + description: Get available agent versions + operationId: '%2Fapi%2Ffleet%2Fagents%2Favailable_versions#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + type: string + type: array + required: + - items + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agents + /api/fleet/agents/bulk_reassign: + post: + description: Bulk reassign agents + operationId: '%2Fapi%2Ffleet%2Fagents%2Fbulk_reassign#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + agents: + anyOf: + - items: + type: string + type: array + - type: string + batchSize: + type: number + includeInactive: + default: false + type: boolean + policy_id: + type: string + required: + - policy_id + - agents + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + actionId: + type: string + required: + - actionId + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agent actions + /api/fleet/agents/bulk_request_diagnostics: + post: + description: Bulk request diagnostics from agents + operationId: '%2Fapi%2Ffleet%2Fagents%2Fbulk_request_diagnostics#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + additional_metrics: + items: + enum: + - CPU + type: string + type: array + agents: + anyOf: + - items: + type: string + type: array + - type: string + batchSize: + type: number + required: + - agents + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + actionId: + type: string + required: + - actionId + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agent actions + /api/fleet/agents/bulk_unenroll: + post: + description: Bulk unenroll agents + operationId: '%2Fapi%2Ffleet%2Fagents%2Fbulk_unenroll#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + agents: + anyOf: + - items: + description: KQL query string, leave empty to action all agents + type: string + type: array + - description: list of agent IDs + type: string + batchSize: + type: number + force: + description: Unenrolls hosted agents too + type: boolean + includeInactive: + description: >- + When passing agents by KQL query, unenrolls inactive agents + too + type: boolean + revoke: + description: Revokes API keys of agents + type: boolean + required: + - agents + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + actionId: + type: string + required: + - actionId + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agent actions + /api/fleet/agents/bulk_update_agent_tags: + post: + description: Bulk update agent tags + operationId: '%2Fapi%2Ffleet%2Fagents%2Fbulk_update_agent_tags#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + agents: + anyOf: + - items: + type: string + type: array + - type: string + batchSize: + type: number + includeInactive: + default: false + type: boolean + tagsToAdd: + items: + type: string + type: array + tagsToRemove: + items: + type: string + type: array + required: + - agents + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + actionId: + type: string + required: + - actionId + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agent actions + /api/fleet/agents/bulk_upgrade: + post: + description: Bulk upgrade agents + operationId: '%2Fapi%2Ffleet%2Fagents%2Fbulk_upgrade#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + agents: + anyOf: + - items: + type: string + type: array + - type: string + batchSize: + type: number + force: + type: boolean + includeInactive: + default: false + type: boolean + rollout_duration_seconds: + minimum: 600 + type: number + skipRateLimitCheck: + type: boolean + source_uri: + type: string + start_time: + type: string + version: + type: string + required: + - agents + - version + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + actionId: + type: string + required: + - actionId + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agent actions + /api/fleet/agents/files/{fileId}: + delete: + description: Delete file uploaded by agent + operationId: '%2Fapi%2Ffleet%2Fagents%2Ffiles%2F%7BfileId%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: fileId + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + deleted: + type: boolean + id: + type: string + required: + - id + - deleted + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agents + /api/fleet/agents/files/{fileId}/{fileName}: + get: + description: Get file uploaded by agent + operationId: '%2Fapi%2Ffleet%2Fagents%2Ffiles%2F%7BfileId%7D%2F%7BfileName%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: fileId + required: true + schema: + type: string + - in: path + name: fileName + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agents + /api/fleet/agents/setup: + get: + description: Get agent setup info + operationId: '%2Fapi%2Ffleet%2Fagents%2Fsetup#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: >- + A summary of the agent setup status. `isReady` indicates + whether the setup is ready. If the setup is not ready, + `missing_requirements` lists which requirements are missing. + type: object + properties: + is_secrets_storage_enabled: + type: boolean + is_space_awareness_enabled: + type: boolean + isReady: + type: boolean + missing_optional_features: + items: + enum: + - encrypted_saved_object_encryption_key_required + type: string + type: array + missing_requirements: + items: + enum: + - security_required + - tls_required + - api_keys + - fleet_admin_user + - fleet_server + type: string + type: array + package_verification_key_id: + type: string + required: + - isReady + - missing_requirements + - missing_optional_features + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agents + post: + description: Initiate agent setup + operationId: '%2Fapi%2Ffleet%2Fagents%2Fsetup#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: >- + A summary of the result of Fleet's `setup` lifecycle. If + `isInitialized` is true, Fleet is ready to accept agent + enrollment. `nonFatalErrors` may include useful insight into + non-blocking issues with Fleet setup. + type: object + properties: + isInitialized: + type: boolean + nonFatalErrors: + items: + additionalProperties: false + type: object + properties: + message: + type: string + name: + type: string + required: + - name + - message + type: array + required: + - isInitialized + - nonFatalErrors + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agents + /api/fleet/agents/tags: + get: + description: List agent tags + operationId: '%2Fapi%2Ffleet%2Fagents%2Ftags#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: kuery + required: false + schema: + type: string + - in: query + name: showInactive + required: false + schema: + default: false + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + type: string + type: array + required: + - items + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agents + /api/fleet/check-permissions: + get: + description: Check permissions + operationId: '%2Fapi%2Ffleet%2Fcheck-permissions#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: fleetServerSetup + required: false + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + error: + enum: + - MISSING_SECURITY + - MISSING_PRIVILEGES + - MISSING_FLEET_SERVER_SETUP_PRIVILEGES + type: string + success: + type: boolean + required: + - success + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet internals + /api/fleet/data_streams: + get: + description: List data streams + operationId: '%2Fapi%2Ffleet%2Fdata_streams#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + data_streams: + items: + additionalProperties: false + type: object + properties: + dashboards: + items: + additionalProperties: false + type: object + properties: + id: + type: string + title: + type: string + required: + - id + - title + type: array + dataset: + type: string + index: + type: string + last_activity_ms: + type: number + namespace: + type: string + package: + type: string + package_version: + type: string + serviceDetails: + additionalProperties: false + nullable: true + type: object + properties: + environment: + type: string + serviceName: + type: string + required: + - environment + - serviceName + size_in_bytes: + type: number + size_in_bytes_formatted: + anyOf: + - type: number + - type: string + type: + type: string + required: + - index + - dataset + - namespace + - type + - package + - package_version + - last_activity_ms + - size_in_bytes + - size_in_bytes_formatted + - dashboards + - serviceDetails + type: array + required: + - data_streams + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Data streams + /api/fleet/enrollment_api_keys: + get: + description: List enrollment API keys + operationId: '%2Fapi%2Ffleet%2Fenrollment_api_keys#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: page + required: false + schema: + default: 1 + type: number + - in: query + name: perPage + required: false + schema: + default: 20 + type: number + - in: query + name: kuery + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + active: + description: >- + When false, the enrollment API key is revoked and + cannot be used for enrolling Elastic Agents. + type: boolean + api_key: + description: >- + The enrollment API key (token) used for enrolling + Elastic Agents. + type: string + api_key_id: + description: The ID of the API key in the Security API. + type: string + created_at: + type: string + id: + type: string + name: + description: The name of the enrollment API key. + type: string + policy_id: + description: >- + The ID of the agent policy the Elastic Agent will be + enrolled in. + type: string + required: + - id + - api_key_id + - api_key + - active + - created_at + type: array + list: + deprecated: true + items: + additionalProperties: false + type: object + properties: + active: + description: >- + When false, the enrollment API key is revoked and + cannot be used for enrolling Elastic Agents. + type: boolean + api_key: + description: >- + The enrollment API key (token) used for enrolling + Elastic Agents. + type: string + api_key_id: + description: The ID of the API key in the Security API. + type: string + created_at: + type: string + id: + type: string + name: + description: The name of the enrollment API key. + type: string + policy_id: + description: >- + The ID of the agent policy the Elastic Agent will be + enrolled in. + type: string + required: + - id + - api_key_id + - api_key + - active + - created_at + type: array + page: + type: number + perPage: + type: number + total: + type: number + required: + - items + - total + - page + - perPage + - list + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet enrollment API keys + post: + description: Create enrollment API key + operationId: '%2Fapi%2Ffleet%2Fenrollment_api_keys#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + expiration: + type: string + name: + type: string + policy_id: + type: string + required: + - policy_id + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + action: + enum: + - created + type: string + item: + additionalProperties: false + type: object + properties: + active: + description: >- + When false, the enrollment API key is revoked and + cannot be used for enrolling Elastic Agents. + type: boolean + api_key: + description: >- + The enrollment API key (token) used for enrolling + Elastic Agents. + type: string + api_key_id: + description: The ID of the API key in the Security API. + type: string + created_at: + type: string + id: + type: string + name: + description: The name of the enrollment API key. + type: string + policy_id: + description: >- + The ID of the agent policy the Elastic Agent will be + enrolled in. + type: string + required: + - id + - api_key_id + - api_key + - active + - created_at + required: + - item + - action + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet enrollment API keys + /api/fleet/enrollment_api_keys/{keyId}: + delete: + description: Revoke enrollment API key by ID by marking it as inactive + operationId: '%2Fapi%2Ffleet%2Fenrollment_api_keys%2F%7BkeyId%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: keyId + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + action: + enum: + - deleted + type: string + required: + - action + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet enrollment API keys + get: + description: Get enrollment API key by ID + operationId: '%2Fapi%2Ffleet%2Fenrollment_api_keys%2F%7BkeyId%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: keyId + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + active: + description: >- + When false, the enrollment API key is revoked and + cannot be used for enrolling Elastic Agents. + type: boolean + api_key: + description: >- + The enrollment API key (token) used for enrolling + Elastic Agents. + type: string + api_key_id: + description: The ID of the API key in the Security API. + type: string + created_at: + type: string + id: + type: string + name: + description: The name of the enrollment API key. + type: string + policy_id: + description: >- + The ID of the agent policy the Elastic Agent will be + enrolled in. + type: string + required: + - id + - api_key_id + - api_key + - active + - created_at + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet enrollment API keys + /api/fleet/enrollment-api-keys: + get: + deprecated: true + operationId: '%2Fapi%2Ffleet%2Fenrollment-api-keys#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: page + required: false + schema: + default: 1 + type: number + - in: query + name: perPage + required: false + schema: + default: 20 + type: number + - in: query + name: kuery + required: false + schema: + type: string + responses: {} + summary: '' + tags: [] + post: + deprecated: true + operationId: '%2Fapi%2Ffleet%2Fenrollment-api-keys#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + expiration: + type: string + name: + type: string + policy_id: + type: string + required: + - policy_id + responses: {} + summary: '' + tags: [] + /api/fleet/enrollment-api-keys/{keyId}: + delete: + deprecated: true + operationId: '%2Fapi%2Ffleet%2Fenrollment-api-keys%2F%7BkeyId%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: keyId + required: true + schema: + type: string + responses: {} + summary: '' + tags: [] + get: + deprecated: true + operationId: '%2Fapi%2Ffleet%2Fenrollment-api-keys%2F%7BkeyId%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: keyId + required: true + schema: + type: string + responses: {} + summary: '' + tags: [] + /api/fleet/epm/bulk_assets: + post: + description: Bulk get assets + operationId: '%2Fapi%2Ffleet%2Fepm%2Fbulk_assets#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + assetIds: + items: + additionalProperties: false + type: object + properties: + id: + type: string + type: + type: string + required: + - id + - type + type: array + required: + - assetIds + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + appLink: + type: string + attributes: + additionalProperties: false + type: object + properties: + description: + type: string + service: + type: string + title: + type: string + id: + type: string + type: + type: string + updatedAt: + type: string + required: + - id + - type + - attributes + type: array + required: + - items + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/categories: + get: + description: List package categories + operationId: '%2Fapi%2Ffleet%2Fepm%2Fcategories#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: prerelease + required: false + schema: + type: boolean + - in: query + name: experimental + required: false + schema: + type: boolean + - in: query + name: include_policy_templates + required: false + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + count: + type: number + id: + type: string + parent_id: + type: string + parent_title: + type: string + title: + type: string + required: + - id + - title + - count + type: array + response: + items: + additionalProperties: false + deprecated: true + type: object + properties: + count: + type: number + id: + type: string + parent_id: + type: string + parent_title: + type: string + title: + type: string + required: + - id + - title + - count + type: array + required: + - items + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/custom_integrations: + post: + description: Create custom integration + operationId: '%2Fapi%2Ffleet%2Fepm%2Fcustom_integrations#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + datasets: + items: + additionalProperties: false + type: object + properties: + name: + type: string + type: + enum: + - logs + - metrics + - traces + - synthetics + - profiling + type: string + required: + - name + - type + type: array + force: + type: boolean + integrationName: + type: string + required: + - integrationName + - datasets + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + _meta: + additionalProperties: false + type: object + properties: + install_source: + type: string + required: + - install_source + items: + items: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + - additionalProperties: false + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + response: + deprecated: true + items: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + - additionalProperties: false + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + required: + - items + - _meta + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/data_streams: + get: + description: List data streams + operationId: '%2Fapi%2Ffleet%2Fepm%2Fdata_streams#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: type + required: false + schema: + enum: + - logs + - metrics + - traces + - synthetics + - profiling + type: string + - in: query + name: datasetQuery + required: false + schema: + type: string + - in: query + name: sortOrder + required: false + schema: + default: asc + enum: + - asc + - desc + type: string + - in: query + name: uncategorisedOnly + required: false + schema: + default: false + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + name: + type: string + required: + - name + type: array + required: + - items + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Data streams + /api/fleet/epm/packages: + get: + description: List packages + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: category + required: false + schema: + type: string + - in: query + name: prerelease + required: false + schema: + type: boolean + - in: query + name: experimental + required: false + schema: + type: boolean + - in: query + name: excludeInstallStatus + required: false + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: true + type: object + properties: + categories: + items: + type: string + type: array + conditions: + additionalProperties: true + type: object + properties: + elastic: + additionalProperties: true + type: object + properties: + capabilities: + items: + type: string + type: array + subscription: + type: string + kibana: + additionalProperties: true + type: object + properties: + version: + type: string + data_streams: + items: + additionalProperties: {} + type: object + type: array + description: + type: string + download: + type: string + format_version: + type: string + icons: + items: + additionalProperties: true + type: object + properties: + dark_mode: + type: boolean + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + type: array + id: + type: string + installationInfo: + additionalProperties: true + type: object + properties: + additional_spaces_installed_kibana: + additionalProperties: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + type: object + created_at: + type: string + experimental_data_stream_features: + items: + additionalProperties: true + type: object + properties: + data_stream: + type: string + features: + additionalProperties: true + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + install_format_schema_version: + type: string + install_source: + enum: + - registry + - upload + - bundled + - custom + type: string + install_status: + enum: + - installed + - installing + - install_failed + type: string + installed_es: + items: + additionalProperties: true + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + installed_kibana: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + installed_kibana_space_id: + type: string + latest_executed_state: + additionalProperties: true + type: object + properties: + error: + type: string + name: + type: string + started_at: + type: string + required: + - name + - started_at + latest_install_failed_attempts: + items: + additionalProperties: true + type: object + properties: + created_at: + type: string + error: + additionalProperties: true + type: object + properties: + message: + type: string + name: + type: string + stack: + type: string + required: + - name + - message + target_version: + type: string + required: + - created_at + - target_version + - error + type: array + name: + type: string + namespaces: + items: + type: string + type: array + type: + type: string + updated_at: + type: string + verification_key_id: + nullable: true + type: string + verification_status: + enum: + - unverified + - verified + - unknown + type: string + version: + type: string + required: + - type + - installed_kibana + - installed_es + - name + - version + - install_status + - install_source + - verification_status + integration: + type: string + internal: + type: boolean + latestVersion: + type: string + name: + type: string + owner: + additionalProperties: true + type: object + properties: + github: + type: string + type: + enum: + - elastic + - partner + - community + type: string + path: + type: string + policy_templates: + items: + additionalProperties: {} + type: object + type: array + readme: + type: string + release: + enum: + - ga + - beta + - experimental + type: string + savedObject: {} + signature_path: + type: string + source: + additionalProperties: true + type: object + properties: + license: + type: string + required: + - license + status: + type: string + title: + type: string + type: + enum: + - integration + - input + type: string + vars: + items: + additionalProperties: {} + type: object + type: array + version: + type: string + required: + - savedObject + - name + - version + - title + - id + type: array + response: + items: + additionalProperties: true + deprecated: true + type: object + properties: + categories: + items: + type: string + type: array + conditions: + additionalProperties: true + type: object + properties: + elastic: + additionalProperties: true + type: object + properties: + capabilities: + items: + type: string + type: array + subscription: + type: string + kibana: + additionalProperties: true + type: object + properties: + version: + type: string + data_streams: + items: + additionalProperties: {} + type: object + type: array + description: + type: string + download: + type: string + format_version: + type: string + icons: + items: + additionalProperties: true + type: object + properties: + dark_mode: + type: boolean + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + type: array + id: + type: string + installationInfo: + additionalProperties: true + type: object + properties: + additional_spaces_installed_kibana: + additionalProperties: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + type: object + created_at: + type: string + experimental_data_stream_features: + items: + additionalProperties: true + type: object + properties: + data_stream: + type: string + features: + additionalProperties: true + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + install_format_schema_version: + type: string + install_source: + enum: + - registry + - upload + - bundled + - custom + type: string + install_status: + enum: + - installed + - installing + - install_failed + type: string + installed_es: + items: + additionalProperties: true + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + installed_kibana: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + installed_kibana_space_id: + type: string + latest_executed_state: + additionalProperties: true + type: object + properties: + error: + type: string + name: + type: string + started_at: + type: string + required: + - name + - started_at + latest_install_failed_attempts: + items: + additionalProperties: true + type: object + properties: + created_at: + type: string + error: + additionalProperties: true + type: object + properties: + message: + type: string + name: + type: string + stack: + type: string + required: + - name + - message + target_version: + type: string + required: + - created_at + - target_version + - error + type: array + name: + type: string + namespaces: + items: + type: string + type: array + type: + type: string + updated_at: + type: string + verification_key_id: + nullable: true + type: string + verification_status: + enum: + - unverified + - verified + - unknown + type: string + version: + type: string + required: + - type + - installed_kibana + - installed_es + - name + - version + - install_status + - install_source + - verification_status + integration: + type: string + internal: + type: boolean + latestVersion: + type: string + name: + type: string + owner: + additionalProperties: true + type: object + properties: + github: + type: string + type: + enum: + - elastic + - partner + - community + type: string + path: + type: string + policy_templates: + items: + additionalProperties: {} + type: object + type: array + readme: + type: string + release: + enum: + - ga + - beta + - experimental + type: string + savedObject: {} + signature_path: + type: string + source: + additionalProperties: true + type: object + properties: + license: + type: string + required: + - license + status: + type: string + title: + type: string + type: + enum: + - integration + - input + type: string + vars: + items: + additionalProperties: {} + type: object + type: array + version: + type: string + required: + - savedObject + - name + - version + - title + - id + type: array + required: + - items + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + post: + description: Install package by upload + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: query + name: ignoreMappingUpdateErrors + required: false + schema: + default: false + type: boolean + - in: query + name: skipDataStreamRollover + required: false + schema: + default: false + type: boolean + requestBody: + content: + application/gzip; application/zip; Elastic-Api-Version=2023-10-31: + schema: + format: binary + type: string + responses: + '200': + content: + application/gzip; application/zip; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + _meta: + additionalProperties: false + type: object + properties: + install_source: + type: string + required: + - install_source + items: + items: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + - additionalProperties: false + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + response: + deprecated: true + items: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + - additionalProperties: false + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + required: + - items + - _meta + '400': + content: + application/gzip; application/zip; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/_bulk: + post: + description: Bulk install packages + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F_bulk#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: query + name: prerelease + required: false + schema: + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + force: + default: false + type: boolean + packages: + items: + anyOf: + - type: string + - additionalProperties: false + type: object + properties: + name: + type: string + prerelease: + type: boolean + version: + type: string + required: + - name + - version + minItems: 1 + type: array + required: + - packages + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + anyOf: + - additionalProperties: false + type: object + properties: + name: + type: string + result: + additionalProperties: false + type: object + properties: + assets: + items: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + - additionalProperties: false + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + error: {} + installSource: + type: string + installType: + type: string + status: + enum: + - installed + - already_installed + type: string + required: + - error + - installType + version: + type: string + required: + - name + - version + - result + - additionalProperties: false + type: object + properties: + error: + anyOf: + - type: string + - {} + name: + type: string + statusCode: + type: number + required: + - name + - statusCode + - error + type: array + response: + deprecated: true + items: + anyOf: + - additionalProperties: false + type: object + properties: + name: + type: string + result: + additionalProperties: false + type: object + properties: + assets: + items: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + - additionalProperties: false + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + error: {} + installSource: + type: string + installType: + type: string + status: + enum: + - installed + - already_installed + type: string + required: + - error + - installType + version: + type: string + required: + - name + - version + - result + - additionalProperties: false + type: object + properties: + error: + anyOf: + - type: string + - {} + name: + type: string + statusCode: + type: number + required: + - name + - statusCode + - error + type: array + required: + - items + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/{pkgkey}: + delete: + deprecated: true + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#3' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: pkgkey + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + nullable: true + type: object + properties: + force: + type: boolean + required: + - force + responses: {} + summary: '' + tags: [] + get: + deprecated: true + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: pkgkey + required: true + schema: + type: string + - in: query + name: ignoreUnverified + required: false + schema: + type: boolean + - in: query + name: prerelease + required: false + schema: + type: boolean + - in: query + name: full + required: false + schema: + type: boolean + - in: query + name: withMetadata + required: false + schema: + default: false + type: boolean + responses: {} + summary: '' + tags: [] + post: + deprecated: true + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#2' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: pkgkey + required: true + schema: + type: string + - in: query + name: prerelease + required: false + schema: + type: boolean + - in: query + name: ignoreMappingUpdateErrors + required: false + schema: + default: false + type: boolean + - in: query + name: skipDataStreamRollover + required: false + schema: + default: false + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + nullable: true + type: object + properties: + force: + type: boolean + required: + - force + responses: {} + summary: '' + tags: [] + put: + deprecated: true + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: pkgkey + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + keepPoliciesUpToDate: + type: boolean + required: + - keepPoliciesUpToDate + responses: {} + summary: '' + tags: [] + /api/fleet/epm/packages/{pkgName}/{pkgVersion}: + delete: + description: Delete package + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D#3' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: pkgName + required: true + schema: + type: string + - in: path + name: pkgVersion + required: true + schema: + type: string + - in: query + name: force + required: false + schema: + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + nullable: true + type: object + properties: + force: + type: boolean + required: + - force + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + - additionalProperties: false + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + response: + deprecated: true + items: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + - additionalProperties: false + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + required: + - items + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + get: + description: Get package + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: pkgName + required: true + schema: + type: string + - in: path + name: pkgVersion + required: true + schema: + type: string + - in: query + name: ignoreUnverified + required: false + schema: + type: boolean + - in: query + name: prerelease + required: false + schema: + type: boolean + - in: query + name: full + required: false + schema: + type: boolean + - in: query + name: withMetadata + required: false + schema: + default: false + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: true + type: object + properties: + agent: + additionalProperties: false + type: object + properties: + privileges: + additionalProperties: false + type: object + properties: + root: + type: boolean + asset_tags: + items: + additionalProperties: false + type: object + properties: + asset_ids: + items: + type: string + type: array + asset_types: + items: + type: string + type: array + text: + type: string + required: + - text + type: array + assets: + additionalProperties: {} + type: object + categories: + items: + type: string + type: array + conditions: + additionalProperties: true + type: object + properties: + elastic: + additionalProperties: true + type: object + properties: + capabilities: + items: + type: string + type: array + subscription: + type: string + kibana: + additionalProperties: true + type: object + properties: + version: + type: string + data_streams: + items: + additionalProperties: {} + type: object + type: array + description: + type: string + download: + type: string + elasticsearch: + additionalProperties: {} + type: object + format_version: + type: string + icons: + items: + additionalProperties: true + type: object + properties: + dark_mode: + type: boolean + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + type: array + installationInfo: + additionalProperties: true + type: object + properties: + additional_spaces_installed_kibana: + additionalProperties: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + type: object + created_at: + type: string + experimental_data_stream_features: + items: + additionalProperties: true + type: object + properties: + data_stream: + type: string + features: + additionalProperties: true + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + install_format_schema_version: + type: string + install_source: + enum: + - registry + - upload + - bundled + - custom + type: string + install_status: + enum: + - installed + - installing + - install_failed + type: string + installed_es: + items: + additionalProperties: true + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + installed_kibana: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + installed_kibana_space_id: + type: string + latest_executed_state: + additionalProperties: true + type: object + properties: + error: + type: string + name: + type: string + started_at: + type: string + required: + - name + - started_at + latest_install_failed_attempts: + items: + additionalProperties: true + type: object + properties: + created_at: + type: string + error: + additionalProperties: true + type: object + properties: + message: + type: string + name: + type: string + stack: + type: string + required: + - name + - message + target_version: + type: string + required: + - created_at + - target_version + - error + type: array + name: + type: string + namespaces: + items: + type: string + type: array + type: + type: string + updated_at: + type: string + verification_key_id: + nullable: true + type: string + verification_status: + enum: + - unverified + - verified + - unknown + type: string + version: + type: string + required: + - type + - installed_kibana + - installed_es + - name + - version + - install_status + - install_source + - verification_status + internal: + type: boolean + keepPoliciesUpToDate: + type: boolean + latestVersion: + type: string + license: + type: string + licensePath: + type: string + name: + type: string + notice: + type: string + owner: + additionalProperties: true + type: object + properties: + github: + type: string + type: + enum: + - elastic + - partner + - community + type: string + path: + type: string + policy_templates: + items: + additionalProperties: {} + type: object + type: array + readme: + type: string + release: + enum: + - ga + - beta + - experimental + type: string + savedObject: {} + screenshots: + items: + additionalProperties: false + type: object + properties: + dark_mode: + type: boolean + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + type: array + signature_path: + type: string + source: + additionalProperties: true + type: object + properties: + license: + type: string + required: + - license + status: + type: string + title: + type: string + type: + enum: + - integration + - input + type: string + vars: + items: + additionalProperties: {} + type: object + type: array + version: + type: string + required: + - savedObject + - name + - version + - title + - assets + metadata: + additionalProperties: false + type: object + properties: + has_policies: + type: boolean + required: + - has_policies + response: + additionalProperties: true + deprecated: true + type: object + properties: + agent: + additionalProperties: false + type: object + properties: + privileges: + additionalProperties: false + type: object + properties: + root: + type: boolean + asset_tags: + items: + additionalProperties: false + type: object + properties: + asset_ids: + items: + type: string + type: array + asset_types: + items: + type: string + type: array + text: + type: string + required: + - text + type: array + assets: + additionalProperties: {} + type: object + categories: + items: + type: string + type: array + conditions: + additionalProperties: true + type: object + properties: + elastic: + additionalProperties: true + type: object + properties: + capabilities: + items: + type: string + type: array + subscription: + type: string + kibana: + additionalProperties: true + type: object + properties: + version: + type: string + data_streams: + items: + additionalProperties: {} + type: object + type: array + description: + type: string + download: + type: string + elasticsearch: + additionalProperties: {} + type: object + format_version: + type: string + icons: + items: + additionalProperties: true + type: object + properties: + dark_mode: + type: boolean + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + type: array + installationInfo: + additionalProperties: true + type: object + properties: + additional_spaces_installed_kibana: + additionalProperties: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + type: object + created_at: + type: string + experimental_data_stream_features: + items: + additionalProperties: true + type: object + properties: + data_stream: + type: string + features: + additionalProperties: true + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + install_format_schema_version: + type: string + install_source: + enum: + - registry + - upload + - bundled + - custom + type: string + install_status: + enum: + - installed + - installing + - install_failed + type: string + installed_es: + items: + additionalProperties: true + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + installed_kibana: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + installed_kibana_space_id: + type: string + latest_executed_state: + additionalProperties: true + type: object + properties: + error: + type: string + name: + type: string + started_at: + type: string + required: + - name + - started_at + latest_install_failed_attempts: + items: + additionalProperties: true + type: object + properties: + created_at: + type: string + error: + additionalProperties: true + type: object + properties: + message: + type: string + name: + type: string + stack: + type: string + required: + - name + - message + target_version: + type: string + required: + - created_at + - target_version + - error + type: array + name: + type: string + namespaces: + items: + type: string + type: array + type: + type: string + updated_at: + type: string + verification_key_id: + nullable: true + type: string + verification_status: + enum: + - unverified + - verified + - unknown + type: string + version: + type: string + required: + - type + - installed_kibana + - installed_es + - name + - version + - install_status + - install_source + - verification_status + internal: + type: boolean + keepPoliciesUpToDate: + type: boolean + latestVersion: + type: string + license: + type: string + licensePath: + type: string + name: + type: string + notice: + type: string + owner: + additionalProperties: true + type: object + properties: + github: + type: string + type: + enum: + - elastic + - partner + - community + type: string + path: + type: string + policy_templates: + items: + additionalProperties: {} + type: object + type: array + readme: + type: string + release: + enum: + - ga + - beta + - experimental + type: string + savedObject: {} + screenshots: + items: + additionalProperties: false + type: object + properties: + dark_mode: + type: boolean + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + type: array + signature_path: + type: string + source: + additionalProperties: true + type: object + properties: + license: + type: string + required: + - license + status: + type: string + title: + type: string + type: + enum: + - integration + - input + type: string + vars: + items: + additionalProperties: {} + type: object + type: array + version: + type: string + required: + - savedObject + - name + - version + - title + - assets + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + post: + description: Install package from registry + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D#2' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: pkgName + required: true + schema: + type: string + - in: path + name: pkgVersion + required: true + schema: + type: string + - in: query + name: prerelease + required: false + schema: + type: boolean + - in: query + name: ignoreMappingUpdateErrors + required: false + schema: + default: false + type: boolean + - in: query + name: skipDataStreamRollover + required: false + schema: + default: false + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + nullable: true + type: object + properties: + force: + default: false + type: boolean + ignore_constraints: + default: false + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + _meta: + additionalProperties: false + type: object + properties: + install_source: + type: string + required: + - install_source + items: + items: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + - additionalProperties: false + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + response: + deprecated: true + items: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + - additionalProperties: false + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + required: + - items + - _meta + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + put: + description: Update package settings + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: pkgName + required: true + schema: + type: string + - in: path + name: pkgVersion + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + keepPoliciesUpToDate: + type: boolean + required: + - keepPoliciesUpToDate + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: true + type: object + properties: + agent: + additionalProperties: false + type: object + properties: + privileges: + additionalProperties: false + type: object + properties: + root: + type: boolean + asset_tags: + items: + additionalProperties: false + type: object + properties: + asset_ids: + items: + type: string + type: array + asset_types: + items: + type: string + type: array + text: + type: string + required: + - text + type: array + assets: + additionalProperties: {} + type: object + categories: + items: + type: string + type: array + conditions: + additionalProperties: true + type: object + properties: + elastic: + additionalProperties: true + type: object + properties: + capabilities: + items: + type: string + type: array + subscription: + type: string + kibana: + additionalProperties: true + type: object + properties: + version: + type: string + data_streams: + items: + additionalProperties: {} + type: object + type: array + description: + type: string + download: + type: string + elasticsearch: + additionalProperties: {} + type: object + format_version: + type: string + icons: + items: + additionalProperties: true + type: object + properties: + dark_mode: + type: boolean + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + type: array + installationInfo: + additionalProperties: true + type: object + properties: + additional_spaces_installed_kibana: + additionalProperties: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + type: object + created_at: + type: string + experimental_data_stream_features: + items: + additionalProperties: true + type: object + properties: + data_stream: + type: string + features: + additionalProperties: true + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + install_format_schema_version: + type: string + install_source: + enum: + - registry + - upload + - bundled + - custom + type: string + install_status: + enum: + - installed + - installing + - install_failed + type: string + installed_es: + items: + additionalProperties: true + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + installed_kibana: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + installed_kibana_space_id: + type: string + latest_executed_state: + additionalProperties: true + type: object + properties: + error: + type: string + name: + type: string + started_at: + type: string + required: + - name + - started_at + latest_install_failed_attempts: + items: + additionalProperties: true + type: object + properties: + created_at: + type: string + error: + additionalProperties: true + type: object + properties: + message: + type: string + name: + type: string + stack: + type: string + required: + - name + - message + target_version: + type: string + required: + - created_at + - target_version + - error + type: array + name: + type: string + namespaces: + items: + type: string + type: array + type: + type: string + updated_at: + type: string + verification_key_id: + nullable: true + type: string + verification_status: + enum: + - unverified + - verified + - unknown + type: string + version: + type: string + required: + - type + - installed_kibana + - installed_es + - name + - version + - install_status + - install_source + - verification_status + internal: + type: boolean + keepPoliciesUpToDate: + type: boolean + latestVersion: + type: string + license: + type: string + licensePath: + type: string + name: + type: string + notice: + type: string + owner: + additionalProperties: true + type: object + properties: + github: + type: string + type: + enum: + - elastic + - partner + - community + type: string + path: + type: string + policy_templates: + items: + additionalProperties: {} + type: object + type: array + readme: + type: string + release: + enum: + - ga + - beta + - experimental + type: string + savedObject: {} + screenshots: + items: + additionalProperties: false + type: object + properties: + dark_mode: + type: boolean + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + type: array + signature_path: + type: string + source: + additionalProperties: true + type: object + properties: + license: + type: string + required: + - license + status: + type: string + title: + type: string + type: + enum: + - integration + - input + type: string + vars: + items: + additionalProperties: {} + type: object + type: array + version: + type: string + required: + - savedObject + - name + - version + - title + - assets + response: + additionalProperties: true + deprecated: true + type: object + properties: + agent: + additionalProperties: false + type: object + properties: + privileges: + additionalProperties: false + type: object + properties: + root: + type: boolean + asset_tags: + items: + additionalProperties: false + type: object + properties: + asset_ids: + items: + type: string + type: array + asset_types: + items: + type: string + type: array + text: + type: string + required: + - text + type: array + assets: + additionalProperties: {} + type: object + categories: + items: + type: string + type: array + conditions: + additionalProperties: true + type: object + properties: + elastic: + additionalProperties: true + type: object + properties: + capabilities: + items: + type: string + type: array + subscription: + type: string + kibana: + additionalProperties: true + type: object + properties: + version: + type: string + data_streams: + items: + additionalProperties: {} + type: object + type: array + description: + type: string + download: + type: string + elasticsearch: + additionalProperties: {} + type: object + format_version: + type: string + icons: + items: + additionalProperties: true + type: object + properties: + dark_mode: + type: boolean + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + type: array + installationInfo: + additionalProperties: true + type: object + properties: + additional_spaces_installed_kibana: + additionalProperties: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + type: object + created_at: + type: string + experimental_data_stream_features: + items: + additionalProperties: true + type: object + properties: + data_stream: + type: string + features: + additionalProperties: true + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + install_format_schema_version: + type: string + install_source: + enum: + - registry + - upload + - bundled + - custom + type: string + install_status: + enum: + - installed + - installing + - install_failed + type: string + installed_es: + items: + additionalProperties: true + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + installed_kibana: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + installed_kibana_space_id: + type: string + latest_executed_state: + additionalProperties: true + type: object + properties: + error: + type: string + name: + type: string + started_at: + type: string + required: + - name + - started_at + latest_install_failed_attempts: + items: + additionalProperties: true + type: object + properties: + created_at: + type: string + error: + additionalProperties: true + type: object + properties: + message: + type: string + name: + type: string + stack: + type: string + required: + - name + - message + target_version: + type: string + required: + - created_at + - target_version + - error + type: array + name: + type: string + namespaces: + items: + type: string + type: array + type: + type: string + updated_at: + type: string + verification_key_id: + nullable: true + type: string + verification_status: + enum: + - unverified + - verified + - unknown + type: string + version: + type: string + required: + - type + - installed_kibana + - installed_es + - name + - version + - install_status + - install_source + - verification_status + internal: + type: boolean + keepPoliciesUpToDate: + type: boolean + latestVersion: + type: string + license: + type: string + licensePath: + type: string + name: + type: string + notice: + type: string + owner: + additionalProperties: true + type: object + properties: + github: + type: string + type: + enum: + - elastic + - partner + - community + type: string + path: + type: string + policy_templates: + items: + additionalProperties: {} + type: object + type: array + readme: + type: string + release: + enum: + - ga + - beta + - experimental + type: string + savedObject: {} + screenshots: + items: + additionalProperties: false + type: object + properties: + dark_mode: + type: boolean + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + type: array + signature_path: + type: string + source: + additionalProperties: true + type: object + properties: + license: + type: string + required: + - license + status: + type: string + title: + type: string + type: + enum: + - integration + - input + type: string + vars: + items: + additionalProperties: {} + type: object + type: array + version: + type: string + required: + - savedObject + - name + - version + - title + - assets + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/{pkgName}/{pkgVersion}/{filePath*}: + get: + description: Get package file + operationId: >- + %2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D%2F%7BfilePath*%7D#0 + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: pkgName + required: true + schema: + type: string + - in: path + name: pkgVersion + required: true + schema: + type: string + - in: path + name: filePath + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: {} + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/{pkgName}/{pkgVersion}/transforms/authorize: + post: + description: Authorize transforms + operationId: >- + %2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D%2Ftransforms%2Fauthorize#0 + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: pkgName + required: true + schema: + type: string + - in: path + name: pkgVersion + required: true + schema: + type: string + - in: query + name: prerelease + required: false + schema: + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + transforms: + items: + additionalProperties: false + type: object + properties: + transformId: + type: string + required: + - transformId + type: array + required: + - transforms + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + additionalProperties: false + type: object + properties: + error: + nullable: true + success: + type: boolean + transformId: + type: string + required: + - transformId + - success + - error + type: array + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/{pkgName}/stats: + get: + description: Get package stats + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2Fstats#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: pkgName + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + response: + additionalProperties: false + type: object + properties: + agent_policy_count: + type: number + required: + - agent_policy_count + required: + - response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/installed: + get: + description: Get installed packages + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2Finstalled#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: dataStreamType + required: false + schema: + enum: + - logs + - metrics + - traces + - synthetics + - profiling + type: string + - in: query + name: showOnlyActiveDataStreams + required: false + schema: + type: boolean + - in: query + name: nameQuery + required: false + schema: + type: string + - in: query + name: searchAfter + required: false + schema: + items: + anyOf: + - type: string + - type: number + type: array + - in: query + name: perPage + required: false + schema: + default: 15 + type: number + - in: query + name: sortOrder + required: false + schema: + default: asc + enum: + - asc + - desc + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + dataStreams: + items: + additionalProperties: false + type: object + properties: + name: + type: string + title: + type: string + required: + - name + - title + type: array + description: + type: string + icons: + items: + additionalProperties: false + type: object + properties: + dark_mode: + type: boolean + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + type: array + name: + type: string + status: + type: string + title: + type: string + version: + type: string + required: + - name + - version + - status + - dataStreams + type: array + searchAfter: + items: + anyOf: + - type: string + - type: number + - type: boolean + - enum: [] + nullable: true + - {} + type: array + total: + type: number + required: + - items + - total + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/limited: + get: + description: Get limited package list + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2Flimited#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + type: string + type: array + response: + deprecated: true + items: + type: string + type: array + required: + - items + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/templates/{pkgName}/{pkgVersion}/inputs: + get: + description: Get inputs template + operationId: >- + %2Fapi%2Ffleet%2Fepm%2Ftemplates%2F%7BpkgName%7D%2F%7BpkgVersion%7D%2Finputs#0 + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: pkgName + required: true + schema: + type: string + - in: path + name: pkgVersion + required: true + schema: + type: string + - in: query + name: format + required: false + schema: + default: json + enum: + - json + - yml + - yaml + type: string + - in: query + name: prerelease + required: false + schema: + type: boolean + - in: query + name: ignoreUnverified + required: false + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + anyOf: + - type: string + - additionalProperties: false + type: object + properties: + inputs: + items: + additionalProperties: false + type: object + properties: + id: + type: string + streams: + items: + additionalProperties: true + type: object + properties: + data_stream: + additionalProperties: true + type: object + properties: + dataset: + type: string + type: + type: string + required: + - dataset + id: + type: string + required: + - id + - data_stream + type: array + type: + type: string + required: + - id + - type + type: array + required: + - inputs + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/verification_key_id: + get: + description: Get a package signature verification key ID + operationId: '%2Fapi%2Ffleet%2Fepm%2Fverification_key_id#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + id: + nullable: true + type: string + required: + - id + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + /api/fleet/fleet_server_hosts: + get: + description: List Fleet Server hosts + operationId: '%2Fapi%2Ffleet%2Ffleet_server_hosts#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + host_urls: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + default: false + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + required: + - id + - name + - host_urls + type: array + page: + type: number + perPage: + type: number + total: + type: number + required: + - items + - total + - page + - perPage + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet Server hosts + post: + description: Create Fleet Server host + operationId: '%2Fapi%2Ffleet%2Ffleet_server_hosts#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + host_urls: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + default: false + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + required: + - name + - host_urls + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + host_urls: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + default: false + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + required: + - id + - name + - host_urls + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet Server hosts + /api/fleet/fleet_server_hosts/{itemId}: + delete: + description: Delete Fleet Server host by ID + operationId: '%2Fapi%2Ffleet%2Ffleet_server_hosts%2F%7BitemId%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: itemId + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet Server hosts + get: + description: Get Fleet Server host by ID + operationId: '%2Fapi%2Ffleet%2Ffleet_server_hosts%2F%7BitemId%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: itemId + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + host_urls: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + default: false + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + required: + - id + - name + - host_urls + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet Server hosts + put: + description: Update Fleet Server host by ID + operationId: '%2Fapi%2Ffleet%2Ffleet_server_hosts%2F%7BitemId%7D#2' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: itemId + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + host_urls: + items: + type: string + minItems: 1 + type: array + is_default: + type: boolean + is_internal: + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + required: + - proxy_id + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + host_urls: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + default: false + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + required: + - id + - name + - host_urls + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet Server hosts + /api/fleet/health_check: + post: + description: Check Fleet Server health + operationId: '%2Fapi%2Ffleet%2Fhealth_check#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + host: + format: uri + type: string + id: + type: string + required: + - id + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + host: + deprecated: true + type: string + host_id: + type: string + name: + type: string + status: + type: string + required: + - status + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet internals + /api/fleet/kubernetes: + get: + description: Get full K8s agent manifest + operationId: '%2Fapi%2Ffleet%2Fkubernetes#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: download + required: false + schema: + type: boolean + - in: query + name: fleetServer + required: false + schema: + type: string + - in: query + name: enrolToken + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + type: string + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agent policies + /api/fleet/kubernetes/download: + get: + operationId: '%2Fapi%2Ffleet%2Fkubernetes%2Fdownload#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: download + required: false + schema: + type: boolean + - in: query + name: fleetServer + required: false + schema: + type: string + - in: query + name: enrolToken + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: string + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agent policies + /api/fleet/logstash_api_keys: + post: + description: Generate Logstash API keyy + operationId: '%2Fapi%2Ffleet%2Flogstash_api_keys#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + api_key: + type: string + required: + - api_key + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet outputs + /api/fleet/message_signing_service/rotate_key_pair: + post: + description: Rotate fleet message signing key pair + operationId: '%2Fapi%2Ffleet%2Fmessage_signing_service%2Frotate_key_pair#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: query + name: acknowledge + required: false + schema: + default: false + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + message: + type: string + required: + - message + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Message Signing Service + /api/fleet/outputs: + get: + description: List outputs + operationId: '%2Fapi%2Ffleet%2Foutputs#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + anyOf: + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - elasticsearch + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: true + type: object + properties: + service_token: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + service_token: + nullable: true + type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - remote_elasticsearch + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: true + type: object + properties: + ssl: + additionalProperties: true + type: object + properties: + key: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - logstash + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + auth_type: + enum: + - none + - user_pass + - ssl + - kerberos + type: string + broker_timeout: + type: number + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + client_id: + type: string + compression: + enum: + - gzip + - snappy + - lz4 + - none + type: string + compression_level: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: number + - not: {} + config_yaml: + nullable: true + type: string + connection_type: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - enum: + - plaintext + - encryption + type: string + - not: {} + hash: + additionalProperties: true + type: object + properties: + hash: + type: string + random: + type: boolean + headers: + items: + additionalProperties: true + type: object + properties: + key: + type: string + value: + type: string + required: + - key + - value + type: array + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + key: + type: string + name: + type: string + partition: + enum: + - random + - round_robin + - hash + type: string + password: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - not: {} + - anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + proxy_id: + nullable: true + type: string + random: + additionalProperties: true + type: object + properties: + group_events: + type: number + required_acks: + enum: + - 1 + - 0 + - -1 + type: integer + round_robin: + additionalProperties: true + type: object + properties: + group_events: + type: number + sasl: + additionalProperties: true + nullable: true + type: object + properties: + mechanism: + enum: + - PLAIN + - SCRAM-SHA-256 + - SCRAM-SHA-512 + type: string + secrets: + additionalProperties: true + type: object + properties: + password: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + ssl: + additionalProperties: true + type: object + properties: + key: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + required: + - key + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + timeout: + type: number + topic: + type: string + topics: + items: + additionalProperties: true + type: object + properties: + topic: + type: string + when: + additionalProperties: true + type: object + properties: + condition: + type: string + type: + enum: + - equals + - contains + - regexp + type: string + required: + - topic + minItems: 1 + type: array + type: + enum: + - kafka + type: string + username: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + version: + type: string + required: + - name + - type + - hosts + - compression_level + - auth_type + - connection_type + - username + - password + type: array + page: + type: number + perPage: + type: number + total: + type: number + required: + - items + - total + - page + - perPage + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet outputs + post: + description: Create output + operationId: '%2Fapi%2Ffleet%2Foutputs#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + anyOf: + - additionalProperties: false + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + shipper: + additionalProperties: false + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: false + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - elasticsearch + type: string + required: + - name + - type + - hosts + - additionalProperties: false + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: false + type: object + properties: + service_token: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + - type: string + service_token: + nullable: true + type: string + shipper: + additionalProperties: false + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: false + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - remote_elasticsearch + type: string + required: + - name + - type + - hosts + - additionalProperties: false + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: false + type: object + properties: + ssl: + additionalProperties: false + type: object + properties: + key: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + - type: string + shipper: + additionalProperties: false + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: false + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - logstash + type: string + required: + - name + - type + - hosts + - additionalProperties: false + type: object + properties: + allow_edit: + items: + type: string + type: array + auth_type: + enum: + - none + - user_pass + - ssl + - kerberos + type: string + broker_timeout: + type: number + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + client_id: + type: string + compression: + enum: + - gzip + - snappy + - lz4 + - none + type: string + compression_level: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: number + - not: {} + config_yaml: + nullable: true + type: string + connection_type: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - enum: + - plaintext + - encryption + type: string + - not: {} + hash: + additionalProperties: false + type: object + properties: + hash: + type: string + random: + type: boolean + headers: + items: + additionalProperties: false + type: object + properties: + key: + type: string + value: + type: string + required: + - key + - value + type: array + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + key: + type: string + name: + type: string + partition: + enum: + - random + - round_robin + - hash + type: string + password: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - not: {} + - anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + proxy_id: + nullable: true + type: string + random: + additionalProperties: false + type: object + properties: + group_events: + type: number + required_acks: + enum: + - 1 + - 0 + - -1 + type: integer + round_robin: + additionalProperties: false + type: object + properties: + group_events: + type: number + sasl: + additionalProperties: false + nullable: true + type: object + properties: + mechanism: + enum: + - PLAIN + - SCRAM-SHA-256 + - SCRAM-SHA-512 + type: string + secrets: + additionalProperties: false + type: object + properties: + password: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + - type: string + ssl: + additionalProperties: false + type: object + properties: + key: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + - type: string + required: + - key + shipper: + additionalProperties: false + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: false + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + timeout: + type: number + topic: + type: string + topics: + items: + additionalProperties: false + type: object + properties: + topic: + type: string + when: + additionalProperties: false + type: object + properties: + condition: + type: string + type: + enum: + - equals + - contains + - regexp + type: string + required: + - topic + minItems: 1 + type: array + type: + enum: + - kafka + type: string + username: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + version: + type: string + required: + - name + - type + - hosts + - compression_level + - auth_type + - connection_type + - username + - password + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + anyOf: + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - elasticsearch + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: true + type: object + properties: + service_token: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + service_token: + nullable: true + type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - remote_elasticsearch + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: true + type: object + properties: + ssl: + additionalProperties: true + type: object + properties: + key: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - logstash + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + auth_type: + enum: + - none + - user_pass + - ssl + - kerberos + type: string + broker_timeout: + type: number + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + client_id: + type: string + compression: + enum: + - gzip + - snappy + - lz4 + - none + type: string + compression_level: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: number + - not: {} + config_yaml: + nullable: true + type: string + connection_type: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - enum: + - plaintext + - encryption + type: string + - not: {} + hash: + additionalProperties: true + type: object + properties: + hash: + type: string + random: + type: boolean + headers: + items: + additionalProperties: true + type: object + properties: + key: + type: string + value: + type: string + required: + - key + - value + type: array + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + key: + type: string + name: + type: string + partition: + enum: + - random + - round_robin + - hash + type: string + password: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - not: {} + - anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + proxy_id: + nullable: true + type: string + random: + additionalProperties: true + type: object + properties: + group_events: + type: number + required_acks: + enum: + - 1 + - 0 + - -1 + type: integer + round_robin: + additionalProperties: true + type: object + properties: + group_events: + type: number + sasl: + additionalProperties: true + nullable: true + type: object + properties: + mechanism: + enum: + - PLAIN + - SCRAM-SHA-256 + - SCRAM-SHA-512 + type: string + secrets: + additionalProperties: true + type: object + properties: + password: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + ssl: + additionalProperties: true + type: object + properties: + key: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + required: + - key + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + timeout: + type: number + topic: + type: string + topics: + items: + additionalProperties: true + type: object + properties: + topic: + type: string + when: + additionalProperties: true + type: object + properties: + condition: + type: string + type: + enum: + - equals + - contains + - regexp + type: string + required: + - topic + minItems: 1 + type: array + type: + enum: + - kafka + type: string + username: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + version: + type: string + required: + - name + - type + - hosts + - compression_level + - auth_type + - connection_type + - username + - password + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet outputs + /api/fleet/outputs/{outputId}: + delete: + description: Delete output by ID + operationId: '%2Fapi%2Ffleet%2Foutputs%2F%7BoutputId%7D#2' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: outputId + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet outputs + get: + description: Get output by ID + operationId: '%2Fapi%2Ffleet%2Foutputs%2F%7BoutputId%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: outputId + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + anyOf: + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - elasticsearch + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: true + type: object + properties: + service_token: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + service_token: + nullable: true + type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - remote_elasticsearch + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: true + type: object + properties: + ssl: + additionalProperties: true + type: object + properties: + key: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - logstash + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + auth_type: + enum: + - none + - user_pass + - ssl + - kerberos + type: string + broker_timeout: + type: number + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + client_id: + type: string + compression: + enum: + - gzip + - snappy + - lz4 + - none + type: string + compression_level: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: number + - not: {} + config_yaml: + nullable: true + type: string + connection_type: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - enum: + - plaintext + - encryption + type: string + - not: {} + hash: + additionalProperties: true + type: object + properties: + hash: + type: string + random: + type: boolean + headers: + items: + additionalProperties: true + type: object + properties: + key: + type: string + value: + type: string + required: + - key + - value + type: array + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + key: + type: string + name: + type: string + partition: + enum: + - random + - round_robin + - hash + type: string + password: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - not: {} + - anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + proxy_id: + nullable: true + type: string + random: + additionalProperties: true + type: object + properties: + group_events: + type: number + required_acks: + enum: + - 1 + - 0 + - -1 + type: integer + round_robin: + additionalProperties: true + type: object + properties: + group_events: + type: number + sasl: + additionalProperties: true + nullable: true + type: object + properties: + mechanism: + enum: + - PLAIN + - SCRAM-SHA-256 + - SCRAM-SHA-512 + type: string + secrets: + additionalProperties: true + type: object + properties: + password: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + ssl: + additionalProperties: true + type: object + properties: + key: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + required: + - key + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + timeout: + type: number + topic: + type: string + topics: + items: + additionalProperties: true + type: object + properties: + topic: + type: string + when: + additionalProperties: true + type: object + properties: + condition: + type: string + type: + enum: + - equals + - contains + - regexp + type: string + required: + - topic + minItems: 1 + type: array + type: + enum: + - kafka + type: string + username: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + version: + type: string + required: + - name + - type + - hosts + - compression_level + - auth_type + - connection_type + - username + - password + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet outputs + put: + description: Update output by ID + operationId: '%2Fapi%2Ffleet%2Foutputs%2F%7BoutputId%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: outputId + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + anyOf: + - additionalProperties: false + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + type: boolean + is_default_monitoring: + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + shipper: + additionalProperties: false + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: false + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - elasticsearch + type: string + - additionalProperties: false + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + type: boolean + is_default_monitoring: + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: false + type: object + properties: + service_token: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + - type: string + service_token: + nullable: true + type: string + shipper: + additionalProperties: false + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: false + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - remote_elasticsearch + type: string + - additionalProperties: false + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + type: boolean + is_default_monitoring: + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: false + type: object + properties: + ssl: + additionalProperties: false + type: object + properties: + key: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + - type: string + shipper: + additionalProperties: false + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: false + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - logstash + type: string + - additionalProperties: false + type: object + properties: + allow_edit: + items: + type: string + type: array + auth_type: + enum: + - none + - user_pass + - ssl + - kerberos + type: string + broker_timeout: + type: number + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + client_id: + type: string + compression: + enum: + - gzip + - snappy + - lz4 + - none + type: string + compression_level: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: number + - not: {} + config_yaml: + nullable: true + type: string + connection_type: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - enum: + - plaintext + - encryption + type: string + - not: {} + hash: + additionalProperties: false + type: object + properties: + hash: + type: string + random: + type: boolean + headers: + items: + additionalProperties: false + type: object + properties: + key: + type: string + value: + type: string + required: + - key + - value + type: array + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + key: + type: string + name: + type: string + partition: + enum: + - random + - round_robin + - hash + type: string + password: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - not: {} + - anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + proxy_id: + nullable: true + type: string + random: + additionalProperties: false + type: object + properties: + group_events: + type: number + required_acks: + enum: + - 1 + - 0 + - -1 + type: integer + round_robin: + additionalProperties: false + type: object + properties: + group_events: + type: number + sasl: + additionalProperties: false + nullable: true + type: object + properties: + mechanism: + enum: + - PLAIN + - SCRAM-SHA-256 + - SCRAM-SHA-512 + type: string + secrets: + additionalProperties: false + type: object + properties: + password: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + - type: string + ssl: + additionalProperties: false + type: object + properties: + key: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + - type: string + required: + - key + shipper: + additionalProperties: false + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: false + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + timeout: + type: number + topic: + type: string + topics: + items: + additionalProperties: false + type: object + properties: + topic: + type: string + when: + additionalProperties: false + type: object + properties: + condition: + type: string + type: + enum: + - equals + - contains + - regexp + type: string + required: + - topic + minItems: 1 + type: array + type: + enum: + - kafka + type: string + username: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + version: + type: string + required: + - name + - compression_level + - connection_type + - username + - password + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + anyOf: + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - elasticsearch + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: true + type: object + properties: + service_token: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + service_token: + nullable: true + type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - remote_elasticsearch + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: true + type: object + properties: + ssl: + additionalProperties: true + type: object + properties: + key: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - logstash + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + auth_type: + enum: + - none + - user_pass + - ssl + - kerberos + type: string + broker_timeout: + type: number + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + client_id: + type: string + compression: + enum: + - gzip + - snappy + - lz4 + - none + type: string + compression_level: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: number + - not: {} + config_yaml: + nullable: true + type: string + connection_type: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - enum: + - plaintext + - encryption + type: string + - not: {} + hash: + additionalProperties: true + type: object + properties: + hash: + type: string + random: + type: boolean + headers: + items: + additionalProperties: true + type: object + properties: + key: + type: string + value: + type: string + required: + - key + - value + type: array + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + key: + type: string + name: + type: string + partition: + enum: + - random + - round_robin + - hash + type: string + password: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - not: {} + - anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + proxy_id: + nullable: true + type: string + random: + additionalProperties: true + type: object + properties: + group_events: + type: number + required_acks: + enum: + - 1 + - 0 + - -1 + type: integer + round_robin: + additionalProperties: true + type: object + properties: + group_events: + type: number + sasl: + additionalProperties: true + nullable: true + type: object + properties: + mechanism: + enum: + - PLAIN + - SCRAM-SHA-256 + - SCRAM-SHA-512 + type: string + secrets: + additionalProperties: true + type: object + properties: + password: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + ssl: + additionalProperties: true + type: object + properties: + key: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + required: + - key + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + timeout: + type: number + topic: + type: string + topics: + items: + additionalProperties: true + type: object + properties: + topic: + type: string + when: + additionalProperties: true + type: object + properties: + condition: + type: string + type: + enum: + - equals + - contains + - regexp + type: string + required: + - topic + minItems: 1 + type: array + type: + enum: + - kafka + type: string + username: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + version: + type: string + required: + - name + - type + - hosts + - compression_level + - auth_type + - connection_type + - username + - password + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet outputs + /api/fleet/outputs/{outputId}/health: + get: + description: Get latest output health + operationId: '%2Fapi%2Ffleet%2Foutputs%2F%7BoutputId%7D%2Fhealth#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: outputId + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + message: + description: long message if unhealthy + type: string + state: + description: state of output, HEALTHY or DEGRADED + type: string + timestamp: + description: timestamp of reported state + type: string + required: + - state + - message + - timestamp + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet outputs + /api/fleet/package_policies: + get: + description: List package policies + operationId: '%2Fapi%2Ffleet%2Fpackage_policies#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: page + required: false + schema: + type: number + - in: query + name: perPage + required: false + schema: + type: number + - in: query + name: sortField + required: false + schema: + type: string + - in: query + name: sortOrder + required: false + schema: + enum: + - desc + - asc + type: string + - in: query + name: showUpgradeable + required: false + schema: + type: boolean + - in: query + name: kuery + required: false + schema: + type: string + - in: query + name: format + required: false + schema: + enum: + - simplified + - legacy + type: string + - in: query + name: withAgentCount + required: false + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + agents: + type: number + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + anyOf: + - items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + - additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that input, (default to + true) + type: boolean + streams: + additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that stream, (default + to true) + type: boolean + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see + integration documentation for more + information) + type: object + description: >- + Input streams (see integration + documentation to know what streams are + available) + type: object + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see + integration documentation for more + information) + type: object + description: >- + Package policy inputs (see integration + documentation to know what inputs are available) + type: object + x-oas-optional: true + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to inherit + the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the package + policy. The override option should be used only in + unusual circumstances and not as a routine + procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy will be + added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy will be + added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + spaceIds: + items: + type: string + type: array + updated_at: + type: string + updated_by: + type: string + vars: + anyOf: + - additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration documentation + for more information) + type: object + - additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + x-oas-optional: true + version: + type: string + required: + - name + - enabled + - inputs + - id + - revision + - updated_at + - updated_by + - created_at + - created_by + type: array + page: + type: number + perPage: + type: number + total: + type: number + required: + - items + - total + - page + - perPage + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet package policies + post: + description: Create package policy + operationId: '%2Fapi%2Ffleet%2Fpackage_policies#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: query + name: format + required: false + schema: + enum: + - simplified + - legacy + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + anyOf: + - additionalProperties: false + type: object + properties: + description: + description: Package policy description + type: string + enabled: + type: boolean + force: + description: >- + Force package policy creation even if package is not + verified, or if the agent policy is managed. + type: boolean + id: + description: Package policy unique identifier + type: string + inputs: + items: + additionalProperties: false + type: object + properties: + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration documentation + for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration documentation + for more information) + type: object + required: + - type + - enabled + type: array + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to inherit the + agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the package + policy. The override option should be used only in + unusual circumstances and not as a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: Agent policy ID where that package policy will be added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy will be + added + type: string + type: array + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration documentation for more + information) + type: object + required: + - name + - inputs + - additionalProperties: false + type: object + properties: + description: + type: string + force: + type: boolean + id: + type: string + inputs: + additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: enable or disable that input, (default to true) + type: boolean + streams: + additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that stream, (default to + true) + type: boolean + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + description: >- + Input streams (see integration documentation to + know what streams are available) + type: object + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + description: >- + Package policy inputs (see integration documentation to + know what inputs are available) + type: object + name: + type: string + namespace: + type: string + output_id: + nullable: true + type: string + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + nullable: true + type: string + policy_ids: + items: + type: string + type: array + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + required: + - name + - package + description: >- + You should use inputs as an object and not use the deprecated + inputs array. + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + agents: + type: number + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + anyOf: + - items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + - additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that input, (default to + true) + type: boolean + streams: + additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that stream, (default + to true) + type: boolean + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see + integration documentation for more + information) + type: object + description: >- + Input streams (see integration documentation + to know what streams are available) + type: object + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + description: >- + Package policy inputs (see integration + documentation to know what inputs are available) + type: object + x-oas-optional: true + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to inherit + the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the package + policy. The override option should be used only in + unusual circumstances and not as a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy will be + added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy will be + added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + spaceIds: + items: + type: string + type: array + updated_at: + type: string + updated_by: + type: string + vars: + anyOf: + - additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration documentation + for more information) + type: object + - additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + x-oas-optional: true + version: + type: string + required: + - name + - enabled + - inputs + - id + - revision + - updated_at + - updated_by + - created_at + - created_by + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet package policies + /api/fleet/package_policies/_bulk_get: + post: + description: Bulk get package policies + operationId: '%2Fapi%2Ffleet%2Fpackage_policies%2F_bulk_get#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: query + name: format + required: false + schema: + enum: + - simplified + - legacy + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + ids: + description: list of package policy ids + items: + type: string + type: array + ignoreMissing: + type: boolean + required: + - ids + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + agents: + type: number + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + anyOf: + - items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + - additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that input, (default to + true) + type: boolean + streams: + additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that stream, (default + to true) + type: boolean + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see + integration documentation for more + information) + type: object + description: >- + Input streams (see integration + documentation to know what streams are + available) + type: object + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see + integration documentation for more + information) + type: object + description: >- + Package policy inputs (see integration + documentation to know what inputs are available) + type: object + x-oas-optional: true + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to inherit + the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the package + policy. The override option should be used only in + unusual circumstances and not as a routine + procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy will be + added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy will be + added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + spaceIds: + items: + type: string + type: array + updated_at: + type: string + updated_by: + type: string + vars: + anyOf: + - additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration documentation + for more information) + type: object + - additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + x-oas-optional: true + version: + type: string + required: + - name + - enabled + - inputs + - id + - revision + - updated_at + - updated_by + - created_at + - created_by + type: array + required: + - items + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + message: + type: string + required: + - message + summary: '' + tags: + - Fleet package policies + /api/fleet/package_policies/{packagePolicyId}: + delete: + description: Delete package policy by ID + operationId: '%2Fapi%2Ffleet%2Fpackage_policies%2F%7BpackagePolicyId%7D#2' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: packagePolicyId + required: true + schema: + type: string + - in: query + name: force + required: false + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet package policies + get: + description: Get package policy by ID + operationId: '%2Fapi%2Ffleet%2Fpackage_policies%2F%7BpackagePolicyId%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: packagePolicyId + required: true + schema: + type: string + - in: query + name: format + required: false + schema: + enum: + - simplified + - legacy + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + agents: + type: number + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + anyOf: + - items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + - additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that input, (default to + true) + type: boolean + streams: + additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that stream, (default + to true) + type: boolean + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see + integration documentation for more + information) + type: object + description: >- + Input streams (see integration documentation + to know what streams are available) + type: object + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + description: >- + Package policy inputs (see integration + documentation to know what inputs are available) + type: object + x-oas-optional: true + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to inherit + the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the package + policy. The override option should be used only in + unusual circumstances and not as a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy will be + added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy will be + added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + spaceIds: + items: + type: string + type: array + updated_at: + type: string + updated_by: + type: string + vars: + anyOf: + - additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration documentation + for more information) + type: object + - additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + x-oas-optional: true + version: + type: string + required: + - name + - enabled + - inputs + - id + - revision + - updated_at + - updated_by + - created_at + - created_by + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + message: + type: string + required: + - message + summary: '' + tags: + - Fleet package policies + put: + description: Update package policy by ID + operationId: '%2Fapi%2Ffleet%2Fpackage_policies%2F%7BpackagePolicyId%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: packagePolicyId + required: true + schema: + type: string + - in: query + name: format + required: false + schema: + enum: + - simplified + - legacy + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + anyOf: + - additionalProperties: false + type: object + properties: + description: + description: Package policy description + type: string + enabled: + type: boolean + force: + type: boolean + inputs: + items: + additionalProperties: false + type: object + properties: + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration documentation + for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration documentation + for more information) + type: object + required: + - type + - enabled + type: array + is_managed: + type: boolean + name: + type: string + namespace: + description: >- + The package policy namespace. Leave blank to inherit the + agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the package + policy. The override option should be used only in + unusual circumstances and not as a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: Agent policy ID where that package policy will be added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy will be + added + type: string + type: array + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration documentation for more + information) + type: object + version: + type: string + - additionalProperties: false + type: object + properties: + description: + type: string + force: + type: boolean + id: + type: string + inputs: + additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: enable or disable that input, (default to true) + type: boolean + streams: + additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that stream, (default to + true) + type: boolean + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + description: >- + Input streams (see integration documentation to + know what streams are available) + type: object + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + description: >- + Package policy inputs (see integration documentation to + know what inputs are available) + type: object + name: + type: string + namespace: + type: string + output_id: + nullable: true + type: string + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + nullable: true + type: string + policy_ids: + items: + type: string + type: array + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + required: + - name + - package + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + agents: + type: number + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + anyOf: + - items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + - additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that input, (default to + true) + type: boolean + streams: + additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that stream, (default + to true) + type: boolean + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see + integration documentation for more + information) + type: object + description: >- + Input streams (see integration documentation + to know what streams are available) + type: object + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + description: >- + Package policy inputs (see integration + documentation to know what inputs are available) + type: object + x-oas-optional: true + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to inherit + the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the package + policy. The override option should be used only in + unusual circumstances and not as a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy will be + added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy will be + added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + spaceIds: + items: + type: string + type: array + updated_at: + type: string + updated_by: + type: string + vars: + anyOf: + - additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration documentation + for more information) + type: object + - additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + x-oas-optional: true + version: + type: string + required: + - name + - enabled + - inputs + - id + - revision + - updated_at + - updated_by + - created_at + - created_by + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet package policies + /api/fleet/package_policies/delete: + post: + description: Bulk delete package policies + operationId: '%2Fapi%2Ffleet%2Fpackage_policies%2Fdelete#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + force: + type: boolean + packagePolicyIds: + items: + type: string + type: array + required: + - packagePolicyIds + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + additionalProperties: false + type: object + properties: + body: + additionalProperties: false + type: object + properties: + message: + type: string + required: + - message + id: + type: string + name: + type: string + output_id: + nullable: true + type: string + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: Use `policy_ids` instead + nullable: true + type: string + policy_ids: + items: + type: string + type: array + statusCode: + type: number + success: + type: boolean + required: + - id + - success + - policy_ids + - package + type: array + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet package policies + /api/fleet/package_policies/upgrade: + post: + description: Upgrade package policy to a newer package version + operationId: '%2Fapi%2Ffleet%2Fpackage_policies%2Fupgrade#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + packagePolicyIds: + items: + type: string + type: array + required: + - packagePolicyIds + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + additionalProperties: false + type: object + properties: + body: + additionalProperties: false + type: object + properties: + message: + type: string + required: + - message + id: + type: string + name: + type: string + statusCode: + type: number + success: + type: boolean + required: + - id + - success + type: array + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet package policies + /api/fleet/package_policies/upgrade/dryrun: + post: + description: Dry run package policy upgrade + operationId: '%2Fapi%2Ffleet%2Fpackage_policies%2Fupgrade%2Fdryrun#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + packagePolicyIds: + items: + type: string + type: array + packageVersion: + type: string + required: + - packagePolicyIds + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + additionalProperties: false + type: object + properties: + agent_diff: + items: + items: + additionalProperties: true + type: object + properties: + data_stream: + additionalProperties: true + type: object + properties: + namespace: + type: string + required: + - namespace + id: + type: string + meta: + additionalProperties: true + type: object + properties: + package: + additionalProperties: true + type: object + properties: + name: + type: string + version: + type: string + required: + - name + - version + required: + - package + name: + type: string + package_policy_id: + type: string + processors: + items: + additionalProperties: true + type: object + properties: + add_fields: + additionalProperties: true + type: object + properties: + fields: + additionalProperties: + anyOf: + - type: string + - type: number + type: object + target: + type: string + required: + - target + - fields + required: + - add_fields + type: array + revision: + type: number + streams: + items: + additionalProperties: true + type: object + properties: + data_stream: + additionalProperties: true + type: object + properties: + dataset: + type: string + type: + type: string + required: + - dataset + id: + type: string + required: + - id + - data_stream + type: array + type: + type: string + use_output: + type: string + required: + - id + - name + - revision + - type + - data_stream + - use_output + - package_policy_id + type: array + type: array + body: + additionalProperties: false + type: object + properties: + message: + type: string + required: + - message + diff: + items: + anyOf: + - additionalProperties: false + type: object + properties: + agents: + type: number + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + anyOf: + - items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + - additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that input, (default + to true) + type: boolean + streams: + additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that stream, (default + to true) + type: boolean + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see + integration documentation for more + information) + type: object + description: >- + Input streams (see integration + documentation to know what streams are + available) + type: object + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see + integration documentation for more + information) + type: object + description: >- + Package policy inputs (see integration + documentation to know what inputs are + available) + type: object + x-oas-optional: true + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to + inherit the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the + package policy. The override option should be + used only in unusual circumstances and not as + a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy will + be added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy + will be added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + spaceIds: + items: + type: string + type: array + updated_at: + type: string + updated_by: + type: string + vars: + anyOf: + - additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + - additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see + integration documentation for more + information) + type: object + x-oas-optional: true + version: + type: string + required: + - name + - enabled + - inputs + - revision + - updated_at + - updated_by + - created_at + - created_by + - additionalProperties: false + type: object + properties: + description: + description: Package policy description + type: string + enabled: + type: boolean + errors: + items: + additionalProperties: false + type: object + properties: + key: + type: string + message: + type: string + required: + - message + type: array + force: + type: boolean + id: + type: string + inputs: + items: + additionalProperties: false + type: object + properties: + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + type: array + is_managed: + type: boolean + missingVars: + items: + type: string + type: array + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to + inherit the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the + package policy. The override option should be + used only in unusual circumstances and not as + a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy will + be added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy + will be added + type: string + type: array + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - name + - enabled + - inputs + type: array + hasErrors: + type: boolean + name: + type: string + statusCode: + type: number + required: + - hasErrors + type: array + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet package policies + /api/fleet/proxies: + get: + description: List proxies + operationId: '%2Fapi%2Ffleet%2Fproxies#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + certificate: + nullable: true + type: string + certificate_authorities: + nullable: true + type: string + certificate_key: + nullable: true + type: string + id: + type: string + is_preconfigured: + default: false + type: boolean + name: + type: string + proxy_headers: + additionalProperties: + anyOf: + - type: string + - type: boolean + - type: number + nullable: true + type: object + url: + type: string + required: + - id + - url + - name + type: array + page: + type: number + perPage: + type: number + total: + type: number + required: + - items + - total + - page + - perPage + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet proxies + post: + description: Create proxy + operationId: '%2Fapi%2Ffleet%2Fproxies#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + certificate: + nullable: true + type: string + certificate_authorities: + nullable: true + type: string + certificate_key: + nullable: true + type: string + id: + type: string + is_preconfigured: + default: false + type: boolean + name: + type: string + proxy_headers: + additionalProperties: + anyOf: + - type: string + - type: boolean + - type: number + nullable: true + type: object + url: + type: string + required: + - url + - name + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + certificate: + nullable: true + type: string + certificate_authorities: + nullable: true + type: string + certificate_key: + nullable: true + type: string + id: + type: string + is_preconfigured: + default: false + type: boolean + name: + type: string + proxy_headers: + additionalProperties: + anyOf: + - type: string + - type: boolean + - type: number + nullable: true + type: object + url: + type: string + required: + - id + - url + - name + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet proxies + /api/fleet/proxies/{itemId}: + delete: + description: Delete proxy by ID + operationId: '%2Fapi%2Ffleet%2Fproxies%2F%7BitemId%7D#2' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: itemId + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet proxies + get: + description: Get proxy by ID + operationId: '%2Fapi%2Ffleet%2Fproxies%2F%7BitemId%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: itemId + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + certificate: + nullable: true + type: string + certificate_authorities: + nullable: true + type: string + certificate_key: + nullable: true + type: string + id: + type: string + is_preconfigured: + default: false + type: boolean + name: + type: string + proxy_headers: + additionalProperties: + anyOf: + - type: string + - type: boolean + - type: number + nullable: true + type: object + url: + type: string + required: + - id + - url + - name + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet proxies + put: + description: Update proxy by ID + operationId: '%2Fapi%2Ffleet%2Fproxies%2F%7BitemId%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: itemId + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + certificate: + nullable: true + type: string + certificate_authorities: + nullable: true + type: string + certificate_key: + nullable: true + type: string + name: + type: string + proxy_headers: + additionalProperties: + anyOf: + - type: string + - type: boolean + - type: number + nullable: true + type: object + url: + type: string + required: + - proxy_headers + - certificate_authorities + - certificate + - certificate_key + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + certificate: + nullable: true + type: string + certificate_authorities: + nullable: true + type: string + certificate_key: + nullable: true + type: string + id: + type: string + is_preconfigured: + default: false + type: boolean + name: + type: string + proxy_headers: + additionalProperties: + anyOf: + - type: string + - type: boolean + - type: number + nullable: true + type: object + url: + type: string + required: + - id + - url + - name + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet proxies + /api/fleet/service_tokens: + post: + description: Create a service token + operationId: '%2Fapi%2Ffleet%2Fservice_tokens#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + nullable: true + type: object + properties: + remote: + default: false + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + name: + type: string + value: + type: string + required: + - name + - value + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet service tokens + /api/fleet/service-tokens: + post: + deprecated: true + description: Create a service token + operationId: '%2Fapi%2Ffleet%2Fservice-tokens#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + responses: {} + summary: '' + tags: [] + /api/fleet/settings: + get: + description: Get settings + operationId: '%2Fapi%2Ffleet%2Fsettings#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + fleet_server_hosts: + items: + type: string + type: array + has_seen_add_data_notice: + type: boolean + id: + type: string + output_secret_storage_requirements_met: + type: boolean + preconfigured_fields: + items: + enum: + - fleet_server_hosts + type: string + type: array + prerelease_integrations_enabled: + type: boolean + secret_storage_requirements_met: + type: boolean + use_space_awareness_migration_started_at: + type: string + use_space_awareness_migration_status: + enum: + - pending + - success + - error + type: string + version: + type: string + required: + - prerelease_integrations_enabled + - id + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + message: + type: string + required: + - message + summary: '' + tags: + - Fleet internals + put: + description: Update settings + operationId: '%2Fapi%2Ffleet%2Fsettings#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + additional_yaml_config: + type: string + fleet_server_hosts: + items: + format: uri + type: string + type: array + has_seen_add_data_notice: + type: boolean + kibana_ca_sha256: + type: string + kibana_urls: + items: + format: uri + type: string + type: array + prerelease_integrations_enabled: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + fleet_server_hosts: + items: + type: string + type: array + has_seen_add_data_notice: + type: boolean + id: + type: string + output_secret_storage_requirements_met: + type: boolean + preconfigured_fields: + items: + enum: + - fleet_server_hosts + type: string + type: array + prerelease_integrations_enabled: + type: boolean + secret_storage_requirements_met: + type: boolean + use_space_awareness_migration_started_at: + type: string + use_space_awareness_migration_status: + enum: + - pending + - success + - error + type: string + version: + type: string + required: + - prerelease_integrations_enabled + - id + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + message: + type: string + required: + - message + summary: '' + tags: + - Fleet internals + /api/fleet/setup: + post: + description: Initiate Fleet setup + operationId: '%2Fapi%2Ffleet%2Fsetup#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: >- + A summary of the result of Fleet's `setup` lifecycle. If + `isInitialized` is true, Fleet is ready to accept agent + enrollment. `nonFatalErrors` may include useful insight into + non-blocking issues with Fleet setup. + type: object + properties: + isInitialized: + type: boolean + nonFatalErrors: + items: + additionalProperties: false + type: object + properties: + message: + type: string + name: + type: string + required: + - name + - message + type: array + required: + - isInitialized + - nonFatalErrors + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Internal Server Error + type: object + properties: + message: + type: string + required: + - message + summary: '' + tags: + - Fleet internals + /api/fleet/uninstall_tokens: + get: + description: List metadata for latest uninstall tokens per agent policy + operationId: '%2Fapi%2Ffleet%2Funinstall_tokens#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: Partial match filtering for policy IDs + in: query + name: policyId + required: false + schema: + maxLength: 50 + type: string + - in: query + name: search + required: false + schema: + maxLength: 50 + type: string + - description: The number of items to return + in: query + name: perPage + required: false + schema: + minimum: 5 + type: number + - in: query + name: page + required: false + schema: + minimum: 1 + type: number + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + created_at: + type: string + id: + type: string + namespaces: + items: + type: string + type: array + policy_id: + type: string + policy_name: + nullable: true + type: string + required: + - id + - policy_id + - created_at + type: array + page: + type: number + perPage: + type: number + total: + type: number + required: + - items + - total + - page + - perPage + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet uninstall tokens + /api/fleet/uninstall_tokens/{uninstallTokenId}: + get: + description: Get one decrypted uninstall token by its ID + operationId: '%2Fapi%2Ffleet%2Funinstall_tokens%2F%7BuninstallTokenId%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: uninstallTokenId + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + created_at: + type: string + id: + type: string + namespaces: + items: + type: string + type: array + policy_id: + type: string + policy_name: + nullable: true + type: string + token: + type: string + required: + - id + - policy_id + - created_at + - token + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet uninstall tokens + /api/lists: + delete: + description: | + Delete a list using the list ID. + > info + > When you delete a list, all of its list items are also deleted. + operationId: DeleteList + parameters: + - description: List's `id` value + in: query + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Lists_API_ListId' + - in: query + name: deleteReferences + required: false + schema: + default: false + type: boolean + - in: query + name: ignoreReferences + required: false + schema: + default: false + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Delete a list + tags: + - Security Lists API + get: + description: Get the details of a list using the list ID. + operationId: ReadList + parameters: + - description: List's `id` value + in: query + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Lists_API_ListId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Get list details + tags: + - Security Lists API + patch: + description: Update specific fields of an existing list using the list ID. + operationId: PatchList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + description: + $ref: '#/components/schemas/Security_Lists_API_ListDescription' + id: + $ref: '#/components/schemas/Security_Lists_API_ListId' + meta: + $ref: '#/components/schemas/Security_Lists_API_ListMetadata' + name: + $ref: '#/components/schemas/Security_Lists_API_ListName' + version: + minimum: 1 + type: integer + required: + - id + description: List's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Patch a list + tags: + - Security Lists API + post: + description: Create a new list. + operationId: CreateList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + description: + $ref: '#/components/schemas/Security_Lists_API_ListDescription' + deserializer: + type: string + id: + $ref: '#/components/schemas/Security_Lists_API_ListId' + meta: + $ref: '#/components/schemas/Security_Lists_API_ListMetadata' + name: + $ref: '#/components/schemas/Security_Lists_API_ListName' + serializer: + type: string + type: + $ref: '#/components/schemas/Security_Lists_API_ListType' + version: + default: 1 + minimum: 1 + type: integer + required: + - name + - description + - type + description: List's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List already exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Create a list + tags: + - Security Lists API + put: + description: > + Update a list using the list ID. The original list is replaced, and all + unspecified fields are deleted. + + > info + + > You cannot modify the `id` value. + operationId: UpdateList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + description: + $ref: '#/components/schemas/Security_Lists_API_ListDescription' + id: + $ref: '#/components/schemas/Security_Lists_API_ListId' + meta: + $ref: '#/components/schemas/Security_Lists_API_ListMetadata' + name: + $ref: '#/components/schemas/Security_Lists_API_ListName' + version: + minimum: 1 + type: integer + required: + - id + - name + - description + description: List's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Update a list + tags: + - Security Lists API + /api/lists/_find: + get: + description: >- + Get a paginated subset of lists. By default, the first page is returned, + with 20 results per page. + operationId: FindLists + parameters: + - description: The page number to return + in: query + name: page + required: false + schema: + type: integer + - description: The number of lists to return per page + in: query + name: per_page + required: false + schema: + type: integer + - description: Determines which field is used to sort the results + in: query + name: sort_field + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_NonEmptyString' + - description: Determines the sort order, which can be `desc` or `asc` + in: query + name: sort_order + required: false + schema: + enum: + - desc + - asc + type: string + - description: > + Returns the list that come after the last list returned in the + previous call + + (use the cursor value returned in the previous call). This parameter + uses + + the `tie_breaker_id` field to ensure all lists are sorted and + returned correctly. + in: query + name: cursor + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_FindListsCursor' + - description: > + Filters the returned results according to the value of the specified + field, + + using the : syntax. + in: query + name: filter + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_FindListsFilter' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + cursor: + $ref: '#/components/schemas/Security_Lists_API_FindListsCursor' + data: + items: + $ref: '#/components/schemas/Security_Lists_API_List' + type: array + page: + minimum: 0 + type: integer + per_page: + minimum: 0 + type: integer + total: + minimum: 0 + type: integer + required: + - data + - page + - per_page + - total + - cursor + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Get lists + tags: + - Security Lists API + /api/lists/index: + delete: + description: Delete the `.lists` and `.items` data streams. + operationId: DeleteListIndex + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + acknowledged: + type: boolean + required: + - acknowledged + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List data stream not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Delete list data streams + tags: + - Security Lists API + get: + description: Verify that `.lists` and `.items` data streams exist. + operationId: ReadListIndex + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + list_index: + type: boolean + list_item_index: + type: boolean + required: + - list_index + - list_item_index + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List data stream(s) not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Get status of list data streams + tags: + - Security Lists API + post: + description: Create `.lists` and `.items` data streams in the relevant space. + operationId: CreateListIndex + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + acknowledged: + type: boolean + required: + - acknowledged + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List data stream exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Create list data streams + tags: + - Security Lists API + /api/lists/items: + delete: + description: Delete a list item using its `id`, or its `list_id` and `value` fields. + operationId: DeleteListItem + parameters: + - description: Required if `list_id` and `value` are not specified + in: query + name: id + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_ListId' + - description: Required if `id` is not specified + in: query + name: list_id + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_ListId' + - description: Required if `id` is not specified + in: query + name: value + required: false + schema: + type: string + - description: >- + Determines when changes made by the request are made visible to + search + in: query + name: refresh + required: false + schema: + default: 'false' + enum: + - 'true' + - 'false' + - wait_for + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: '#/components/schemas/Security_Lists_API_ListItem' + - items: + $ref: '#/components/schemas/Security_Lists_API_ListItem' + type: array + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Delete a list item + tags: + - Security Lists API + get: + description: Get the details of a list item. + operationId: ReadListItem + parameters: + - description: Required if `list_id` and `value` are not specified + in: query + name: id + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_ListId' + - description: Required if `id` is not specified + in: query + name: list_id + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_ListId' + - description: Required if `id` is not specified + in: query + name: value + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: '#/components/schemas/Security_Lists_API_ListItem' + - items: + $ref: '#/components/schemas/Security_Lists_API_ListItem' + type: array + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Get a list item + tags: + - Security Lists API + patch: + description: Update specific fields of an existing list item using the list item ID. + operationId: PatchListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + id: + $ref: '#/components/schemas/Security_Lists_API_ListItemId' + meta: + $ref: '#/components/schemas/Security_Lists_API_ListItemMetadata' + refresh: + description: >- + Determines when changes made by the request are made visible + to search + enum: + - 'true' + - 'false' + - wait_for + type: string + value: + $ref: '#/components/schemas/Security_Lists_API_ListItemValue' + required: + - id + description: List item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_ListItem' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Patch a list item + tags: + - Security Lists API + post: + description: > + Create a list item and associate it with the specified list. + + + All list items in the same list must be the same type. For example, each + list item in an `ip` list must define a specific IP address. + + > info + + > Before creating a list item, you must create a list. + operationId: CreateListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + id: + $ref: '#/components/schemas/Security_Lists_API_ListItemId' + list_id: + $ref: '#/components/schemas/Security_Lists_API_ListId' + meta: + $ref: '#/components/schemas/Security_Lists_API_ListItemMetadata' + refresh: + description: >- + Determines when changes made by the request are made visible + to search + enum: + - 'true' + - 'false' + - wait_for + type: string + value: + $ref: '#/components/schemas/Security_Lists_API_ListItemValue' + required: + - list_id + - value + description: List item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_ListItem' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List item already exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Create a list item + tags: + - Security Lists API + put: + description: > + Update a list item using the list item ID. The original list item is + replaced, and all unspecified fields are deleted. + + > info + + > You cannot modify the `id` value. + operationId: UpdateListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + id: + $ref: '#/components/schemas/Security_Lists_API_ListItemId' + meta: + $ref: '#/components/schemas/Security_Lists_API_ListItemMetadata' + value: + $ref: '#/components/schemas/Security_Lists_API_ListItemValue' + required: + - id + - value + description: List item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_ListItem' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Update a list item + tags: + - Security Lists API + /api/lists/items/_export: + post: + description: Export list item values from the specified list. + operationId: ExportListItems + parameters: + - description: List's id to export + in: query + name: list_id + required: true + schema: + $ref: '#/components/schemas/Security_Lists_API_ListId' + responses: + '200': + content: + application/ndjson; Elastic-Api-Version=2023-10-31: + schema: + description: A `.txt` file containing list items from the specified list + format: binary + type: string + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Export list items + tags: + - Security Lists API + /api/lists/items/_find: + get: + description: Get all list items in the specified list. + operationId: FindListItems + parameters: + - description: List's id + in: query + name: list_id + required: true + schema: + $ref: '#/components/schemas/Security_Lists_API_ListId' + - description: The page number to return + in: query + name: page + required: false + schema: + type: integer + - description: The number of list items to return per page + in: query + name: per_page + required: false + schema: + type: integer + - description: Determines which field is used to sort the results + in: query + name: sort_field + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_NonEmptyString' + - description: Determines the sort order, which can be `desc` or `asc` + in: query + name: sort_order + required: false + schema: + enum: + - desc + - asc + type: string + - description: > + Returns the list that come after the last list returned in the + previous call + + (use the cursor value returned in the previous call). This parameter + uses + + the `tie_breaker_id` field to ensure all lists are sorted and + returned correctly. + in: query + name: cursor + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_FindListItemsCursor' + - description: > + Filters the returned results according to the value of the specified + field, + + using the : syntax. + in: query + name: filter + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_FindListItemsFilter' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + cursor: + $ref: >- + #/components/schemas/Security_Lists_API_FindListItemsCursor + data: + items: + $ref: '#/components/schemas/Security_Lists_API_ListItem' + type: array + page: + minimum: 0 + type: integer + per_page: + minimum: 0 + type: integer + total: + minimum: 0 + type: integer + required: + - data + - page + - per_page + - total + - cursor + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Get list items + tags: + - Security Lists API + /api/lists/items/_import: + post: + description: > + Import list items from a TXT or CSV file. The maximum file size is 9 + million bytes. + + + You can import items to a new or existing list. + operationId: ImportListItems + parameters: + - description: | + List's id. + + Required when importing to an existing list. + in: query + name: list_id + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_ListId' + - description: > + Type of the importing list. + + + Required when importing a new list that is `list_id` is not + specified. + in: query + name: type + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_ListType' + - in: query + name: serializer + required: false + schema: + type: string + - in: query + name: deserializer + required: false + schema: + type: string + - description: >- + Determines when changes made by the request are made visible to + search + in: query + name: refresh + required: false + schema: + enum: + - 'true' + - 'false' + - wait_for + type: string + requestBody: + content: + multipart/form-data; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + file: + description: >- + A `.txt` or `.csv` file containing newline separated list + items + format: binary + type: string + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List with specified list_id does not exist response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Import list items + tags: + - Security Lists API + /api/lists/privileges: + get: + operationId: ReadListPrivileges + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + is_authenticated: + type: boolean + listItems: + $ref: '#/components/schemas/Security_Lists_API_ListItemPrivileges' + lists: + $ref: '#/components/schemas/Security_Lists_API_ListPrivileges' + required: + - lists + - listItems + - is_authenticated + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Get list privileges + tags: + - Security Lists API + /api/ml/saved_objects/sync: + get: + description: > + Synchronizes Kibana saved objects for machine learning jobs and trained + models. This API runs automatically when you start Kibana and + periodically thereafter. + operationId: mlSync + parameters: + - $ref: '#/components/parameters/Machine_learning_APIs_simulateParam' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + syncExample: + $ref: '#/components/examples/Machine_learning_APIs_mlSyncExample' + schema: + $ref: '#/components/schemas/Machine_learning_APIs_mlSync200Response' + description: Indicates a successful call + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Machine_learning_APIs_mlSync4xxResponse' + description: Authorization information is missing or invalid. + summary: Sync machine learning saved objects + tags: + - ml + /api/note: + delete: + description: Delete a note from a Timeline using the note ID. + operationId: DeleteNote + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - nullable: true + type: object + properties: + noteId: + type: string + required: + - noteId + - nullable: true + type: object + properties: + noteIds: + items: + type: string + nullable: true + type: array + required: + - noteIds + description: The ID of the note to delete. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + description: Indicates the note was successfully deleted. + summary: Delete a note + tags: + - Security Timeline API + - access:securitySolution + get: + description: Get all notes for a given document. + operationId: GetNotes + parameters: + - in: query + name: documentIds + schema: + $ref: '#/components/schemas/Security_Timeline_API_DocumentIds' + - in: query + name: savedObjectIds + schema: + $ref: '#/components/schemas/Security_Timeline_API_SavedObjectIds' + - in: query + name: page + schema: + nullable: true + type: string + - in: query + name: perPage + schema: + nullable: true + type: string + - in: query + name: search + schema: + nullable: true + type: string + - in: query + name: sortField + schema: + nullable: true + type: string + - in: query + name: sortOrder + schema: + nullable: true + type: string + - in: query + name: filter + schema: + nullable: true + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: '#/components/schemas/Security_Timeline_API_GetNotesResult' + - type: object + description: Indicates the requested notes were returned. + summary: Get notes + tags: + - Security Timeline API + - access:securitySolution + patch: + description: Add a note to a Timeline or update an existing note. + operationId: PersistNoteRoute + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + eventDataView: + nullable: true + type: string + eventIngested: + nullable: true + type: string + eventTimestamp: + nullable: true + type: string + note: + $ref: '#/components/schemas/Security_Timeline_API_BareNote' + noteId: + nullable: true + type: string + overrideOwner: + nullable: true + type: boolean + version: + nullable: true + type: string + required: + - note + description: The note to add or update, along with additional metadata. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistNote: + $ref: >- + #/components/schemas/Security_Timeline_API_ResponseNote + required: + - persistNote + required: + - data + description: Indicates the note was successfully created. + summary: Add or update a note + tags: + - Security Timeline API + - access:securitySolution + /api/osquery/live_queries: + get: + description: Get a list of all live queries. + operationId: OsqueryFindLiveQueries + parameters: + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_FindLiveQueryRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get live queries + tags: + - Security Osquery API + post: + description: Create and run a live query. + operationId: OsqueryCreateLiveQuery + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_CreateLiveQueryRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Create a live query + tags: + - Security Osquery API + /api/osquery/live_queries/{id}: + get: + description: Get the details of a live query using the query ID. + operationId: OsqueryGetLiveQueryDetails + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Osquery_API_Id' + - in: query + name: query + schema: + additionalProperties: true + type: object + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get live query details + tags: + - Security Osquery API + /api/osquery/live_queries/{id}/results/{actionId}: + get: + description: Get the results of a live query using the query action ID. + operationId: OsqueryGetLiveQueryResults + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Osquery_API_Id' + - in: path + name: actionId + required: true + schema: + $ref: '#/components/schemas/Security_Osquery_API_Id' + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_GetLiveQueryResultsRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get live query results + tags: + - Security Osquery API + /api/osquery/packs: + get: + description: Get a list of all query packs. + operationId: OsqueryFindPacks + parameters: + - in: query + name: query + required: true + schema: + $ref: '#/components/schemas/Security_Osquery_API_FindPacksRequestQuery' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get packs + tags: + - Security Osquery API + post: + description: Create a query pack. + operationId: OsqueryCreatePacks + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Osquery_API_CreatePacksRequestBody' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Create a pack + tags: + - Security Osquery API + /api/osquery/packs/{id}: + delete: + description: Delete a query pack using the pack ID. + operationId: OsqueryDeletePacks + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Osquery_API_PackId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Delete a pack + tags: + - Security Osquery API + get: + description: Get the details of a query pack using the pack ID. + operationId: OsqueryGetPacksDetails + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Osquery_API_PackId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get pack details + tags: + - Security Osquery API + put: + description: | + Update a query pack using the pack ID. + > info + > You cannot update a prebuilt pack. + operationId: OsqueryUpdatePacks + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Osquery_API_PackId' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Osquery_API_UpdatePacksRequestBody' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Update a pack + tags: + - Security Osquery API + /api/osquery/saved_queries: + get: + description: Get a list of all saved queries. + operationId: OsqueryFindSavedQueries + parameters: + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_FindSavedQueryRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get saved queries + tags: + - Security Osquery API + post: + description: Create and run a saved query. + operationId: OsqueryCreateSavedQuery + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_CreateSavedQueryRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Create a saved query + tags: + - Security Osquery API + /api/osquery/saved_queries/{id}: + delete: + description: Delete a saved query using the query ID. + operationId: OsqueryDeleteSavedQuery + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Osquery_API_SavedQueryId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Delete a saved query + tags: + - Security Osquery API + get: + description: Get the details of a saved query using the query ID. + operationId: OsqueryGetSavedQueryDetails + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Osquery_API_SavedQueryId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get saved query details + tags: + - Security Osquery API + put: + description: | + Update a saved query using the query ID. + > info + > You cannot update a prebuilt saved query. + operationId: OsqueryUpdateSavedQuery + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Osquery_API_SavedQueryId' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_UpdateSavedQueryRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Update a saved query + tags: + - Security Osquery API + /api/pinned_event: + patch: + description: Pin an event to an existing Timeline. + operationId: PersistPinnedEventRoute + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + eventId: + type: string + pinnedEventId: + nullable: true + type: string + timelineId: + type: string + required: + - eventId + - timelineId + description: The pinned event to add or update, along with additional metadata. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistPinnedEventOnTimeline: + $ref: >- + #/components/schemas/Security_Timeline_API_PersistPinnedEventResponse + required: + - persistPinnedEventOnTimeline + required: + - data + description: Indicates the event was successfully pinned to the Timeline. + summary: Pin an event + tags: + - Security Timeline API + - access:securitySolution + /api/risk_score/engine/dangerously_delete_data: + delete: + description: >- + Cleaning up the the Risk Engine by removing the indices, mapping and + transforms + operationId: CleanUpRiskEngine + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + cleanup_successful: + type: boolean + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_TaskManagerUnavailableResponse + description: Task manager is unavailable + default: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_CleanUpRiskEngineErrorResponse + description: Unexpected error + summary: Cleanup the Risk Engine + tags: + - Security Entity Analytics API + /api/risk_score/engine/schedule_now: + post: + description: >- + Schedule the risk scoring engine to run as soon as possible. You can use + this to recalculate entity risk scores after updating their asset + criticality. + operationId: ScheduleRiskEngineNow + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: {} + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_RiskEngineScheduleNowResponse + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_TaskManagerUnavailableResponse + description: Task manager is unavailable + default: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_RiskEngineScheduleNowErrorResponse + description: Unexpected error + summary: Run the risk scoring engine + tags: + - Security Entity Analytics API + /api/saved_objects/_export: + post: + description: > + Retrieve sets of saved objects that you want to import into Kibana. + + You must include `type` or `objects` in the request body. + + + Exported saved objects are not backwards compatible and cannot be + imported into an older version of Kibana. + + + NOTE: The `savedObjects.maxImportExportSize` configuration setting + limits the number of saved objects which may be exported. + + + This functionality is in technical preview and may be changed or removed + in a future release. Elastic will work to fix any issues, but features + in technical preview are not subject to the support SLA of official GA + features. + operationId: exportSavedObjectsDefault + parameters: + - $ref: '#/components/parameters/Serverless_saved_objects_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + exportSavedObjectsRequest: + $ref: >- + #/components/examples/Serverless_saved_objects_export_objects_request + schema: + type: object + properties: + excludeExportDetails: + default: false + description: Do not add export details entry at the end of the stream. + type: boolean + includeReferencesDeep: + description: >- + Includes all of the referenced objects in the exported + objects. + type: boolean + objects: + description: A list of objects to export. + items: + type: object + type: array + type: + description: >- + The saved object types to include in the export. Use `*` to + export all the types. + oneOf: + - type: string + - items: + type: string + type: array + required: true + responses: + '200': + content: + application/x-ndjson; Elastic-Api-Version=2023-10-31: + examples: + exportSavedObjectsResponse: + $ref: >- + #/components/examples/Serverless_saved_objects_export_objects_response + schema: + additionalProperties: true + type: object + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Serverless_saved_objects_400_response' + description: Bad request. + summary: Export saved objects + tags: + - saved objects + /api/saved_objects/_import: + post: + description: > + Create sets of Kibana saved objects from a file created by the export + API. + + Saved objects can be imported only into the same version, a newer minor + on the same major, or the next major. Exported saved objects are not + backwards compatible and cannot be imported into an older version of + Kibana. + + + This functionality is in technical preview and may be changed or removed + in a future release. Elastic will work to fix any issues, but features + in technical preview are not subject to the support SLA of official GA + features. + operationId: importSavedObjectsDefault + parameters: + - $ref: '#/components/parameters/Serverless_saved_objects_kbn_xsrf' + - description: > + Creates copies of saved objects, regenerates each object ID, and + resets the origin. When used, potential conflict errors are avoided. + NOTE: This option cannot be used with the `overwrite` and + `compatibilityMode` options. + in: query + name: createNewCopies + required: false + schema: + type: boolean + - description: > + Overwrites saved objects when they already exist. When used, + potential conflict errors are automatically resolved by overwriting + the destination object. NOTE: This option cannot be used with the + `createNewCopies` option. + in: query + name: overwrite + required: false + schema: + type: boolean + - description: > + Applies various adjustments to the saved objects that are being + imported to maintain compatibility between different Kibana + versions. Use this option only if you encounter issues with imported + saved objects. NOTE: This option cannot be used with the + `createNewCopies` option. + in: query + name: compatibilityMode + required: false + schema: + type: boolean + requestBody: + content: + multipart/form-data; Elastic-Api-Version=2023-10-31: + examples: + importObjectsRequest: + $ref: >- + #/components/examples/Serverless_saved_objects_import_objects_request + schema: + type: object + properties: + file: + description: > + A file exported using the export API. NOTE: The + `savedObjects.maxImportExportSize` configuration setting + limits the number of saved objects which may be included in + this file. Similarly, the + `savedObjects.maxImportPayloadBytes` setting limits the + overall size of the file that can be imported. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + importObjectsResponse: + $ref: >- + #/components/examples/Serverless_saved_objects_import_objects_response + schema: + type: object + properties: + errors: + description: > + Indicates the import was unsuccessful and specifies the + objects that failed to import. + + + NOTE: One object may result in multiple errors, which + requires separate steps to resolve. For instance, a + `missing_references` error and conflict error. + items: + type: object + type: array + success: + description: > + Indicates when the import was successfully completed. When + set to false, some objects may not have been created. For + additional information, refer to the `errors` and + `successResults` properties. + type: boolean + successCount: + description: Indicates the number of successfully imported records. + type: integer + successResults: + description: > + Indicates the objects that are successfully imported, with + any metadata if applicable. + + + NOTE: Objects are created only when all resolvable errors + are addressed, including conflicts and missing references. + If objects are created as new copies, each entry in the + `successResults` array includes a `destinationId` + attribute. + items: + type: object + type: array + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Serverless_saved_objects_400_response' + description: Bad request. + summary: Import saved objects + tags: + - saved objects + x-codeSamples: + - label: Import with createNewCopies + lang: cURL + source: | + curl \ + -X POST api/saved_objects/_import?createNewCopies=true + -H "kbn-xsrf: true" + --form file=@file.ndjson + /api/security_ai_assistant/anonymization_fields/_bulk_action: + post: + description: >- + Apply a bulk action to multiple anonymization fields. The bulk action is + applied to all anonymization fields that match the filter or to the list + of anonymization fields by their IDs. + operationId: PerformAnonymizationFieldsBulkAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + create: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldCreateProps + type: array + delete: + type: object + properties: + ids: + description: Array of anonymization fields IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter anonymization fields + type: string + update: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldUpdateProps + type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldsBulkCrudActionResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Apply a bulk action to anonymization fields + tags: + - Security AI Assistant API + - Bulk API + /api/security_ai_assistant/anonymization_fields/_find: + get: + description: Get a list of all anonymization fields. + operationId: FindAnonymizationFields + parameters: + - in: query + name: fields + required: false + schema: + items: + type: string + type: array + - description: Search query + in: query + name: filter + required: false + schema: + type: string + - description: Field to sort by + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_FindAnonymizationFieldsSortField + - description: Sort order + in: query + name: sort_order + required: false + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_SortOrder' + - description: Page number + in: query + name: page + required: false + schema: + default: 1 + minimum: 1 + type: integer + - description: AnonymizationFields per page + in: query + name: per_page + required: false + schema: + default: 20 + minimum: 0 + type: integer + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldResponse + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + required: + - page + - perPage + - total + - data + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Get anonymization fields + tags: + - Security AI Assistant API + - AnonymizationFields API + /api/security_ai_assistant/chat/complete: + post: + description: Create a model response for the given chat conversation. + operationId: ChatComplete + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_ChatCompleteProps' + required: true + responses: + '200': + content: + application/octet-stream; Elastic-Api-Version=2023-10-31: + schema: + format: binary + type: string + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Create a model response + tags: + - Security AI Assistant API + - Chat Complete API + /api/security_ai_assistant/current_user/conversations: + post: + description: Create a new Security AI Assistant conversation. + operationId: CreateConversation + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationCreateProps + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Create a conversation + tags: + - Security AI Assistant API + - Conversation API + /api/security_ai_assistant/current_user/conversations/_find: + get: + description: Get a list of all conversations for the current user. + operationId: FindConversations + parameters: + - in: query + name: fields + required: false + schema: + items: + type: string + type: array + - description: Search query + in: query + name: filter + required: false + schema: + type: string + - description: Field to sort by + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_FindConversationsSortField + - description: Sort order + in: query + name: sort_order + required: false + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_SortOrder' + - description: Page number + in: query + name: page + required: false + schema: + default: 1 + minimum: 1 + type: integer + - description: Conversations per page + in: query + name: per_page + required: false + schema: + default: 20 + minimum: 0 + type: integer + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + required: + - page + - perPage + - total + - data + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Get conversations + tags: + - Security AI Assistant API + - Conversations API + /api/security_ai_assistant/current_user/conversations/{id}: + delete: + description: Delete an existing conversation using the conversation ID. + operationId: DeleteConversation + parameters: + - description: The conversation's `id` value. + in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Delete a conversation + tags: + - Security AI Assistant API + - Conversation API + get: + description: Get the details of an existing conversation using the conversation ID. + operationId: ReadConversation + parameters: + - description: The conversation's `id` value. + in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Get a conversation + tags: + - Security AI Assistant API + - Conversations API + put: + description: Update an existing conversation using the conversation ID. + operationId: UpdateConversation + parameters: + - description: The conversation's `id` value. + in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationUpdateProps + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Update a conversation + tags: + - Security AI Assistant API + - Conversation API + /api/security_ai_assistant/prompts/_bulk_action: + post: + description: >- + Apply a bulk action to multiple prompts. The bulk action is applied to + all prompts that match the filter or to the list of prompts by their + IDs. + operationId: PerformPromptsBulkAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + create: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptCreateProps + type: array + delete: + type: object + properties: + ids: + description: Array of prompts IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter promps + type: string + update: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptUpdateProps + type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptsBulkCrudActionResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Apply a bulk action to prompts + tags: + - Security AI Assistant API + - Bulk API + /api/security_ai_assistant/prompts/_find: + get: + description: Get a list of all prompts. + operationId: FindPrompts + parameters: + - in: query + name: fields + required: false + schema: + items: + type: string + type: array + - description: Search query + in: query + name: filter + required: false + schema: + type: string + - description: Field to sort by + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_FindPromptsSortField + - description: Sort order + in: query + name: sort_order + required: false + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_SortOrder' + - description: Page number + in: query + name: page + required: false + schema: + default: 1 + minimum: 1 + type: integer + - description: Prompts per page + in: query + name: per_page + required: false + schema: + default: 20 + minimum: 0 + type: integer + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptResponse + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + required: + - page + - perPage + - total + - data + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Get prompts + tags: + - Security AI Assistant API + - Prompts API + /api/spaces/space: + get: + description: Get all spaces + operationId: '%2Fapi%2Fspaces%2Fspace#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: purpose + required: false + schema: + enum: + - any + - copySavedObjectsIntoSpace + - shareSavedObjectsIntoSpace + type: string + - in: query + name: include_authorized_purposes + required: true + schema: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - enum: + - false + type: boolean + x-oas-optional: true + - type: boolean + x-oas-optional: true + responses: {} + summary: '' + tags: + - spaces + post: + description: Create a space + operationId: '%2Fapi%2Fspaces%2Fspace#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + _reserved: + type: boolean + color: + type: string + description: + type: string + disabledFeatures: + default: [] + items: + type: string + type: array + id: + type: string + imageUrl: + type: string + initials: + maxLength: 2 + type: string + name: + minLength: 1 + type: string + required: + - id + - name + responses: {} + summary: '' + tags: + - spaces + /api/spaces/space/{id}: + delete: + description: Delete a space + operationId: '%2Fapi%2Fspaces%2Fspace%2F%7Bid%7D#2' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: id + required: true + schema: + type: string + responses: {} + summary: '' + tags: + - spaces + get: + description: Get a space + operationId: '%2Fapi%2Fspaces%2Fspace%2F%7Bid%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: id + required: true + schema: + type: string + responses: {} + summary: '' + tags: + - spaces + put: + description: Update a space + operationId: '%2Fapi%2Fspaces%2Fspace%2F%7Bid%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: id + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + _reserved: + type: boolean + color: + type: string + description: + type: string + disabledFeatures: + default: [] + items: + type: string + type: array + id: + type: string + imageUrl: + type: string + initials: + maxLength: 2 + type: string + name: + minLength: 1 + type: string + required: + - id + - name + responses: {} + summary: '' + tags: + - spaces + /api/status: + get: + operationId: '%2Fapi%2Fstatus#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: Set to "true" to get the response in v7 format. + in: query + name: v7format + required: false + schema: + type: boolean + - description: Set to "true" to get the response in v8 format. + in: query + name: v8format + required: false + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + anyOf: + - $ref: '#/components/schemas/Kibana_HTTP_APIs_core_status_response' + - $ref: >- + #/components/schemas/Kibana_HTTP_APIs_core_status_redactedResponse + description: >- + Kibana's operational status. A minimal response is sent for + unauthorized users. + description: Overall status is OK and Kibana should be functioning normally. + '503': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + anyOf: + - $ref: '#/components/schemas/Kibana_HTTP_APIs_core_status_response' + - $ref: >- + #/components/schemas/Kibana_HTTP_APIs_core_status_redactedResponse + description: >- + Kibana's operational status. A minimal response is sent for + unauthorized users. + description: >- + Kibana or some of it's essential services are unavailable. Kibana + may be degraded or unavailable. + summary: Get Kibana's current status + tags: + - system + /api/timeline: + delete: + description: Delete one or more Timelines or Timeline templates. + operationId: DeleteTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + savedObjectIds: + items: + type: string + type: array + searchIds: + description: >- + Saved search ids that should be deleted alongside the + timelines + items: + type: string + type: array + required: + - savedObjectIds + description: The IDs of the Timelines or Timeline templates to delete. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + deleteTimeline: + type: boolean + required: + - deleteTimeline + required: + - data + description: Indicates the Timeline was successfully deleted. + summary: Delete Timelines or Timeline templates + tags: + - Security Timeline API + - access:securitySolution + get: + description: Get the details of an existing saved Timeline or Timeline template. + operationId: GetTimeline + parameters: + - description: The ID of the template timeline to retrieve + in: query + name: template_timeline_id + schema: + type: string + - description: The ID of the Timeline to retrieve. + in: query + name: id + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - type: object + properties: + data: + type: object + properties: + getOneTimeline: + $ref: >- + #/components/schemas/Security_Timeline_API_TimelineResponse + required: + - getOneTimeline + required: + - data + - additionalProperties: false + type: object + description: Indicates that the (template) Timeline was found and returned. + summary: Get Timeline or Timeline template details + tags: + - Security Timeline API + - access:securitySolution + patch: + description: >- + Update an existing Timeline. You can update the title, description, date + range, pinned events, pinned queries, and/or pinned saved queries of an + existing Timeline. + operationId: PatchTimeline + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + timeline: + $ref: '#/components/schemas/Security_Timeline_API_SavedTimeline' + timelineId: + nullable: true + type: string + version: + nullable: true + type: string + required: + - timelineId + - version + - timeline + description: The Timeline updates, along with the Timeline ID and version. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Timeline_API_PersistTimelineResponse + description: >- + Indicates that the draft Timeline was successfully created. In the + event the user already has a draft Timeline, the existing draft + Timeline is cleared and returned. + '405': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: >- + Indicates that the user does not have the required access to create + a draft Timeline. + summary: Update a Timeline + tags: + - Security Timeline API + - access:securitySolution + post: + description: Create a new Timeline or Timeline template. + operationId: CreateTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + status: + $ref: '#/components/schemas/Security_Timeline_API_TimelineStatus' + nullable: true + templateTimelineId: + nullable: true + type: string + templateTimelineVersion: + nullable: true + type: number + timeline: + $ref: '#/components/schemas/Security_Timeline_API_SavedTimeline' + timelineId: + nullable: true + type: string + timelineType: + $ref: '#/components/schemas/Security_Timeline_API_TimelineType' + nullable: true + version: + nullable: true + type: string + required: + - timeline + description: >- + The required Timeline fields used to create a new Timeline, along with + optional fields that will be created if not provided. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Timeline_API_PersistTimelineResponse + description: Indicates the Timeline was successfully created. + '405': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: Indicates that there was an error in the Timeline creation. + summary: Create a Timeline or Timeline template + tags: + - Security Timeline API + - access:securitySolution + /api/timeline/_copy: + get: + description: | + Copies and returns a timeline or timeline template. + operationId: CopyTimeline + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + timeline: + $ref: '#/components/schemas/Security_Timeline_API_SavedTimeline' + timelineIdToCopy: + type: string + required: + - timeline + - timelineIdToCopy + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Timeline_API_PersistTimelineResponse + description: Indicates that the timeline has been successfully copied. + summary: Copies timeline or timeline template + tags: + - Security Timeline API + - access:securitySolution + /api/timeline/_draft: + get: + description: >- + Get the details of the draft Timeline or Timeline template for the + current user. If the user doesn't have a draft Timeline, an empty + Timeline is returned. + operationId: GetDraftTimelines + parameters: + - in: query + name: timelineType + required: true + schema: + $ref: '#/components/schemas/Security_Timeline_API_TimelineType' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Timeline_API_PersistTimelineResponse + description: Indicates that the draft Timeline was successfully retrieved. + '403': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + message: + type: string + status_code: + type: number + description: >- + If a draft Timeline was not found and we attempted to create one, it + indicates that the user does not have the required permissions to + create a draft Timeline. + '409': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + message: + type: string + status_code: + type: number + description: >- + This should never happen, but if a draft Timeline was not found and + we attempted to create one, it indicates that there is already a + draft Timeline with the given `timelineId`. + summary: Get draft Timeline or Timeline template details + tags: + - Security Timeline API + - access:securitySolution + post: + description: > + Create a clean draft Timeline or Timeline template for the current user. + + > info + + > If the user already has a draft Timeline, the existing draft Timeline + is cleared and returned. + operationId: CleanDraftTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + timelineType: + $ref: '#/components/schemas/Security_Timeline_API_TimelineType' + required: + - timelineType + description: >- + The type of Timeline to create. Valid values are `default` and + `template`. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Timeline_API_PersistTimelineResponse + description: >- + Indicates that the draft Timeline was successfully created. In the + event the user already has a draft Timeline, the existing draft + Timeline is cleared and returned. + '403': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + message: + type: string + status_code: + type: number + description: >- + Indicates that the user does not have the required permissions to + create a draft Timeline. + '409': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + message: + type: string + status_code: + type: number + description: >- + Indicates that there is already a draft Timeline with the given + `timelineId`. + summary: Create a clean draft Timeline or Timeline template + tags: + - Security Timeline API + - access:securitySolution + /api/timeline/_export: + post: + description: Export Timelines as an NDJSON file. + operationId: ExportTimelines + parameters: + - description: The name of the file to export + in: query + name: file_name + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + ids: + items: + type: string + nullable: true + type: array + description: The IDs of the Timelines to export. + required: true + responses: + '200': + content: + application/ndjson; Elastic-Api-Version=2023-10-31: + schema: + description: NDJSON of the exported Timelines + type: string + description: Indicates the Timelines were successfully exported. + '400': + content: + application/ndjson; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: Indicates that the export size limit was exceeded. + summary: Export Timelines + tags: + - Security Timeline API + - access:securitySolution + /api/timeline/_favorite: + patch: + description: Favorite a Timeline or Timeline template for the current user. + operationId: PersistFavoriteRoute + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + templateTimelineId: + nullable: true + type: string + templateTimelineVersion: + nullable: true + type: number + timelineId: + nullable: true + type: string + timelineType: + $ref: '#/components/schemas/Security_Timeline_API_TimelineType' + nullable: true + required: + - timelineId + - templateTimelineId + - templateTimelineVersion + - timelineType + description: The required fields used to favorite a (template) Timeline. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistFavorite: + $ref: >- + #/components/schemas/Security_Timeline_API_FavoriteTimelineResponse + required: + - persistFavorite + required: + - data + description: Indicates the favorite status was successfully updated. + '403': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: >- + Indicates the user does not have the required permissions to persist + the favorite status. + summary: Favorite a Timeline or Timeline template + tags: + - Security Timeline API + - access:securitySolution + /api/timeline/_import: + post: + description: Import Timelines. + operationId: ImportTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + file: {} + isImmutable: + enum: + - 'true' + - 'false' + type: string + required: + - file + description: The Timelines to import as a readable stream. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Timeline_API_ImportTimelineResult + description: Indicates the import of Timelines was successful. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + id: + type: string + statusCode: + type: number + description: >- + Indicates the import of Timelines was unsuccessful because of an + invalid file extension. + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + id: + type: string + statusCode: + type: number + description: >- + Indicates that we were unable to locate the saved object client + necessary to handle the import. + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + id: + type: string + statusCode: + type: number + description: Indicates the import of Timelines was unsuccessful. + summary: Import Timelines + tags: + - Security Timeline API + - access:securitySolution + /api/timeline/_prepackaged: + post: + description: Install or update prepackaged Timelines. + operationId: InstallPrepackedTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + prepackagedTimelines: + items: + $ref: >- + #/components/schemas/Security_Timeline_API_TimelineSavedToReturnObject + nullable: true + type: array + timelinesToInstall: + items: + $ref: '#/components/schemas/Security_Timeline_API_ImportTimelines' + nullable: true + type: array + timelinesToUpdate: + items: + $ref: '#/components/schemas/Security_Timeline_API_ImportTimelines' + nullable: true + type: array + required: + - timelinesToInstall + - timelinesToUpdate + - prepackagedTimelines + description: The Timelines to install or update. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Timeline_API_ImportTimelineResult + description: Indicates the installation of prepackaged Timelines was successful. + '500': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: >- + Indicates the installation of prepackaged Timelines was + unsuccessful. + summary: Install prepackaged Timelines + tags: + - Security Timeline API + - access:securitySolution + /api/timeline/resolve: + get: + operationId: ResolveTimeline + parameters: + - description: The ID of the template timeline to resolve + in: query + name: template_timeline_id + schema: + type: string + - description: The ID of the timeline to resolve + in: query + name: id + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - type: object + properties: + data: + $ref: >- + #/components/schemas/Security_Timeline_API_ResolvedTimeline + required: + - data + - additionalProperties: false + type: object + description: The (template) Timeline has been found + '400': + description: The request is missing parameters + '404': + description: The (template) Timeline was not found + summary: Get an existing saved Timeline or Timeline template + tags: + - Security Timeline API + - access:securitySolution + /api/timelines: + get: + description: Get a list of all saved Timelines or Timeline templates. + operationId: GetTimelines + parameters: + - description: >- + If true, only timelines that are marked as favorites by the user are + returned. + in: query + name: only_user_favorite + schema: + enum: + - 'true' + - 'false' + nullable: true + type: string + - in: query + name: timeline_type + schema: + $ref: '#/components/schemas/Security_Timeline_API_TimelineType' + nullable: true + - in: query + name: sort_field + schema: + $ref: '#/components/schemas/Security_Timeline_API_SortFieldTimeline' + - in: query + name: sort_order + schema: + enum: + - asc + - desc + type: string + - in: query + name: page_size + schema: + nullable: true + type: string + - in: query + name: page_index + schema: + nullable: true + type: string + - in: query + name: search + schema: + nullable: true + type: string + - in: query + name: status + schema: + $ref: '#/components/schemas/Security_Timeline_API_TimelineStatus' + nullable: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + customTemplateTimelineCount: + type: number + defaultTimelineCount: + type: number + elasticTemplateTimelineCount: + type: number + favoriteCount: + type: number + templateTimelineCount: + type: number + timeline: + items: + $ref: >- + #/components/schemas/Security_Timeline_API_TimelineResponse + type: array + totalCount: + type: number + required: + - timeline + - totalCount + description: Indicates that the (template) Timelines were found and returned. + '400': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: Bad request. The user supplied invalid data. + summary: Get Timelines or Timeline templates + tags: + - Security Timeline API + - access:securitySolution + /s/{spaceId}/api/observability/slos: + get: + description: > + You must have the `read` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: findSlosOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - description: A valid kql query to filter the SLO with + example: 'slo.name:latency* and slo.tags : "prod"' + in: query + name: kqlQuery + schema: + type: string + - description: The page to use for pagination, must be greater or equal than 1 + example: 1 + in: query + name: page + schema: + default: 1 + type: integer + - description: Number of SLOs returned by page + example: 25 + in: query + name: perPage + schema: + default: 25 + maximum: 5000 + type: integer + - description: Sort by field + example: status + in: query + name: sortBy + schema: + default: status + enum: + - sli_value + - status + - error_budget_consumed + - error_budget_remaining + type: string + - description: Sort order + example: asc + in: query + name: sortDirection + schema: + default: asc + enum: + - asc + - desc + type: string + - description: >- + Hide stale SLOs from the list as defined by stale SLO threshold in + SLO settings + in: query + name: hideStale + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_find_slo_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Get a paginated list of SLOs + tags: + - slo + post: + description: > + You must have `all` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: createSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_create_slo_request' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_create_slo_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_409_response' + description: Conflict - The SLO id already exists + servers: + - url: https://localhost:5601 + summary: Create an SLO + tags: + - slo + /s/{spaceId}/api/observability/slos/_delete_instances: + post: + description: > + The deletion occurs for the specified list of `sloId` and `instanceId`. + You must have `all` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: deleteSloInstancesOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_delete_slo_instances_request' + required: true + responses: + '204': + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + servers: + - url: https://localhost:5601 + summary: Batch delete rollup and summary data + tags: + - slo + /s/{spaceId}/api/observability/slos/{sloId}: + delete: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: deleteSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + responses: + '204': + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Delete an SLO + tags: + - slo + get: + description: > + You must have the `read` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: getSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + - description: the specific instanceId used by the summary calculation + example: host-abcde + in: query + name: instanceId + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_slo_with_summary_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Get an SLO + tags: + - slo + put: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: updateSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_update_slo_request' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_slo_definition_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Update an SLO + tags: + - slo + /s/{spaceId}/api/observability/slos/{sloId}/_reset: + post: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: resetSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + responses: + '204': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_slo_definition_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Reset an SLO + tags: + - slo + /s/{spaceId}/api/observability/slos/{sloId}/disable: + post: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: disableSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + responses: + '200': + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Disable an SLO + tags: + - slo + /s/{spaceId}/api/observability/slos/{sloId}/enable: + post: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: enableSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + responses: + '204': + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Enable an SLO + tags: + - slo +components: + examples: + Data_views_create_data_view_request: + summary: Create a data view with runtime fields. + value: + data_view: + name: My Logstash data view + runtimeFieldMap: + runtime_shape_name: + script: + source: emit(doc['shape_name'].value) + type: keyword + title: logstash-* + Data_views_create_runtime_field_request: + summary: Create a runtime field. + value: + name: runtimeFoo + runtimeField: + script: + source: emit(doc["foo"].value) + type: long + Data_views_get_data_view_response: + summary: >- + The get data view API returns a JSON object that contains information + about the data view. + value: + data_view: + allowNoIndex: false + fieldAttrs: + products.manufacturer: + count: 1 + products.price: + count: 1 + products.product_name: + count: 1 + total_quantity: + count: 1 + fieldFormats: + products.base_price: + id: number + params: + pattern: $0,0.00 + products.base_unit_price: + id: number + params: + pattern: $0,0.00 + products.min_price: + id: number + params: + pattern: $0,0.00 + products.price: + id: number + params: + pattern: $0,0.00 + products.taxful_price: + id: number + params: + pattern: $0,0.00 + products.taxless_price: + id: number + params: + pattern: $0,0.00 + taxful_total_price: + id: number + params: + pattern: $0,0.[00] + taxless_total_price: + id: number + params: + pattern: $0,0.00 + fields: + _id: + aggregatable: false + count: 0 + esTypes: + - _id + format: + id: string + isMapped: true + name: _id + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + _index: + aggregatable: true + count: 0 + esTypes: + - _index + format: + id: string + isMapped: true + name: _index + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + _score: + aggregatable: false + count: 0 + format: + id: number + isMapped: true + name: _score + readFromDocValues: false + scripted: false + searchable: false + shortDotsEnable: false + type: number + _source: + aggregatable: false + count: 0 + esTypes: + - _source + format: + id: _source + isMapped: true + name: _source + readFromDocValues: false + scripted: false + searchable: false + shortDotsEnable: false + type: _source + category: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: category + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + category.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: category.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: category + type: string + currency: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: currency + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_birth_date: + aggregatable: true + count: 0 + esTypes: + - date + format: + id: date + isMapped: true + name: customer_birth_date + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: date + customer_first_name: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: customer_first_name + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_first_name.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_first_name.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: customer_first_name + type: string + customer_full_name: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: customer_full_name + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_full_name.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_full_name.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: customer_full_name + type: string + customer_gender: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_gender + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_id: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_id + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_last_name: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: customer_last_name + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_last_name.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_last_name.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: customer_last_name + type: string + customer_phone: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_phone + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + day_of_week: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: day_of_week + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + day_of_week_i: + aggregatable: true + count: 0 + esTypes: + - integer + format: + id: number + isMapped: true + name: day_of_week_i + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + email: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: email + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + event.dataset: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: event.dataset + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + geoip.city_name: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: geoip.city_name + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + geoip.continent_name: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: geoip.continent_name + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + geoip.country_iso_code: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: geoip.country_iso_code + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + geoip.location: + aggregatable: true + count: 0 + esTypes: + - geo_point + format: + id: geo_point + params: + transform: wkt + isMapped: true + name: geoip.location + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: geo_point + geoip.region_name: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: geoip.region_name + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + manufacturer: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: manufacturer + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + manufacturer.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: manufacturer.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: manufacturer + type: string + order_date: + aggregatable: true + count: 0 + esTypes: + - date + format: + id: date + isMapped: true + name: order_date + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: date + order_id: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: order_id + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + products._id: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: products._id + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + products._id.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: products._id.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: products._id + type: string + products.base_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: products.base_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.base_unit_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: products.base_unit_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.category: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: products.category + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + products.category.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: products.category.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: products.category + type: string + products.created_on: + aggregatable: true + count: 0 + esTypes: + - date + format: + id: date + isMapped: true + name: products.created_on + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: date + products.discount_amount: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + isMapped: true + name: products.discount_amount + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.discount_percentage: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + isMapped: true + name: products.discount_percentage + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.manufacturer: + aggregatable: false + count: 1 + esTypes: + - text + format: + id: string + isMapped: true + name: products.manufacturer + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + products.manufacturer.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: products.manufacturer.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: products.manufacturer + type: string products.min_price: - id: number - params: - pattern: $0,0.00 + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: products.min_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number products.price: - id: number - params: - pattern: $0,0.00 - products.taxful_price: - id: number - params: - pattern: $0,0.00 - products.taxless_price: - id: number - params: - pattern: $0,0.00 - taxful_total_price: - id: number - params: - pattern: $0,0.[00] - taxless_total_price: - id: number - params: - pattern: $0,0.00 - fields: - _id: - aggregatable: false + aggregatable: true + count: 1 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: products.price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.product_id: + aggregatable: true count: 0 esTypes: - - _id + - long + format: + id: number + isMapped: true + name: products.product_id + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.product_name: + aggregatable: false + count: 1 + esTypes: + - text format: id: string isMapped: true - name: _id + name: products.product_name readFromDocValues: false scripted: false searchable: true shortDotsEnable: false type: string - _index: + products.product_name.keyword: aggregatable: true count: 0 esTypes: - - _index + - keyword format: id: string isMapped: true - name: _index - readFromDocValues: false + name: products.product_name.keyword + readFromDocValues: true scripted: false searchable: true shortDotsEnable: false + subType: + multi: + parent: products.product_name type: string - _score: - aggregatable: false + products.quantity: + aggregatable: true count: 0 + esTypes: + - integer format: id: number isMapped: true - name: _score - readFromDocValues: false + name: products.quantity + readFromDocValues: true scripted: false - searchable: false + searchable: true shortDotsEnable: false type: number - _source: - aggregatable: false + products.sku: + aggregatable: true count: 0 esTypes: - - _source + - keyword format: - id: _source + id: string isMapped: true - name: _source - readFromDocValues: false + name: products.sku + readFromDocValues: true scripted: false - searchable: false + searchable: true shortDotsEnable: false - type: _source - category: - aggregatable: false + type: string + products.tax_amount: + aggregatable: true count: 0 esTypes: - - text + - half_float format: - id: string + id: number isMapped: true - name: category - readFromDocValues: false + name: products.tax_amount + readFromDocValues: true scripted: false searchable: true shortDotsEnable: false - type: string - category.keyword: + type: number + products.taxful_price: aggregatable: true count: 0 esTypes: - - keyword + - half_float format: - id: string + id: number + params: + pattern: $0,0.00 isMapped: true - name: category.keyword + name: products.taxful_price readFromDocValues: true scripted: false searchable: true shortDotsEnable: false - subType: - multi: - parent: category - type: string - currency: + type: number + products.taxless_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: products.taxless_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.unit_discount_amount: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + isMapped: true + name: products.unit_discount_amount + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + sku: aggregatable: true count: 0 esTypes: @@ -10733,72 +38536,87 @@ components: format: id: string isMapped: true - name: currency + name: sku readFromDocValues: true scripted: false searchable: true shortDotsEnable: false type: string - customer_birth_date: + taxful_total_price: aggregatable: true count: 0 esTypes: - - date + - half_float format: - id: date + id: number + params: + pattern: $0,0.[00] isMapped: true - name: customer_birth_date + name: taxful_total_price readFromDocValues: true scripted: false searchable: true shortDotsEnable: false - type: date - customer_first_name: - aggregatable: false + type: number + taxless_total_price: + aggregatable: true count: 0 esTypes: - - text + - half_float format: - id: string + id: number + params: + pattern: $0,0.00 isMapped: true - name: customer_first_name - readFromDocValues: false + name: taxless_total_price + readFromDocValues: true scripted: false searchable: true shortDotsEnable: false - type: string - customer_first_name.keyword: + type: number + total_quantity: + aggregatable: true + count: 1 + esTypes: + - integer + format: + id: number + isMapped: true + name: total_quantity + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + total_unique_products: aggregatable: true count: 0 esTypes: - - keyword + - integer format: - id: string + id: number isMapped: true - name: customer_first_name.keyword + name: total_unique_products readFromDocValues: true scripted: false searchable: true shortDotsEnable: false - subType: - multi: - parent: customer_first_name - type: string - customer_full_name: - aggregatable: false + type: number + type: + aggregatable: true count: 0 esTypes: - - text + - keyword format: id: string isMapped: true - name: customer_full_name - readFromDocValues: false + name: type + readFromDocValues: true scripted: false searchable: true shortDotsEnable: false type: string - customer_full_name.keyword: + user: aggregatable: true count: 0 esTypes: @@ -10806,89 +38624,150 @@ components: format: id: string isMapped: true - name: customer_full_name.keyword + name: user readFromDocValues: true scripted: false searchable: true shortDotsEnable: false - subType: - multi: - parent: customer_full_name type: string - customer_gender: - aggregatable: true + id: ff959d40-b880-11e8-a6d9-e546fe2bba5f + name: Kibana Sample Data eCommerce + namespaces: + - default + runtimeFieldMap: {} + sourceFilters: [] + timeFieldName: order_date + title: kibana_sample_data_ecommerce + typeMeta: {} + version: WzUsMV0= + Data_views_get_data_views_response: + summary: The get all data views API returns a list of data views. + value: + data_view: + - id: ff959d40-b880-11e8-a6d9-e546fe2bba5f + name: Kibana Sample Data eCommerce + namespaces: + - default + title: kibana_sample_data_ecommerce + typeMeta: {} + - id: d3d7af60-4c81-11e8-b3d7-01146121b73d + name: Kibana Sample Data Flights + namespaces: + - default + title: kibana_sample_data_flights + - id: 90943e30-9a47-11e8-b64d-95841ca0b247 + name: Kibana Sample Data Logs + namespaces: + - default + title: kibana_sample_data_logs + Data_views_get_default_data_view_response: + summary: The get default data view API returns the default data view identifier. + value: + data_view_id: ff959d40-b880-11e8-a6d9-e546fe2bba5f + Data_views_get_runtime_field_response: + summary: >- + The get runtime field API returns a JSON object that contains + information about the runtime field (`hour_of_day`) and the data view + (`d3d7af60-4c81-11e8-b3d7-01146121b73d`). + value: + data_view: + allowNoIndex: false + fieldAttrs: {} + fieldFormats: + AvgTicketPrice: + id: number + params: + pattern: $0,0.[00] + hour_of_day: + id: number + params: + pattern: '00' + fields: + _id: + aggregatable: false count: 0 esTypes: - - keyword + - _id format: id: string isMapped: true - name: customer_gender - readFromDocValues: true + name: _id + readFromDocValues: false scripted: false searchable: true shortDotsEnable: false type: string - customer_id: + _index: aggregatable: true count: 0 esTypes: - - keyword + - _index format: id: string isMapped: true - name: customer_id - readFromDocValues: true + name: _index + readFromDocValues: false scripted: false searchable: true shortDotsEnable: false type: string - customer_last_name: + _score: + aggregatable: false + count: 0 + format: + id: number + isMapped: true + name: _score + readFromDocValues: false + scripted: false + searchable: false + shortDotsEnable: false + type: number + _source: aggregatable: false count: 0 esTypes: - - text + - _source format: - id: string + id: _source isMapped: true - name: customer_last_name + name: _source readFromDocValues: false scripted: false - searchable: true + searchable: false shortDotsEnable: false - type: string - customer_last_name.keyword: + type: _source + AvgTicketPrice: aggregatable: true count: 0 esTypes: - - keyword + - float format: - id: string + id: number + params: + pattern: $0,0.[00] isMapped: true - name: customer_last_name.keyword + name: AvgTicketPrice readFromDocValues: true scripted: false searchable: true shortDotsEnable: false - subType: - multi: - parent: customer_last_name - type: string - customer_phone: + type: number + Cancelled: aggregatable: true count: 0 esTypes: - - keyword + - boolean format: - id: string + id: boolean isMapped: true - name: customer_phone + name: Cancelled readFromDocValues: true scripted: false searchable: true shortDotsEnable: false - type: string - day_of_week: + type: boolean + Carrier: aggregatable: true count: 0 esTypes: @@ -10896,13 +38775,13 @@ components: format: id: string isMapped: true - name: day_of_week + name: Carrier readFromDocValues: true scripted: false searchable: true shortDotsEnable: false type: string - day_of_week_i: + dayOfWeek: aggregatable: true count: 0 esTypes: @@ -10910,27 +38789,13 @@ components: format: id: number isMapped: true - name: day_of_week_i + name: dayOfWeek readFromDocValues: true scripted: false searchable: true shortDotsEnable: false type: number - email: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: email - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - event.dataset: + Dest: aggregatable: true count: 0 esTypes: @@ -10938,13 +38803,13 @@ components: format: id: string isMapped: true - name: event.dataset + name: Dest readFromDocValues: true scripted: false searchable: true shortDotsEnable: false type: string - geoip.city_name: + DestAirportID: aggregatable: true count: 0 esTypes: @@ -10952,13 +38817,13 @@ components: format: id: string isMapped: true - name: geoip.city_name + name: DestAirportID readFromDocValues: true scripted: false searchable: true shortDotsEnable: false type: string - geoip.continent_name: + DestCityName: aggregatable: true count: 0 esTypes: @@ -10966,13 +38831,13 @@ components: format: id: string isMapped: true - name: geoip.continent_name + name: DestCityName readFromDocValues: true scripted: false searchable: true shortDotsEnable: false type: string - geoip.country_iso_code: + DestCountry: aggregatable: true count: 0 esTypes: @@ -10980,13 +38845,13 @@ components: format: id: string isMapped: true - name: geoip.country_iso_code + name: DestCountry readFromDocValues: true scripted: false searchable: true shortDotsEnable: false type: string - geoip.location: + DestLocation: aggregatable: true count: 0 esTypes: @@ -10996,13 +38861,13 @@ components: params: transform: wkt isMapped: true - name: geoip.location + name: DestLocation readFromDocValues: true scripted: false searchable: true shortDotsEnable: false type: geo_point - geoip.region_name: + DestRegion: aggregatable: true count: 0 esTypes: @@ -11010,27 +38875,13 @@ components: format: id: string isMapped: true - name: geoip.region_name + name: DestRegion readFromDocValues: true scripted: false searchable: true shortDotsEnable: false type: string - manufacturer: - aggregatable: false - count: 0 - esTypes: - - text - format: - id: string - isMapped: true - name: manufacturer - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - manufacturer.keyword: + DestWeather: aggregatable: true count: 0 esTypes: @@ -11038,121 +38889,97 @@ components: format: id: string isMapped: true - name: manufacturer.keyword + name: DestWeather readFromDocValues: true scripted: false searchable: true shortDotsEnable: false - subType: - multi: - parent: manufacturer type: string - order_date: + DistanceKilometers: aggregatable: true count: 0 esTypes: - - date + - float format: - id: date + id: number isMapped: true - name: order_date + name: DistanceKilometers readFromDocValues: true scripted: false searchable: true shortDotsEnable: false - type: date - order_id: + type: number + DistanceMiles: aggregatable: true count: 0 esTypes: - - keyword + - float format: - id: string + id: number isMapped: true - name: order_id + name: DistanceMiles readFromDocValues: true scripted: false searchable: true shortDotsEnable: false - type: string - products._id: - aggregatable: false - count: 0 - esTypes: - - text - format: - id: string - isMapped: true - name: products._id - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - products._id.keyword: + type: number + FlightDelay: aggregatable: true count: 0 esTypes: - - keyword + - boolean format: - id: string + id: boolean isMapped: true - name: products._id.keyword + name: FlightDelay readFromDocValues: true scripted: false searchable: true shortDotsEnable: false - subType: - multi: - parent: products._id - type: string - products.base_price: + type: boolean + FlightDelayMin: aggregatable: true count: 0 esTypes: - - half_float + - integer format: id: number - params: - pattern: $0,0.00 isMapped: true - name: products.base_price + name: FlightDelayMin readFromDocValues: true scripted: false searchable: true shortDotsEnable: false type: number - products.base_unit_price: + FlightDelayType: aggregatable: true count: 0 esTypes: - - half_float + - keyword format: - id: number - params: - pattern: $0,0.00 + id: string isMapped: true - name: products.base_unit_price + name: FlightDelayType readFromDocValues: true scripted: false searchable: true shortDotsEnable: false - type: number - products.category: - aggregatable: false + type: string + FlightNum: + aggregatable: true count: 0 esTypes: - - text + - keyword format: id: string isMapped: true - name: products.category - readFromDocValues: false + name: FlightNum + readFromDocValues: true scripted: false searchable: true shortDotsEnable: false type: string - products.category.keyword: + FlightTimeHour: aggregatable: true count: 0 esTypes: @@ -11160,72 +38987,88 @@ components: format: id: string isMapped: true - name: products.category.keyword + name: FlightTimeHour readFromDocValues: true scripted: false searchable: true shortDotsEnable: false - subType: - multi: - parent: products.category type: string - products.created_on: + FlightTimeMin: aggregatable: true count: 0 esTypes: - - date + - float format: - id: date + id: number isMapped: true - name: products.created_on + name: FlightTimeMin readFromDocValues: true scripted: false searchable: true shortDotsEnable: false - type: date - products.discount_amount: + type: number + hour_of_day: aggregatable: true count: 0 esTypes: - - half_float + - long format: id: number + params: + pattern: '00' + name: hour_of_day + readFromDocValues: false + runtimeField: + script: + source: emit(doc['timestamp'].value.getHour()); + type: long + scripted: false + searchable: true + shortDotsEnable: false + type: number + Origin: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string isMapped: true - name: products.discount_amount + name: Origin readFromDocValues: true scripted: false searchable: true shortDotsEnable: false - type: number - products.discount_percentage: + type: string + OriginAirportID: aggregatable: true count: 0 esTypes: - - half_float + - keyword format: - id: number + id: string isMapped: true - name: products.discount_percentage + name: OriginAirportID readFromDocValues: true scripted: false searchable: true shortDotsEnable: false - type: number - products.manufacturer: - aggregatable: false - count: 1 + type: string + OriginCityName: + aggregatable: true + count: 0 esTypes: - - text + - keyword format: id: string isMapped: true - name: products.manufacturer - readFromDocValues: false + name: OriginCityName + readFromDocValues: true scripted: false searchable: true shortDotsEnable: false type: string - products.manufacturer.keyword: + OriginCountry: aggregatable: true count: 0 esTypes: @@ -11233,4174 +39076,10706 @@ components: format: id: string isMapped: true - name: products.manufacturer.keyword + name: OriginCountry readFromDocValues: true scripted: false searchable: true shortDotsEnable: false - subType: - multi: - parent: products.manufacturer type: string - products.min_price: + OriginLocation: aggregatable: true count: 0 esTypes: - - half_float + - geo_point format: - id: number + id: geo_point params: - pattern: $0,0.00 + transform: wkt isMapped: true - name: products.min_price + name: OriginLocation readFromDocValues: true scripted: false searchable: true shortDotsEnable: false - type: number - products.price: + type: geo_point + OriginRegion: aggregatable: true - count: 1 + count: 0 esTypes: - - half_float + - keyword format: - id: number - params: - pattern: $0,0.00 + id: string isMapped: true - name: products.price + name: OriginRegion readFromDocValues: true scripted: false searchable: true shortDotsEnable: false - type: number - products.product_id: + type: string + OriginWeather: aggregatable: true count: 0 esTypes: - - long + - keyword format: - id: number + id: string isMapped: true - name: products.product_id + name: OriginWeather readFromDocValues: true scripted: false searchable: true shortDotsEnable: false - type: number - products.product_name: - aggregatable: false - count: 1 + type: string + timestamp: + aggregatable: true + count: 0 esTypes: - - text + - date format: - id: string + id: date isMapped: true - name: products.product_name - readFromDocValues: false + name: timestamp + readFromDocValues: true scripted: false searchable: true shortDotsEnable: false + type: date + id: d3d7af60-4c81-11e8-b3d7-01146121b73d + name: Kibana Sample Data Flights + runtimeFieldMap: + hour_of_day: + script: + source: emit(doc['timestamp'].value.getHour()); + type: long + sourceFilters: [] + timeFieldName: timestamp + title: kibana_sample_data_flights + version: WzM2LDJd + fields: + - aggregatable: true + count: 0 + esTypes: + - long + name: hour_of_day + readFromDocValues: false + runtimeField: + script: + source: emit(doc['timestamp'].value.getHour()); + type: long + scripted: false + searchable: true + shortDotsEnable: false + type: number + Data_views_preview_swap_data_view_request: + summary: Preview swapping references from data view ID "abcd-efg" to "xyz-123". + value: + fromId: abcd-efg + toId: xyz-123 + Data_views_set_default_data_view_request: + summary: Set the default data view identifier. + value: + data_view_id: ff959d40-b880-11e8-a6d9-e546fe2bba5f + force: true + Data_views_swap_data_view_request: + summary: >- + Swap references from data view ID "abcd-efg" to "xyz-123" and remove the + data view that is no longer referenced. + value: + delete: true + fromId: abcd-efg + toId: xyz-123 + Data_views_update_data_view_request: + summary: Update some properties for a data view. + value: + data_view: + allowNoIndex: false + name: Kibana Sample Data eCommerce + timeFieldName: order_date + title: kibana_sample_data_ecommerce + refresh_fields: true + Data_views_update_field_metadata_request: + summary: Update metadata for multiple fields. + value: + fields: + field1: + count: 123 + customLabel: Field 1 label + field2: + customDescription: Field 2 description + customLabel: Field 2 label + Data_views_update_runtime_field_request: + summary: Update an existing runtime field on a data view. + value: + runtimeField: + script: + source: emit(doc["bar"].value) + Machine_learning_APIs_mlSyncExample: + summary: Two anomaly detection jobs required synchronization in this example. + value: + datafeedsAdded: {} + datafeedsRemoved: {} + savedObjectsCreated: + anomaly-detector: + myjob1: + success: true + myjob2: + success: true + savedObjectsDeleted: {} + Serverless_saved_objects_export_objects_request: + summary: Export a specific saved object. + value: + excludeExportDetails: true + includeReferencesDeep: false + objects: + - id: de71f4f0-1902-11e9-919b-ffe5949a18d2 + type: map + Serverless_saved_objects_export_objects_response: + summary: >- + The export objects API response contains a JSON record for each exported + object. + value: + attributes: + description: '' + layerListJSON: >- + [{"id":"0hmz5","alpha":1,"sourceDescriptor":{"type":"EMS_TMS","isAutoSelect":true,"lightModeDefault":"road_map_desaturated"},"visible":true,"style":{},"type":"EMS_VECTOR_TILE","minZoom":0,"maxZoom":24},{"id":"edh66","label":"Total + Requests by + Destination","minZoom":0,"maxZoom":24,"alpha":0.5,"sourceDescriptor":{"type":"EMS_FILE","id":"world_countries","tooltipProperties":["name","iso2"]},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"DYNAMIC","options":{"field":{"name":"__kbnjoin__count__673ff994-fc75-4c67-909b-69fcb0e1060e","origin":"join"},"color":"Greys","fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"lineColor":{"type":"STATIC","options":{"color":"#FFFFFF"}},"lineWidth":{"type":"STATIC","options":{"size":1}},"iconSize":{"type":"STATIC","options":{"size":10}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR","joins":[{"leftField":"iso2","right":{"type":"ES_TERM_SOURCE","id":"673ff994-fc75-4c67-909b-69fcb0e1060e","indexPatternTitle":"kibana_sample_data_logs","term":"geo.dest","indexPatternRefName":"layer_1_join_0_index_pattern","metrics":[{"type":"count","label":"web + logs + count"}],"applyGlobalQuery":true}}]},{"id":"gaxya","label":"Actual + Requests","minZoom":9,"maxZoom":24,"alpha":1,"sourceDescriptor":{"id":"b7486535-171b-4d3b-bb2e-33c1a0a2854c","type":"ES_SEARCH","geoField":"geo.coordinates","limit":2048,"filterByMapBounds":true,"tooltipProperties":["clientip","timestamp","host","request","response","machine.os","agent","bytes"],"indexPatternRefName":"layer_2_source_index_pattern","applyGlobalQuery":true,"scalingType":"LIMIT"},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"STATIC","options":{"color":"#2200ff"}},"lineColor":{"type":"STATIC","options":{"color":"#FFFFFF"}},"lineWidth":{"type":"STATIC","options":{"size":2}},"iconSize":{"type":"DYNAMIC","options":{"field":{"name":"bytes","origin":"source"},"minSize":1,"maxSize":23,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR"},{"id":"tfi3f","label":"Total + Requests and + Bytes","minZoom":0,"maxZoom":9,"alpha":1,"sourceDescriptor":{"type":"ES_GEO_GRID","resolution":"COARSE","id":"8aaa65b5-a4e9-448b-9560-c98cb1c5ac5b","geoField":"geo.coordinates","requestType":"point","metrics":[{"type":"count","label":"web + logs + count"},{"type":"sum","field":"bytes"}],"indexPatternRefName":"layer_3_source_index_pattern","applyGlobalQuery":true},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"color":"Blues","fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"lineColor":{"type":"STATIC","options":{"color":"#cccccc"}},"lineWidth":{"type":"STATIC","options":{"size":1}},"iconSize":{"type":"DYNAMIC","options":{"field":{"name":"sum_of_bytes","origin":"source"},"minSize":7,"maxSize":25,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"labelText":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"labelSize":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"minSize":12,"maxSize":24,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR"}] + mapStateJSON: >- + {"zoom":3.64,"center":{"lon":-88.92107,"lat":42.16337},"timeFilters":{"from":"now-7d","to":"now"},"refreshConfig":{"isPaused":true,"interval":0},"query":{"language":"kuery","query":""},"settings":{"autoFitToDataBounds":false}} + title: '[Logs] Total Requests and Bytes' + uiStateJSON: '{"isDarkMode":false}' + coreMigrationVersion: 8.8.0 + created_at: '2023-08-23T20:03:32.204Z' + id: de71f4f0-1902-11e9-919b-ffe5949a18d2 + managed: false + references: + - id: 90943e30-9a47-11e8-b64d-95841ca0b247 + name: layer_1_join_0_index_pattern + type: index-pattern + - id: 90943e30-9a47-11e8-b64d-95841ca0b247 + name: layer_2_source_index_pattern + type: index-pattern + - id: 90943e30-9a47-11e8-b64d-95841ca0b247 + name: layer_3_source_index_pattern + type: index-pattern + type: map + typeMigrationVersion: 8.4.0 + updated_at: '2023-08-23T20:03:32.204Z' + version: WzEzLDFd + Serverless_saved_objects_import_objects_request: + value: + file: file.ndjson + Serverless_saved_objects_import_objects_response: + summary: >- + The import objects API response indicates a successful import and the + objects are created. Since these objects are created as new copies, each + entry in the successResults array includes a destinationId attribute. + value: + success: true + successCount: 1 + successResults: + - destinationId: 82d2760c-468f-49cf-83aa-b9a35b6a8943 + id: 90943e30-9a47-11e8-b64d-95841ca0b247 + managed: false + meta: + icon: indexPatternApp + title: Kibana Sample Data Logs + type: index-pattern + parameters: + Data_views_field_name: + description: The name of the runtime field. + in: path + name: fieldName + required: true + schema: + example: hour_of_day + type: string + Data_views_kbn_xsrf: + description: Cross-site request forgery protection + in: header + name: kbn-xsrf + required: true + schema: + type: string + Data_views_view_id: + description: An identifier for the data view. + in: path + name: viewId + required: true + schema: + example: ff959d40-b880-11e8-a6d9-e546fe2bba5f + type: string + Machine_learning_APIs_simulateParam: + description: >- + When true, simulates the synchronization by returning only the list of + actions that would be performed. + example: 'true' + in: query + name: simulate + required: false + schema: + type: boolean + Serverless_saved_objects_kbn_xsrf: + description: Cross-site request forgery protection + in: header + name: kbn-xsrf + required: true + schema: + type: string + SLOs_kbn_xsrf: + description: Cross-site request forgery protection + in: header + name: kbn-xsrf + required: true + schema: + type: string + SLOs_slo_id: + description: An identifier for the slo. + in: path + name: sloId + required: true + schema: + example: 9c235211-6834-11ea-a78c-6feb38a34414 + type: string + SLOs_space_id: + description: >- + An identifier for the space. If `/s/` and the identifier are omitted + from the path, the default space is used. + in: path + name: spaceId + required: true + schema: + example: default + type: string + schemas: + Data_views_400_response: + title: Bad request + type: object + properties: + error: + example: Bad Request + type: string + message: + type: string + statusCode: + example: 400 + type: number + required: + - statusCode + - error + - message + Data_views_404_response: + type: object + properties: + error: + enum: + - Not Found + example: Not Found + type: string + message: + example: >- + Saved object [index-pattern/caaad6d0-920c-11ed-b36a-874bd1548a00] + not found + type: string + statusCode: + enum: + - 404 + example: 404 + type: integer + Data_views_allownoindex: + description: Allows the data view saved object to exist before the data is available. + type: boolean + Data_views_create_data_view_request_object: + title: Create data view request + type: object + properties: + data_view: + description: The data view object. + type: object + properties: + allowNoIndex: + $ref: '#/components/schemas/Data_views_allownoindex' + fieldAttrs: + additionalProperties: + $ref: '#/components/schemas/Data_views_fieldattrs' + type: object + fieldFormats: + $ref: '#/components/schemas/Data_views_fieldformats' + fields: + type: object + id: type: string - products.product_name.keyword: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: products.product_name.keyword - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - subType: - multi: - parent: products.product_name + name: + description: The data view name. type: string - products.quantity: - aggregatable: true - count: 0 - esTypes: - - integer - format: - id: number - isMapped: true - name: products.quantity - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.sku: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: products.sku - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false + namespaces: + $ref: '#/components/schemas/Data_views_namespaces' + runtimeFieldMap: + additionalProperties: + $ref: '#/components/schemas/Data_views_runtimefieldmap' + type: object + sourceFilters: + $ref: '#/components/schemas/Data_views_sourcefilters' + timeFieldName: + $ref: '#/components/schemas/Data_views_timefieldname' + title: + $ref: '#/components/schemas/Data_views_title' + type: + $ref: '#/components/schemas/Data_views_type' + typeMeta: + $ref: '#/components/schemas/Data_views_typemeta' + version: type: string - products.tax_amount: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - isMapped: true - name: products.tax_amount - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.taxful_price: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - params: - pattern: $0,0.00 - isMapped: true - name: products.taxful_price - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.taxless_price: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - params: - pattern: $0,0.00 - isMapped: true - name: products.taxless_price - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.unit_discount_amount: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - isMapped: true - name: products.unit_discount_amount - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - sku: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: sku - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false + required: + - title + override: + default: false + description: >- + Override an existing data view if a data view with the provided + title already exists. + type: boolean + required: + - data_view + Data_views_data_view_response_object: + title: Data view response properties + type: object + properties: + data_view: + type: object + properties: + allowNoIndex: + $ref: '#/components/schemas/Data_views_allownoindex' + fieldAttrs: + additionalProperties: + $ref: '#/components/schemas/Data_views_fieldattrs' + type: object + fieldFormats: + $ref: '#/components/schemas/Data_views_fieldformats' + fields: + type: object + id: + example: ff959d40-b880-11e8-a6d9-e546fe2bba5f type: string - taxful_total_price: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - params: - pattern: $0,0.[00] - isMapped: true - name: taxful_total_price - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - taxless_total_price: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - params: - pattern: $0,0.00 - isMapped: true - name: taxless_total_price - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - total_quantity: - aggregatable: true - count: 1 - esTypes: - - integer - format: - id: number - isMapped: true - name: total_quantity - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - total_unique_products: - aggregatable: true - count: 0 - esTypes: - - integer - format: - id: number - isMapped: true - name: total_unique_products - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false + name: + description: The data view name. + type: string + namespaces: + $ref: '#/components/schemas/Data_views_namespaces' + runtimeFieldMap: + additionalProperties: + $ref: '#/components/schemas/Data_views_runtimefieldmap' + type: object + sourceFilters: + $ref: '#/components/schemas/Data_views_sourcefilters' + timeFieldName: + $ref: '#/components/schemas/Data_views_timefieldname' + title: + $ref: '#/components/schemas/Data_views_title' + typeMeta: + $ref: '#/components/schemas/Data_views_typemeta_response' + version: + example: WzQ2LDJd + type: string + Data_views_fieldattrs: + description: A map of field attributes by field name. + type: object + properties: + count: + description: Popularity count for the field. + type: integer + customDescription: + description: Custom description for the field. + maxLength: 300 + type: string + customLabel: + description: Custom label for the field. + type: string + Data_views_fieldformats: + description: A map of field formats by field name. + type: object + Data_views_namespaces: + description: >- + An array of space identifiers for sharing the data view between multiple + spaces. + items: + default: default + type: string + type: array + Data_views_runtimefieldmap: + description: A map of runtime field definitions by field name. + type: object + properties: + script: + type: object + properties: + source: + description: Script for the runtime field. + type: string + type: + description: Mapping type of the runtime field. + type: string + required: + - script + - type + Data_views_sourcefilters: + description: The array of field names you want to filter out in Discover. + items: + type: object + properties: + value: + type: string + required: + - value + type: array + Data_views_swap_data_view_request_object: + title: Data view reference swap request + type: object + properties: + delete: + description: Deletes referenced saved object if all references are removed. + type: boolean + forId: + description: Limit the affected saved objects to one or more by identifier. + oneOf: + - type: string + - items: + type: string + type: array + forType: + description: Limit the affected saved objects by type. + type: string + fromId: + description: The saved object reference to change. + type: string + fromType: + description: > + Specify the type of the saved object reference to alter. The default + value is `index-pattern` for data views. + type: string + toId: + description: New saved object reference value to replace the old value. + type: string + required: + - fromId + - toId + Data_views_timefieldname: + description: The timestamp field name, which you use for time-based data views. + type: string + Data_views_title: + description: >- + Comma-separated list of data streams, indices, and aliases that you want + to search. Supports wildcards (`*`). + type: string + Data_views_type: + description: When set to `rollup`, identifies the rollup data views. + type: string + Data_views_typemeta: + description: >- + When you use rollup indices, contains the field list for the rollup data + view API endpoints. + type: object + properties: + aggs: + description: A map of rollup restrictions by aggregation type and field name. + type: object + params: + description: Properties for retrieving rollup fields. + type: object + required: + - aggs + - params + Data_views_typemeta_response: + description: >- + When you use rollup indices, contains the field list for the rollup data + view API endpoints. + nullable: true + type: object + properties: + aggs: + description: A map of rollup restrictions by aggregation type and field name. + type: object + params: + description: Properties for retrieving rollup fields. + type: object + Data_views_update_data_view_request_object: + title: Update data view request + type: object + properties: + data_view: + description: > + The data view properties you want to update. Only the specified + properties are updated in the data view. Unspecified fields stay as + they are persisted. + type: object + properties: + allowNoIndex: + $ref: '#/components/schemas/Data_views_allownoindex' + fieldFormats: + $ref: '#/components/schemas/Data_views_fieldformats' + fields: + type: object + name: + type: string + runtimeFieldMap: + additionalProperties: + $ref: '#/components/schemas/Data_views_runtimefieldmap' + type: object + sourceFilters: + $ref: '#/components/schemas/Data_views_sourcefilters' + timeFieldName: + $ref: '#/components/schemas/Data_views_timefieldname' + title: + $ref: '#/components/schemas/Data_views_title' + type: + $ref: '#/components/schemas/Data_views_type' + typeMeta: + $ref: '#/components/schemas/Data_views_typemeta' + refresh_fields: + default: false + description: Reloads the data view fields after the data view is updated. + type: boolean + required: + - data_view + Kibana_HTTP_APIs_core_status_redactedResponse: + additionalProperties: false + description: A minimal representation of Kibana's operational status. + type: object + properties: + status: + additionalProperties: false + type: object + properties: + overall: + additionalProperties: false + type: object + properties: + level: + description: Service status levels as human and machine readable values. + enum: + - available + - degraded + - unavailable + - critical + type: string + required: + - level + required: + - overall + required: + - status + Kibana_HTTP_APIs_core_status_response: + additionalProperties: false + description: >- + Kibana's operational status as well as a detailed breakdown of plugin + statuses indication of various loads (like event loop utilization and + network traffic) at time of request. + type: object + properties: + metrics: + additionalProperties: false + description: Metric groups collected by Kibana. + type: object + properties: + collection_interval_in_millis: + description: The interval at which metrics should be collected. type: number - type: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: type - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - user: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: user - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false + elasticsearch_client: + additionalProperties: false + description: Current network metrics of Kibana's Elasticsearch client. + type: object + properties: + totalActiveSockets: + description: Count of network sockets currently in use. + type: number + totalIdleSockets: + description: Count of network sockets currently idle. + type: number + totalQueuedRequests: + description: Count of requests not yet assigned to sockets. + type: number + required: + - totalActiveSockets + - totalIdleSockets + - totalQueuedRequests + last_updated: + description: The time metrics were collected. type: string - id: ff959d40-b880-11e8-a6d9-e546fe2bba5f - name: Kibana Sample Data eCommerce - namespaces: - - default - runtimeFieldMap: {} - sourceFilters: [] - timeFieldName: order_date - title: kibana_sample_data_ecommerce - typeMeta: {} - version: WzUsMV0= - Data_views_get_data_views_response: - summary: The get all data views API returns a list of data views. - value: - data_view: - - id: ff959d40-b880-11e8-a6d9-e546fe2bba5f - name: Kibana Sample Data eCommerce - namespaces: - - default - title: kibana_sample_data_ecommerce - typeMeta: {} - - id: d3d7af60-4c81-11e8-b3d7-01146121b73d - name: Kibana Sample Data Flights - namespaces: - - default - title: kibana_sample_data_flights - - id: 90943e30-9a47-11e8-b64d-95841ca0b247 - name: Kibana Sample Data Logs - namespaces: - - default - title: kibana_sample_data_logs - Data_views_get_default_data_view_response: - summary: The get default data view API returns the default data view identifier. - value: - data_view_id: ff959d40-b880-11e8-a6d9-e546fe2bba5f - Data_views_get_runtime_field_response: - summary: >- - The get runtime field API returns a JSON object that contains - information about the runtime field (`hour_of_day`) and the data view - (`d3d7af60-4c81-11e8-b3d7-01146121b73d`). - value: - data_view: - allowNoIndex: false - fieldAttrs: {} - fieldFormats: - AvgTicketPrice: - id: number - params: - pattern: $0,0.[00] - hour_of_day: - id: number - params: - pattern: '00' - fields: - _id: - aggregatable: false - count: 0 - esTypes: - - _id - format: - id: string - isMapped: true - name: _id - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false + required: + - elasticsearch_client + - last_updated + - collection_interval_in_millis + name: + description: Kibana instance name. + type: string + status: + additionalProperties: false + type: object + properties: + core: + additionalProperties: false + description: Statuses of core Kibana services. + type: object + properties: + elasticsearch: + additionalProperties: false + type: object + properties: + detail: + description: Human readable detail of the service status. + type: string + documentationUrl: + description: A URL to further documentation regarding this service. + type: string + level: + description: >- + Service status levels as human and machine readable + values. + enum: + - available + - degraded + - unavailable + - critical + type: string + meta: + additionalProperties: {} + description: >- + An unstructured set of extra metadata about this + service. + type: object + summary: + description: A human readable summary of the service status. + type: string + required: + - level + - summary + - meta + savedObjects: + additionalProperties: false + type: object + properties: + detail: + description: Human readable detail of the service status. + type: string + documentationUrl: + description: A URL to further documentation regarding this service. + type: string + level: + description: >- + Service status levels as human and machine readable + values. + enum: + - available + - degraded + - unavailable + - critical + type: string + meta: + additionalProperties: {} + description: >- + An unstructured set of extra metadata about this + service. + type: object + summary: + description: A human readable summary of the service status. + type: string + required: + - level + - summary + - meta + required: + - elasticsearch + - savedObjects + overall: + additionalProperties: false + type: object + properties: + detail: + description: Human readable detail of the service status. + type: string + documentationUrl: + description: A URL to further documentation regarding this service. + type: string + level: + description: Service status levels as human and machine readable values. + enum: + - available + - degraded + - unavailable + - critical + type: string + meta: + additionalProperties: {} + description: An unstructured set of extra metadata about this service. + type: object + summary: + description: A human readable summary of the service status. + type: string + required: + - level + - summary + - meta + plugins: + additionalProperties: + additionalProperties: false + type: object + properties: + detail: + description: Human readable detail of the service status. + type: string + documentationUrl: + description: A URL to further documentation regarding this service. + type: string + level: + description: >- + Service status levels as human and machine readable + values. + enum: + - available + - degraded + - unavailable + - critical + type: string + meta: + additionalProperties: {} + description: An unstructured set of extra metadata about this service. + type: object + summary: + description: A human readable summary of the service status. + type: string + required: + - level + - summary + - meta + description: A dynamic mapping of plugin ID to plugin status. + type: object + required: + - overall + - core + - plugins + uuid: + description: >- + Unique, generated Kibana instance UUID. This UUID should persist + even if the Kibana process restarts. + type: string + version: + additionalProperties: false + type: object + properties: + build_date: + description: The date and time of this build. type: string - _index: - aggregatable: true - count: 0 - esTypes: - - _index - format: - id: string - isMapped: true - name: _index - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false + build_flavor: + description: >- + The build flavour determines configuration and behavior of + Kibana. On premise users will almost always run the + "traditional" flavour, while other flavours are reserved for + Elastic-specific use cases. + enum: + - serverless + - traditional type: string - _score: - aggregatable: false - count: 0 - format: - id: number - isMapped: true - name: _score - readFromDocValues: false - scripted: false - searchable: false - shortDotsEnable: false - type: number - _source: - aggregatable: false - count: 0 - esTypes: - - _source - format: - id: _source - isMapped: true - name: _source - readFromDocValues: false - scripted: false - searchable: false - shortDotsEnable: false - type: _source - AvgTicketPrice: - aggregatable: true - count: 0 - esTypes: - - float - format: - id: number - params: - pattern: $0,0.[00] - isMapped: true - name: AvgTicketPrice - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - Cancelled: - aggregatable: true - count: 0 - esTypes: - - boolean - format: - id: boolean - isMapped: true - name: Cancelled - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: boolean - Carrier: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: Carrier - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false + build_hash: + description: >- + A unique hash value representing the git commit of this Kibana + build. type: string - dayOfWeek: - aggregatable: true - count: 0 - esTypes: - - integer - format: - id: number - isMapped: true - name: dayOfWeek - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false + build_number: + description: >- + A monotonically increasing number, each subsequent build will + have a higher number. type: number - Dest: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: Dest - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - DestAirportID: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: DestAirportID - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - DestCityName: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: DestCityName - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - DestCountry: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: DestCountry - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false + build_snapshot: + description: Whether this build is a snapshot build. + type: boolean + number: + description: A semantic version number. type: string - DestLocation: - aggregatable: true - count: 0 - esTypes: - - geo_point - format: - id: geo_point - params: - transform: wkt - isMapped: true - name: DestLocation - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: geo_point - DestRegion: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: DestRegion - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false + required: + - number + - build_hash + - build_number + - build_snapshot + - build_flavor + - build_date + required: + - name + - uuid + - version + - status + - metrics + Machine_learning_APIs_mlSync200Response: + properties: + datafeedsAdded: + additionalProperties: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseDatafeeds' + description: >- + If a saved object for an anomaly detection job is missing a datafeed + identifier, it is added when you run the sync machine learning saved + objects API. + type: object + datafeedsRemoved: + additionalProperties: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseDatafeeds' + description: >- + If a saved object for an anomaly detection job references a datafeed + that no longer exists, it is deleted when you run the sync machine + learning saved objects API. + type: object + savedObjectsCreated: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseSavedObjectsCreated + savedObjectsDeleted: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseSavedObjectsDeleted + title: Successful sync API response + type: object + Machine_learning_APIs_mlSync4xxResponse: + properties: + error: + example: Unauthorized + type: string + message: + type: string + statusCode: + example: 401 + type: integer + title: Unsuccessful sync API response + type: object + Machine_learning_APIs_mlSyncResponseAnomalyDetectors: + description: >- + The sync machine learning saved objects API response contains this + object when there are anomaly detection jobs affected by the + synchronization. There is an object for each relevant job, which + contains the synchronization status. + properties: + success: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' + title: Sync API response for anomaly detection jobs + type: object + Machine_learning_APIs_mlSyncResponseDatafeeds: + description: >- + The sync machine learning saved objects API response contains this + object when there are datafeeds affected by the synchronization. There + is an object for each relevant datafeed, which contains the + synchronization status. + properties: + success: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' + title: Sync API response for datafeeds + type: object + Machine_learning_APIs_mlSyncResponseDataFrameAnalytics: + description: >- + The sync machine learning saved objects API response contains this + object when there are data frame analytics jobs affected by the + synchronization. There is an object for each relevant job, which + contains the synchronization status. + properties: + success: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' + title: Sync API response for data frame analytics jobs + type: object + Machine_learning_APIs_mlSyncResponseSavedObjectsCreated: + description: >- + If saved objects are missing for machine learning jobs or trained + models, they are created when you run the sync machine learning saved + objects API. + properties: + anomaly-detector: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseAnomalyDetectors + description: >- + If saved objects are missing for anomaly detection jobs, they are + created. + type: object + data-frame-analytics: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseDataFrameAnalytics + description: >- + If saved objects are missing for data frame analytics jobs, they are + created. + type: object + trained-model: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseTrainedModels + description: If saved objects are missing for trained models, they are created. + type: object + title: Sync API response for created saved objects + type: object + Machine_learning_APIs_mlSyncResponseSavedObjectsDeleted: + description: >- + If saved objects exist for machine learning jobs or trained models that + no longer exist, they are deleted when you run the sync machine learning + saved objects API. + properties: + anomaly-detector: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseAnomalyDetectors + description: >- + If there are saved objects exist for nonexistent anomaly detection + jobs, they are deleted. + type: object + data-frame-analytics: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseDataFrameAnalytics + description: >- + If there are saved objects exist for nonexistent data frame + analytics jobs, they are deleted. + type: object + trained-model: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseTrainedModels + description: >- + If there are saved objects exist for nonexistent trained models, + they are deleted. + type: object + title: Sync API response for deleted saved objects + type: object + Machine_learning_APIs_mlSyncResponseSuccess: + description: The success or failure of the synchronization. + type: boolean + Machine_learning_APIs_mlSyncResponseTrainedModels: + description: >- + The sync machine learning saved objects API response contains this + object when there are trained models affected by the synchronization. + There is an object for each relevant trained model, which contains the + synchronization status. + properties: + success: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' + title: Sync API response for trained models + type: object + Security_AI_Assistant_API_AnonymizationFieldCreateProps: + type: object + properties: + allowed: + type: boolean + anonymized: + type: boolean + field: + type: string + required: + - field + Security_AI_Assistant_API_AnonymizationFieldDetailsInError: + type: object + properties: + id: + type: string + name: + type: string + required: + - id + Security_AI_Assistant_API_AnonymizationFieldResponse: + type: object + properties: + allowed: + type: boolean + anonymized: + type: boolean + createdAt: + type: string + createdBy: + type: string + field: + type: string + id: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + namespace: + description: Kibana space + type: string + timestamp: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + updatedAt: + type: string + updatedBy: + type: string + required: + - id + - field + Security_AI_Assistant_API_AnonymizationFieldsBulkActionSkipReason: + enum: + - ANONYMIZATION_FIELD_NOT_MODIFIED + type: string + Security_AI_Assistant_API_AnonymizationFieldsBulkActionSkipResult: + type: object + properties: + id: + type: string + name: + type: string + skip_reason: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldsBulkActionSkipReason + required: + - id + - skip_reason + Security_AI_Assistant_API_AnonymizationFieldsBulkCrudActionResponse: + type: object + properties: + anonymization_fields_count: + type: integer + attributes: + type: object + properties: + errors: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_NormalizedAnonymizationFieldError + type: array + results: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldsBulkCrudActionResults + summary: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_BulkCrudActionSummary + required: + - results + - summary + message: + type: string + status_code: + type: integer + success: + type: boolean + required: + - attributes + Security_AI_Assistant_API_AnonymizationFieldsBulkCrudActionResults: + type: object + properties: + created: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldResponse + type: array + deleted: + items: + type: string + type: array + skipped: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldsBulkActionSkipResult + type: array + updated: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldResponse + type: array + required: + - updated + - created + - deleted + - skipped + Security_AI_Assistant_API_AnonymizationFieldUpdateProps: + type: object + properties: + allowed: + type: boolean + anonymized: + type: boolean + id: + type: string + required: + - id + Security_AI_Assistant_API_ApiConfig: + type: object + properties: + actionTypeId: + description: action type id + type: string + connectorId: + description: connector id + type: string + defaultSystemPromptId: + description: defaultSystemPromptId + type: string + model: + description: model + type: string + provider: + $ref: '#/components/schemas/Security_AI_Assistant_API_Provider' + description: Provider + required: + - connectorId + - actionTypeId + Security_AI_Assistant_API_BulkCrudActionSummary: + type: object + properties: + failed: + type: integer + skipped: + type: integer + succeeded: + type: integer + total: + type: integer + required: + - failed + - skipped + - succeeded + - total + Security_AI_Assistant_API_ChatCompleteProps: + type: object + properties: + connectorId: + type: string + conversationId: + type: string + isStream: + type: boolean + langSmithApiKey: + type: string + langSmithProject: + type: string + messages: + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_ChatMessage' + type: array + model: + type: string + persist: + type: boolean + promptId: + type: string + responseLanguage: + type: string + required: + - messages + - persist + - connectorId + Security_AI_Assistant_API_ChatMessage: + description: AI assistant message. + type: object + properties: + content: + description: Message content. + type: string + data: + $ref: '#/components/schemas/Security_AI_Assistant_API_MessageData' + description: ECS object to attach to the context of the message. + fields_to_anonymize: + items: + type: string + type: array + role: + $ref: '#/components/schemas/Security_AI_Assistant_API_ChatMessageRole' + description: Message role. + required: + - role + Security_AI_Assistant_API_ChatMessageRole: + description: Message role. + enum: + - system + - user + - assistant + type: string + Security_AI_Assistant_API_ConversationCategory: + description: The conversation category. + enum: + - assistant + - insights + type: string + Security_AI_Assistant_API_ConversationConfidence: + description: The conversation confidence. + enum: + - low + - medium + - high + type: string + Security_AI_Assistant_API_ConversationCreateProps: + type: object + properties: + apiConfig: + $ref: '#/components/schemas/Security_AI_Assistant_API_ApiConfig' + description: LLM API configuration. + category: + $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationCategory' + description: The conversation category. + excludeFromLastConversationStorage: + description: excludeFromLastConversationStorage. + type: boolean + id: + description: The conversation id. + type: string + isDefault: + description: Is default conversation. + type: boolean + messages: + description: The conversation messages. + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_Message' + type: array + replacements: + $ref: '#/components/schemas/Security_AI_Assistant_API_Replacements' + title: + description: The conversation title. + type: string + required: + - title + Security_AI_Assistant_API_ConversationResponse: + type: object + properties: + apiConfig: + $ref: '#/components/schemas/Security_AI_Assistant_API_ApiConfig' + description: LLM API configuration. + category: + $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationCategory' + description: The conversation category. + createdAt: + description: The last time conversation was updated. + type: string + excludeFromLastConversationStorage: + description: excludeFromLastConversationStorage. + type: boolean + id: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + isDefault: + description: Is default conversation. + type: boolean + messages: + description: The conversation messages. + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_Message' + type: array + namespace: + description: Kibana space + type: string + replacements: + $ref: '#/components/schemas/Security_AI_Assistant_API_Replacements' + summary: + $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationSummary' + timestamp: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + title: + description: The conversation title. + type: string + updatedAt: + description: The last time conversation was updated. + type: string + users: + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_User' + type: array + required: + - id + - title + - createdAt + - users + - namespace + - category + Security_AI_Assistant_API_ConversationSummary: + type: object + properties: + confidence: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationConfidence + description: >- + How confident you are about this being a correct and useful + learning. + content: + description: Summary text of the conversation over time. + type: string + public: + description: Define if summary is marked as publicly available. + type: boolean + timestamp: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + description: The timestamp summary was updated. + Security_AI_Assistant_API_ConversationUpdateProps: + type: object + properties: + apiConfig: + $ref: '#/components/schemas/Security_AI_Assistant_API_ApiConfig' + description: LLM API configuration. + category: + $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationCategory' + description: The conversation category. + excludeFromLastConversationStorage: + description: excludeFromLastConversationStorage. + type: boolean + id: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + messages: + description: The conversation messages. + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_Message' + type: array + replacements: + $ref: '#/components/schemas/Security_AI_Assistant_API_Replacements' + summary: + $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationSummary' + title: + description: The conversation title. + type: string + required: + - id + Security_AI_Assistant_API_FindAnonymizationFieldsSortField: + enum: + - created_at + - anonymized + - allowed + - field + - updated_at + type: string + Security_AI_Assistant_API_FindConversationsSortField: + enum: + - created_at + - is_default + - title + - updated_at + type: string + Security_AI_Assistant_API_FindPromptsSortField: + enum: + - created_at + - is_default + - name + - updated_at + type: string + Security_AI_Assistant_API_Message: + description: AI assistant conversation message. + type: object + properties: + content: + description: Message content. + type: string + isError: + description: Is error message. + type: boolean + reader: + $ref: '#/components/schemas/Security_AI_Assistant_API_Reader' + description: Message content. + role: + $ref: '#/components/schemas/Security_AI_Assistant_API_MessageRole' + description: Message role. + timestamp: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + description: The timestamp message was sent or received. + traceData: + $ref: '#/components/schemas/Security_AI_Assistant_API_TraceData' + description: trace Data + required: + - timestamp + - content + - role + Security_AI_Assistant_API_MessageData: + additionalProperties: true + type: object + Security_AI_Assistant_API_MessageRole: + description: Message role. + enum: + - system + - user + - assistant + type: string + Security_AI_Assistant_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_AI_Assistant_API_NormalizedAnonymizationFieldError: + type: object + properties: + anonymization_fields: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldDetailsInError + type: array + err_code: + type: string + message: + type: string + status_code: + type: integer + required: + - message + - status_code + - anonymization_fields + Security_AI_Assistant_API_NormalizedPromptError: + type: object + properties: + err_code: + type: string + message: + type: string + prompts: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptDetailsInError + type: array + status_code: + type: integer + required: + - message + - status_code + - prompts + Security_AI_Assistant_API_PromptCreateProps: + type: object + properties: + categories: + items: + type: string + type: array + color: + type: string + consumer: + type: string + content: + type: string + isDefault: + type: boolean + isNewConversationDefault: + type: boolean + name: + type: string + promptType: + $ref: '#/components/schemas/Security_AI_Assistant_API_PromptType' + required: + - name + - content + - promptType + Security_AI_Assistant_API_PromptDetailsInError: + type: object + properties: + id: + type: string + name: + type: string + required: + - id + Security_AI_Assistant_API_PromptResponse: + type: object + properties: + categories: + items: + type: string + type: array + color: + type: string + consumer: + type: string + content: + type: string + createdAt: + type: string + createdBy: + type: string + id: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + isDefault: + type: boolean + isNewConversationDefault: + type: boolean + name: + type: string + namespace: + description: Kibana space + type: string + promptType: + $ref: '#/components/schemas/Security_AI_Assistant_API_PromptType' + timestamp: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + updatedAt: + type: string + updatedBy: + type: string + users: + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_User' + type: array + required: + - id + - name + - promptType + - content + Security_AI_Assistant_API_PromptsBulkActionSkipReason: + enum: + - PROMPT_FIELD_NOT_MODIFIED + type: string + Security_AI_Assistant_API_PromptsBulkActionSkipResult: + type: object + properties: + id: + type: string + name: + type: string + skip_reason: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptsBulkActionSkipReason + required: + - id + - skip_reason + Security_AI_Assistant_API_PromptsBulkCrudActionResponse: + type: object + properties: + attributes: + type: object + properties: + errors: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_NormalizedPromptError + type: array + results: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptsBulkCrudActionResults + summary: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_BulkCrudActionSummary + required: + - results + - summary + message: + type: string + prompts_count: + type: integer + status_code: + type: integer + success: + type: boolean + required: + - attributes + Security_AI_Assistant_API_PromptsBulkCrudActionResults: + type: object + properties: + created: + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_PromptResponse' + type: array + deleted: + items: + type: string + type: array + skipped: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptsBulkActionSkipResult + type: array + updated: + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_PromptResponse' + type: array + required: + - updated + - created + - deleted + - skipped + Security_AI_Assistant_API_PromptType: + description: Prompt type + enum: + - system + - quick + type: string + Security_AI_Assistant_API_PromptUpdateProps: + type: object + properties: + categories: + items: + type: string + type: array + color: + type: string + consumer: + type: string + content: + type: string + id: + type: string + isDefault: + type: boolean + isNewConversationDefault: + type: boolean + required: + - id + Security_AI_Assistant_API_Provider: + description: Provider + enum: + - OpenAI + - Azure OpenAI + type: string + Security_AI_Assistant_API_Reader: + additionalProperties: true + type: object + Security_AI_Assistant_API_Replacements: + additionalProperties: + type: string + description: Replacements object used to anonymize/deanomymize messsages + type: object + Security_AI_Assistant_API_SortOrder: + enum: + - asc + - desc + type: string + Security_AI_Assistant_API_TraceData: + description: trace Data + type: object + properties: + traceId: + description: Could be any string, not necessarily a UUID + type: string + transactionId: + description: Could be any string, not necessarily a UUID + type: string + Security_AI_Assistant_API_User: + description: Could be any string, not necessarily a UUID + type: object + properties: + id: + description: User id + type: string + name: + description: User name + type: string + Security_Detections_API_AlertAssignees: + type: object + properties: + add: + description: A list of users ids to assign. + items: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + type: array + remove: + description: A list of users ids to unassign. + items: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + type: array + required: + - add + - remove + Security_Detections_API_AlertIds: + description: A list of alerts ids. + items: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + minItems: 1 + type: array + Security_Detections_API_AlertsIndex: + deprecated: true + description: (deprecated) Has no effect. + type: string + Security_Detections_API_AlertsIndexNamespace: + description: Has no effect. + type: string + Security_Detections_API_AlertsSort: + oneOf: + - $ref: '#/components/schemas/Security_Detections_API_AlertsSortCombinations' + - items: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsSortCombinations + type: array + Security_Detections_API_AlertsSortCombinations: + anyOf: + - type: string + - additionalProperties: true + type: object + Security_Detections_API_AlertStatus: + enum: + - open + - closed + - acknowledged + - in-progress + type: string + Security_Detections_API_AlertSuppression: + type: object + properties: + duration: + $ref: >- + #/components/schemas/Security_Detections_API_AlertSuppressionDuration + group_by: + $ref: '#/components/schemas/Security_Detections_API_AlertSuppressionGroupBy' + missing_fields_strategy: + $ref: >- + #/components/schemas/Security_Detections_API_AlertSuppressionMissingFieldsStrategy + required: + - group_by + Security_Detections_API_AlertSuppressionDuration: + type: object + properties: + unit: + enum: + - s + - m + - h + type: string + value: + minimum: 1 + type: integer + required: + - value + - unit + Security_Detections_API_AlertSuppressionGroupBy: + items: + type: string + maxItems: 3 + minItems: 1 + type: array + Security_Detections_API_AlertSuppressionMissingFieldsStrategy: + description: >- + Describes how alerts will be generated for documents with missing + suppress by fields: + + doNotSuppress - per each document a separate alert will be created + + suppress - only alert will be created per suppress by bucket + enum: + - doNotSuppress + - suppress + type: string + Security_Detections_API_AlertTag: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + Security_Detections_API_AlertTags: + items: + $ref: '#/components/schemas/Security_Detections_API_AlertTag' + type: array + Security_Detections_API_AnomalyThreshold: + description: Anomaly threshold + minimum: 0 + type: integer + Security_Detections_API_BuildingBlockType: + description: >- + Determines if the rule acts as a building block. By default, + building-block alerts are not displayed in the UI. These rules are used + as a foundation for other rules that do generate alerts. Its value must + be default. + type: string + Security_Detections_API_BulkActionEditPayload: + anyOf: + - $ref: >- + #/components/schemas/Security_Detections_API_BulkActionEditPayloadTags + - $ref: >- + #/components/schemas/Security_Detections_API_BulkActionEditPayloadIndexPatterns + - $ref: >- + #/components/schemas/Security_Detections_API_BulkActionEditPayloadInvestigationFields + - $ref: >- + #/components/schemas/Security_Detections_API_BulkActionEditPayloadTimeline + - $ref: >- + #/components/schemas/Security_Detections_API_BulkActionEditPayloadRuleActions + - $ref: >- + #/components/schemas/Security_Detections_API_BulkActionEditPayloadSchedule + Security_Detections_API_BulkActionEditPayloadIndexPatterns: + type: object + properties: + overwrite_data_views: + type: boolean + type: + enum: + - add_index_patterns + - delete_index_patterns + - set_index_patterns + type: string + value: + $ref: '#/components/schemas/Security_Detections_API_IndexPatternArray' + required: + - type + - value + Security_Detections_API_BulkActionEditPayloadInvestigationFields: + type: object + properties: + type: + enum: + - add_investigation_fields + - delete_investigation_fields + - set_investigation_fields + type: string + value: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + required: + - type + - value + Security_Detections_API_BulkActionEditPayloadRuleActions: + type: object + properties: + type: + enum: + - add_rule_actions + - set_rule_actions + type: string + value: + type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Detections_API_NormalizedRuleAction + type: array + throttle: + $ref: >- + #/components/schemas/Security_Detections_API_ThrottleForBulkActions + required: + - actions + required: + - type + - value + Security_Detections_API_BulkActionEditPayloadSchedule: + type: object + properties: + type: + enum: + - set_schedule + type: string + value: + type: object + properties: + interval: + description: >- + Interval in which the rule runs. For example, `"1h"` means the + rule runs every hour. + example: 1h + pattern: ^[1-9]\d*[smh]$ type: string - DestWeather: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: DestWeather - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false + lookback: + description: Lookback time for the rule + example: 1h + pattern: ^[1-9]\d*[smh]$ type: string - DistanceKilometers: - aggregatable: true - count: 0 - esTypes: - - float - format: - id: number - isMapped: true - name: DistanceKilometers - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - DistanceMiles: - aggregatable: true - count: 0 - esTypes: - - float - format: - id: number - isMapped: true - name: DistanceMiles - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - FlightDelay: - aggregatable: true - count: 0 - esTypes: - - boolean - format: - id: boolean - isMapped: true - name: FlightDelay - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false + required: + - interval + - lookback + required: + - type + - value + Security_Detections_API_BulkActionEditPayloadTags: + type: object + properties: + type: + enum: + - add_tags + - delete_tags + - set_tags + type: string + value: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + required: + - type + - value + Security_Detections_API_BulkActionEditPayloadTimeline: + type: object + properties: + type: + enum: + - set_timeline + type: string + value: + type: object + properties: + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + required: + - timeline_id + - timeline_title + required: + - type + - value + Security_Detections_API_BulkActionsDryRunErrCode: + enum: + - IMMUTABLE + - MACHINE_LEARNING_AUTH + - MACHINE_LEARNING_INDEX_PATTERN + - ESQL_INDEX_PATTERN + - MANUAL_RULE_RUN_FEATURE + - MANUAL_RULE_RUN_DISABLED_RULE + type: string + Security_Detections_API_BulkActionSkipResult: + type: object + properties: + id: + type: string + name: + type: string + skip_reason: + $ref: '#/components/schemas/Security_Detections_API_BulkEditSkipReason' + required: + - id + - skip_reason + Security_Detections_API_BulkDeleteRules: + type: object + properties: + action: + enum: + - delete + type: string + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + required: + - action + Security_Detections_API_BulkDisableRules: + type: object + properties: + action: + enum: + - disable + type: string + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + required: + - action + Security_Detections_API_BulkDuplicateRules: + type: object + properties: + action: + enum: + - duplicate + type: string + duplicate: + type: object + properties: + include_exceptions: + description: Whether to copy exceptions from the original rule type: boolean - FlightDelayMin: - aggregatable: true - count: 0 - esTypes: - - integer - format: - id: number - isMapped: true - name: FlightDelayMin - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - FlightDelayType: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: FlightDelayType - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - FlightNum: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: FlightNum - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false + include_expired_exceptions: + description: Whether to copy expired exceptions from the original rule + type: boolean + required: + - include_exceptions + - include_expired_exceptions + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + required: + - action + Security_Detections_API_BulkEditActionResponse: + type: object + properties: + attributes: + type: object + properties: + errors: + items: + $ref: >- + #/components/schemas/Security_Detections_API_NormalizedRuleError + type: array + results: + $ref: >- + #/components/schemas/Security_Detections_API_BulkEditActionResults + summary: + $ref: >- + #/components/schemas/Security_Detections_API_BulkEditActionSummary + required: + - results + - summary + message: + type: string + rules_count: + type: integer + status_code: + type: integer + success: + type: boolean + required: + - attributes + Security_Detections_API_BulkEditActionResults: + type: object + properties: + created: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleResponse' + type: array + deleted: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleResponse' + type: array + skipped: + items: + $ref: '#/components/schemas/Security_Detections_API_BulkActionSkipResult' + type: array + updated: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleResponse' + type: array + required: + - updated + - created + - deleted + - skipped + Security_Detections_API_BulkEditActionSummary: + type: object + properties: + failed: + type: integer + skipped: + type: integer + succeeded: + type: integer + total: + type: integer + required: + - failed + - skipped + - succeeded + - total + Security_Detections_API_BulkEditRules: + type: object + properties: + action: + enum: + - edit + type: string + edit: + description: Array of objects containing the edit operations + items: + $ref: '#/components/schemas/Security_Detections_API_BulkActionEditPayload' + minItems: 1 + type: array + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + required: + - action + - edit + Security_Detections_API_BulkEditSkipReason: + enum: + - RULE_NOT_MODIFIED + type: string + Security_Detections_API_BulkEnableRules: + type: object + properties: + action: + enum: + - enable + type: string + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + required: + - action + Security_Detections_API_BulkExportActionResponse: + type: string + Security_Detections_API_BulkExportRules: + type: object + properties: + action: + enum: + - export + type: string + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + required: + - action + Security_Detections_API_BulkManualRuleRun: + type: object + properties: + action: + enum: + - run + type: string + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + run: + type: object + properties: + end_date: + description: End date of the manual rule run type: string - FlightTimeHour: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: FlightTimeHour - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false + start_date: + description: Start date of the manual rule run type: string - FlightTimeMin: - aggregatable: true - count: 0 - esTypes: - - float - format: - id: number - isMapped: true - name: FlightTimeMin - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - hour_of_day: - aggregatable: true - count: 0 - esTypes: - - long - format: - id: number - params: - pattern: '00' - name: hour_of_day - readFromDocValues: false - runtimeField: - script: - source: emit(doc['timestamp'].value.getHour()); - type: long - scripted: false - searchable: true - shortDotsEnable: false - type: number - Origin: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: Origin - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false + required: + - start_date + required: + - action + - run + Security_Detections_API_ConcurrentSearches: + minimum: 1 + type: integer + Security_Detections_API_DataViewId: + type: string + Security_Detections_API_DefaultParams: + type: object + properties: + command: + enum: + - isolate + type: string + comment: + type: string + required: + - command + Security_Detections_API_EcsMapping: + additionalProperties: + type: object + properties: + field: + type: string + value: + oneOf: + - type: string + - items: + type: string + type: array + type: object + Security_Detections_API_EndpointResponseAction: + type: object + properties: + action_type_id: + enum: + - .endpoint + type: string + params: + oneOf: + - $ref: '#/components/schemas/Security_Detections_API_DefaultParams' + - $ref: '#/components/schemas/Security_Detections_API_ProcessesParams' + required: + - action_type_id + - params + Security_Detections_API_EqlOptionalFields: + type: object + properties: + alert_suppression: + $ref: '#/components/schemas/Security_Detections_API_AlertSuppression' + data_view_id: + $ref: '#/components/schemas/Security_Detections_API_DataViewId' + event_category_override: + $ref: '#/components/schemas/Security_Detections_API_EventCategoryOverride' + filters: + $ref: '#/components/schemas/Security_Detections_API_RuleFilterArray' + index: + $ref: '#/components/schemas/Security_Detections_API_IndexPatternArray' + response_actions: + items: + $ref: '#/components/schemas/Security_Detections_API_ResponseAction' + type: array + tiebreaker_field: + $ref: '#/components/schemas/Security_Detections_API_TiebreakerField' + timestamp_field: + $ref: '#/components/schemas/Security_Detections_API_TimestampField' + Security_Detections_API_EqlQueryLanguage: + enum: + - eql + type: string + Security_Detections_API_EqlRequiredFields: + type: object + properties: + language: + $ref: '#/components/schemas/Security_Detections_API_EqlQueryLanguage' + description: Query language to use + query: + $ref: '#/components/schemas/Security_Detections_API_RuleQuery' + description: EQL query to execute + type: + description: Rule type + enum: + - eql + type: string + required: + - type + - query + - language + Security_Detections_API_EqlRule: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Detections_API_ResponseFields' + - $ref: '#/components/schemas/Security_Detections_API_EqlRuleResponseFields' + Security_Detections_API_EqlRuleCreateFields: + allOf: + - $ref: '#/components/schemas/Security_Detections_API_EqlRequiredFields' + - $ref: '#/components/schemas/Security_Detections_API_EqlOptionalFields' + Security_Detections_API_EqlRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + required: + - name + - description + - risk_score + - severity + - $ref: '#/components/schemas/Security_Detections_API_EqlRuleCreateFields' + Security_Detections_API_EqlRulePatchFields: + allOf: + - type: object + properties: + language: + $ref: '#/components/schemas/Security_Detections_API_EqlQueryLanguage' + description: Query language to use + query: + $ref: '#/components/schemas/Security_Detections_API_RuleQuery' + description: EQL query to execute + type: + description: Rule type + enum: + - eql type: string - OriginAirportID: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: OriginAirportID - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false + - $ref: '#/components/schemas/Security_Detections_API_EqlOptionalFields' + Security_Detections_API_EqlRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + id: + $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + - $ref: '#/components/schemas/Security_Detections_API_EqlRulePatchFields' + Security_Detections_API_EqlRuleResponseFields: + allOf: + - $ref: '#/components/schemas/Security_Detections_API_EqlRequiredFields' + - $ref: '#/components/schemas/Security_Detections_API_EqlOptionalFields' + Security_Detections_API_EqlRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + id: + $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + required: + - name + - description + - risk_score + - severity + - $ref: '#/components/schemas/Security_Detections_API_EqlRuleCreateFields' + Security_Detections_API_ErrorSchema: + additionalProperties: false + type: object + properties: + error: + type: object + properties: + message: type: string - OriginCityName: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: OriginCityName - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false + status_code: + minimum: 400 + type: integer + required: + - status_code + - message + id: + type: string + item_id: + minLength: 1 + type: string + list_id: + minLength: 1 + type: string + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + required: + - error + Security_Detections_API_EsqlQueryLanguage: + enum: + - esql + type: string + Security_Detections_API_EsqlRule: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Detections_API_ResponseFields' + - $ref: '#/components/schemas/Security_Detections_API_EsqlRuleResponseFields' + Security_Detections_API_EsqlRuleCreateFields: + allOf: + - $ref: '#/components/schemas/Security_Detections_API_EsqlRuleOptionalFields' + - $ref: '#/components/schemas/Security_Detections_API_EsqlRuleRequiredFields' + Security_Detections_API_EsqlRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + required: + - name + - description + - risk_score + - severity + - $ref: '#/components/schemas/Security_Detections_API_EsqlRuleCreateFields' + Security_Detections_API_EsqlRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: '#/components/schemas/Security_Detections_API_AlertSuppression' + response_actions: + items: + $ref: '#/components/schemas/Security_Detections_API_ResponseAction' + type: array + Security_Detections_API_EsqlRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + id: + $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + language: + $ref: '#/components/schemas/Security_Detections_API_EsqlQueryLanguage' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + query: + $ref: '#/components/schemas/Security_Detections_API_RuleQuery' + description: ESQL query to execute + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + type: + description: Rule type + enum: + - esql type: string - OriginCountry: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: OriginCountry - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + - $ref: '#/components/schemas/Security_Detections_API_EsqlRuleOptionalFields' + Security_Detections_API_EsqlRuleRequiredFields: + type: object + properties: + language: + $ref: '#/components/schemas/Security_Detections_API_EsqlQueryLanguage' + query: + $ref: '#/components/schemas/Security_Detections_API_RuleQuery' + description: ESQL query to execute + type: + description: Rule type + enum: + - esql + type: string + required: + - type + - language + - query + Security_Detections_API_EsqlRuleResponseFields: + allOf: + - $ref: '#/components/schemas/Security_Detections_API_EsqlRuleOptionalFields' + - $ref: '#/components/schemas/Security_Detections_API_EsqlRuleRequiredFields' + Security_Detections_API_EsqlRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + id: + $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + required: + - name + - description + - risk_score + - severity + - $ref: '#/components/schemas/Security_Detections_API_EsqlRuleCreateFields' + Security_Detections_API_EventCategoryOverride: + type: string + Security_Detections_API_ExceptionListType: + description: The exception type + enum: + - detection + - rule_default + - endpoint + - endpoint_trusted_apps + - endpoint_events + - endpoint_host_isolation_exceptions + - endpoint_blocklists + type: string + Security_Detections_API_ExternalRuleSource: + description: >- + Type of rule source for externally sourced rules, i.e. rules that have + an external source, such as the Elastic Prebuilt rules repo. + type: object + properties: + is_customized: + $ref: >- + #/components/schemas/Security_Detections_API_IsExternalRuleCustomized + type: + enum: + - external + type: string + required: + - type + - is_customized + Security_Detections_API_FindRulesSortField: + enum: + - created_at + - createdAt + - enabled + - execution_summary.last_execution.date + - execution_summary.last_execution.metrics.execution_gap_duration_s + - execution_summary.last_execution.metrics.total_indexing_duration_ms + - execution_summary.last_execution.metrics.total_search_duration_ms + - execution_summary.last_execution.status + - name + - risk_score + - riskScore + - severity + - updated_at + - updatedAt + type: string + Security_Detections_API_HistoryWindowStart: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + Security_Detections_API_IndexPatternArray: + items: + type: string + type: array + Security_Detections_API_InternalRuleSource: + description: >- + Type of rule source for internally sourced rules, i.e. created within + the Kibana apps. + type: object + properties: + type: + enum: + - internal + type: string + required: + - type + Security_Detections_API_InvestigationFields: + description: > + Schema for fields relating to investigation fields. These are user + defined fields we use to highlight + + in various features in the UI such as alert details flyout and + exceptions auto-population from alert. + + Added in PR #163235 + + Right now we only have a single field but anticipate adding more related + fields to store various + + configuration states such as `override` - where a user might say if they + want only these fields to + + display, or if they want these fields + the fields we select. When + expanding this field, it may look + + something like: + + ```typescript + + const investigationFields = z.object({ + field_names: NonEmptyArray(NonEmptyString), + override: z.boolean().optional(), + }); + + ``` + type: object + properties: + field_names: + items: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + minItems: 1 + type: array + required: + - field_names + Security_Detections_API_InvestigationGuide: + description: Notes to help investigate alerts produced by the rule. + type: string + Security_Detections_API_IsExternalRuleCustomized: + description: >- + Determines whether an external/prebuilt rule has been customized by the + user (i.e. any of its fields have been modified and diverged from the + base value). + type: boolean + Security_Detections_API_IsRuleEnabled: + description: Determines whether the rule is enabled. + type: boolean + Security_Detections_API_IsRuleImmutable: + deprecated: true + description: >- + This field determines whether the rule is a prebuilt Elastic rule. It + will be replaced with the `rule_source` field. + type: boolean + Security_Detections_API_ItemsPerSearch: + minimum: 1 + type: integer + Security_Detections_API_KqlQueryLanguage: + enum: + - kuery + - lucene + type: string + Security_Detections_API_MachineLearningJobId: + description: Machine learning job ID + oneOf: + - type: string + - items: + type: string + minItems: 1 + type: array + Security_Detections_API_MachineLearningRule: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Detections_API_MachineLearningRuleResponseFields + Security_Detections_API_MachineLearningRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Detections_API_MachineLearningRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Detections_API_MachineLearningRuleOptionalFields + Security_Detections_API_MachineLearningRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Detections_API_MachineLearningRuleCreateFields + Security_Detections_API_MachineLearningRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: '#/components/schemas/Security_Detections_API_AlertSuppression' + Security_Detections_API_MachineLearningRulePatchFields: + allOf: + - type: object + properties: + anomaly_threshold: + $ref: '#/components/schemas/Security_Detections_API_AnomalyThreshold' + machine_learning_job_id: + $ref: >- + #/components/schemas/Security_Detections_API_MachineLearningJobId + type: + description: Rule type + enum: + - machine_learning type: string - OriginLocation: - aggregatable: true - count: 0 - esTypes: - - geo_point - format: - id: geo_point - params: - transform: wkt - isMapped: true - name: OriginLocation - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: geo_point - OriginRegion: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: OriginRegion - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false + - $ref: >- + #/components/schemas/Security_Detections_API_MachineLearningRuleOptionalFields + Security_Detections_API_MachineLearningRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + id: + $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + - $ref: >- + #/components/schemas/Security_Detections_API_MachineLearningRulePatchFields + Security_Detections_API_MachineLearningRuleRequiredFields: + type: object + properties: + anomaly_threshold: + $ref: '#/components/schemas/Security_Detections_API_AnomalyThreshold' + machine_learning_job_id: + $ref: '#/components/schemas/Security_Detections_API_MachineLearningJobId' + type: + description: Rule type + enum: + - machine_learning + type: string + required: + - type + - machine_learning_job_id + - anomaly_threshold + Security_Detections_API_MachineLearningRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Detections_API_MachineLearningRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Detections_API_MachineLearningRuleOptionalFields + Security_Detections_API_MachineLearningRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + id: + $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Detections_API_MachineLearningRuleCreateFields + Security_Detections_API_MaxSignals: + minimum: 1 + type: integer + Security_Detections_API_NewTermsFields: + items: + type: string + maxItems: 3 + minItems: 1 + type: array + Security_Detections_API_NewTermsRule: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Detections_API_NewTermsRuleResponseFields + Security_Detections_API_NewTermsRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Detections_API_NewTermsRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Detections_API_NewTermsRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Detections_API_NewTermsRuleDefaultableFields + Security_Detections_API_NewTermsRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Detections_API_NewTermsRuleCreateFields + Security_Detections_API_NewTermsRuleDefaultableFields: + type: object + properties: + language: + $ref: '#/components/schemas/Security_Detections_API_KqlQueryLanguage' + Security_Detections_API_NewTermsRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: '#/components/schemas/Security_Detections_API_AlertSuppression' + data_view_id: + $ref: '#/components/schemas/Security_Detections_API_DataViewId' + filters: + $ref: '#/components/schemas/Security_Detections_API_RuleFilterArray' + index: + $ref: '#/components/schemas/Security_Detections_API_IndexPatternArray' + response_actions: + items: + $ref: '#/components/schemas/Security_Detections_API_ResponseAction' + type: array + Security_Detections_API_NewTermsRulePatchFields: + allOf: + - type: object + properties: + history_window_start: + $ref: '#/components/schemas/Security_Detections_API_HistoryWindowStart' + new_terms_fields: + $ref: '#/components/schemas/Security_Detections_API_NewTermsFields' + query: + $ref: '#/components/schemas/Security_Detections_API_RuleQuery' + type: + description: Rule type + enum: + - new_terms + type: string + - $ref: >- + #/components/schemas/Security_Detections_API_NewTermsRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Detections_API_NewTermsRuleDefaultableFields + Security_Detections_API_NewTermsRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + id: + $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + - $ref: '#/components/schemas/Security_Detections_API_NewTermsRulePatchFields' + Security_Detections_API_NewTermsRuleRequiredFields: + type: object + properties: + history_window_start: + $ref: '#/components/schemas/Security_Detections_API_HistoryWindowStart' + new_terms_fields: + $ref: '#/components/schemas/Security_Detections_API_NewTermsFields' + query: + $ref: '#/components/schemas/Security_Detections_API_RuleQuery' + type: + description: Rule type + enum: + - new_terms + type: string + required: + - type + - query + - new_terms_fields + - history_window_start + Security_Detections_API_NewTermsRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Detections_API_NewTermsRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Detections_API_NewTermsRuleOptionalFields + - type: object + properties: + language: + $ref: '#/components/schemas/Security_Detections_API_KqlQueryLanguage' + required: + - language + Security_Detections_API_NewTermsRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + id: + $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Detections_API_NewTermsRuleCreateFields + Security_Detections_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_Detections_API_NormalizedRuleAction: + additionalProperties: false + type: object + properties: + alerts_filter: + $ref: '#/components/schemas/Security_Detections_API_RuleActionAlertsFilter' + frequency: + $ref: '#/components/schemas/Security_Detections_API_RuleActionFrequency' + group: + $ref: '#/components/schemas/Security_Detections_API_RuleActionGroup' + id: + $ref: '#/components/schemas/Security_Detections_API_RuleActionId' + params: + $ref: '#/components/schemas/Security_Detections_API_RuleActionParams' + required: + - id + - params + Security_Detections_API_NormalizedRuleError: + type: object + properties: + err_code: + $ref: >- + #/components/schemas/Security_Detections_API_BulkActionsDryRunErrCode + message: + type: string + rules: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleDetailsInError' + type: array + status_code: + type: integer + required: + - message + - status_code + - rules + Security_Detections_API_OsqueryParams: + type: object + properties: + ecs_mapping: + $ref: '#/components/schemas/Security_Detections_API_EcsMapping' + pack_id: + type: string + queries: + items: + $ref: '#/components/schemas/Security_Detections_API_OsqueryQuery' + type: array + query: + type: string + saved_query_id: + type: string + timeout: + type: number + Security_Detections_API_OsqueryQuery: + type: object + properties: + ecs_mapping: + $ref: '#/components/schemas/Security_Detections_API_EcsMapping' + id: + description: Query ID + type: string + platform: + type: string + query: + description: Query to run + type: string + removed: + type: boolean + snapshot: + type: boolean + version: + description: Query version + type: string + required: + - id + - query + Security_Detections_API_OsqueryResponseAction: + type: object + properties: + action_type_id: + enum: + - .osquery + type: string + params: + $ref: '#/components/schemas/Security_Detections_API_OsqueryParams' + required: + - action_type_id + - params + Security_Detections_API_PlatformErrorResponse: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: integer + required: + - statusCode + - error + - message + Security_Detections_API_ProcessesParams: + type: object + properties: + command: + enum: + - kill-process + - suspend-process + type: string + comment: + type: string + config: + type: object + properties: + field: + description: Field to use instead of process.pid type: string - OriginWeather: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: OriginWeather - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false + overwrite: + default: true + description: Whether to overwrite field with process.pid + type: boolean + required: + - field + required: + - command + - config + Security_Detections_API_QueryRule: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Detections_API_ResponseFields' + - $ref: '#/components/schemas/Security_Detections_API_QueryRuleResponseFields' + Security_Detections_API_QueryRuleCreateFields: + allOf: + - $ref: '#/components/schemas/Security_Detections_API_QueryRuleRequiredFields' + - $ref: '#/components/schemas/Security_Detections_API_QueryRuleOptionalFields' + - $ref: >- + #/components/schemas/Security_Detections_API_QueryRuleDefaultableFields + Security_Detections_API_QueryRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + required: + - name + - description + - risk_score + - severity + - $ref: '#/components/schemas/Security_Detections_API_QueryRuleCreateFields' + Security_Detections_API_QueryRuleDefaultableFields: + type: object + properties: + language: + $ref: '#/components/schemas/Security_Detections_API_KqlQueryLanguage' + query: + $ref: '#/components/schemas/Security_Detections_API_RuleQuery' + Security_Detections_API_QueryRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: '#/components/schemas/Security_Detections_API_AlertSuppression' + data_view_id: + $ref: '#/components/schemas/Security_Detections_API_DataViewId' + filters: + $ref: '#/components/schemas/Security_Detections_API_RuleFilterArray' + index: + $ref: '#/components/schemas/Security_Detections_API_IndexPatternArray' + response_actions: + items: + $ref: '#/components/schemas/Security_Detections_API_ResponseAction' + type: array + saved_id: + $ref: '#/components/schemas/Security_Detections_API_SavedQueryId' + Security_Detections_API_QueryRulePatchFields: + allOf: + - type: object + properties: + type: + description: Rule type + enum: + - query type: string - timestamp: - aggregatable: true - count: 0 - esTypes: - - date - format: - id: date - isMapped: true - name: timestamp - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: date - id: d3d7af60-4c81-11e8-b3d7-01146121b73d - name: Kibana Sample Data Flights - runtimeFieldMap: - hour_of_day: - script: - source: emit(doc['timestamp'].value.getHour()); - type: long - sourceFilters: [] - timeFieldName: timestamp - title: kibana_sample_data_flights - version: WzM2LDJd - fields: - - aggregatable: true - count: 0 - esTypes: - - long - name: hour_of_day - readFromDocValues: false - runtimeField: - script: - source: emit(doc['timestamp'].value.getHour()); - type: long - scripted: false - searchable: true - shortDotsEnable: false - type: number - Data_views_preview_swap_data_view_request: - summary: Preview swapping references from data view ID "abcd-efg" to "xyz-123". - value: - fromId: abcd-efg - toId: xyz-123 - Data_views_set_default_data_view_request: - summary: Set the default data view identifier. - value: - data_view_id: ff959d40-b880-11e8-a6d9-e546fe2bba5f - force: true - Data_views_swap_data_view_request: - summary: >- - Swap references from data view ID "abcd-efg" to "xyz-123" and remove the - data view that is no longer referenced. - value: - delete: true - fromId: abcd-efg - toId: xyz-123 - Data_views_update_data_view_request: - summary: Update some properties for a data view. - value: - data_view: - allowNoIndex: false - name: Kibana Sample Data eCommerce - timeFieldName: order_date - title: kibana_sample_data_ecommerce - refresh_fields: true - Data_views_update_field_metadata_request: - summary: Update metadata for multiple fields. - value: - fields: - field1: - count: 123 - customLabel: Field 1 label - field2: - customDescription: Field 2 description - customLabel: Field 2 label - Data_views_update_runtime_field_request: - summary: Update an existing runtime field on a data view. - value: - runtimeField: - script: - source: emit(doc["bar"].value) - Machine_learning_APIs_mlSyncExample: - summary: Two anomaly detection jobs required synchronization in this example. - value: - datafeedsAdded: {} - datafeedsRemoved: {} - savedObjectsCreated: - anomaly-detector: - myjob1: - success: true - myjob2: - success: true - savedObjectsDeleted: {} - Serverless_saved_objects_export_objects_request: - summary: Export a specific saved object. - value: - excludeExportDetails: true - includeReferencesDeep: false - objects: - - id: de71f4f0-1902-11e9-919b-ffe5949a18d2 - type: map - Serverless_saved_objects_export_objects_response: - summary: >- - The export objects API response contains a JSON record for each exported - object. - value: - attributes: - description: '' - layerListJSON: >- - [{"id":"0hmz5","alpha":1,"sourceDescriptor":{"type":"EMS_TMS","isAutoSelect":true,"lightModeDefault":"road_map_desaturated"},"visible":true,"style":{},"type":"EMS_VECTOR_TILE","minZoom":0,"maxZoom":24},{"id":"edh66","label":"Total - Requests by - Destination","minZoom":0,"maxZoom":24,"alpha":0.5,"sourceDescriptor":{"type":"EMS_FILE","id":"world_countries","tooltipProperties":["name","iso2"]},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"DYNAMIC","options":{"field":{"name":"__kbnjoin__count__673ff994-fc75-4c67-909b-69fcb0e1060e","origin":"join"},"color":"Greys","fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"lineColor":{"type":"STATIC","options":{"color":"#FFFFFF"}},"lineWidth":{"type":"STATIC","options":{"size":1}},"iconSize":{"type":"STATIC","options":{"size":10}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR","joins":[{"leftField":"iso2","right":{"type":"ES_TERM_SOURCE","id":"673ff994-fc75-4c67-909b-69fcb0e1060e","indexPatternTitle":"kibana_sample_data_logs","term":"geo.dest","indexPatternRefName":"layer_1_join_0_index_pattern","metrics":[{"type":"count","label":"web - logs - count"}],"applyGlobalQuery":true}}]},{"id":"gaxya","label":"Actual - Requests","minZoom":9,"maxZoom":24,"alpha":1,"sourceDescriptor":{"id":"b7486535-171b-4d3b-bb2e-33c1a0a2854c","type":"ES_SEARCH","geoField":"geo.coordinates","limit":2048,"filterByMapBounds":true,"tooltipProperties":["clientip","timestamp","host","request","response","machine.os","agent","bytes"],"indexPatternRefName":"layer_2_source_index_pattern","applyGlobalQuery":true,"scalingType":"LIMIT"},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"STATIC","options":{"color":"#2200ff"}},"lineColor":{"type":"STATIC","options":{"color":"#FFFFFF"}},"lineWidth":{"type":"STATIC","options":{"size":2}},"iconSize":{"type":"DYNAMIC","options":{"field":{"name":"bytes","origin":"source"},"minSize":1,"maxSize":23,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR"},{"id":"tfi3f","label":"Total - Requests and - Bytes","minZoom":0,"maxZoom":9,"alpha":1,"sourceDescriptor":{"type":"ES_GEO_GRID","resolution":"COARSE","id":"8aaa65b5-a4e9-448b-9560-c98cb1c5ac5b","geoField":"geo.coordinates","requestType":"point","metrics":[{"type":"count","label":"web - logs - count"},{"type":"sum","field":"bytes"}],"indexPatternRefName":"layer_3_source_index_pattern","applyGlobalQuery":true},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"color":"Blues","fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"lineColor":{"type":"STATIC","options":{"color":"#cccccc"}},"lineWidth":{"type":"STATIC","options":{"size":1}},"iconSize":{"type":"DYNAMIC","options":{"field":{"name":"sum_of_bytes","origin":"source"},"minSize":7,"maxSize":25,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"labelText":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"labelSize":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"minSize":12,"maxSize":24,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR"}] - mapStateJSON: >- - {"zoom":3.64,"center":{"lon":-88.92107,"lat":42.16337},"timeFilters":{"from":"now-7d","to":"now"},"refreshConfig":{"isPaused":true,"interval":0},"query":{"language":"kuery","query":""},"settings":{"autoFitToDataBounds":false}} - title: '[Logs] Total Requests and Bytes' - uiStateJSON: '{"isDarkMode":false}' - coreMigrationVersion: 8.8.0 - created_at: '2023-08-23T20:03:32.204Z' - id: de71f4f0-1902-11e9-919b-ffe5949a18d2 - managed: false - references: - - id: 90943e30-9a47-11e8-b64d-95841ca0b247 - name: layer_1_join_0_index_pattern - type: index-pattern - - id: 90943e30-9a47-11e8-b64d-95841ca0b247 - name: layer_2_source_index_pattern - type: index-pattern - - id: 90943e30-9a47-11e8-b64d-95841ca0b247 - name: layer_3_source_index_pattern - type: index-pattern - type: map - typeMigrationVersion: 8.4.0 - updated_at: '2023-08-23T20:03:32.204Z' - version: WzEzLDFd - Serverless_saved_objects_import_objects_request: - value: - file: file.ndjson - Serverless_saved_objects_import_objects_response: - summary: >- - The import objects API response indicates a successful import and the - objects are created. Since these objects are created as new copies, each - entry in the successResults array includes a destinationId attribute. - value: - success: true - successCount: 1 - successResults: - - destinationId: 82d2760c-468f-49cf-83aa-b9a35b6a8943 - id: 90943e30-9a47-11e8-b64d-95841ca0b247 - managed: false + - $ref: '#/components/schemas/Security_Detections_API_QueryRuleOptionalFields' + - $ref: >- + #/components/schemas/Security_Detections_API_QueryRuleDefaultableFields + Security_Detections_API_QueryRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + id: + $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + - $ref: '#/components/schemas/Security_Detections_API_QueryRulePatchFields' + Security_Detections_API_QueryRuleRequiredFields: + type: object + properties: + type: + description: Rule type + enum: + - query + type: string + required: + - type + Security_Detections_API_QueryRuleResponseFields: + allOf: + - $ref: '#/components/schemas/Security_Detections_API_QueryRuleRequiredFields' + - $ref: '#/components/schemas/Security_Detections_API_QueryRuleOptionalFields' + - type: object + properties: + language: + $ref: '#/components/schemas/Security_Detections_API_KqlQueryLanguage' + query: + $ref: '#/components/schemas/Security_Detections_API_RuleQuery' + required: + - query + - language + Security_Detections_API_QueryRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + id: + $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' meta: - icon: indexPatternApp - title: Kibana Sample Data Logs - type: index-pattern - parameters: - Data_views_field_name: - description: The name of the runtime field. - in: path - name: fieldName - required: true - schema: - example: hour_of_day - type: string - Data_views_kbn_xsrf: - description: Cross-site request forgery protection - in: header - name: kbn-xsrf - required: true - schema: - type: string - Data_views_view_id: - description: An identifier for the data view. - in: path - name: viewId - required: true - schema: - example: ff959d40-b880-11e8-a6d9-e546fe2bba5f - type: string - Fleet_format: - description: Simplified or legacy format for package inputs - in: query - name: format - required: false - schema: - enum: - - simplified - - legacy - type: string - Fleet_kbn_xsrf: - description: Kibana's anti Cross-Site Request Forgery token. Can be any string value. - in: header - name: kbn-xsrf - required: true - schema: - type: string - Fleet_kuery: - in: query - name: kuery - required: false - schema: - type: string - Fleet_page_index: - in: query - name: page - required: false - schema: - default: 1 - type: integer - Fleet_page_size: - description: The number of items to return - in: query - name: perPage - required: false - schema: - default: 20 - type: integer - Fleet_show_inactive: - in: query - name: showInactive - required: false - schema: - type: boolean - Fleet_show_upgradeable: - in: query - name: showUpgradeable - required: false - schema: - type: boolean - Fleet_sort_field: - in: query - name: sortField - required: false - schema: - deprecated: true - type: string - Fleet_sort_order: - in: query - name: sortOrder - required: false - schema: - enum: - - asc - - desc + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + required: + - name + - description + - risk_score + - severity + - $ref: '#/components/schemas/Security_Detections_API_QueryRuleCreateFields' + Security_Detections_API_RelatedIntegration: + description: > + Related integration is a potential dependency of a rule. It's assumed + that if the user installs + + one of the related integrations of a rule, the rule might start to work + properly because it will + + have source events (generated by this integration) potentially matching + the rule's query. + + + NOTE: Proper work is not guaranteed, because a related integration, if + installed, can be + + configured differently or generate data that is not necessarily relevant + for this rule. + + + Related integration is a combination of a Fleet package and (optionally) + one of the + + package's "integrations" that this package contains. It is represented + by 3 properties: + + + - `package`: name of the package (required, unique id) + + - `version`: version of the package (required, semver-compatible) + + - `integration`: name of the integration of this package (optional, id + within the package) + + + There are Fleet packages like `windows` that contain only one + integration; in this case, + + `integration` should be unspecified. There are also packages like `aws` + and `azure` that contain + + several integrations; in this case, `integration` should be specified. + + + @example + + const x: RelatedIntegration = { + package: 'windows', + version: '1.5.x', + }; + + + @example + + const x: RelatedIntegration = { + package: 'azure', + version: '~1.1.6', + integration: 'activitylogs', + }; + type: object + properties: + integration: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + package: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + version: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + required: + - package + - version + Security_Detections_API_RelatedIntegrationArray: + items: + $ref: '#/components/schemas/Security_Detections_API_RelatedIntegration' + type: array + Security_Detections_API_RequiredField: + description: > + Describes an Elasticsearch field that is needed for the rule to + function. + + + Almost all types of Security rules check source event documents for a + match to some kind of + + query or filter. If a document has certain field with certain values, + then it's a match and + + the rule will generate an alert. + + + Required field is an event field that must be present in the source + indices of a given rule. + + + @example + + const standardEcsField: RequiredField = { + name: 'event.action', + type: 'keyword', + ecs: true, + }; + + + @example + + const nonEcsField: RequiredField = { + name: 'winlog.event_data.AttributeLDAPDisplayName', + type: 'keyword', + ecs: false, + }; + type: object + properties: + ecs: + description: Whether the field is an ECS field + type: boolean + name: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + description: Name of an Elasticsearch field + type: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + description: Type of the Elasticsearch field + required: + - name + - type + - ecs + Security_Detections_API_RequiredFieldArray: + items: + $ref: '#/components/schemas/Security_Detections_API_RequiredField' + type: array + Security_Detections_API_RequiredFieldInput: + description: >- + Input parameters to create a RequiredField. Does not include the `ecs` + field, because `ecs` is calculated on the backend based on the field + name and type. + type: object + properties: + name: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + description: Name of an Elasticsearch field + type: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + description: Type of an Elasticsearch field + required: + - name + - type + Security_Detections_API_ResponseAction: + oneOf: + - $ref: '#/components/schemas/Security_Detections_API_OsqueryResponseAction' + - $ref: '#/components/schemas/Security_Detections_API_EndpointResponseAction' + Security_Detections_API_ResponseFields: + type: object + properties: + created_at: + format: date-time + type: string + created_by: + type: string + execution_summary: + $ref: '#/components/schemas/Security_Detections_API_RuleExecutionSummary' + id: + $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' + immutable: + $ref: '#/components/schemas/Security_Detections_API_IsRuleImmutable' + required_fields: + $ref: '#/components/schemas/Security_Detections_API_RequiredFieldArray' + revision: + minimum: 0 + type: integer + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_source: + $ref: '#/components/schemas/Security_Detections_API_RuleSource' + updated_at: + format: date-time + type: string + updated_by: + type: string + required: + - id + - rule_id + - immutable + - rule_source + - updated_at + - updated_by + - created_at + - created_by + - revision + - related_integrations + - required_fields + Security_Detections_API_RiskScore: + description: Risk score (0 to 100) + maximum: 100 + minimum: 0 + type: integer + Security_Detections_API_RiskScoreMapping: + description: >- + Overrides generated alerts' risk_score with a value from the source + event + items: + type: object + properties: + field: + type: string + operator: + enum: + - equals + type: string + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + value: + type: string + required: + - field + - operator + - value + type: array + Security_Detections_API_RuleAction: + type: object + properties: + action_type_id: + description: The action type used for sending notifications. + type: string + alerts_filter: + $ref: '#/components/schemas/Security_Detections_API_RuleActionAlertsFilter' + frequency: + $ref: '#/components/schemas/Security_Detections_API_RuleActionFrequency' + group: + $ref: '#/components/schemas/Security_Detections_API_RuleActionGroup' + id: + $ref: '#/components/schemas/Security_Detections_API_RuleActionId' + params: + $ref: '#/components/schemas/Security_Detections_API_RuleActionParams' + uuid: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + required: + - action_type_id + - id + - params + Security_Detections_API_RuleActionAlertsFilter: + additionalProperties: true + type: object + Security_Detections_API_RuleActionFrequency: + description: >- + The action frequency defines when the action runs (for example, only on + rule execution or at specific time intervals). + type: object + properties: + notifyWhen: + $ref: '#/components/schemas/Security_Detections_API_RuleActionNotifyWhen' + summary: + description: >- + Action summary indicates whether we will send a summary notification + about all the generate alerts or notification per individual alert + type: boolean + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + nullable: true + required: + - summary + - notifyWhen + - throttle + Security_Detections_API_RuleActionGroup: + description: >- + Optionally groups actions by use cases. Use `default` for alert + notifications. + type: string + Security_Detections_API_RuleActionId: + description: The connector ID. + type: string + Security_Detections_API_RuleActionNotifyWhen: + description: >- + The condition for throttling the notification: `onActionGroupChange`, + `onActiveAlert`, or `onThrottleInterval` + enum: + - onActiveAlert + - onThrottleInterval + - onActionGroupChange + type: string + Security_Detections_API_RuleActionParams: + additionalProperties: true + description: >- + Object containing the allowed connector fields, which varies according + to the connector type. + type: object + Security_Detections_API_RuleActionThrottle: + description: Defines how often rule actions are taken. + oneOf: + - enum: + - no_actions + - rule + type: string + - description: Time interval in seconds, minutes, hours, or days. + example: 1h + pattern: ^[1-9]\d*[smhd]$ + type: string + Security_Detections_API_RuleAuthorArray: + items: type: string - Fleet_with_metrics: - description: Return agent metrics, false by default - in: query - name: withMetrics - required: false - schema: - type: boolean - Machine_learning_APIs_simulateParam: + type: array + Security_Detections_API_RuleCreateProps: + anyOf: + - $ref: '#/components/schemas/Security_Detections_API_EqlRuleCreateProps' + - $ref: '#/components/schemas/Security_Detections_API_QueryRuleCreateProps' + - $ref: >- + #/components/schemas/Security_Detections_API_SavedQueryRuleCreateProps + - $ref: >- + #/components/schemas/Security_Detections_API_ThresholdRuleCreateProps + - $ref: >- + #/components/schemas/Security_Detections_API_ThreatMatchRuleCreateProps + - $ref: >- + #/components/schemas/Security_Detections_API_MachineLearningRuleCreateProps + - $ref: '#/components/schemas/Security_Detections_API_NewTermsRuleCreateProps' + - $ref: '#/components/schemas/Security_Detections_API_EsqlRuleCreateProps' + discriminator: + propertyName: type + Security_Detections_API_RuleDescription: + minLength: 1 + type: string + Security_Detections_API_RuleDetailsInError: + type: object + properties: + id: + type: string + name: + type: string + required: + - id + Security_Detections_API_RuleExceptionList: + type: object + properties: + id: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + description: ID of the exception container + list_id: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + description: List ID of the exception container + namespace_type: + description: Determines the exceptions validity in rule's Kibana space + enum: + - agnostic + - single + type: string + type: + $ref: '#/components/schemas/Security_Detections_API_ExceptionListType' + required: + - id + - list_id + - type + - namespace_type + Security_Detections_API_RuleExecutionMetrics: + type: object + properties: + execution_gap_duration_s: + description: Duration in seconds of execution gap + minimum: 0 + type: integer + total_enrichment_duration_ms: + description: >- + Total time spent enriching documents during current rule execution + cycle + minimum: 0 + type: integer + total_indexing_duration_ms: + description: >- + Total time spent indexing documents during current rule execution + cycle + minimum: 0 + type: integer + total_search_duration_ms: + description: >- + Total time spent performing ES searches as measured by Kibana; + includes network latency and time spent serializing/deserializing + request/response + minimum: 0 + type: integer + Security_Detections_API_RuleExecutionStatus: description: >- - When true, simulates the synchronization by returning only the list of - actions that would be performed. - example: 'true' - in: query - name: simulate - required: false - schema: - type: boolean - Serverless_saved_objects_kbn_xsrf: - description: Cross-site request forgery protection - in: header - name: kbn-xsrf - required: true - schema: - type: string - SLOs_kbn_xsrf: - description: Cross-site request forgery protection - in: header - name: kbn-xsrf - required: true - schema: + Custom execution status of Security rules that is different from the + status used in the Alerting Framework. We merge our custom status with + the Framework's status to determine the resulting status of a rule. + + - going to run - @deprecated Replaced by the 'running' status but left + for backwards compatibility with rule execution events already written + to Event Log in the prior versions of Kibana. Don't use when writing + rule status changes. + + - running - Rule execution started but not reached any intermediate or + final status. + + - partial failure - Rule can partially fail for various reasons either + in the middle of an execution (in this case we update its status right + away) or in the end of it. So currently this status can be both + intermediate and final at the same time. A typical reason for a partial + failure: not all the indices that the rule searches over actually exist. + + - failed - Rule failed to execute due to unhandled exception or a reason + defined in the business logic of its executor function. + + - succeeded - Rule executed successfully without any issues. Note: this + status is just an indication of a rule's "health". The rule might or + might not generate any alerts despite of it. + enum: + - going to run + - running + - partial failure + - failed + - succeeded + type: string + Security_Detections_API_RuleExecutionStatusOrder: + type: integer + Security_Detections_API_RuleExecutionSummary: + type: object + properties: + last_execution: + type: object + properties: + date: + description: Date of the last execution + format: date-time + type: string + message: + type: string + metrics: + $ref: >- + #/components/schemas/Security_Detections_API_RuleExecutionMetrics + status: + $ref: '#/components/schemas/Security_Detections_API_RuleExecutionStatus' + description: Status of the last execution + status_order: + $ref: >- + #/components/schemas/Security_Detections_API_RuleExecutionStatusOrder + required: + - date + - status + - status_order + - message + - metrics + required: + - last_execution + Security_Detections_API_RuleFalsePositiveArray: + items: type: string - SLOs_slo_id: - description: An identifier for the slo. - in: path - name: sloId - required: true - schema: - example: 9c235211-6834-11ea-a78c-6feb38a34414 + type: array + Security_Detections_API_RuleFilterArray: + items: {} + type: array + Security_Detections_API_RuleInterval: + description: >- + Frequency of rule execution, using a date math range. For example, "1h" + means the rule runs every hour. Defaults to 5m (5 minutes). + type: string + Security_Detections_API_RuleIntervalFrom: + description: >- + Time from which data is analyzed each time the rule runs, using a date + math range. For example, now-4200s means the rule analyzes data from 70 + minutes before its start time. Defaults to now-6m (analyzes data from 6 + minutes before the start time). + format: date-math + type: string + Security_Detections_API_RuleIntervalTo: + type: string + Security_Detections_API_RuleLicense: + description: The rule's license. + type: string + Security_Detections_API_RuleMetadata: + additionalProperties: true + type: object + Security_Detections_API_RuleName: + minLength: 1 + type: string + Security_Detections_API_RuleNameOverride: + description: Sets the source field for the alert's signal.rule.name value + type: string + Security_Detections_API_RuleObjectId: + $ref: '#/components/schemas/Security_Detections_API_UUID' + Security_Detections_API_RulePatchProps: + anyOf: + - $ref: '#/components/schemas/Security_Detections_API_EqlRulePatchProps' + - $ref: '#/components/schemas/Security_Detections_API_QueryRulePatchProps' + - $ref: >- + #/components/schemas/Security_Detections_API_SavedQueryRulePatchProps + - $ref: '#/components/schemas/Security_Detections_API_ThresholdRulePatchProps' + - $ref: >- + #/components/schemas/Security_Detections_API_ThreatMatchRulePatchProps + - $ref: >- + #/components/schemas/Security_Detections_API_MachineLearningRulePatchProps + - $ref: '#/components/schemas/Security_Detections_API_NewTermsRulePatchProps' + - $ref: '#/components/schemas/Security_Detections_API_EsqlRulePatchProps' + Security_Detections_API_RulePreviewLoggedRequest: + type: object + properties: + description: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + duration: + type: integer + request: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + required: + - request + Security_Detections_API_RulePreviewLogs: + type: object + properties: + duration: + description: Execution duration in milliseconds + type: integer + errors: + items: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + type: array + requests: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RulePreviewLoggedRequest + type: array + startedAt: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + warnings: + items: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + type: array + required: + - errors + - warnings + - duration + Security_Detections_API_RulePreviewParams: + type: object + properties: + invocationCount: + type: integer + timeframeEnd: + format: date-time + type: string + required: + - invocationCount + - timeframeEnd + Security_Detections_API_RuleQuery: + type: string + Security_Detections_API_RuleReferenceArray: + items: type: string - SLOs_space_id: + type: array + Security_Detections_API_RuleResponse: + anyOf: + - $ref: '#/components/schemas/Security_Detections_API_EqlRule' + - $ref: '#/components/schemas/Security_Detections_API_QueryRule' + - $ref: '#/components/schemas/Security_Detections_API_SavedQueryRule' + - $ref: '#/components/schemas/Security_Detections_API_ThresholdRule' + - $ref: '#/components/schemas/Security_Detections_API_ThreatMatchRule' + - $ref: '#/components/schemas/Security_Detections_API_MachineLearningRule' + - $ref: '#/components/schemas/Security_Detections_API_NewTermsRule' + - $ref: '#/components/schemas/Security_Detections_API_EsqlRule' + discriminator: + propertyName: type + Security_Detections_API_RuleSignatureId: + description: Could be any string, not necessarily a UUID + type: string + Security_Detections_API_RuleSource: description: >- - An identifier for the space. If `/s/` and the identifier are omitted - from the path, the default space is used. - in: path - name: spaceId - required: true - schema: - example: default + Discriminated union that determines whether the rule is internally + sourced (created within the Kibana app) or has an external source, such + as the Elastic Prebuilt rules repo. + discriminator: + propertyName: type + oneOf: + - $ref: '#/components/schemas/Security_Detections_API_ExternalRuleSource' + - $ref: '#/components/schemas/Security_Detections_API_InternalRuleSource' + Security_Detections_API_RuleTagArray: + description: >- + String array containing words and phrases to help categorize, filter, + and search rules. Defaults to an empty array. + items: type: string - responses: - Fleet_error: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - description: Generic Error - schemas: - Data_views_400_response: - title: Bad request + type: array + Security_Detections_API_RuleUpdateProps: + anyOf: + - $ref: '#/components/schemas/Security_Detections_API_EqlRuleUpdateProps' + - $ref: '#/components/schemas/Security_Detections_API_QueryRuleUpdateProps' + - $ref: >- + #/components/schemas/Security_Detections_API_SavedQueryRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Detections_API_ThresholdRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Detections_API_ThreatMatchRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Detections_API_MachineLearningRuleUpdateProps + - $ref: '#/components/schemas/Security_Detections_API_NewTermsRuleUpdateProps' + - $ref: '#/components/schemas/Security_Detections_API_EsqlRuleUpdateProps' + discriminator: + propertyName: type + Security_Detections_API_RuleVersion: + description: The rule's version number. + minimum: 1 + type: integer + Security_Detections_API_SavedObjectResolveAliasPurpose: + enum: + - savedObjectConversion + - savedObjectImport + type: string + Security_Detections_API_SavedObjectResolveAliasTargetId: + type: string + Security_Detections_API_SavedObjectResolveOutcome: + enum: + - exactMatch + - aliasMatch + - conflict + type: string + Security_Detections_API_SavedQueryId: + type: string + Security_Detections_API_SavedQueryRule: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Detections_API_SavedQueryRuleResponseFields + Security_Detections_API_SavedQueryRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Detections_API_SavedQueryRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Detections_API_SavedQueryRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Detections_API_SavedQueryRuleDefaultableFields + Security_Detections_API_SavedQueryRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Detections_API_SavedQueryRuleCreateFields + Security_Detections_API_SavedQueryRuleDefaultableFields: + type: object + properties: + language: + $ref: '#/components/schemas/Security_Detections_API_KqlQueryLanguage' + Security_Detections_API_SavedQueryRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: '#/components/schemas/Security_Detections_API_AlertSuppression' + data_view_id: + $ref: '#/components/schemas/Security_Detections_API_DataViewId' + filters: + $ref: '#/components/schemas/Security_Detections_API_RuleFilterArray' + index: + $ref: '#/components/schemas/Security_Detections_API_IndexPatternArray' + query: + $ref: '#/components/schemas/Security_Detections_API_RuleQuery' + response_actions: + items: + $ref: '#/components/schemas/Security_Detections_API_ResponseAction' + type: array + Security_Detections_API_SavedQueryRulePatchFields: + allOf: + - type: object + properties: + saved_id: + $ref: '#/components/schemas/Security_Detections_API_SavedQueryId' + type: + description: Rule type + enum: + - saved_query + type: string + - $ref: >- + #/components/schemas/Security_Detections_API_SavedQueryRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Detections_API_SavedQueryRuleDefaultableFields + Security_Detections_API_SavedQueryRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + id: + $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + - $ref: >- + #/components/schemas/Security_Detections_API_SavedQueryRulePatchFields + Security_Detections_API_SavedQueryRuleRequiredFields: + type: object + properties: + saved_id: + $ref: '#/components/schemas/Security_Detections_API_SavedQueryId' + type: + description: Rule type + enum: + - saved_query + type: string + required: + - type + - saved_id + Security_Detections_API_SavedQueryRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Detections_API_SavedQueryRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Detections_API_SavedQueryRuleOptionalFields + - type: object + properties: + language: + $ref: '#/components/schemas/Security_Detections_API_KqlQueryLanguage' + required: + - language + Security_Detections_API_SavedQueryRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + id: + $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Detections_API_SavedQueryRuleCreateFields + Security_Detections_API_SetAlertsStatusByIds: + type: object + properties: + signal_ids: + items: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + minItems: 1 + type: array + status: + $ref: '#/components/schemas/Security_Detections_API_AlertStatus' + required: + - signal_ids + - status + Security_Detections_API_SetAlertsStatusByQuery: + type: object + properties: + conflicts: + default: abort + enum: + - abort + - proceed + type: string + query: + additionalProperties: true + type: object + status: + $ref: '#/components/schemas/Security_Detections_API_AlertStatus' + required: + - query + - status + Security_Detections_API_SetAlertTags: + type: object + properties: + tags_to_add: + $ref: '#/components/schemas/Security_Detections_API_AlertTags' + tags_to_remove: + $ref: '#/components/schemas/Security_Detections_API_AlertTags' + required: + - tags_to_add + - tags_to_remove + Security_Detections_API_SetupGuide: + type: string + Security_Detections_API_Severity: + description: Severity of the rule + enum: + - low + - medium + - high + - critical + type: string + Security_Detections_API_SeverityMapping: + description: Overrides generated alerts' severity with values from the source event + items: + type: object + properties: + field: + type: string + operator: + enum: + - equals + type: string + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + value: + type: string + required: + - field + - operator + - severity + - value + type: array + Security_Detections_API_SiemErrorResponse: type: object properties: - error: - example: Bad Request - type: string message: type: string - statusCode: - example: 400 - type: number + status_code: + type: integer required: - - statusCode - - error + - status_code - message - Data_views_404_response: + Security_Detections_API_SortOrder: + enum: + - asc + - desc + type: string + Security_Detections_API_Threat: type: object properties: - error: - enum: - - Not Found - example: Not Found - type: string - message: - example: >- - Saved object [index-pattern/caaad6d0-920c-11ed-b36a-874bd1548a00] - not found + framework: + description: Relevant attack framework type: string - statusCode: - enum: - - 404 - example: 404 - type: integer - Data_views_allownoindex: - description: Allows the data view saved object to exist before the data is available. - type: boolean - Data_views_create_data_view_request_object: - title: Create data view request + tactic: + $ref: '#/components/schemas/Security_Detections_API_ThreatTactic' + technique: + description: Array containing information on the attack techniques (optional) + items: + $ref: '#/components/schemas/Security_Detections_API_ThreatTechnique' + type: array + required: + - framework + - tactic + Security_Detections_API_ThreatArray: + items: + $ref: '#/components/schemas/Security_Detections_API_Threat' + type: array + Security_Detections_API_ThreatFilters: + items: + description: >- + Query and filter context array used to filter documents from the + Elasticsearch index containing the threat values + type: array + Security_Detections_API_ThreatIndex: + items: + type: string + type: array + Security_Detections_API_ThreatIndicatorPath: + description: >- + Defines the path to the threat indicator in the indicator documents + (optional) + type: string + Security_Detections_API_ThreatMapping: + items: + type: object + properties: + entries: + items: + type: object + properties: + field: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + type: + enum: + - mapping + type: string + value: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + required: + - field + - type + - value + type: array + required: + - entries + minItems: 1 + type: array + Security_Detections_API_ThreatMatchRule: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Detections_API_ThreatMatchRuleResponseFields + Security_Detections_API_ThreatMatchRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Detections_API_ThreatMatchRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Detections_API_ThreatMatchRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Detections_API_ThreatMatchRuleDefaultableFields + Security_Detections_API_ThreatMatchRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Detections_API_ThreatMatchRuleCreateFields + Security_Detections_API_ThreatMatchRuleDefaultableFields: type: object properties: - data_view: - description: The data view object. - type: object + language: + $ref: '#/components/schemas/Security_Detections_API_KqlQueryLanguage' + Security_Detections_API_ThreatMatchRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: '#/components/schemas/Security_Detections_API_AlertSuppression' + concurrent_searches: + $ref: '#/components/schemas/Security_Detections_API_ConcurrentSearches' + data_view_id: + $ref: '#/components/schemas/Security_Detections_API_DataViewId' + filters: + $ref: '#/components/schemas/Security_Detections_API_RuleFilterArray' + index: + $ref: '#/components/schemas/Security_Detections_API_IndexPatternArray' + items_per_search: + $ref: '#/components/schemas/Security_Detections_API_ItemsPerSearch' + saved_id: + $ref: '#/components/schemas/Security_Detections_API_SavedQueryId' + threat_filters: + $ref: '#/components/schemas/Security_Detections_API_ThreatFilters' + threat_indicator_path: + $ref: '#/components/schemas/Security_Detections_API_ThreatIndicatorPath' + threat_language: + $ref: '#/components/schemas/Security_Detections_API_KqlQueryLanguage' + Security_Detections_API_ThreatMatchRulePatchFields: + allOf: + - type: object properties: - allowNoIndex: - $ref: '#/components/schemas/Data_views_allownoindex' - fieldAttrs: - additionalProperties: - $ref: '#/components/schemas/Data_views_fieldattrs' - type: object - fieldFormats: - $ref: '#/components/schemas/Data_views_fieldformats' - fields: - type: object - id: + query: + $ref: '#/components/schemas/Security_Detections_API_RuleQuery' + threat_index: + $ref: '#/components/schemas/Security_Detections_API_ThreatIndex' + threat_mapping: + $ref: '#/components/schemas/Security_Detections_API_ThreatMapping' + threat_query: + $ref: '#/components/schemas/Security_Detections_API_ThreatQuery' + type: + description: Rule type + enum: + - threat_match type: string + - $ref: >- + #/components/schemas/Security_Detections_API_ThreatMatchRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Detections_API_ThreatMatchRuleDefaultableFields + Security_Detections_API_ThreatMatchRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + id: + $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' name: - description: The data view name. - type: string - namespaces: - $ref: '#/components/schemas/Data_views_namespaces' - runtimeFieldMap: - additionalProperties: - $ref: '#/components/schemas/Data_views_runtimefieldmap' - type: object - sourceFilters: - $ref: '#/components/schemas/Data_views_sourcefilters' - timeFieldName: - $ref: '#/components/schemas/Data_views_timefieldname' - title: - $ref: '#/components/schemas/Data_views_title' - type: - $ref: '#/components/schemas/Data_views_type' - typeMeta: - $ref: '#/components/schemas/Data_views_typemeta' + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' version: - type: string - required: - - title - override: - default: false - description: >- - Override an existing data view if a data view with the provided - title already exists. - type: boolean - required: - - data_view - Data_views_data_view_response_object: - title: Data view response properties + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + - $ref: >- + #/components/schemas/Security_Detections_API_ThreatMatchRulePatchFields + Security_Detections_API_ThreatMatchRuleRequiredFields: type: object properties: - data_view: - type: object + query: + $ref: '#/components/schemas/Security_Detections_API_RuleQuery' + threat_index: + $ref: '#/components/schemas/Security_Detections_API_ThreatIndex' + threat_mapping: + $ref: '#/components/schemas/Security_Detections_API_ThreatMapping' + threat_query: + $ref: '#/components/schemas/Security_Detections_API_ThreatQuery' + type: + description: Rule type + enum: + - threat_match + type: string + required: + - type + - query + - threat_query + - threat_mapping + - threat_index + Security_Detections_API_ThreatMatchRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Detections_API_ThreatMatchRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Detections_API_ThreatMatchRuleOptionalFields + - type: object properties: - allowNoIndex: - $ref: '#/components/schemas/Data_views_allownoindex' - fieldAttrs: - additionalProperties: - $ref: '#/components/schemas/Data_views_fieldattrs' - type: object - fieldFormats: - $ref: '#/components/schemas/Data_views_fieldformats' - fields: - type: object + language: + $ref: '#/components/schemas/Security_Detections_API_KqlQueryLanguage' + required: + - language + Security_Detections_API_ThreatMatchRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' id: - example: ff959d40-b880-11e8-a6d9-e546fe2bba5f - type: string + $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' name: - description: The data view name. - type: string - namespaces: - $ref: '#/components/schemas/Data_views_namespaces' - runtimeFieldMap: - additionalProperties: - $ref: '#/components/schemas/Data_views_runtimefieldmap' - type: object - sourceFilters: - $ref: '#/components/schemas/Data_views_sourcefilters' - timeFieldName: - $ref: '#/components/schemas/Data_views_timefieldname' - title: - $ref: '#/components/schemas/Data_views_title' - typeMeta: - $ref: '#/components/schemas/Data_views_typemeta_response' + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' version: - example: WzQ2LDJd - type: string - Data_views_fieldattrs: - description: A map of field attributes by field name. + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Detections_API_ThreatMatchRuleCreateFields + Security_Detections_API_ThreatQuery: + description: Query to run + type: string + Security_Detections_API_ThreatSubtechnique: type: object properties: - count: - description: Popularity count for the field. - type: integer - customDescription: - description: Custom description for the field. - maxLength: 300 + id: + description: Subtechnique ID type: string - customLabel: - description: Custom label for the field. + name: + description: Subtechnique name type: string - Data_views_fieldformats: - description: A map of field formats by field name. - type: object - Data_views_namespaces: - description: >- - An array of space identifiers for sharing the data view between multiple - spaces. - items: - default: default - type: string - type: array - Data_views_runtimefieldmap: - description: A map of runtime field definitions by field name. - type: object - properties: - script: - type: object - properties: - source: - description: Script for the runtime field. - type: string - type: - description: Mapping type of the runtime field. + reference: + description: Subtechnique reference type: string required: - - script - - type - Data_views_sourcefilters: - description: The array of field names you want to filter out in Discover. - items: - type: object - properties: - value: - type: string - required: - - value - type: array - Data_views_swap_data_view_request_object: - title: Data view reference swap request + - id + - name + - reference + Security_Detections_API_ThreatTactic: type: object properties: - delete: - description: Deletes referenced saved object if all references are removed. - type: boolean - forId: - description: Limit the affected saved objects to one or more by identifier. - oneOf: - - type: string - - items: - type: string - type: array - forType: - description: Limit the affected saved objects by type. - type: string - fromId: - description: The saved object reference to change. + id: + description: Tactic ID type: string - fromType: - description: > - Specify the type of the saved object reference to alter. The default - value is `index-pattern` for data views. + name: + description: Tactic name type: string - toId: - description: New saved object reference value to replace the old value. + reference: + description: Tactic reference type: string required: - - fromId - - toId - Data_views_timefieldname: - description: The timestamp field name, which you use for time-based data views. - type: string - Data_views_title: - description: >- - Comma-separated list of data streams, indices, and aliases that you want - to search. Supports wildcards (`*`). - type: string - Data_views_type: - description: When set to `rollup`, identifies the rollup data views. - type: string - Data_views_typemeta: - description: >- - When you use rollup indices, contains the field list for the rollup data - view API endpoints. + - id + - name + - reference + Security_Detections_API_ThreatTechnique: type: object properties: - aggs: - description: A map of rollup restrictions by aggregation type and field name. - type: object - params: - description: Properties for retrieving rollup fields. - type: object + id: + description: Technique ID + type: string + name: + description: Technique name + type: string + reference: + description: Technique reference + type: string + subtechnique: + description: Array containing more specific information on the attack technique + items: + $ref: '#/components/schemas/Security_Detections_API_ThreatSubtechnique' + type: array required: - - aggs - - params - Data_views_typemeta_response: - description: >- - When you use rollup indices, contains the field list for the rollup data - view API endpoints. - nullable: true + - id + - name + - reference + Security_Detections_API_Threshold: type: object properties: - aggs: - description: A map of rollup restrictions by aggregation type and field name. - type: object - params: - description: Properties for retrieving rollup fields. - type: object - Data_views_update_data_view_request_object: - title: Update data view request + cardinality: + $ref: '#/components/schemas/Security_Detections_API_ThresholdCardinality' + field: + $ref: '#/components/schemas/Security_Detections_API_ThresholdField' + value: + $ref: '#/components/schemas/Security_Detections_API_ThresholdValue' + required: + - field + - value + Security_Detections_API_ThresholdAlertSuppression: type: object properties: - data_view: - description: > - The data view properties you want to update. Only the specified - properties are updated in the data view. Unspecified fields stay as - they are persisted. - type: object + duration: + $ref: >- + #/components/schemas/Security_Detections_API_AlertSuppressionDuration + required: + - duration + Security_Detections_API_ThresholdCardinality: + items: + type: object + properties: + field: + type: string + value: + minimum: 0 + type: integer + required: + - field + - value + type: array + Security_Detections_API_ThresholdField: + description: Field to aggregate on + oneOf: + - type: string + - items: + type: string + type: array + Security_Detections_API_ThresholdRule: + allOf: + - type: object properties: - allowNoIndex: - $ref: '#/components/schemas/Data_views_allownoindex' - fieldFormats: - $ref: '#/components/schemas/Data_views_fieldformats' - fields: - type: object + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' name: - type: string - runtimeFieldMap: - additionalProperties: - $ref: '#/components/schemas/Data_views_runtimefieldmap' - type: object - sourceFilters: - $ref: '#/components/schemas/Data_views_sourcefilters' - timeFieldName: - $ref: '#/components/schemas/Data_views_timefieldname' - title: - $ref: '#/components/schemas/Data_views_title' - type: - $ref: '#/components/schemas/Data_views_type' - typeMeta: - $ref: '#/components/schemas/Data_views_typemeta' - refresh_fields: - default: false - description: Reloads the data view fields after the data view is updated. - type: boolean - required: - - data_view - Fleet_agent: - title: Agent + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Detections_API_ThresholdRuleResponseFields + Security_Detections_API_ThresholdRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Detections_API_ThresholdRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Detections_API_ThresholdRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Detections_API_ThresholdRuleDefaultableFields + Security_Detections_API_ThresholdRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Detections_API_ThresholdRuleCreateFields + Security_Detections_API_ThresholdRuleDefaultableFields: type: object properties: - access_api_key: - type: string - access_api_key_id: - type: string - active: - type: boolean - components: - items: - $ref: '#/components/schemas/Fleet_agent_component' - type: array - default_api_key: - type: string - default_api_key_id: - type: string - enrolled_at: - type: string - id: - type: string - last_checkin: - type: string - local_metadata: - $ref: '#/components/schemas/Fleet_agent_metadata' - metrics: - type: object - properties: - cpu_avg: - description: >- - Average agent CPU usage during the last 5 minutes, number - between 0-1 - type: number - memory_size_byte_avg: - description: Average agent memory consumption during the last 5 minutes - type: number - policy_id: - type: string - policy_revision: - type: number - status: - $ref: '#/components/schemas/Fleet_agent_status' - type: - $ref: '#/components/schemas/Fleet_agent_type' - unenrolled_at: - type: string - unenrollment_started_at: - type: string - user_provided_metadata: - $ref: '#/components/schemas/Fleet_agent_metadata' - required: - - type - - active - - enrolled_at - - id - - status - Fleet_agent_action: - oneOf: - - properties: - ack_data: - type: string - data: - type: string + language: + $ref: '#/components/schemas/Security_Detections_API_KqlQueryLanguage' + Security_Detections_API_ThresholdRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Detections_API_ThresholdAlertSuppression + data_view_id: + $ref: '#/components/schemas/Security_Detections_API_DataViewId' + filters: + $ref: '#/components/schemas/Security_Detections_API_RuleFilterArray' + index: + $ref: '#/components/schemas/Security_Detections_API_IndexPatternArray' + saved_id: + $ref: '#/components/schemas/Security_Detections_API_SavedQueryId' + Security_Detections_API_ThresholdRulePatchFields: + allOf: + - type: object + properties: + query: + $ref: '#/components/schemas/Security_Detections_API_RuleQuery' + threshold: + $ref: '#/components/schemas/Security_Detections_API_Threshold' type: + description: Rule type enum: - - UNENROLL - - UPGRADE - - POLICY_REASSIGN - type: string - - properties: - data: - type: object - properties: - log_level: - enum: - - debug - - info - - warning - - error - nullable: true - type: string - type: + - threshold type: string - title: Agent action - Fleet_agent_component: - title: Agent component + - $ref: >- + #/components/schemas/Security_Detections_API_ThresholdRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Detections_API_ThresholdRuleDefaultableFields + Security_Detections_API_ThresholdRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + id: + $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + - $ref: >- + #/components/schemas/Security_Detections_API_ThresholdRulePatchFields + Security_Detections_API_ThresholdRuleRequiredFields: type: object properties: - id: - type: string - message: - type: string - status: - $ref: '#/components/schemas/Fleet_agent_component_status' + query: + $ref: '#/components/schemas/Security_Detections_API_RuleQuery' + threshold: + $ref: '#/components/schemas/Security_Detections_API_Threshold' type: + description: Rule type + enum: + - threshold type: string - units: - items: - $ref: '#/components/schemas/Fleet_agent_component_unit' - type: array - Fleet_agent_component_status: + required: + - type + - query + - threshold + Security_Detections_API_ThresholdRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Detections_API_ThresholdRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Detections_API_ThresholdRuleOptionalFields + - type: object + properties: + language: + $ref: '#/components/schemas/Security_Detections_API_KqlQueryLanguage' + required: + - language + Security_Detections_API_ThresholdRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + id: + $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Detections_API_ThresholdRuleCreateFields + Security_Detections_API_ThresholdValue: + description: Threshold value + minimum: 1 + type: integer + Security_Detections_API_ThrottleForBulkActions: + description: >- + The condition for throttling the notification: 'rule', 'no_actions', or + time duration enum: - - starting - - configuring - - healthy - - degraded - - failed - - stopping - - stopped - title: Agent component status + - rule + - 1h + - 1d + - 7d type: string - Fleet_agent_component_unit: - title: Agent component unit - type: object - properties: - id: - type: string - message: - type: string - payload: - type: object - status: - $ref: '#/components/schemas/Fleet_agent_component_status' - type: - $ref: '#/components/schemas/Fleet_agent_component_unit_type' - Fleet_agent_component_unit_type: - enum: - - input - - output - title: Agent component unit type + Security_Detections_API_TiebreakerField: + description: Sets a secondary field for sorting events + type: string + Security_Detections_API_TimelineTemplateId: + description: Timeline template ID + type: string + Security_Detections_API_TimelineTemplateTitle: + description: Timeline template title + type: string + Security_Detections_API_TimestampField: + description: Contains the event timestamp used for sorting a sequence of events + type: string + Security_Detections_API_TimestampOverride: + description: Sets the time field used to query indices type: string - Fleet_agent_diagnostics: - title: Agent diagnostics + Security_Detections_API_TimestampOverrideFallbackDisabled: + description: Disables the fallback to the event's @timestamp field + type: boolean + Security_Detections_API_UUID: + description: A universally unique identifier + format: uuid + type: string + Security_Detections_API_WarningSchema: type: object properties: - actionId: + actionPath: type: string - createTime: + buttonLabel: type: string - filePath: - type: string - id: + message: type: string - name: + type: type: string - status: - enum: - - READY - - AWAITING_UPLOAD - - DELETED - - IN_PROGRESS required: - - id - - name - - createTime - - filePath - - actionId - - status - Fleet_agent_get_by_actions: - items: - items: - type: string - type: array - title: Agents get by action ids - type: array - Fleet_agent_metadata: - title: Agent metadata - type: object - Fleet_agent_policy: - title: Agent Policy + - type + - message + - actionPath + Security_Endpoint_Exceptions_API_EndpointList: + oneOf: + - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_ExceptionList' + - additionalProperties: false + type: object + Security_Endpoint_Exceptions_API_EndpointListItem: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItem' + Security_Endpoint_Exceptions_API_ExceptionList: type: object properties: - advanced_settings: - description: >- - Advanced settings stored in the agent policy, e.g. - agent_limits_go_max_procs - nullable: true - type: object - agent_features: - items: - type: object - properties: - enabled: - type: boolean - name: - type: string - required: - - name - - enabled - type: array - agents: - type: number - data_output_id: - nullable: true + _version: type: string - description: - type: string - download_source_id: - nullable: true + created_at: + format: date-time type: string - fleet_server_host_id: - nullable: true + created_by: type: string - global_data_tags: - items: - additionalProperties: - oneOf: - - type: string - - type: number - description: >- - User defined data tags that are added to all of the inputs. The - values can be strings or numbers. - type: object - type: array + description: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListDescription id: - type: string - inactivity_timeout: - type: integer - is_protected: - description: >- - Indicates whether the agent policy has tamper protection enabled. - Default false. - type: boolean - keep_monitoring_alive: - description: >- - When set to true, monitoring will be enabled but logs/metrics - collection will be disabled - nullable: true - type: boolean - monitoring_diagnostics: - type: object - properties: - limit: - type: object - properties: - burst: - type: number - interval: - type: string - uploader: - type: object - properties: - init_dur: - type: string - max_dur: - type: string - max_retries: - type: number - monitoring_enabled: - items: - enum: - - metrics - - logs - type: string - type: array - monitoring_http: - type: object - properties: - enabled: - type: boolean - host: - type: string - port: - type: number - required: - - enabled - monitoring_output_id: - nullable: true - type: string - monitoring_pprof_enabled: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListId + immutable: type: boolean + list_id: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListMeta name: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListName + namespace_type: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionNamespaceType + os_types: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListOsTypeArray + tags: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListTags + tie_breaker_id: type: string - namespace: + type: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListType + updated_at: + format: date-time type: string - overrides: - description: >- - Override settings that are defined in the agent policy. Input - settings cannot be overridden. The override option should be used - only in unusual circumstances and not as a routine procedure. - nullable: true - type: object - package_policies: - description: >- - This field is present only when retrieving a single agent policy, or - when retrieving a list of agent policies with the ?full=true - parameter - items: - $ref: '#/components/schemas/Fleet_package_policy' - type: array - revision: - type: number - supports_agentless: - description: >- - Indicates whether the agent policy supports agentless integrations. - Only allowed in a serverless environment. - type: boolean - unenroll_timeout: - type: integer - unprivileged_agents: - type: number updated_by: type: string - updated_on: - format: date-time - type: string + version: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListVersion required: - id - - status + - list_id + - type - name - - namespace - Fleet_agent_policy_create_request: - title: Create agent policy request + - description + - immutable + - namespace_type + - version + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Endpoint_Exceptions_API_ExceptionListDescription: + type: string + Security_Endpoint_Exceptions_API_ExceptionListHumanId: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' + description: Human readable string identifier, e.g. `trusted-linux-processes` + Security_Endpoint_Exceptions_API_ExceptionListId: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' + Security_Endpoint_Exceptions_API_ExceptionListItem: type: object properties: - agent_features: - items: - type: object - properties: - enabled: - type: boolean - name: - type: string - required: - - name - - enabled - type: array - data_output_id: - nullable: true + _version: type: string - description: + comments: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemCommentArray + created_at: + format: date-time type: string - download_source_id: - nullable: true + created_by: type: string - fleet_server_host_id: - nullable: true + description: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryArray + expire_time: + format: date-time type: string - force: - description: Force agent policy creation even if packages are not verified. - type: boolean - global_data_tags: - items: - additionalProperties: - oneOf: - - type: string - - type: number - description: >- - User defined data tags that are added to all of the inputs. The - values can be strings or numbers. - type: object - type: array id: - type: string - inactivity_timeout: - type: integer - is_protected: - type: boolean - monitoring_enabled: - items: - enum: - - metrics - - logs - type: string - type: array - monitoring_output_id: - nullable: true - type: string + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemId + item_id: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemHumanId + list_id: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemMeta name: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemName + namespace_type: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionNamespaceType + os_types: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemOsTypeArray + tags: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemTags + tie_breaker_id: + type: string + type: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemType + updated_at: + format: date-time type: string - namespace: + updated_by: type: string - unenroll_timeout: - type: integer required: + - id + - item_id + - list_id + - type - name - - namespace - Fleet_agent_policy_full: - oneOf: - - type: object - properties: - item: - type: string - - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_full_agent_policy' - title: Agent policy full response - type: object - Fleet_agent_policy_update_request: - title: Update agent policy request + - description + - entries + - namespace_type + - comments + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Endpoint_Exceptions_API_ExceptionListItemComment: type: object properties: - agent_features: - items: - type: object - properties: - enabled: - type: boolean - name: - type: string - required: - - name - - enabled - type: array - data_output_id: - nullable: true - type: string - description: - type: string - download_source_id: - nullable: true + comment: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' + created_at: + format: date-time type: string - fleet_server_host_id: - nullable: true + created_by: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' + id: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' + updated_at: + format: date-time type: string - force: - description: Force agent policy creation even if packages are not verified. - type: boolean - global_data_tags: - items: - additionalProperties: - oneOf: - - type: string - - type: number - description: >- - User defined data tags that are added to all of the inputs. The - values can be strings or numbers. - type: object - type: array - inactivity_timeout: - type: integer - is_protected: - type: boolean - monitoring_enabled: - items: - enum: - - metrics - - logs - type: string - type: array - monitoring_output_id: - nullable: true + updated_by: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' + required: + - id + - comment + - created_at + - created_by + Security_Endpoint_Exceptions_API_ExceptionListItemCommentArray: + items: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemComment + type: array + Security_Endpoint_Exceptions_API_ExceptionListItemDescription: + type: string + Security_Endpoint_Exceptions_API_ExceptionListItemEntry: + anyOf: + - $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryMatch + - $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryMatchAny + - $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryList + - $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryExists + - $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryNested + - $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryMatchWildcard + discriminator: + propertyName: type + Security_Endpoint_Exceptions_API_ExceptionListItemEntryArray: + items: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntry + type: array + Security_Endpoint_Exceptions_API_ExceptionListItemEntryExists: + type: object + properties: + field: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' + operator: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - exists type: string - name: + required: + - type + - field + - operator + Security_Endpoint_Exceptions_API_ExceptionListItemEntryList: + type: object + properties: + field: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' + list: + type: object + properties: + id: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_ListId' + type: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_ListType' + required: + - id + - type + operator: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - list type: string - namespace: + required: + - type + - field + - list + - operator + Security_Endpoint_Exceptions_API_ExceptionListItemEntryMatch: + type: object + properties: + field: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' + operator: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - match type: string - unenroll_timeout: - type: integer + value: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' required: - - name - - namespace - Fleet_agent_status: - enum: - - offline - - error - - online - - inactive - - warning - title: Elastic Agent status - type: string - Fleet_agent_type: - enum: - - PERMANENT - - EPHEMERAL - - TEMPORARY - title: Agent type - type: string - Fleet_bulk_install_packages_response: - title: Bulk install packages response + - type + - field + - value + - operator + Security_Endpoint_Exceptions_API_ExceptionListItemEntryMatchAny: type: object properties: - items: - items: - type: object - properties: - name: - type: string - version: - type: string - type: array - response: - deprecated: true + field: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' + operator: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - match_any + type: string + value: items: - type: object - properties: - name: - type: string - version: - type: string + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString + minItems: 1 type: array required: - - items - Fleet_bulk_upgrade_agents: - title: Bulk upgrade agents + - type + - field + - value + - operator + Security_Endpoint_Exceptions_API_ExceptionListItemEntryMatchWildcard: type: object properties: - agents: - oneOf: - - description: KQL query string, leave empty to action all agents - type: string - - description: list of agent IDs - items: - type: string - type: array - force: - description: Force upgrade, skipping validation (should be used with caution) - type: boolean - rollout_duration_seconds: - description: rolling upgrade window duration in seconds - type: number - skipRateLimitCheck: - description: Skip rate limit check for upgrade - type: boolean - source_uri: - description: alternative upgrade binary download url - type: string - start_time: - description: start time of upgrade in ISO 8601 format - type: string - version: - description: version to upgrade to + field: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' + operator: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - wildcard type: string + value: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' required: - - agents - - version - Fleet_data_stream: - title: Data stream + - type + - field + - value + - operator + Security_Endpoint_Exceptions_API_ExceptionListItemEntryNested: type: object properties: - dashboard: + entries: items: - type: object - properties: - id: - type: string - title: - type: string + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryNestedEntryItem + minItems: 1 type: array - dataset: - type: string - index: - type: string - last_activity_ms: - type: number - namespace: - type: string - package: - type: string - package_version: - type: string - size_in_bytes: - type: number - size_in_bytes_formatted: - type: string + field: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' type: + enum: + - nested type: string - Fleet_download_sources: - title: Download Source + required: + - type + - field + - entries + Security_Endpoint_Exceptions_API_ExceptionListItemEntryNestedEntryItem: + oneOf: + - $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryMatch + - $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryMatchAny + - $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryExists + Security_Endpoint_Exceptions_API_ExceptionListItemEntryOperator: + enum: + - excluded + - included + type: string + Security_Endpoint_Exceptions_API_ExceptionListItemHumanId: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' + Security_Endpoint_Exceptions_API_ExceptionListItemId: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' + Security_Endpoint_Exceptions_API_ExceptionListItemMeta: + additionalProperties: true + type: object + Security_Endpoint_Exceptions_API_ExceptionListItemName: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' + Security_Endpoint_Exceptions_API_ExceptionListItemOsTypeArray: + items: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListOsType + type: array + Security_Endpoint_Exceptions_API_ExceptionListItemTags: + items: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' + type: array + Security_Endpoint_Exceptions_API_ExceptionListItemType: + enum: + - simple + type: string + Security_Endpoint_Exceptions_API_ExceptionListMeta: + additionalProperties: true + type: object + Security_Endpoint_Exceptions_API_ExceptionListName: + type: string + Security_Endpoint_Exceptions_API_ExceptionListOsType: + enum: + - linux + - macos + - windows + type: string + Security_Endpoint_Exceptions_API_ExceptionListOsTypeArray: + items: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListOsType + type: array + Security_Endpoint_Exceptions_API_ExceptionListTags: + items: + type: string + type: array + Security_Endpoint_Exceptions_API_ExceptionListType: + enum: + - detection + - rule_default + - endpoint + - endpoint_trusted_apps + - endpoint_events + - endpoint_host_isolation_exceptions + - endpoint_blocklists + type: string + Security_Endpoint_Exceptions_API_ExceptionListVersion: + minimum: 1 + type: integer + Security_Endpoint_Exceptions_API_ExceptionNamespaceType: + description: > + Determines whether the exception container is available in all Kibana + spaces or just the space + + in which it is created, where: + + + - `single`: Only available in the Kibana space in which it is created. + + - `agnostic`: Available in all Kibana spaces. + enum: + - agnostic + - single + type: string + Security_Endpoint_Exceptions_API_FindEndpointListItemsFilter: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' + Security_Endpoint_Exceptions_API_ListId: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' + Security_Endpoint_Exceptions_API_ListType: + enum: + - binary + - boolean + - byte + - date + - date_nanos + - date_range + - double + - double_range + - float + - float_range + - geo_point + - geo_shape + - half_float + - integer + - integer_range + - ip + - ip_range + - keyword + - long + - long_range + - shape + - short + - text + type: string + Security_Endpoint_Exceptions_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_Endpoint_Exceptions_API_PlatformErrorResponse: type: object properties: - host: + error: type: string - id: + message: type: string - is_default: - type: boolean - name: + statusCode: + type: integer + required: + - statusCode + - error + - message + Security_Endpoint_Exceptions_API_SiemErrorResponse: + type: object + properties: + message: type: string - proxy_id: - description: >- - The ID of the proxy to use for this download source. See the proxies - API for more information. - nullable: true + status_code: + type: integer + required: + - status_code + - message + Security_Endpoint_Management_API_ActionLogRequestQuery: + type: object + properties: + end_date: + $ref: '#/components/schemas/Security_Endpoint_Management_API_EndDate' + page: + $ref: '#/components/schemas/Security_Endpoint_Management_API_Page' + page_size: + $ref: '#/components/schemas/Security_Endpoint_Management_API_PageSize' + start_date: + $ref: '#/components/schemas/Security_Endpoint_Management_API_StartDate' + Security_Endpoint_Management_API_ActionStateSuccessResponse: + type: object + properties: + body: + type: object + properties: + data: + type: object + properties: + canEncrypt: + type: boolean + required: + - data + required: + - body + Security_Endpoint_Management_API_ActionStatusSuccessResponse: + type: object + properties: + body: + type: object + properties: + data: + type: object + properties: + agent_id: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_AgentId + pending_actions: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_PendingActionsSchema + required: + - agent_id + - pending_actions + required: + - data + required: + - body + Security_Endpoint_Management_API_AgentId: + description: Agent ID + type: string + Security_Endpoint_Management_API_AgentIds: + minLength: 1 + oneOf: + - items: + minLength: 1 + type: string + maxItems: 50 + minItems: 1 + type: array + - minLength: 1 type: string - required: - - is_default - - name - - host - Fleet_elasticsearch_asset_type: + Security_Endpoint_Management_API_AgentTypes: enum: - - component_template - - ingest_pipeline - - index_template - - ilm_policy - - transform - - data_stream_ilm_policy - title: Elasticsearch asset type + - endpoint + - sentinel_one + - crowdstrike + type: string + Security_Endpoint_Management_API_AlertIds: + description: A list of alerts ids. + items: + $ref: '#/components/schemas/Security_Endpoint_Management_API_NonEmptyString' + minItems: 1 + type: array + Security_Endpoint_Management_API_CaseIds: + description: Case IDs to be updated (cannot contain empty strings) + items: + minLength: 1 + type: string + minItems: 1 + type: array + Security_Endpoint_Management_API_Command: + description: The command to be executed (cannot be an empty string) + enum: + - isolate + - unisolate + - kill-process + - suspend-process + - running-processes + - get-file + - execute + - upload + - scan + minLength: 1 + type: string + Security_Endpoint_Management_API_Commands: + items: + $ref: '#/components/schemas/Security_Endpoint_Management_API_Command' + type: array + Security_Endpoint_Management_API_Comment: + description: Optional comment type: string - Fleet_enrollment_api_key: - title: Enrollment API key + Security_Endpoint_Management_API_EndDate: + description: End date + type: string + Security_Endpoint_Management_API_EndpointIds: + description: List of endpoint IDs (cannot contain empty strings) + items: + minLength: 1 + type: string + minItems: 1 + type: array + Security_Endpoint_Management_API_EntityId: type: object properties: - active: - description: >- - When false, the enrollment API key is revoked and cannot be used for - enrolling Elastic Agents. - type: boolean - api_key: - description: The enrollment API key (token) used for enrolling Elastic Agents. - type: string - api_key_id: - description: The ID of the API key in the Security API. - type: string - created_at: - type: string - id: - type: string - name: - description: The name of the enrollment API key. - type: string - policy_id: - description: The ID of the agent policy the Elastic Agent will be enrolled in. + entity_id: + minLength: 1 type: string - required: - - id - - api_key_id - - api_key - - active - - created_at - Fleet_fleet_server_host: - title: Fleet Server Host + Security_Endpoint_Management_API_ExecuteRouteRequestBody: + allOf: + - type: object + properties: + agent_type: + $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentTypes' + alert_ids: + $ref: '#/components/schemas/Security_Endpoint_Management_API_AlertIds' + case_ids: + $ref: '#/components/schemas/Security_Endpoint_Management_API_CaseIds' + comment: + $ref: '#/components/schemas/Security_Endpoint_Management_API_Comment' + endpoint_ids: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_EndpointIds + parameters: + $ref: '#/components/schemas/Security_Endpoint_Management_API_Parameters' + required: + - endpoint_ids + - type: object + properties: + parameters: + type: object + properties: + command: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_Command + timeout: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_Timeout + required: + - command + required: + - parameters + Security_Endpoint_Management_API_GetEndpointActionListRouteQuery: + type: object + properties: + agentIds: + $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentIds' + agentTypes: + $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentTypes' + commands: + $ref: '#/components/schemas/Security_Endpoint_Management_API_Commands' + endDate: + $ref: '#/components/schemas/Security_Endpoint_Management_API_EndDate' + page: + $ref: '#/components/schemas/Security_Endpoint_Management_API_Page' + pageSize: + default: 10 + description: Number of items per page + maximum: 10000 + minimum: 1 + type: integer + startDate: + $ref: '#/components/schemas/Security_Endpoint_Management_API_StartDate' + types: + $ref: '#/components/schemas/Security_Endpoint_Management_API_Types' + userIds: + $ref: '#/components/schemas/Security_Endpoint_Management_API_UserIds' + withOutputs: + $ref: '#/components/schemas/Security_Endpoint_Management_API_WithOutputs' + Security_Endpoint_Management_API_GetFileRouteRequestBody: + allOf: + - type: object + properties: + agent_type: + $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentTypes' + alert_ids: + $ref: '#/components/schemas/Security_Endpoint_Management_API_AlertIds' + case_ids: + $ref: '#/components/schemas/Security_Endpoint_Management_API_CaseIds' + comment: + $ref: '#/components/schemas/Security_Endpoint_Management_API_Comment' + endpoint_ids: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_EndpointIds + parameters: + $ref: '#/components/schemas/Security_Endpoint_Management_API_Parameters' + required: + - endpoint_ids + - type: object + properties: + parameters: + type: object + properties: + path: + type: string + required: + - path + required: + - parameters + Security_Endpoint_Management_API_GetProcessesRouteRequestBody: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_NoParametersRequestSchema + Security_Endpoint_Management_API_IsolateRouteRequestBody: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_NoParametersRequestSchema + Security_Endpoint_Management_API_KillProcessRouteRequestBody: + allOf: + - type: object + properties: + agent_type: + $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentTypes' + alert_ids: + $ref: '#/components/schemas/Security_Endpoint_Management_API_AlertIds' + case_ids: + $ref: '#/components/schemas/Security_Endpoint_Management_API_CaseIds' + comment: + $ref: '#/components/schemas/Security_Endpoint_Management_API_Comment' + endpoint_ids: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_EndpointIds + parameters: + $ref: '#/components/schemas/Security_Endpoint_Management_API_Parameters' + required: + - endpoint_ids + - type: object + properties: + parameters: + oneOf: + - $ref: '#/components/schemas/Security_Endpoint_Management_API_Pid' + - $ref: >- + #/components/schemas/Security_Endpoint_Management_API_EntityId + - type: object + properties: + process_name: + description: Valid for SentinelOne agent type only + minLength: 1 + type: string + required: + - parameters + Security_Endpoint_Management_API_ListRequestQuery: type: object properties: - host_urls: + hostStatuses: items: + enum: + - healthy + - offline + - updating + - inactive + - unenrolled type: string type: array - id: + kuery: + nullable: true type: string - is_default: - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - name: + page: + default: 0 + description: Page number + minimum: 0 + type: integer + pageSize: + default: 10 + description: Number of items per page + maximum: 10000 + minimum: 1 + type: integer + sortDirection: + enum: + - asc + - desc + nullable: true type: string - proxy_id: + sortField: + enum: + - enrolled_at + - metadata.host.hostname + - host_status + - metadata.Endpoint.policy.applied.name + - metadata.Endpoint.policy.applied.status + - metadata.host.os.name + - metadata.host.ip + - metadata.agent.version + - last_checkin type: string required: - - fleet_server_hosts - - id - - is_default - - is_preconfigured - - host_urls - Fleet_fleet_settings_response: - title: Fleet settings response + - hostStatuses + Security_Endpoint_Management_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_Endpoint_Management_API_NoParametersRequestSchema: type: object properties: - item: - $ref: '#/components/schemas/Fleet_settings' + body: + type: object + properties: + agent_type: + $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentTypes' + alert_ids: + $ref: '#/components/schemas/Security_Endpoint_Management_API_AlertIds' + case_ids: + $ref: '#/components/schemas/Security_Endpoint_Management_API_CaseIds' + comment: + $ref: '#/components/schemas/Security_Endpoint_Management_API_Comment' + endpoint_ids: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_EndpointIds + parameters: + $ref: '#/components/schemas/Security_Endpoint_Management_API_Parameters' + required: + - endpoint_ids required: - - item - Fleet_fleet_setup_response: - title: Fleet Setup response + - body + Security_Endpoint_Management_API_Page: + default: 1 + description: Page number + minimum: 1 + type: integer + Security_Endpoint_Management_API_PageSize: + default: 10 + description: Number of items per page + maximum: 100 + minimum: 1 + type: integer + Security_Endpoint_Management_API_Parameters: + description: Optional parameters object + type: object + Security_Endpoint_Management_API_PendingActionDataType: + type: integer + Security_Endpoint_Management_API_PendingActionsSchema: + oneOf: + - type: object + properties: + execute: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_PendingActionDataType + get-file: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_PendingActionDataType + isolate: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_PendingActionDataType + kill-process: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_PendingActionDataType + running-processes: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_PendingActionDataType + scan: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_PendingActionDataType + suspend-process: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_PendingActionDataType + unisolate: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_PendingActionDataType + upload: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_PendingActionDataType + - additionalProperties: true + type: object + Security_Endpoint_Management_API_Pid: type: object properties: - isInitialized: - type: boolean - nonFatalErrors: - items: - type: object - properties: - message: - type: string - name: - type: string - required: - - name - - message - type: array - required: - - isInitialized - - nonFatalErrors - Fleet_fleet_status_response: - title: Fleet status response + pid: + minimum: 1 + type: integer + Security_Endpoint_Management_API_ProtectionUpdatesNoteResponse: type: object properties: - isReady: - type: boolean - missing_optional_features: - items: - enum: - - encrypted_saved_object_encryption_key_required + note: + type: string + Security_Endpoint_Management_API_ScanRouteRequestBody: + allOf: + - type: object + properties: + agent_type: + $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentTypes' + alert_ids: + $ref: '#/components/schemas/Security_Endpoint_Management_API_AlertIds' + case_ids: + $ref: '#/components/schemas/Security_Endpoint_Management_API_CaseIds' + comment: + $ref: '#/components/schemas/Security_Endpoint_Management_API_Comment' + endpoint_ids: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_EndpointIds + parameters: + $ref: '#/components/schemas/Security_Endpoint_Management_API_Parameters' + required: + - endpoint_ids + - type: object + properties: + parameters: + type: object + properties: + path: + type: string + required: + - path + required: + - parameters + Security_Endpoint_Management_API_StartDate: + description: Start date + type: string + Security_Endpoint_Management_API_SuccessResponse: + type: object + properties: {} + Security_Endpoint_Management_API_SuspendProcessRouteRequestBody: + allOf: + - type: object + properties: + agent_type: + $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentTypes' + alert_ids: + $ref: '#/components/schemas/Security_Endpoint_Management_API_AlertIds' + case_ids: + $ref: '#/components/schemas/Security_Endpoint_Management_API_CaseIds' + comment: + $ref: '#/components/schemas/Security_Endpoint_Management_API_Comment' + endpoint_ids: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_EndpointIds + parameters: + $ref: '#/components/schemas/Security_Endpoint_Management_API_Parameters' + required: + - endpoint_ids + - type: object + properties: + parameters: + oneOf: + - $ref: '#/components/schemas/Security_Endpoint_Management_API_Pid' + - $ref: >- + #/components/schemas/Security_Endpoint_Management_API_EntityId + required: + - parameters + Security_Endpoint_Management_API_Timeout: + description: The maximum timeout value in milliseconds (optional) + minimum: 1 + type: integer + Security_Endpoint_Management_API_Type: + description: Type of response action + enum: + - automated + - manual + type: string + Security_Endpoint_Management_API_Types: + description: List of types of response actions + items: + $ref: '#/components/schemas/Security_Endpoint_Management_API_Type' + maxLength: 2 + minLength: 1 + type: array + Security_Endpoint_Management_API_UnisolateRouteRequestBody: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_NoParametersRequestSchema + Security_Endpoint_Management_API_UploadRouteRequestBody: + allOf: + - type: object + properties: + agent_type: + $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentTypes' + alert_ids: + $ref: '#/components/schemas/Security_Endpoint_Management_API_AlertIds' + case_ids: + $ref: '#/components/schemas/Security_Endpoint_Management_API_CaseIds' + comment: + $ref: '#/components/schemas/Security_Endpoint_Management_API_Comment' + endpoint_ids: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_EndpointIds + parameters: + $ref: '#/components/schemas/Security_Endpoint_Management_API_Parameters' + required: + - endpoint_ids + - type: object + properties: + file: + format: binary + type: string + parameters: + type: object + properties: + overwrite: + default: false + type: boolean + required: + - parameters + - file + Security_Endpoint_Management_API_UserIds: + description: User IDs + oneOf: + - items: + minLength: 1 type: string + minItems: 1 type: array - missing_requirements: - items: - enum: - - tls_required - - api_keys - - fleet_admin_user - - fleet_server + - minLength: 1 + type: string + Security_Endpoint_Management_API_WithOutputs: + description: Shows detailed outputs for an action response + oneOf: + - items: + minLength: 1 type: string + minItems: 1 type: array - package_verification_key_id: + - minLength: 1 type: string - required: - - isReady - - missing_requirements - - missing_optional_features - Fleet_full_agent_policy: - title: Full agent policy + Security_Entity_Analytics_API_AssetCriticalityBulkUploadErrorItem: type: object properties: - agent: - nullable: true - type: string - fleet: - oneOf: - - type: object - properties: - hosts: - items: - type: string - type: array - proxy_headers: {} - proxy_url: - type: string - ssl: - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - renegotiation: - type: string - verification_mode: - type: string - - type: object - properties: - kibana: - type: object - properties: - hosts: - items: - type: string - type: array - path: - type: string - protocol: - type: string - id: - type: string - inputs: + index: + type: integer + message: type: string - monitoring: + required: + - message + - index + Security_Entity_Analytics_API_AssetCriticalityBulkUploadStats: + type: object + properties: + failed: + type: integer + successful: + type: integer + total: + type: integer + required: + - successful + - failed + - total + Security_Entity_Analytics_API_AssetCriticalityLevel: + description: The criticality level of the asset. + enum: + - low_impact + - medium_impact + - high_impact + - extreme_impact + type: string + Security_Entity_Analytics_API_AssetCriticalityRecord: + allOf: + - $ref: >- + #/components/schemas/Security_Entity_Analytics_API_CreateAssetCriticalityRecord + - $ref: >- + #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityRecordEcsParts + - type: object + properties: + '@timestamp': + description: The time the record was created or updated. + example: '2017-07-21T17:32:28Z' + format: date-time + type: string + required: + - '@timestamp' + Security_Entity_Analytics_API_AssetCriticalityRecordEcsParts: + type: object + properties: + asset: type: object properties: - diagnostics: - type: object - properties: - limit: - type: object - properties: - burst: - type: number - interval: - type: string - uploader: - type: object - properties: - init_dur: - type: string - max_dur: - type: string - max_retries: - type: number - enabled: - type: boolean - http: + criticality: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityLevel + required: + - asset + host: + type: object + properties: + asset: type: object properties: - enabled: - type: boolean - host: - type: string - port: - type: number + criticality: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityLevel required: - - enabled - logs: - type: boolean - metrics: - type: boolean - namespace: + - criticality + name: type: string - pprof: + required: + - name + user: + type: object + properties: + asset: type: object properties: - enabled: - type: boolean + criticality: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityLevel required: - - enabled - traces: - type: boolean - use_output: + - criticality + name: type: string required: - - enabled - - metrics - - logs - - traces - output_permissions: - additionalProperties: + - name + required: + - asset + Security_Entity_Analytics_API_AssetCriticalityRecordIdParts: + type: object + properties: + id_field: + $ref: '#/components/schemas/Security_Entity_Analytics_API_IdField' + description: The field representing the ID. + example: host.name + id_value: + description: The ID value of the asset. + type: string + required: + - id_value + - id_field + Security_Entity_Analytics_API_CleanUpRiskEngineErrorResponse: + type: object + properties: + cleanup_successful: + example: false + type: boolean + errors: + items: type: object properties: - data: - $ref: >- - #/components/schemas/Fleet_full_agent_policy_output_permissions - output: + error: + type: string + seq: type: integer - type: object - outputs: - additionalProperties: - $ref: '#/components/schemas/Fleet_full_agent_policy_output' - type: object - revision: + required: + - seq + - error + type: array + required: + - cleanup_successful + - errors + Security_Entity_Analytics_API_CreateAssetCriticalityRecord: + allOf: + - $ref: >- + #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityRecordIdParts + - type: object + properties: + criticality_level: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityLevel + required: + - criticality_level + Security_Entity_Analytics_API_EngineDescriptor: + type: object + properties: + filter: + type: string + indexPattern: + $ref: '#/components/schemas/Security_Entity_Analytics_API_IndexPattern' + status: + $ref: '#/components/schemas/Security_Entity_Analytics_API_EngineStatus' + type: + $ref: '#/components/schemas/Security_Entity_Analytics_API_EntityType' + Security_Entity_Analytics_API_EngineStatus: + enum: + - installing + - started + - stopped + type: string + Security_Entity_Analytics_API_Entity: + oneOf: + - $ref: '#/components/schemas/Security_Entity_Analytics_API_UserEntity' + - $ref: '#/components/schemas/Security_Entity_Analytics_API_HostEntity' + Security_Entity_Analytics_API_EntityRiskLevels: + enum: + - Unknown + - Low + - Moderate + - High + - Critical + type: string + Security_Entity_Analytics_API_EntityRiskScoreRecord: + type: object + properties: + '@timestamp': + description: The time at which the risk score was calculated. + example: '2017-07-21T17:32:28Z' + format: date-time + type: string + calculated_level: + $ref: '#/components/schemas/Security_Entity_Analytics_API_EntityRiskLevels' + description: Lexical description of the entity's risk. + example: Critical + calculated_score: + description: The raw numeric value of the given entity's risk score. + format: double + type: number + calculated_score_norm: + description: >- + The normalized numeric value of the given entity's risk score. + Useful for comparing with other entities. + format: double + maximum: 100 + minimum: 0 + type: number + category_1_count: + description: >- + The number of risk input documents that contributed to the Category + 1 score (`category_1_score`). + format: integer + type: number + category_1_score: + description: >- + The contribution of Category 1 to the overall risk score + (`calculated_score`). Category 1 contains Detection Engine Alerts. + format: double + type: number + category_2_count: + format: integer + type: number + category_2_score: + format: double + type: number + criticality_level: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityLevel + criticality_modifier: + format: double type: number - secret_references: + id_field: + description: >- + The identifier field defining this risk score. Coupled with + `id_value`, uniquely identifies the entity being scored. + example: host.name + type: string + id_value: + description: >- + The identifier value defining this risk score. Coupled with + `id_field`, uniquely identifies the entity being scored. + example: example.host + type: string + inputs: + description: >- + A list of the highest-risk documents contributing to this risk + score. Useful for investigative purposes. items: - type: object - properties: - id: - type: string + $ref: '#/components/schemas/Security_Entity_Analytics_API_RiskScoreInput' + type: array + notes: + items: + type: string type: array required: - - id - - outputs + - '@timestamp' + - id_field + - id_value + - calculated_level + - calculated_score + - calculated_score_norm + - category_1_score + - category_1_count - inputs - Fleet_full_agent_policy_input: - allOf: - - additionalProperties: true + - notes + Security_Entity_Analytics_API_EntityType: + enum: + - user + - host + type: string + Security_Entity_Analytics_API_HostEntity: + type: object + properties: + asset: type: object properties: - data_stream: - type: object - properties: - namespace: - type: string - required: - - namespace + criticality: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityLevel + required: + - criticality + entity: + type: object + properties: + definitionId: + type: string + definitionVersion: + type: string + displayName: + type: string + firstSeenTimestamp: + format: date-time + type: string id: type: string - meta: - additionalProperties: true - type: object - properties: - package: - type: object - properties: - name: - type: string - version: - type: string - required: - - name - - version - name: + identityFields: + items: + type: string + type: array + lastSeenTimestamp: + format: date-time type: string - revision: - type: number - streams: - $ref: '#/components/schemas/Fleet_full_agent_policy_input_stream' - type: + schemaVersion: type: string - use_output: + source: + type: string + type: + enum: + - node type: string required: + - lastSeenTimestamp + - schemaVersion + - definitionVersion + - displayName + - identityFields - id - - name - - revision - type - - data_stream - - use_output - title: Full agent policy input - Fleet_full_agent_policy_input_stream: - allOf: - - additionalProperties: true + - firstSeenTimestamp + - definitionId + host: type: object properties: - data_stream: - type: object - properties: - dataset: - type: string - type: - type: string - required: - - dataset - - type + architecture: + items: + type: string + type: array + domain: + items: + type: string + type: array + hostname: + items: + type: string + type: array id: + items: + type: string + type: array + ip: + items: + type: string + type: array + mac: + items: + type: string + type: array + name: type: string + risk: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_EntityRiskScoreRecord + type: + items: + type: string + type: array required: - - id - - data_stream - title: Full agent policy input stream - Fleet_full_agent_policy_output: - title: Full agent policy + - name + Security_Entity_Analytics_API_IdField: + enum: + - host.name + - user.name + type: string + Security_Entity_Analytics_API_IndexPattern: + type: string + Security_Entity_Analytics_API_InspectQuery: type: object properties: - additionalProperties: - type: object - properties: - text: {} - ca_sha256: - nullable: true - type: string - hosts: + dsl: + items: + type: string + type: array + response: items: type: string type: array - proxy_headers: {} - proxy_url: + required: + - dsl + - response + Security_Entity_Analytics_API_RiskEngineScheduleNowErrorResponse: + type: object + properties: + full_error: + type: string + message: type: string - type: {} required: - - type - - hosts - - ca_sha256 - Fleet_full_agent_policy_output_permissions: - additionalProperties: - type: object - properties: - data: - type: object - properties: - cluster: - items: - type: string - type: array - indices: - items: - type: object - properties: - names: - items: - type: string - type: array - privileges: - items: - type: string - type: array - type: array - packagePolicyName: - type: string - title: Full agent policy output permissions - Fleet_get_agent_tags_response: - title: Get Agent Tags response + - message + - full_error + Security_Entity_Analytics_API_RiskEngineScheduleNowResponse: type: object properties: - items: - items: - type: string - type: array - Fleet_get_agents_response: - title: Get Agent response + success: + type: boolean + Security_Entity_Analytics_API_RiskScoreInput: + description: A generic representation of a document contributing to a Risk Score. type: object properties: - items: - items: - $ref: '#/components/schemas/Fleet_agent' - type: array - list: - deprecated: true - items: - $ref: '#/components/schemas/Fleet_agent' - type: array - page: - type: number - perPage: + category: + description: The risk category of the risk input document. + example: category_1 + type: string + contribution_score: + format: double type: number - statusSummary: - type: object - properties: - degraded': - type: number - enrolling: - type: number - error: - type: number - inactive: - type: number - offline: - type: number - online: - type: number - unenrolled: - type: number - unenrolling: - type: number - updating: - type: number - total: + description: + description: A human-readable description of the risk input document. + example: 'Generated from Detection Engine Rule: Malware Prevention Alert' + type: string + id: + description: The unique identifier (`_id`) of the original source document + example: 91a93376a507e86cfbf282166275b89f9dbdb1f0be6c8103c6ff2909ca8e1a1c + type: string + index: + description: The unique index (`_index`) of the original source document + example: .internal.alerts-security.alerts-default-000001 + type: string + risk_score: + description: The weighted risk score of the risk input document. + format: double + maximum: 100 + minimum: 0 type: number + timestamp: + description: The @timestamp of the risk input document. + example: '2017-07-21T17:32:28Z' + type: string required: - - items - - total - - page - - perPage - Fleet_get_bulk_assets_response: - deprecated: true + - id + - index + - description + - category + Security_Entity_Analytics_API_TaskManagerUnavailableResponse: + description: Task manager is unavailable + type: object properties: - items: - items: - type: object - properties: - appLink: + message: + type: string + status_code: + minimum: 400 + type: integer + required: + - status_code + - message + Security_Entity_Analytics_API_UserEntity: + type: object + properties: + asset: + type: object + properties: + criticality: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityLevel + required: + - criticality + entity: + type: object + properties: + definitionId: + type: string + definitionVersion: + type: string + displayName: + type: string + firstSeenTimestamp: + format: date-time + type: string + id: + type: string + identityFields: + items: + type: string + type: array + lastSeenTimestamp: + format: date-time + type: string + schemaVersion: + type: string + source: + type: string + type: + enum: + - node + type: string + required: + - lastSeenTimestamp + - schemaVersion + - definitionVersion + - displayName + - identityFields + - id + - type + - firstSeenTimestamp + - definitionId + - source + user: + type: object + properties: + domain: + items: type: string - attributes: - type: object - properties: - description: - type: string - title: - type: string - id: + type: array + email: + items: type: string - type: - $ref: '#/components/schemas/Fleet_saved_object_type' - updatedAt: + type: array + full_name: + items: type: string - type: array + type: array + hash: + items: + type: string + type: array + id: + items: + type: string + type: array + name: + type: string + risk: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_EntityRiskScoreRecord + roles: + items: + type: string + type: array + required: + - name + Security_Exceptions_API_CreateExceptionListItemComment: + type: object + properties: + comment: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' required: - - items - title: Bulk get assets response + - comment + Security_Exceptions_API_CreateExceptionListItemCommentArray: + items: + $ref: >- + #/components/schemas/Security_Exceptions_API_CreateExceptionListItemComment + type: array + Security_Exceptions_API_CreateRuleExceptionListItemComment: type: object - Fleet_get_categories_response: - title: Get categories response + properties: + comment: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' + required: + - comment + Security_Exceptions_API_CreateRuleExceptionListItemCommentArray: + items: + $ref: >- + #/components/schemas/Security_Exceptions_API_CreateRuleExceptionListItemComment + type: array + Security_Exceptions_API_CreateRuleExceptionListItemProps: type: object properties: - items: - items: - type: object - properties: - count: - type: number - id: - type: string - title: - type: string - required: - - id - - title - - count - type: array - response: - items: - deprecated: true - type: object - properties: - count: - type: number - id: - type: string - title: - type: string - required: - - id - - title - - count - type: array + comments: + $ref: >- + #/components/schemas/Security_Exceptions_API_CreateRuleExceptionListItemCommentArray + default: [] + description: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryArray + expire_time: + format: date-time + type: string + item_id: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemHumanId + meta: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemMeta' + name: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemName' + namespace_type: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionNamespaceType' + default: single + os_types: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemOsTypeArray + default: [] + tags: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemTags' + default: [] + type: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemType' required: - - items - Fleet_get_packages_response: - title: Get Packages response + - type + - name + - description + - entries + Security_Exceptions_API_ExceptionList: type: object properties: - items: - items: - $ref: '#/components/schemas/Fleet_search_result' - type: array - response: - deprecated: true - items: - $ref: '#/components/schemas/Fleet_search_result' - type: array + _version: + type: string + created_at: + format: date-time + type: string + created_by: + type: string + description: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListDescription + id: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListId' + immutable: + type: boolean + list_id: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListHumanId' + meta: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListMeta' + name: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListName' + namespace_type: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionNamespaceType' + os_types: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListOsTypeArray + tags: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListTags' + tie_breaker_id: + type: string + type: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListType' + updated_at: + format: date-time + type: string + updated_by: + type: string + version: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListVersion' required: - - items - Fleet_installation_info: - title: Installation info object + - id + - list_id + - type + - name + - description + - immutable + - namespace_type + - version + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Exceptions_API_ExceptionListDescription: + type: string + Security_Exceptions_API_ExceptionListHumanId: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' + description: Human readable string identifier, e.g. `trusted-linux-processes` + Security_Exceptions_API_ExceptionListId: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' + Security_Exceptions_API_ExceptionListItem: type: object properties: + _version: + type: string + comments: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemCommentArray created_at: + format: date-time type: string - experimental_data_stream_features: - type: array - properties: - data_stream: - type: string - features: - type: object - properties: - doc_value_only_numeric: - nullable: true - type: boolean - doc_value_only_other: - nullable: true - type: boolean - synthetic_source: - nullable: true - type: boolean - tsdb: - nullable: true - type: boolean - install_format_schema_version: + created_by: type: string - install_kibana_space_id: + description: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryArray + expire_time: + format: date-time type: string - install_source: - enum: - - registry - - upload - - bundled + id: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemId' + item_id: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemHumanId + list_id: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListHumanId' + meta: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemMeta' + name: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemName' + namespace_type: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionNamespaceType' + os_types: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemOsTypeArray + tags: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemTags' + tie_breaker_id: + type: string + type: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemType' + updated_at: + format: date-time + type: string + updated_by: + type: string + required: + - id + - item_id + - list_id + - type + - name + - description + - entries + - namespace_type + - comments + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Exceptions_API_ExceptionListItemComment: + type: object + properties: + comment: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' + created_at: + format: date-time + type: string + created_by: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' + id: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' + updated_at: + format: date-time type: string - install_status: + updated_by: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' + required: + - id + - comment + - created_at + - created_by + Security_Exceptions_API_ExceptionListItemCommentArray: + items: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemComment' + type: array + Security_Exceptions_API_ExceptionListItemDescription: + type: string + Security_Exceptions_API_ExceptionListItemEntry: + anyOf: + - $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryMatch + - $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryMatchAny + - $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryList + - $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryExists + - $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryNested + - $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryMatchWildcard + discriminator: + propertyName: type + Security_Exceptions_API_ExceptionListItemEntryArray: + items: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemEntry' + type: array + Security_Exceptions_API_ExceptionListItemEntryExists: + type: object + properties: + field: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' + operator: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryOperator + type: enum: - - installed - - installing - - install_failed + - exists type: string - installed_es: - type: object - properties: - deferred: - type: boolean - id: - type: string - type: - $ref: '#/components/schemas/Fleet_elasticsearch_asset_type' - installed_kibana: + required: + - type + - field + - operator + Security_Exceptions_API_ExceptionListItemEntryList: + type: object + properties: + field: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' + list: type: object properties: id: - type: string + $ref: '#/components/schemas/Security_Exceptions_API_ListId' type: - $ref: '#/components/schemas/Fleet_kibana_saved_object_type' - latest_executed_state: - description: Latest successfully executed state in package install state machine - type: object - properties: - error: - type: string - name: - enum: - - create_restart_installation - - install_kibana_assets - - install_ilm_policies - - install_ml_model - - install_index_template_pipelines - - remove_legacy_templates - - update_current_write_indices - - install_transforms - - delete_previous_pipelines - - save_archive_entries_from_assets_map - - update_so - type: string - started_at: - type: string - latest_install_failed_attempts: - description: Latest failed install errors + $ref: '#/components/schemas/Security_Exceptions_API_ListType' + required: + - id + - type + operator: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - list + type: string + required: + - type + - field + - list + - operator + Security_Exceptions_API_ExceptionListItemEntryMatch: + type: object + properties: + field: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' + operator: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - match + type: string + value: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' + required: + - type + - field + - value + - operator + Security_Exceptions_API_ExceptionListItemEntryMatchAny: + type: object + properties: + field: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' + operator: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - match_any + type: string + value: items: - type: object - properties: - created_at: - type: string - error: - type: object - properties: - message: - type: string - name: - type: string - stack: - type: string - target_version: - type: string + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' + minItems: 1 type: array - name: + required: + - type + - field + - value + - operator + Security_Exceptions_API_ExceptionListItemEntryMatchWildcard: + type: object + properties: + field: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' + operator: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - wildcard type: string - namespaces: + value: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' + required: + - type + - field + - value + - operator + Security_Exceptions_API_ExceptionListItemEntryNested: + type: object + properties: + entries: items: - type: string + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryNestedEntryItem + minItems: 1 type: array + field: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' type: - type: string - updated_at: - type: string - verification_key_id: - nullable: true - type: string - verification_status: enum: - - verified - - unverified - - unknown - type: string - version: + - nested type: string required: - - installed_kibana - - installed_es - - name - - version - - install_status - - install_version - - install_started_at - - install_source - - verification_status - - latest_install_failed_attempts - Fleet_kibana_saved_object_type: + - type + - field + - entries + Security_Exceptions_API_ExceptionListItemEntryNestedEntryItem: + oneOf: + - $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryMatch + - $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryMatchAny + - $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryExists + Security_Exceptions_API_ExceptionListItemEntryOperator: enum: - - dashboard - - visualization - - search - - index-pattern - - map - - lens - - ml-module - - security-rule - - csp_rule_template - title: Kibana saved object asset type + - excluded + - included type: string - Fleet_new_package_policy: - description: '' + Security_Exceptions_API_ExceptionListItemHumanId: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' + Security_Exceptions_API_ExceptionListItemId: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' + Security_Exceptions_API_ExceptionListItemMeta: + additionalProperties: true + type: object + Security_Exceptions_API_ExceptionListItemName: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' + Security_Exceptions_API_ExceptionListItemOsTypeArray: + items: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListOsType' + type: array + Security_Exceptions_API_ExceptionListItemTags: + items: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' + type: array + Security_Exceptions_API_ExceptionListItemType: + enum: + - simple + type: string + Security_Exceptions_API_ExceptionListMeta: + additionalProperties: true + type: object + Security_Exceptions_API_ExceptionListName: + type: string + Security_Exceptions_API_ExceptionListOsType: + enum: + - linux + - macos + - windows + type: string + Security_Exceptions_API_ExceptionListOsTypeArray: + items: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListOsType' + type: array + Security_Exceptions_API_ExceptionListsImportBulkError: + type: object properties: - description: - type: string - enabled: - type: boolean - inputs: - items: - type: object - properties: - config: - type: object - enabled: - type: boolean - processors: - items: - type: string - type: array - streams: - items: {} - type: array - type: - type: string - vars: - type: object - required: - - type - - enabled - type: array - name: - type: string - namespace: - type: string - output_id: - type: string - overrides: - type: object - package: + error: type: object properties: - name: - type: string - requires_root: - type: boolean - title: - type: string - version: + message: type: string + status_code: + type: integer required: - - name - - version - policy_id: - deprecated: true - nullable: true - type: string - policy_ids: - items: - type: string - type: array + - status_code + - message + id: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListId' + item_id: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemHumanId + list_id: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListHumanId' required: - - inputs - - name - title: New package policy - type: object - Fleet_output_create_request: - discriminator: - mapping: - elasticsearch: '#/components/schemas/Fleet_output_create_request_elasticsearch' - kafka: '#/components/schemas/Fleet_output_create_request_kafka' - logstash: '#/components/schemas/Fleet_output_create_request_logstash' - remote_elasticsearch: >- - #/components/schemas/Fleet_output_create_request_remote_elasticsearch - propertyName: type - oneOf: - - $ref: '#/components/schemas/Fleet_output_create_request_elasticsearch' - - $ref: '#/components/schemas/Fleet_output_create_request_kafka' - - $ref: '#/components/schemas/Fleet_output_create_request_logstash' - - $ref: >- - #/components/schemas/Fleet_output_create_request_remote_elasticsearch - title: Output - Fleet_output_create_request_elasticsearch: - title: elasticsearch + - error + Security_Exceptions_API_ExceptionListsImportBulkErrorArray: + items: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListsImportBulkError + type: array + Security_Exceptions_API_ExceptionListTags: + items: + type: string + type: array + Security_Exceptions_API_ExceptionListType: + enum: + - detection + - rule_default + - endpoint + - endpoint_trusted_apps + - endpoint_events + - endpoint_host_isolation_exceptions + - endpoint_blocklists + type: string + Security_Exceptions_API_ExceptionListVersion: + minimum: 1 + type: integer + Security_Exceptions_API_ExceptionNamespaceType: + description: > + Determines whether the exception container is available in all Kibana + spaces or just the space + + in which it is created, where: + + + - `single`: Only available in the Kibana space in which it is created. + + - `agnostic`: Available in all Kibana spaces. + enum: + - agnostic + - single + type: string + Security_Exceptions_API_FindExceptionListItemsFilter: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' + Security_Exceptions_API_FindExceptionListsFilter: + type: string + Security_Exceptions_API_ListId: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' + Security_Exceptions_API_ListType: + enum: + - binary + - boolean + - byte + - date + - date_nanos + - date_range + - double + - double_range + - float + - float_range + - geo_point + - geo_shape + - half_float + - integer + - integer_range + - ip + - ip_range + - keyword + - long + - long_range + - shape + - short + - text + type: string + Security_Exceptions_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_Exceptions_API_PlatformErrorResponse: type: object properties: - ca_sha256: + error: type: string - ca_trusted_fingerprint: + message: type: string - config: - type: object - config_yaml: + statusCode: + type: integer + required: + - statusCode + - error + - message + Security_Exceptions_API_RuleId: + $ref: '#/components/schemas/Security_Exceptions_API_UUID' + Security_Exceptions_API_SiemErrorResponse: + type: object + properties: + message: type: string - hosts: - items: - type: string - type: array + status_code: + type: integer + required: + - status_code + - message + Security_Exceptions_API_UpdateExceptionListItemComment: + type: object + properties: + comment: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' id: - type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: - type: boolean - name: - type: string - preset: - enum: - - balanced - - custom - - throughput - - scale - - latency - type: string - proxy_id: - type: string - shipper: - type: object - properties: - compression_level: - type: number - disk_queue_compression_enabled: - type: boolean - disk_queue_enabled: - type: boolean - disk_queue_encryption_enabled: - type: boolean - disk_queue_max_size: - type: number - disk_queue_path: - type: string - loadbalance: - type: boolean - ssl: - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - type: - enum: - - elasticsearch - type: string + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' required: - - name - Fleet_output_create_request_kafka: - title: kafka + - comment + Security_Exceptions_API_UpdateExceptionListItemCommentArray: + items: + $ref: >- + #/components/schemas/Security_Exceptions_API_UpdateExceptionListItemComment + type: array + Security_Exceptions_API_UUID: + description: A universally unique identifier + format: uuid + type: string + Security_Lists_API_FindListItemsCursor: + $ref: '#/components/schemas/Security_Lists_API_NonEmptyString' + Security_Lists_API_FindListItemsFilter: + type: string + Security_Lists_API_FindListsCursor: + $ref: '#/components/schemas/Security_Lists_API_NonEmptyString' + Security_Lists_API_FindListsFilter: + type: string + Security_Lists_API_List: type: object properties: - auth_type: + _version: type: string - broker_timeout: - type: number - ca_sha256: - type: string - ca_trusted_fingerprint: - type: string - client_id: + '@timestamp': + format: date-time type: string - compression: + created_at: + format: date-time type: string - compression_level: - type: number - config: - type: object - config_yaml: + created_by: type: string - connection_type: - enum: - - plaintext - - encryption + description: + $ref: '#/components/schemas/Security_Lists_API_ListDescription' + deserializer: type: string - headers: - items: - type: object - properties: - key: - type: string - value: - type: string - type: array - hosts: - items: - type: string - type: array id: - type: string - is_default: - type: boolean - is_default_monitoring: + $ref: '#/components/schemas/Security_Lists_API_ListId' + immutable: type: boolean - is_internal: - type: boolean - key: - type: string + meta: + $ref: '#/components/schemas/Security_Lists_API_ListMetadata' name: + $ref: '#/components/schemas/Security_Lists_API_ListName' + serializer: type: string - partition: - type: string - password: - type: string - proxy_id: - type: string - random: - type: object - properties: - group_events: - type: number - required_acks: - type: number - round_robin: - type: object - properties: - group_events: - type: number - sasl: - type: object - properties: - mechanism: - type: string - secrets: - type: object - properties: - password: - type: string - ssl: - type: object - properties: - key: - type: string - shipper: - type: object - properties: - compression_level: - type: number - disk_queue_compression_enabled: - type: boolean - disk_queue_enabled: - type: boolean - disk_queue_encryption_enabled: - type: boolean - disk_queue_max_size: - type: number - disk_queue_path: - type: string - loadbalance: - type: boolean - ssl: - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - none - - full - - certificate - - strict - type: string - timeout: - type: number - topic: + tie_breaker_id: type: string - topics: - deprecated: true - description: Use topic instead. - items: - type: object - properties: - topic: - type: string - when: - deprecated: true - description: >- - Deprecated, kafka output do not support conditionnal topics - anymore. - type: object - properties: - condition: - type: string - type: - type: string - type: array type: - enum: - - kafka + $ref: '#/components/schemas/Security_Lists_API_ListType' + updated_at: + format: date-time type: string - username: + updated_by: type: string version: - type: string + minimum: 1 + type: integer required: - - name + - id - type - - topics - - auth_type - - hosts - Fleet_output_create_request_logstash: - title: logstash + - name + - description + - immutable + - version + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Lists_API_ListDescription: + $ref: '#/components/schemas/Security_Lists_API_NonEmptyString' + Security_Lists_API_ListId: + $ref: '#/components/schemas/Security_Lists_API_NonEmptyString' + Security_Lists_API_ListItem: type: object properties: - ca_sha256: + _version: + type: string + '@timestamp': + format: date-time type: string - ca_trusted_fingerprint: + created_at: + format: date-time type: string - config: - type: object - config_yaml: + created_by: + type: string + deserializer: type: string - hosts: - items: - type: string - type: array id: + $ref: '#/components/schemas/Security_Lists_API_ListItemId' + list_id: + $ref: '#/components/schemas/Security_Lists_API_ListId' + meta: + $ref: '#/components/schemas/Security_Lists_API_ListItemMetadata' + serializer: type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: - type: boolean - name: + tie_breaker_id: + type: string + type: + $ref: '#/components/schemas/Security_Lists_API_ListType' + updated_at: + format: date-time type: string - proxy_id: + updated_by: type: string - secrets: + value: + $ref: '#/components/schemas/Security_Lists_API_ListItemValue' + required: + - id + - type + - list_id + - value + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Lists_API_ListItemId: + $ref: '#/components/schemas/Security_Lists_API_NonEmptyString' + Security_Lists_API_ListItemMetadata: + additionalProperties: true + type: object + Security_Lists_API_ListItemPrivileges: + type: object + properties: + application: + additionalProperties: + type: boolean type: object - properties: - ssl: - type: object - properties: - key: - type: string - shipper: + cluster: + additionalProperties: + type: boolean type: object - properties: - compression_level: - type: number - disk_queue_compression_enabled: - type: boolean - disk_queue_enabled: - type: boolean - disk_queue_encryption_enabled: - type: boolean - disk_queue_max_size: - type: number - disk_queue_path: - type: string - loadbalance: + has_all_requested: + type: boolean + index: + additionalProperties: + additionalProperties: type: boolean - ssl: + type: object type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - type: - enum: - - logstash + username: type: string required: - - name - - hosts - - type - Fleet_output_create_request_remote_elasticsearch: - title: remote_elasticsearch + - username + - has_all_requested + - cluster + - index + - application + Security_Lists_API_ListItemValue: + $ref: '#/components/schemas/Security_Lists_API_NonEmptyString' + Security_Lists_API_ListMetadata: + additionalProperties: true + type: object + Security_Lists_API_ListName: + $ref: '#/components/schemas/Security_Lists_API_NonEmptyString' + Security_Lists_API_ListPrivileges: type: object properties: - hosts: - items: - type: string - type: array - id: - type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: + application: + additionalProperties: + type: boolean + type: object + cluster: + additionalProperties: + type: boolean + type: object + has_all_requested: type: boolean - name: - type: string - secrets: + index: + additionalProperties: + additionalProperties: + type: boolean + type: object type: object - properties: - service_token: - type: string - service_token: - type: string - type: - enum: - - remote_elasticsearch + username: type: string required: - - name - Fleet_output_update_request: - discriminator: - mapping: - elasticsearch: '#/components/schemas/Fleet_output_update_request_elasticsearch' - kafka: '#/components/schemas/Fleet_output_update_request_kafka' - logstash: '#/components/schemas/Fleet_output_update_request_logstash' - propertyName: type - oneOf: - - $ref: '#/components/schemas/Fleet_output_update_request_elasticsearch' - - $ref: '#/components/schemas/Fleet_output_update_request_kafka' - - $ref: '#/components/schemas/Fleet_output_update_request_logstash' - title: Output - Fleet_output_update_request_elasticsearch: - title: elasticsearch + - username + - has_all_requested + - cluster + - index + - application + Security_Lists_API_ListType: + enum: + - binary + - boolean + - byte + - date + - date_nanos + - date_range + - double + - double_range + - float + - float_range + - geo_point + - geo_shape + - half_float + - integer + - integer_range + - ip + - ip_range + - keyword + - long + - long_range + - shape + - short + - text + type: string + Security_Lists_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_Lists_API_PlatformErrorResponse: type: object properties: - ca_sha256: + error: type: string - ca_trusted_fingerprint: + message: type: string - config: - type: object - config_yaml: + statusCode: + type: integer + required: + - statusCode + - error + - message + Security_Lists_API_SiemErrorResponse: + type: object + properties: + message: type: string - hosts: + status_code: + type: integer + required: + - status_code + - message + Security_Osquery_API_ArrayQueries: + items: + $ref: '#/components/schemas/Security_Osquery_API_ArrayQueriesItem' + type: array + Security_Osquery_API_ArrayQueriesItem: + type: object + properties: + ecs_mapping: + $ref: '#/components/schemas/Security_Osquery_API_ECSMappingOrUndefined' + id: + $ref: '#/components/schemas/Security_Osquery_API_Id' + platform: + $ref: '#/components/schemas/Security_Osquery_API_PlatformOrUndefined' + query: + $ref: '#/components/schemas/Security_Osquery_API_Query' + removed: + $ref: '#/components/schemas/Security_Osquery_API_RemovedOrUndefined' + snapshot: + $ref: '#/components/schemas/Security_Osquery_API_SnapshotOrUndefined' + version: + $ref: '#/components/schemas/Security_Osquery_API_VersionOrUndefined' + Security_Osquery_API_CreateLiveQueryRequestBody: + type: object + properties: + agent_all: + type: boolean + agent_ids: + items: + type: string + type: array + agent_platforms: + items: + type: string + type: array + agent_policy_ids: + items: + type: string + type: array + alert_ids: items: type: string type: array + case_ids: + items: + type: string + type: array + ecs_mapping: + $ref: '#/components/schemas/Security_Osquery_API_ECSMappingOrUndefined' + event_ids: + items: + type: string + type: array + metadata: + nullable: true + type: object + pack_id: + $ref: '#/components/schemas/Security_Osquery_API_PackIdOrUndefined' + queries: + $ref: '#/components/schemas/Security_Osquery_API_ArrayQueries' + query: + $ref: '#/components/schemas/Security_Osquery_API_QueryOrUndefined' + saved_query_id: + $ref: '#/components/schemas/Security_Osquery_API_SavedQueryIdOrUndefined' + Security_Osquery_API_CreatePacksRequestBody: + type: object + properties: + description: + $ref: '#/components/schemas/Security_Osquery_API_DescriptionOrUndefined' + enabled: + $ref: '#/components/schemas/Security_Osquery_API_EnabledOrUndefined' + name: + $ref: '#/components/schemas/Security_Osquery_API_PackName' + policy_ids: + $ref: '#/components/schemas/Security_Osquery_API_PolicyIdsOrUndefined' + queries: + $ref: '#/components/schemas/Security_Osquery_API_ObjectQueries' + shards: + $ref: '#/components/schemas/Security_Osquery_API_Shards' + Security_Osquery_API_CreateSavedQueryRequestBody: + type: object + properties: + description: + $ref: '#/components/schemas/Security_Osquery_API_DescriptionOrUndefined' + ecs_mapping: + $ref: '#/components/schemas/Security_Osquery_API_ECSMappingOrUndefined' id: + $ref: '#/components/schemas/Security_Osquery_API_SavedQueryId' + interval: + $ref: '#/components/schemas/Security_Osquery_API_Interval' + platform: + $ref: '#/components/schemas/Security_Osquery_API_DescriptionOrUndefined' + query: + $ref: '#/components/schemas/Security_Osquery_API_QueryOrUndefined' + removed: + $ref: '#/components/schemas/Security_Osquery_API_RemovedOrUndefined' + snapshot: + $ref: '#/components/schemas/Security_Osquery_API_SnapshotOrUndefined' + version: + $ref: '#/components/schemas/Security_Osquery_API_VersionOrUndefined' + Security_Osquery_API_DefaultSuccessResponse: + type: object + properties: {} + Security_Osquery_API_Description: + type: string + Security_Osquery_API_DescriptionOrUndefined: + $ref: '#/components/schemas/Security_Osquery_API_Description' + nullable: true + Security_Osquery_API_ECSMapping: + additionalProperties: + $ref: '#/components/schemas/Security_Osquery_API_ECSMappingItem' + type: object + Security_Osquery_API_ECSMappingItem: + type: object + properties: + field: type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: - type: boolean - name: + value: + oneOf: + - type: string + - items: + type: string + type: array + Security_Osquery_API_ECSMappingOrUndefined: + $ref: '#/components/schemas/Security_Osquery_API_ECSMapping' + nullable: true + Security_Osquery_API_Enabled: + type: boolean + Security_Osquery_API_EnabledOrUndefined: + $ref: '#/components/schemas/Security_Osquery_API_Enabled' + nullable: true + Security_Osquery_API_FindLiveQueryRequestQuery: + type: object + properties: + kuery: + $ref: '#/components/schemas/Security_Osquery_API_KueryOrUndefined' + page: + $ref: '#/components/schemas/Security_Osquery_API_PageOrUndefined' + pageSize: + $ref: '#/components/schemas/Security_Osquery_API_PageSizeOrUndefined' + sort: + $ref: '#/components/schemas/Security_Osquery_API_SortOrUndefined' + sortOrder: + $ref: '#/components/schemas/Security_Osquery_API_SortOrderOrUndefined' + Security_Osquery_API_FindPacksRequestQuery: + type: object + properties: + page: + $ref: '#/components/schemas/Security_Osquery_API_PageOrUndefined' + pageSize: + $ref: '#/components/schemas/Security_Osquery_API_PageSizeOrUndefined' + sort: + $ref: '#/components/schemas/Security_Osquery_API_SortOrUndefined' + sortOrder: + $ref: '#/components/schemas/Security_Osquery_API_SortOrderOrUndefined' + Security_Osquery_API_FindSavedQueryRequestQuery: + type: object + properties: + page: + $ref: '#/components/schemas/Security_Osquery_API_PageOrUndefined' + pageSize: + $ref: '#/components/schemas/Security_Osquery_API_PageSizeOrUndefined' + sort: + $ref: '#/components/schemas/Security_Osquery_API_SortOrUndefined' + sortOrder: + $ref: '#/components/schemas/Security_Osquery_API_SortOrderOrUndefined' + Security_Osquery_API_GetLiveQueryResultsRequestQuery: + type: object + properties: + kuery: + $ref: '#/components/schemas/Security_Osquery_API_KueryOrUndefined' + page: + $ref: '#/components/schemas/Security_Osquery_API_PageOrUndefined' + pageSize: + $ref: '#/components/schemas/Security_Osquery_API_PageSizeOrUndefined' + sort: + $ref: '#/components/schemas/Security_Osquery_API_SortOrUndefined' + sortOrder: + $ref: '#/components/schemas/Security_Osquery_API_SortOrderOrUndefined' + Security_Osquery_API_Id: + type: string + Security_Osquery_API_Interval: + type: string + Security_Osquery_API_IntervalOrUndefined: + $ref: '#/components/schemas/Security_Osquery_API_Interval' + nullable: true + Security_Osquery_API_KueryOrUndefined: + nullable: true + type: string + Security_Osquery_API_ObjectQueries: + additionalProperties: + $ref: '#/components/schemas/Security_Osquery_API_ObjectQueriesItem' + type: object + Security_Osquery_API_ObjectQueriesItem: + type: object + properties: + ecs_mapping: + $ref: '#/components/schemas/Security_Osquery_API_ECSMappingOrUndefined' + id: + $ref: '#/components/schemas/Security_Osquery_API_Id' + platform: + $ref: '#/components/schemas/Security_Osquery_API_PlatformOrUndefined' + query: + $ref: '#/components/schemas/Security_Osquery_API_Query' + removed: + $ref: '#/components/schemas/Security_Osquery_API_RemovedOrUndefined' + saved_query_id: + $ref: '#/components/schemas/Security_Osquery_API_SavedQueryIdOrUndefined' + snapshot: + $ref: '#/components/schemas/Security_Osquery_API_SnapshotOrUndefined' + version: + $ref: '#/components/schemas/Security_Osquery_API_VersionOrUndefined' + Security_Osquery_API_PackId: + type: string + Security_Osquery_API_PackIdOrUndefined: + $ref: '#/components/schemas/Security_Osquery_API_PackId' + nullable: true + Security_Osquery_API_PackName: + type: string + Security_Osquery_API_PageOrUndefined: + nullable: true + type: integer + Security_Osquery_API_PageSizeOrUndefined: + nullable: true + type: integer + Security_Osquery_API_Platform: + type: string + Security_Osquery_API_PlatformOrUndefined: + $ref: '#/components/schemas/Security_Osquery_API_Platform' + nullable: true + Security_Osquery_API_PolicyIds: + items: + type: string + type: array + Security_Osquery_API_PolicyIdsOrUndefined: + $ref: '#/components/schemas/Security_Osquery_API_PolicyIds' + nullable: true + Security_Osquery_API_Query: + type: string + Security_Osquery_API_QueryOrUndefined: + $ref: '#/components/schemas/Security_Osquery_API_Query' + nullable: true + Security_Osquery_API_Removed: + type: boolean + Security_Osquery_API_RemovedOrUndefined: + $ref: '#/components/schemas/Security_Osquery_API_Removed' + nullable: true + Security_Osquery_API_SavedQueryId: + type: string + Security_Osquery_API_SavedQueryIdOrUndefined: + $ref: '#/components/schemas/Security_Osquery_API_SavedQueryId' + nullable: true + Security_Osquery_API_Shards: + additionalProperties: + type: number + type: object + Security_Osquery_API_Snapshot: + type: boolean + Security_Osquery_API_SnapshotOrUndefined: + $ref: '#/components/schemas/Security_Osquery_API_Snapshot' + nullable: true + Security_Osquery_API_SortOrderOrUndefined: + oneOf: + - nullable: true type: string - preset: - enum: - - balanced - - custom - - throughput - - scale - - latency + - enum: + - asc + - desc + Security_Osquery_API_SortOrUndefined: + nullable: true + type: string + Security_Osquery_API_UpdatePacksRequestBody: + type: object + properties: + description: + $ref: '#/components/schemas/Security_Osquery_API_DescriptionOrUndefined' + enabled: + $ref: '#/components/schemas/Security_Osquery_API_EnabledOrUndefined' + id: + $ref: '#/components/schemas/Security_Osquery_API_PackId' + policy_ids: + $ref: '#/components/schemas/Security_Osquery_API_PolicyIdsOrUndefined' + queries: + $ref: '#/components/schemas/Security_Osquery_API_ObjectQueries' + shards: + $ref: '#/components/schemas/Security_Osquery_API_Shards' + Security_Osquery_API_UpdateSavedQueryRequestBody: + type: object + properties: + description: + $ref: '#/components/schemas/Security_Osquery_API_DescriptionOrUndefined' + ecs_mapping: + $ref: '#/components/schemas/Security_Osquery_API_ECSMappingOrUndefined' + id: + $ref: '#/components/schemas/Security_Osquery_API_SavedQueryId' + interval: + $ref: '#/components/schemas/Security_Osquery_API_IntervalOrUndefined' + platform: + $ref: '#/components/schemas/Security_Osquery_API_DescriptionOrUndefined' + query: + $ref: '#/components/schemas/Security_Osquery_API_QueryOrUndefined' + removed: + $ref: '#/components/schemas/Security_Osquery_API_RemovedOrUndefined' + snapshot: + $ref: '#/components/schemas/Security_Osquery_API_SnapshotOrUndefined' + version: + $ref: '#/components/schemas/Security_Osquery_API_VersionOrUndefined' + Security_Osquery_API_Version: + type: string + Security_Osquery_API_VersionOrUndefined: + $ref: '#/components/schemas/Security_Osquery_API_Version' + nullable: true + Security_Timeline_API_BareNote: + type: object + properties: + created: + nullable: true + type: number + createdBy: + nullable: true type: string - proxy_id: + eventId: + nullable: true type: string - shipper: - type: object - properties: - compression_level: - type: number - disk_queue_compression_enabled: - type: boolean - disk_queue_enabled: - type: boolean - disk_queue_encryption_enabled: - type: boolean - disk_queue_max_size: - type: number - disk_queue_path: - type: string - loadbalance: - type: boolean - ssl: - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - type: - enum: - - elasticsearch + note: + nullable: true + type: string + timelineId: + type: string + updated: + nullable: true + type: number + updatedBy: + nullable: true type: string required: - - name - - hosts - - type - Fleet_output_update_request_kafka: - title: kafka + - timelineId + Security_Timeline_API_BarePinnedEvent: type: object properties: - auth_type: + created: + nullable: true + type: number + createdBy: + nullable: true + type: string + eventId: type: string - broker_timeout: + timelineId: + type: string + updated: + nullable: true type: number - ca_sha256: + updatedBy: + nullable: true type: string - ca_trusted_fingerprint: + required: + - eventId + - timelineId + Security_Timeline_API_ColumnHeaderResult: + type: object + properties: + aggregatable: + nullable: true + type: boolean + category: + nullable: true type: string - client_id: + columnHeaderType: + nullable: true type: string - compression: + description: + nullable: true type: string - compression_level: - type: number - config: - type: object - config_yaml: + example: + nullable: true type: string - connection_type: - enum: - - plaintext - - encryption + id: + nullable: true type: string - headers: - items: - type: object - properties: - key: - type: string - value: - type: string - type: array - hosts: + indexes: items: type: string + nullable: true type: array - id: + name: + nullable: true + type: string + placeholder: + nullable: true type: string - is_default: + searchable: + nullable: true type: boolean - is_default_monitoring: + type: + nullable: true + type: string + Security_Timeline_API_DataProviderQueryMatch: + type: object + properties: + enabled: + nullable: true type: boolean - is_internal: + excluded: + nullable: true type: boolean - key: + id: + nullable: true + type: string + kqlQuery: + nullable: true type: string name: + nullable: true type: string - partition: + queryMatch: + $ref: '#/components/schemas/Security_Timeline_API_QueryMatchResult' + nullable: true + type: + $ref: '#/components/schemas/Security_Timeline_API_DataProviderType' + nullable: true + Security_Timeline_API_DataProviderResult: + type: object + properties: + and: + items: + $ref: '#/components/schemas/Security_Timeline_API_DataProviderQueryMatch' + nullable: true + type: array + enabled: + nullable: true + type: boolean + excluded: + nullable: true + type: boolean + id: + nullable: true type: string - password: + kqlQuery: + nullable: true type: string - proxy_id: + name: + nullable: true type: string - random: - type: object - properties: - group_events: - type: number - required_acks: - type: number - round_robin: - type: object - properties: - group_events: - type: number - sasl: - type: object - properties: - mechanism: - type: string - shipper: - type: object - properties: - compression_level: - type: number - disk_queue_compression_enabled: - type: boolean - disk_queue_enabled: - type: boolean - disk_queue_encryption_enabled: - type: boolean - disk_queue_max_size: - type: number - disk_queue_path: - type: string - loadbalance: - type: boolean - ssl: - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - none - - full - - certificate - - strict - type: string - timeout: + queryMatch: + $ref: '#/components/schemas/Security_Timeline_API_QueryMatchResult' + nullable: true + type: + $ref: '#/components/schemas/Security_Timeline_API_DataProviderType' + nullable: true + Security_Timeline_API_DataProviderType: + description: >- + The type of data provider to create. Valid values are `default` and + `template`. + enum: + - default + - template + type: string + Security_Timeline_API_DocumentIds: + oneOf: + - items: + type: string + type: array + - type: string + Security_Timeline_API_FavoriteTimelineResponse: + type: object + properties: + code: + nullable: true type: number - topic: - type: string - topics: - deprecated: true - description: Use topic instead. + favorite: items: - type: object - properties: - topic: - type: string - when: - deprecated: true - description: >- - Deprecated, kafka output do not support conditionnal topics - anymore. - type: object - properties: - condition: - type: string - type: - type: string + $ref: '#/components/schemas/Security_Timeline_API_FavoriteTimelineResult' type: array - type: - enum: - - kafka + message: + nullable: true type: string - username: + savedObjectId: + type: string + templateTimelineId: + nullable: true type: string + templateTimelineVersion: + nullable: true + type: number + timelineType: + $ref: '#/components/schemas/Security_Timeline_API_TimelineType' version: type: string required: - - name - Fleet_output_update_request_logstash: - title: logstash + - savedObjectId + - version + Security_Timeline_API_FavoriteTimelineResult: type: object properties: - ca_sha256: - type: string - ca_trusted_fingerprint: - type: string - config: - type: object - config_yaml: + favoriteDate: + nullable: true + type: number + fullName: + nullable: true type: string - hosts: - items: - type: string - type: array - id: + userName: + nullable: true type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: - type: boolean - name: + Security_Timeline_API_FilterTimelineResult: + type: object + properties: + exists: + nullable: true type: string - proxy_id: + match_all: + nullable: true type: string - shipper: + meta: + nullable: true type: object properties: - compression_level: - type: number - disk_queue_compression_enabled: - type: boolean - disk_queue_enabled: - type: boolean - disk_queue_encryption_enabled: - type: boolean - disk_queue_max_size: - type: number - disk_queue_path: + alias: + nullable: true type: string - loadbalance: + controlledBy: + nullable: true + type: string + disabled: + nullable: true type: boolean - ssl: - type: object - properties: - certificate: + field: + nullable: true + type: string + formattedValue: + nullable: true + type: string + index: + nullable: true type: string - certificate_authorities: - items: - type: string - type: array key: + nullable: true type: string - type: - enum: - - logstash - type: string - required: - - name - Fleet_package_info: - title: Package information - type: object - properties: - assets: - items: - type: string - type: array - categories: - items: - type: string - type: array - conditions: - type: object - properties: - elasticsearch: - type: object - properties: - subscription: - enum: - - basic - - gold - - platinum - - enterprise - type: string - kibana: - type: object - properties: - versions: - type: string - data_streams: - items: - type: object - properties: - ingeset_pipeline: - type: string - name: - type: string - package: - type: string - release: - type: string - title: - type: string - type: - type: string - vars: - items: - type: object - properties: - default: - type: string - name: - type: string - required: - - name - - default - type: array - required: - - title - - name - - release - - ingeset_pipeline - - type - - package - type: array - description: - type: string - download: - type: string - elasticsearch: - type: object - properties: - privileges: - type: object - properties: - cluster: - items: - type: string - type: array - format_version: - type: string - icons: - items: - type: string - type: array - internal: - type: boolean - name: + negate: + nullable: true + type: boolean + params: + nullable: true + type: string + type: + nullable: true + type: string + value: + nullable: true + type: string + missing: + nullable: true type: string - path: + query: + nullable: true type: string - readme: + range: + nullable: true type: string - release: - deprecated: true - description: >- - release label is deprecated, derive from the version instead - (packages follow semver) - enum: - - experimental - - beta - - ga + script: + nullable: true type: string - screenshots: + Security_Timeline_API_GetNotesResult: + type: object + properties: + notes: + items: + $ref: '#/components/schemas/Security_Timeline_API_Note' + type: array + totalCount: + type: number + required: + - totalCount + - notes + Security_Timeline_API_ImportTimelineResult: + type: object + properties: + errors: items: type: object properties: - path: - type: string - size: - type: string - src: - type: string - title: - type: string - type: + error: + type: object + properties: + message: + type: string + status_code: + type: number + id: type: string - required: - - src - - path type: array - source: - type: object + success: + type: boolean + success_count: + type: number + timelines_installed: + type: number + timelines_updated: + type: number + Security_Timeline_API_ImportTimelines: + allOf: + - $ref: '#/components/schemas/Security_Timeline_API_SavedTimeline' + - type: object properties: - license: - enum: - - Apache-2.0 - - Elastic-2.0 + eventNotes: + items: + $ref: '#/components/schemas/Security_Timeline_API_BareNote' + nullable: true + type: array + globalNotes: + items: + $ref: '#/components/schemas/Security_Timeline_API_BareNote' + nullable: true + type: array + pinnedEventIds: + items: + type: string + nullable: true + type: array + savedObjectId: + nullable: true type: string - title: - type: string - type: - type: string - version: - type: string - required: - - name - - title - - version - - description - - type - - categories - - conditions - - assets - - format_version - - download - - path - Fleet_package_policy: + version: + nullable: true + type: string + required: + - savedObjectId + - version + - pinnedEventIds + - eventNotes + - globalNotes + Security_Timeline_API_Note: allOf: + - $ref: '#/components/schemas/Security_Timeline_API_BareNote' - type: object properties: - id: + noteId: + type: string + version: type: string - inputs: - oneOf: - - items: {} - type: array - - type: object - revision: - type: number required: - - id - - revision - - $ref: '#/components/schemas/Fleet_new_package_policy' - title: Package policy - Fleet_package_policy_request: - title: Package Policy Request + - noteId + - version + Security_Timeline_API_PersistPinnedEventResponse: + oneOf: + - allOf: + - $ref: '#/components/schemas/Security_Timeline_API_PinnedEvent' + - $ref: >- + #/components/schemas/Security_Timeline_API_PinnedEventBaseResponseBody + - nullable: true + type: object + Security_Timeline_API_PersistTimelineResponse: type: object properties: - description: - description: Package policy description - example: my description - type: string - force: - description: >- - Force package policy creation even if package is not verified, or if - the agent policy is managed. - type: boolean - id: - description: Package policy unique identifier - type: string - inputs: - additionalProperties: - type: object - properties: - enabled: - description: enable or disable that input, (default to true) - type: boolean - streams: - additionalProperties: - type: object - properties: - enabled: - description: enable or disable that stream, (default to true) - type: boolean - vars: - description: >- - Stream level variable (see integration documentation for - more information) - type: object - description: >- - Input streams (see integration documentation to know what - streams are available) - type: object - vars: - description: >- - Input level variable (see integration documentation for more - information) - type: object - description: >- - Package policy inputs (see integration documentation to know what - inputs are available) - example: - nginx-logfile: - enabled: true - streams: - nginx.access: - enabled: true - vars: - ignore_older: 72h - paths: - - /var/log/nginx/access.log* - preserve_original_event: false - tags: - - nginx-access - type: object - name: - description: Package policy name (should be unique) - example: nginx-123 - type: string - namespace: - description: >- - The package policy namespace. Leave blank to inherit the agent - policy's namespace. - example: customnamespace - type: string - output_id: - description: Output ID to send package data to - example: output-id - nullable: true - type: string - overrides: - description: >- - Override settings that are defined in the package policy. The - override option should be used only in unusual circumstances and not - as a routine procedure. - nullable: true + data: type: object properties: - inputs: + persistTimeline: type: object - package: - type: object + properties: + timeline: + $ref: '#/components/schemas/Security_Timeline_API_TimelineResponse' + required: + - timeline + required: + - persistTimeline + required: + - data + Security_Timeline_API_PinnedEvent: + allOf: + - $ref: '#/components/schemas/Security_Timeline_API_BarePinnedEvent' + - type: object properties: - name: - description: Package name - example: nginx + pinnedEventId: type: string version: - description: Package version - example: 1.6.0 type: string required: - - name + - pinnedEventId - version - policy_id: - deprecated: true - description: Agent policy ID where that package policy will be added - example: agent-policy-id - nullable: true - type: string - policy_ids: - description: Agent policy IDs where that package policy will be added - example: - - agent-policy-id - items: - type: string - type: array - vars: - description: >- - Package root level variable (see integration documentation for more - information) - type: object - required: - - name - - package - Fleet_package_usage_stats: - title: Package usage stats - type: object - properties: - agent_policy_count: - type: integer - required: - - agent_policy_count - Fleet_proxies: - title: Fleet Proxy + Security_Timeline_API_PinnedEventBaseResponseBody: type: object properties: - certificate: - type: string - certificate_authorities: - type: string - certificate_key: - type: string - id: - type: string - name: - type: string - proxy_headers: - type: object - url: + code: + type: number + message: type: string required: - - name - - url - Fleet_saved_object_type: - oneOf: - - enum: - - dashboard - - visualization - - search - - index_pattern - - map - - lens - - security_rule - - csp_rule_template - - ml_module - - tag - - osquery_pack_asset - - osquery_saved_query - type: string - - enum: - - index - - component_template - - ingest_pipeline - - index_template - - ilm_policy - - transform - - data_stream_ilm_policy - - ml_model - type: string - title: Saved Object type - Fleet_search_result: - title: Search result + - code + Security_Timeline_API_QueryMatchResult: type: object properties: - description: - type: string - download: - type: string - icons: - type: string - installationInfo: - $ref: '#/components/schemas/Fleet_installation_info' - name: - type: string - path: - type: string - savedObject: - deprecated: true - type: object - status: + displayField: + nullable: true type: string - title: + displayValue: + nullable: true type: string - type: + field: + nullable: true type: string - version: + operator: + nullable: true type: string - required: - - description - - download - - icons - - name - - path - - title - - type - - version - - status - Fleet_settings: - title: Settings + value: + oneOf: + - nullable: true + type: string + - items: + type: string + nullable: true + type: array + Security_Timeline_API_ResolvedTimeline: type: object properties: - fleet_server_hosts: - deprecated: true - items: - type: string - type: array - has_seen_add_data_notice: - type: boolean - id: + alias_purpose: + $ref: >- + #/components/schemas/Security_Timeline_API_SavedObjectResolveAliasPurpose + alias_target_id: type: string - prerelease_integrations_enabled: - type: boolean + outcome: + $ref: '#/components/schemas/Security_Timeline_API_SavedObjectResolveOutcome' + timeline: + $ref: >- + #/components/schemas/Security_Timeline_API_TimelineSavedToReturnObject required: - - fleet_server_hosts - - id - Fleet_upgrade_agent: - title: Upgrade agent + - timeline + - outcome + Security_Timeline_API_ResponseNote: type: object properties: - force: - description: Force upgrade, skipping validation (should be used with caution) - type: boolean - skipRateLimitCheck: - description: Skip rate limit check for upgrade - type: boolean - source_uri: - type: string - version: + code: + type: number + message: type: string + note: + $ref: '#/components/schemas/Security_Timeline_API_Note' required: - - version - Fleet_upgrade_agent_diff: - items: - items: - $ref: '#/components/schemas/Fleet_full_agent_policy_input' - type: array - title: Package policy Upgrade dryrun - type: array - Fleet_upgrade_diff: - items: - allOf: - - $ref: '#/components/schemas/Fleet_package_policy' - - allOf: - - $ref: '#/components/schemas/Fleet_new_package_policy' - - type: object - properties: - errors: - items: - type: object - properties: - key: - type: string - message: - type: string - type: array - missingVars: - items: - type: string - type: array - type: object - title: Package policy Upgrade dryrun - type: array - Kibana_HTTP_APIs_core_status_redactedResponse: - additionalProperties: false - description: A minimal representation of Kibana's operational status. - type: object - properties: - status: - additionalProperties: false - type: object - properties: - overall: - additionalProperties: false - type: object - properties: - level: - description: Service status levels as human and machine readable values. - enum: - - available - - degraded - - unavailable - - critical - type: string - required: - - level - required: - - overall - required: - - status - Kibana_HTTP_APIs_core_status_response: - additionalProperties: false - description: >- - Kibana's operational status as well as a detailed breakdown of plugin - statuses indication of various loads (like event loop utilization and - network traffic) at time of request. + - code + - message + - note + Security_Timeline_API_RowRendererId: + enum: + - alert + - alerts + - auditd + - auditd_file + - library + - netflow + - plain + - registry + - suricata + - system + - system_dns + - system_endgame_process + - system_file + - system_fim + - system_security_event + - system_socket + - threat_match + - zeek + type: string + Security_Timeline_API_SavedObjectIds: + oneOf: + - items: + type: string + type: array + - type: string + Security_Timeline_API_SavedObjectResolveAliasPurpose: + enum: + - savedObjectConversion + - savedObjectImport + type: string + Security_Timeline_API_SavedObjectResolveOutcome: + enum: + - exactMatch + - aliasMatch + - conflict + type: string + Security_Timeline_API_SavedTimeline: type: object properties: - metrics: - additionalProperties: false - description: Metric groups collected by Kibana. - type: object - properties: - collection_interval_in_millis: - description: The interval at which metrics should be collected. - type: number - elasticsearch_client: - additionalProperties: false - description: Current network metrics of Kibana's Elasticsearch client. - type: object - properties: - totalActiveSockets: - description: Count of network sockets currently in use. - type: number - totalIdleSockets: - description: Count of network sockets currently idle. - type: number - totalQueuedRequests: - description: Count of requests not yet assigned to sockets. - type: number - required: - - totalActiveSockets - - totalIdleSockets - - totalQueuedRequests - last_updated: - description: The time metrics were collected. - type: string - required: - - elasticsearch_client - - last_updated - - collection_interval_in_millis - name: - description: Kibana instance name. + columns: + items: + $ref: '#/components/schemas/Security_Timeline_API_ColumnHeaderResult' + nullable: true + type: array + created: + nullable: true + type: number + createdBy: + nullable: true type: string - status: - additionalProperties: false + dataProviders: + items: + $ref: '#/components/schemas/Security_Timeline_API_DataProviderResult' + nullable: true + type: array + dataViewId: + nullable: true + type: string + dateRange: + nullable: true type: object properties: - core: - additionalProperties: false - description: Statuses of core Kibana services. - type: object - properties: - elasticsearch: - additionalProperties: false - type: object - properties: - detail: - description: Human readable detail of the service status. - type: string - documentationUrl: - description: A URL to further documentation regarding this service. - type: string - level: - description: >- - Service status levels as human and machine readable - values. - enum: - - available - - degraded - - unavailable - - critical - type: string - meta: - additionalProperties: {} - description: >- - An unstructured set of extra metadata about this - service. - type: object - summary: - description: A human readable summary of the service status. - type: string - required: - - level - - summary - - meta - savedObjects: - additionalProperties: false - type: object - properties: - detail: - description: Human readable detail of the service status. - type: string - documentationUrl: - description: A URL to further documentation regarding this service. - type: string - level: - description: >- - Service status levels as human and machine readable - values. - enum: - - available - - degraded - - unavailable - - critical - type: string - meta: - additionalProperties: {} - description: >- - An unstructured set of extra metadata about this - service. - type: object - summary: - description: A human readable summary of the service status. - type: string - required: - - level - - summary - - meta - required: - - elasticsearch - - savedObjects - overall: - additionalProperties: false - type: object - properties: - detail: - description: Human readable detail of the service status. - type: string - documentationUrl: - description: A URL to further documentation regarding this service. - type: string - level: - description: Service status levels as human and machine readable values. - enum: - - available - - degraded - - unavailable - - critical + end: + oneOf: + - nullable: true type: string - meta: - additionalProperties: {} - description: An unstructured set of extra metadata about this service. - type: object - summary: - description: A human readable summary of the service status. + - nullable: true + type: number + start: + oneOf: + - nullable: true type: string - required: - - level - - summary - - meta - plugins: - additionalProperties: - additionalProperties: false - type: object - properties: - detail: - description: Human readable detail of the service status. - type: string - documentationUrl: - description: A URL to further documentation regarding this service. - type: string - level: - description: >- - Service status levels as human and machine readable - values. - enum: - - available - - degraded - - unavailable - - critical - type: string - meta: - additionalProperties: {} - description: An unstructured set of extra metadata about this service. - type: object - summary: - description: A human readable summary of the service status. - type: string - required: - - level - - summary - - meta - description: A dynamic mapping of plugin ID to plugin status. - type: object - required: - - overall - - core - - plugins - uuid: - description: >- - Unique, generated Kibana instance UUID. This UUID should persist - even if the Kibana process restarts. + - nullable: true + type: number + description: + nullable: true type: string - version: - additionalProperties: false + eqlOptions: + nullable: true type: object properties: - build_date: - description: The date and time of this build. + eventCategoryField: + nullable: true type: string - build_flavor: - description: >- - The build flavour determines configuration and behavior of - Kibana. On premise users will almost always run the - "traditional" flavour, while other flavours are reserved for - Elastic-specific use cases. - enum: - - serverless - - traditional + query: + nullable: true type: string - build_hash: - description: >- - A unique hash value representing the git commit of this Kibana - build. + size: + oneOf: + - nullable: true + type: string + - nullable: true + type: number + tiebreakerField: + nullable: true + type: string + timestampField: + nullable: true + type: string + eventType: + nullable: true + type: string + excludedRowRendererIds: + items: + $ref: '#/components/schemas/Security_Timeline_API_RowRendererId' + nullable: true + type: array + favorite: + items: + $ref: '#/components/schemas/Security_Timeline_API_FavoriteTimelineResult' + nullable: true + type: array + filters: + items: + $ref: '#/components/schemas/Security_Timeline_API_FilterTimelineResult' + nullable: true + type: array + indexNames: + items: + type: string + nullable: true + type: array + kqlMode: + nullable: true + type: string + kqlQuery: + $ref: >- + #/components/schemas/Security_Timeline_API_SerializedFilterQueryResult + nullable: true + savedQueryId: + nullable: true + type: string + savedSearchId: + nullable: true + type: string + sort: + $ref: '#/components/schemas/Security_Timeline_API_Sort' + nullable: true + status: + enum: + - active + - draft + - immutable + nullable: true + type: string + templateTimelineId: + nullable: true + type: string + templateTimelineVersion: + nullable: true + type: number + timelineType: + $ref: '#/components/schemas/Security_Timeline_API_TimelineType' + nullable: true + title: + nullable: true + type: string + updated: + nullable: true + type: number + updatedBy: + nullable: true + type: string + Security_Timeline_API_SavedTimelineWithSavedObjectId: + allOf: + - $ref: '#/components/schemas/Security_Timeline_API_SavedTimeline' + - type: object + properties: + savedObjectId: type: string - build_number: - description: >- - A monotonically increasing number, each subsequent build will - have a higher number. - type: number - build_snapshot: - description: Whether this build is a snapshot build. - type: boolean - number: - description: A semantic version number. + version: type: string required: - - number - - build_hash - - build_number - - build_snapshot - - build_flavor - - build_date - required: - - name - - uuid - - version - - status - - metrics - Machine_learning_APIs_mlSync200Response: + - savedObjectId + - version + Security_Timeline_API_SerializedFilterQueryResult: + type: object properties: - datafeedsAdded: - additionalProperties: - $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseDatafeeds' - description: >- - If a saved object for an anomaly detection job is missing a datafeed - identifier, it is added when you run the sync machine learning saved - objects API. - type: object - datafeedsRemoved: - additionalProperties: - $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseDatafeeds' - description: >- - If a saved object for an anomaly detection job references a datafeed - that no longer exists, it is deleted when you run the sync machine - learning saved objects API. + filterQuery: + nullable: true type: object - savedObjectsCreated: - $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseSavedObjectsCreated - savedObjectsDeleted: - $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseSavedObjectsDeleted - title: Successful sync API response + properties: + kuery: + nullable: true + type: object + properties: + expression: + nullable: true + type: string + kind: + nullable: true + type: string + serializedQuery: + nullable: true + type: string + Security_Timeline_API_Sort: + oneOf: + - $ref: '#/components/schemas/Security_Timeline_API_SortObject' + - items: + $ref: '#/components/schemas/Security_Timeline_API_SortObject' + type: array + Security_Timeline_API_SortFieldTimeline: + description: The field to sort the timelines by. + enum: + - title + - description + - updated + - created + type: string + Security_Timeline_API_SortObject: type: object - Machine_learning_APIs_mlSync4xxResponse: properties: - error: - example: Unauthorized + columnId: + nullable: true type: string - message: + columnType: + nullable: true type: string - statusCode: - example: 401 - type: integer - title: Unsuccessful sync API response - type: object - Machine_learning_APIs_mlSyncResponseAnomalyDetectors: - description: >- - The sync machine learning saved objects API response contains this - object when there are anomaly detection jobs affected by the - synchronization. There is an object for each relevant job, which - contains the synchronization status. - properties: - success: - $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' - title: Sync API response for anomaly detection jobs - type: object - Machine_learning_APIs_mlSyncResponseDatafeeds: - description: >- - The sync machine learning saved objects API response contains this - object when there are datafeeds affected by the synchronization. There - is an object for each relevant datafeed, which contains the - synchronization status. - properties: - success: - $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' - title: Sync API response for datafeeds - type: object - Machine_learning_APIs_mlSyncResponseDataFrameAnalytics: - description: >- - The sync machine learning saved objects API response contains this - object when there are data frame analytics jobs affected by the - synchronization. There is an object for each relevant job, which - contains the synchronization status. - properties: - success: - $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' - title: Sync API response for data frame analytics jobs - type: object - Machine_learning_APIs_mlSyncResponseSavedObjectsCreated: - description: >- - If saved objects are missing for machine learning jobs or trained - models, they are created when you run the sync machine learning saved - objects API. - properties: - anomaly-detector: - additionalProperties: - $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseAnomalyDetectors - description: >- - If saved objects are missing for anomaly detection jobs, they are - created. - type: object - data-frame-analytics: - additionalProperties: - $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseDataFrameAnalytics - description: >- - If saved objects are missing for data frame analytics jobs, they are - created. - type: object - trained-model: - additionalProperties: - $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseTrainedModels - description: If saved objects are missing for trained models, they are created. - type: object - title: Sync API response for created saved objects - type: object - Machine_learning_APIs_mlSyncResponseSavedObjectsDeleted: + sortDirection: + nullable: true + type: string + Security_Timeline_API_TimelineResponse: + allOf: + - $ref: '#/components/schemas/Security_Timeline_API_SavedTimeline' + - $ref: >- + #/components/schemas/Security_Timeline_API_SavedTimelineWithSavedObjectId + - type: object + properties: + eventIdToNoteIds: + items: + $ref: '#/components/schemas/Security_Timeline_API_Note' + nullable: true + type: array + noteIds: + items: + type: string + nullable: true + type: array + notes: + items: + $ref: '#/components/schemas/Security_Timeline_API_Note' + nullable: true + type: array + pinnedEventIds: + items: + type: string + nullable: true + type: array + pinnedEventsSaveObject: + items: + $ref: '#/components/schemas/Security_Timeline_API_PinnedEvent' + nullable: true + type: array + Security_Timeline_API_TimelineSavedToReturnObject: + allOf: + - $ref: '#/components/schemas/Security_Timeline_API_SavedTimeline' + - type: object + properties: + eventIdToNoteIds: + items: + $ref: '#/components/schemas/Security_Timeline_API_Note' + nullable: true + type: array + noteIds: + items: + type: string + nullable: true + type: array + notes: + items: + $ref: '#/components/schemas/Security_Timeline_API_Note' + nullable: true + type: array + pinnedEventIds: + items: + type: string + nullable: true + type: array + pinnedEventsSaveObject: + items: + $ref: '#/components/schemas/Security_Timeline_API_PinnedEvent' + nullable: true + type: array + savedObjectId: + type: string + version: + type: string + required: + - savedObjectId + - version + Security_Timeline_API_TimelineStatus: description: >- - If saved objects exist for machine learning jobs or trained models that - no longer exist, they are deleted when you run the sync machine learning - saved objects API. - properties: - anomaly-detector: - additionalProperties: - $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseAnomalyDetectors - description: >- - If there are saved objects exist for nonexistent anomaly detection - jobs, they are deleted. - type: object - data-frame-analytics: - additionalProperties: - $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseDataFrameAnalytics - description: >- - If there are saved objects exist for nonexistent data frame - analytics jobs, they are deleted. - type: object - trained-model: - additionalProperties: - $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseTrainedModels - description: >- - If there are saved objects exist for nonexistent trained models, - they are deleted. - type: object - title: Sync API response for deleted saved objects - type: object - Machine_learning_APIs_mlSyncResponseSuccess: - description: The success or failure of the synchronization. - type: boolean - Machine_learning_APIs_mlSyncResponseTrainedModels: + The status of the timeline. Valid values are `active`, `draft`, and + `immutable`. + enum: + - active + - draft + - immutable + type: string + Security_Timeline_API_TimelineType: description: >- - The sync machine learning saved objects API response contains this - object when there are trained models affected by the synchronization. - There is an object for each relevant trained model, which contains the - synchronization status. - properties: - success: - $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' - title: Sync API response for trained models - type: object + The type of timeline to create. Valid values are `default` and + `template`. + enum: + - default + - template + type: string Serverless_saved_objects_400_response: title: Bad request type: object @@ -16654,13 +51029,13 @@ tags: - name: Elastic Package Manager (EPM) - name: Fleet enrollment API keys - name: Fleet internals - - name: Fleet Kubernetes - name: Fleet outputs - name: Fleet package policies - name: Fleet proxies - name: Fleet Server hosts - name: Fleet service tokens - name: Fleet uninstall tokens + - name: Message Signing Service - description: Machine learning name: ml - description: > @@ -16682,6 +51057,44 @@ tags: permanently breaks future Kibana versions. name: saved objects x-displayName: Saved objects + - description: Manage and interact with Security Assistant resources. + name: Security AI Assistant API + x-displayName: Security AI assistant + - description: >- + You can create rules that automatically turn events and external alerts + sent to Elastic Security into detection alerts. These alerts are displayed + on the Detections page. + name: Security Detections API + x-displayName: Security detections + - description: >- + Endpoint Exceptions API allows you to manage detection rule endpoint + exceptions to prevent a rule from generating an alert from incoming events + even when the rule's other criteria are met. + name: Security Endpoint Exceptions API + x-displayName: Security endpoint exceptions + - description: Interact with and manage endpoints running the Elastic Defend integration. + name: Security Endpoint Management API + x-displayName: Security endpoint management + - description: '' + name: Security Entity Analytics API + x-displayName: Security entity analytics + - description: >- + Exceptions API allows you to manage detection rule exceptions to prevent a + rule from generating an alert from incoming events even when the rule's + other criteria are met. + name: Security Exceptions API + x-displayName: Security exceptions + - description: Lists API allows you to manage lists of keywords, IPs or IP ranges items. + name: Security Lists API + x-displayName: Security lists + - description: Run live queries, manage packs and saved queries. + name: Security Osquery API + x-displayName: Security Osquery + - description: >- + You can create Timelines and Timeline templates via the API, as well as + import new Timelines from an ndjson file. + name: Security Timeline API + x-displayName: Security timeline - description: SLO APIs enable you to define, manage and track service-level objectives name: slo - name: spaces diff --git a/oas_docs/output/kibana.staging.yaml b/oas_docs/output/kibana.staging.yaml index 3114d0bb7622a..aba85f8c82ca9 100644 --- a/oas_docs/output/kibana.staging.yaml +++ b/oas_docs/output/kibana.staging.yaml @@ -13245,184 +13245,983 @@ paths: - Security Exceptions API /api/fleet/agent_download_sources: get: - operationId: get-download-sources + description: List agent binary download sources + operationId: '%2Fapi%2Ffleet%2Fagent_download_sources#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: items: items: - $ref: '#/components/schemas/Fleet_download_sources' + additionalProperties: false + type: object + properties: + host: + format: uri + type: string + id: + type: string + is_default: + default: false + type: boolean + name: + type: string + proxy_id: + description: >- + The ID of the proxy to use for this download source. + See the proxies API for more information. + nullable: true + type: string + required: + - id + - name + - host type: array page: - type: integer + type: number perPage: - type: integer + type: number total: - type: integer - description: OK + type: number + required: + - items + - total + - page + - perPage '400': - $ref: '#/components/responses/Fleet_error' - summary: List agent binary download sources + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - Elastic Agent binary download sources post: - operationId: post-download-sources + description: Create agent binary download source + operationId: '%2Fapi%2Ffleet%2Fagent_download_sources#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: host: + format: uri type: string id: type: string is_default: + default: false type: boolean name: type: string + proxy_id: + description: >- + The ID of the proxy to use for this download source. See the + proxies API for more information. + nullable: true + type: string required: - name - host - - is_default responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: item: - $ref: '#/components/schemas/Fleet_download_sources' - description: OK + additionalProperties: false + type: object + properties: + host: + format: uri + type: string + id: + type: string + is_default: + default: false + type: boolean + name: + type: string + proxy_id: + description: >- + The ID of the proxy to use for this download source. + See the proxies API for more information. + nullable: true + type: string + required: + - id + - name + - host + required: + - item '400': - $ref: '#/components/responses/Fleet_error' - summary: Create agent binary download source + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - Elastic Agent binary download sources /api/fleet/agent_download_sources/{sourceId}: delete: - operationId: delete-download-source + description: Delete agent binary download source by ID + operationId: '%2Fapi%2Ffleet%2Fagent_download_sources%2F%7BsourceId%7D#2' parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: sourceId + required: true + schema: + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: id: type: string required: - id - description: OK '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete agent binary download source by ID + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - Elastic Agent binary download sources get: - operationId: get-one-download-source + description: Get agent binary download source by ID + operationId: '%2Fapi%2Ffleet%2Fagent_download_sources%2F%7BsourceId%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: sourceId + required: true + schema: + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: item: - $ref: '#/components/schemas/Fleet_download_sources' + additionalProperties: false + type: object + properties: + host: + format: uri + type: string + id: + type: string + is_default: + default: false + type: boolean + name: + type: string + proxy_id: + description: >- + The ID of the proxy to use for this download source. + See the proxies API for more information. + nullable: true + type: string + required: + - id + - name + - host required: - item - description: OK '400': - $ref: '#/components/responses/Fleet_error' - summary: Get agent binary download source by ID + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - Elastic Agent binary download sources - parameters: - - in: path - name: sourceId - required: true - schema: - type: string put: - operationId: update-download-source + description: Update agent binary download source by ID + operationId: '%2Fapi%2Ffleet%2Fagent_download_sources%2F%7BsourceId%7D#1' parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: sourceId + required: true + schema: + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: host: + format: uri + type: string + id: type: string is_default: + default: false type: boolean name: type: string + proxy_id: + description: >- + The ID of the proxy to use for this download source. See the + proxies API for more information. + nullable: true + type: string required: - name - - is_default - host responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: item: - $ref: '#/components/schemas/Fleet_download_sources' + additionalProperties: false + type: object + properties: + host: + format: uri + type: string + id: + type: string + is_default: + default: false + type: boolean + name: + type: string + proxy_id: + description: >- + The ID of the proxy to use for this download source. + See the proxies API for more information. + nullable: true + type: string + required: + - id + - name + - host required: - item - description: OK '400': - $ref: '#/components/responses/Fleet_error' - summary: Update agent binary download source by ID + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - Elastic Agent binary download sources /api/fleet/agent_policies: get: - description: '' - operationId: agent-policy-list + description: List agent policies + operationId: '%2Fapi%2Ffleet%2Fagent_policies#0' parameters: - - $ref: '#/components/parameters/Fleet_page_size' - - $ref: '#/components/parameters/Fleet_page_index' - - $ref: '#/components/parameters/Fleet_kuery' - - $ref: '#/components/parameters/Fleet_format' - - description: >- - When set to true, retrieve the related package policies for each - agent policy. - in: query - name: full - schema: - type: boolean - - description: >- - When set to true, do not count how many agents are in the agent - policy, this can improve performance if you are searching over a - large number of agent policies. The "agents" property will always be - 0 if set to true. - in: query - name: noAgentCount + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: page + required: false + schema: + type: number + - in: query + name: perPage + required: false + schema: + type: number + - in: query + name: sortField + required: false + schema: + type: string + - in: query + name: sortOrder + required: false + schema: + enum: + - desc + - asc + type: string + - in: query + name: showUpgradeable + required: false + schema: + type: boolean + - in: query + name: kuery + required: false + schema: + type: string + - in: query + name: noAgentCount + required: false schema: type: boolean + - in: query + name: full + required: false + schema: + type: boolean + - in: query + name: format + required: false + schema: + enum: + - simplified + - legacy + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: items: items: - $ref: '#/components/schemas/Fleet_agent_policy' + additionalProperties: false + type: object + properties: + advanced_settings: + additionalProperties: false + type: object + properties: + agent_download_target_directory: + nullable: true + agent_download_timeout: + default: 2h + nullable: true + agent_limits_go_max_procs: + nullable: true + agent_logging_level: + default: info + nullable: true + agent_logging_metrics_period: + default: 30s + nullable: true + agent_features: + items: + additionalProperties: false + type: object + properties: + enabled: + type: boolean + name: + type: string + required: + - name + - enabled + type: array + agents: + type: number + data_output_id: + nullable: true + type: string + description: + type: string + download_source_id: + nullable: true + type: string + fleet_server_host_id: + nullable: true + type: string + global_data_tags: + description: >- + User defined data tags that are added to all of the + inputs. The values can be strings or numbers. + items: + additionalProperties: false + type: object + properties: + name: + type: string + value: + anyOf: + - type: string + - type: number + required: + - name + - value + type: array + has_fleet_server: + type: boolean + id: + type: string + inactivity_timeout: + default: 1209600 + minimum: 0 + type: number + is_default: + type: boolean + is_default_fleet_server: + type: boolean + is_managed: + type: boolean + is_preconfigured: + type: boolean + is_protected: + description: >- + Indicates whether the agent policy has tamper + protection enabled. Default false. + type: boolean + keep_monitoring_alive: + default: false + description: >- + When set to true, monitoring will be enabled but + logs/metrics collection will be disabled + nullable: true + type: boolean + monitoring_diagnostics: + additionalProperties: false + type: object + properties: + limit: + additionalProperties: false + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + additionalProperties: false + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number + monitoring_enabled: + items: + enum: + - logs + - metrics + - traces + type: string + type: array + monitoring_http: + additionalProperties: false + type: object + properties: + buffer: + additionalProperties: false + type: object + properties: + enabled: + default: false + type: boolean + enabled: + type: boolean + host: + type: string + port: + maximum: 65353 + minimum: 0 + type: number + required: + - enabled + monitoring_output_id: + nullable: true + type: string + monitoring_pprof_enabled: + type: boolean + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + overrides: + additionalProperties: {} + description: >- + Override settings that are defined in the agent + policy. Input settings cannot be overridden. The + override option should be used only in unusual + circumstances and not as a routine procedure. + nullable: true + type: object + package_policies: + anyOf: + - items: + type: string + type: array + - description: >- + This field is present only when retrieving a + single agent policy, or when retrieving a list + of agent policies with the ?full=true parameter + items: + additionalProperties: false + type: object + properties: + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank + to inherit the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the + package policy. The override option should + be used only in unusual circumstances and + not as a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy + will be added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package + policy will be added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + updated_at: + type: string + updated_by: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + version: + type: string + required: + - name + - enabled + - inputs + - id + - revision + - updated_at + - updated_by + - created_at + - created_by + type: array + revision: + type: number + schema_version: + type: string + space_ids: + items: + type: string + type: array + status: + enum: + - active + - inactive + type: string + supports_agentless: + default: false + description: >- + Indicates whether the agent policy supports + agentless integrations. + nullable: true + type: boolean + unenroll_timeout: + minimum: 0 + type: number + unprivileged_agents: + type: number + updated_at: + type: string + updated_by: + type: string + version: + type: string + required: + - id + - name + - namespace + - is_managed + - is_protected + - status + - updated_at + - updated_by + - revision type: array page: type: number @@ -13435,756 +14234,3203 @@ paths: - total - page - perPage - description: OK '400': - $ref: '#/components/responses/Fleet_error' - summary: List agent policies - tags: - - Elastic Agent policies - post: - operationId: create-agent-policy - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Fleet_agent_policy_create_request' - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - item: - $ref: '#/components/schemas/Fleet_agent_policy' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Create agent policy - tags: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: - Elastic Agent policies - /api/fleet/agent_policies/_bulk_get: post: - operationId: bulk-get-agent-policies + description: Create an agent policy + operationId: '%2Fapi%2Ffleet%2Fagent_policies#1' parameters: - - $ref: '#/components/parameters/Fleet_format' + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: query + name: sys_monitoring + required: false + schema: + type: boolean requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - full: - description: get full policies with package policies populated + advanced_settings: + additionalProperties: false + type: object + properties: + agent_download_target_directory: + nullable: true + agent_download_timeout: + default: 2h + nullable: true + agent_limits_go_max_procs: + nullable: true + agent_logging_level: + default: info + nullable: true + agent_logging_metrics_period: + default: 30s + nullable: true + agent_features: + items: + additionalProperties: false + type: object + properties: + enabled: + type: boolean + name: + type: string + required: + - name + - enabled + type: array + data_output_id: + nullable: true + type: string + description: + type: string + download_source_id: + nullable: true + type: string + fleet_server_host_id: + nullable: true + type: string + force: type: boolean - ids: - description: list of agent policy ids + global_data_tags: + description: >- + User defined data tags that are added to all of the inputs. + The values can be strings or numbers. items: - type: string + additionalProperties: false + type: object + properties: + name: + type: string + value: + anyOf: + - type: string + - type: number + required: + - name + - value type: array - ignoreMissing: + has_fleet_server: type: boolean - required: - - ids - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: + id: + type: string + inactivity_timeout: + default: 1209600 + minimum: 0 + type: number + is_default: + type: boolean + is_default_fleet_server: + type: boolean + is_managed: + type: boolean + is_protected: + type: boolean + keep_monitoring_alive: + default: false + description: >- + When set to true, monitoring will be enabled but + logs/metrics collection will be disabled + nullable: true + type: boolean + monitoring_diagnostics: + additionalProperties: false + type: object + properties: + limit: + additionalProperties: false + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + additionalProperties: false + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number + monitoring_enabled: items: - items: - $ref: '#/components/schemas/Fleet_agent_policy' - type: array - required: - - items - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Bulk get agent policies - tags: - - Elastic Agent policies - /api/fleet/agent_policies/{agentPolicyId}: - get: - description: Get one agent policy - operationId: agent-policy-info - parameters: [] - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_agent_policy' - required: - - item - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get agent policy by ID - tags: - - Elastic Agent policies - parameters: - - in: path - name: agentPolicyId - required: true - schema: - type: string - - $ref: '#/components/parameters/Fleet_format' - put: - operationId: update-agent-policy - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Fleet_agent_policy_update_request' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_agent_policy' - required: - - item - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Update agent policy by ID - tags: - - Elastic Agent policies - /api/fleet/agent_policies/{agentPolicyId}/copy: - parameters: - - in: path - name: agentPolicyId - required: true - schema: - type: string - - $ref: '#/components/parameters/Fleet_format' - post: - operationId: agent-policy-copy - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - description: + enum: + - logs + - metrics + - traces + type: string + type: array + monitoring_http: + additionalProperties: false + type: object + properties: + buffer: + additionalProperties: false + type: object + properties: + enabled: + default: false + type: boolean + enabled: + type: boolean + host: + type: string + port: + maximum: 65353 + minimum: 0 + type: number + required: + - enabled + monitoring_output_id: + nullable: true type: string + monitoring_pprof_enabled: + type: boolean name: + minLength: 1 + type: string + namespace: + minLength: 1 type: string + overrides: + additionalProperties: {} + description: >- + Override settings that are defined in the agent policy. + Input settings cannot be overridden. The override option + should be used only in unusual circumstances and not as a + routine procedure. + nullable: true + type: object + space_ids: + items: + type: string + type: array + supports_agentless: + default: false + description: >- + Indicates whether the agent policy supports agentless + integrations. + nullable: true + type: boolean + unenroll_timeout: + minimum: 0 + type: number required: - name - description: '' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_agent_policy' - required: - - item - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Copy agent policy by ID - tags: - - Elastic Agent policies - /api/fleet/agent_policies/{agentPolicyId}/download: - get: - operationId: agent-policy-download - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - item: - type: string - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Download agent policy by ID - tags: - - Elastic Agent policies - parameters: - - in: path - name: agentPolicyId - required: true - schema: - type: string - - in: query - name: download - required: false - schema: - type: string - - in: query - name: standalone - required: false - schema: - type: string - - in: query - name: kubernetes - required: false - schema: - type: string - /api/fleet/agent_policies/{agentPolicyId}/full: - get: - operationId: agent-policy-full + - namespace responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: item: - oneOf: - - type: string - - $ref: '#/components/schemas/Fleet_agent_policy_full' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get full agent policy by ID - tags: - - Elastic Agent policies - parameters: - - in: path - name: agentPolicyId - required: true - schema: - type: string - - in: query - name: download - required: false - schema: - type: string - - in: query - name: standalone - required: false - schema: - type: string - - in: query - name: kubernetes - required: false - schema: - type: string - /api/fleet/agent_policies/delete: - parameters: [] + additionalProperties: false + type: object + properties: + advanced_settings: + additionalProperties: false + type: object + properties: + agent_download_target_directory: + nullable: true + agent_download_timeout: + default: 2h + nullable: true + agent_limits_go_max_procs: + nullable: true + agent_logging_level: + default: info + nullable: true + agent_logging_metrics_period: + default: 30s + nullable: true + agent_features: + items: + additionalProperties: false + type: object + properties: + enabled: + type: boolean + name: + type: string + required: + - name + - enabled + type: array + agents: + type: number + data_output_id: + nullable: true + type: string + description: + type: string + download_source_id: + nullable: true + type: string + fleet_server_host_id: + nullable: true + type: string + global_data_tags: + description: >- + User defined data tags that are added to all of the + inputs. The values can be strings or numbers. + items: + additionalProperties: false + type: object + properties: + name: + type: string + value: + anyOf: + - type: string + - type: number + required: + - name + - value + type: array + has_fleet_server: + type: boolean + id: + type: string + inactivity_timeout: + default: 1209600 + minimum: 0 + type: number + is_default: + type: boolean + is_default_fleet_server: + type: boolean + is_managed: + type: boolean + is_preconfigured: + type: boolean + is_protected: + description: >- + Indicates whether the agent policy has tamper + protection enabled. Default false. + type: boolean + keep_monitoring_alive: + default: false + description: >- + When set to true, monitoring will be enabled but + logs/metrics collection will be disabled + nullable: true + type: boolean + monitoring_diagnostics: + additionalProperties: false + type: object + properties: + limit: + additionalProperties: false + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + additionalProperties: false + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number + monitoring_enabled: + items: + enum: + - logs + - metrics + - traces + type: string + type: array + monitoring_http: + additionalProperties: false + type: object + properties: + buffer: + additionalProperties: false + type: object + properties: + enabled: + default: false + type: boolean + enabled: + type: boolean + host: + type: string + port: + maximum: 65353 + minimum: 0 + type: number + required: + - enabled + monitoring_output_id: + nullable: true + type: string + monitoring_pprof_enabled: + type: boolean + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + overrides: + additionalProperties: {} + description: >- + Override settings that are defined in the agent + policy. Input settings cannot be overridden. The + override option should be used only in unusual + circumstances and not as a routine procedure. + nullable: true + type: object + package_policies: + anyOf: + - items: + type: string + type: array + - description: >- + This field is present only when retrieving a + single agent policy, or when retrieving a list of + agent policies with the ?full=true parameter + items: + additionalProperties: false + type: object + properties: + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to + inherit the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the + package policy. The override option should + be used only in unusual circumstances and + not as a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy + will be added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy + will be added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + updated_at: + type: string + updated_by: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + version: + type: string + required: + - name + - enabled + - inputs + - id + - revision + - updated_at + - updated_by + - created_at + - created_by + type: array + revision: + type: number + schema_version: + type: string + space_ids: + items: + type: string + type: array + status: + enum: + - active + - inactive + type: string + supports_agentless: + default: false + description: >- + Indicates whether the agent policy supports agentless + integrations. + nullable: true + type: boolean + unenroll_timeout: + minimum: 0 + type: number + unprivileged_agents: + type: number + updated_at: + type: string + updated_by: + type: string + version: + type: string + required: + - id + - name + - namespace + - is_managed + - is_protected + - status + - updated_at + - updated_by + - revision + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agent policies + /api/fleet/agent_policies/_bulk_get: post: - operationId: delete-agent-policy + description: Bulk get agent policies + operationId: '%2Fapi%2Ffleet%2Fagent_policies%2F_bulk_get#0' parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: query + name: format + required: false + schema: + enum: + - simplified + - legacy + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - agentPolicyId: - type: string - force: - description: >- - bypass validation checks that can prevent agent policy - deletion + full: + description: get full policies with package policies populated + type: boolean + ids: + description: list of package policy ids + items: + type: string + type: array + ignoreMissing: type: boolean required: - - agentPolicyId + - ids responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - id: - type: string - success: - type: boolean + items: + items: + additionalProperties: false + type: object + properties: + advanced_settings: + additionalProperties: false + type: object + properties: + agent_download_target_directory: + nullable: true + agent_download_timeout: + default: 2h + nullable: true + agent_limits_go_max_procs: + nullable: true + agent_logging_level: + default: info + nullable: true + agent_logging_metrics_period: + default: 30s + nullable: true + agent_features: + items: + additionalProperties: false + type: object + properties: + enabled: + type: boolean + name: + type: string + required: + - name + - enabled + type: array + agents: + type: number + data_output_id: + nullable: true + type: string + description: + type: string + download_source_id: + nullable: true + type: string + fleet_server_host_id: + nullable: true + type: string + global_data_tags: + description: >- + User defined data tags that are added to all of the + inputs. The values can be strings or numbers. + items: + additionalProperties: false + type: object + properties: + name: + type: string + value: + anyOf: + - type: string + - type: number + required: + - name + - value + type: array + has_fleet_server: + type: boolean + id: + type: string + inactivity_timeout: + default: 1209600 + minimum: 0 + type: number + is_default: + type: boolean + is_default_fleet_server: + type: boolean + is_managed: + type: boolean + is_preconfigured: + type: boolean + is_protected: + description: >- + Indicates whether the agent policy has tamper + protection enabled. Default false. + type: boolean + keep_monitoring_alive: + default: false + description: >- + When set to true, monitoring will be enabled but + logs/metrics collection will be disabled + nullable: true + type: boolean + monitoring_diagnostics: + additionalProperties: false + type: object + properties: + limit: + additionalProperties: false + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + additionalProperties: false + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number + monitoring_enabled: + items: + enum: + - logs + - metrics + - traces + type: string + type: array + monitoring_http: + additionalProperties: false + type: object + properties: + buffer: + additionalProperties: false + type: object + properties: + enabled: + default: false + type: boolean + enabled: + type: boolean + host: + type: string + port: + maximum: 65353 + minimum: 0 + type: number + required: + - enabled + monitoring_output_id: + nullable: true + type: string + monitoring_pprof_enabled: + type: boolean + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + overrides: + additionalProperties: {} + description: >- + Override settings that are defined in the agent + policy. Input settings cannot be overridden. The + override option should be used only in unusual + circumstances and not as a routine procedure. + nullable: true + type: object + package_policies: + anyOf: + - items: + type: string + type: array + - description: >- + This field is present only when retrieving a + single agent policy, or when retrieving a list + of agent policies with the ?full=true parameter + items: + additionalProperties: false + type: object + properties: + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank + to inherit the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the + package policy. The override option should + be used only in unusual circumstances and + not as a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy + will be added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package + policy will be added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + updated_at: + type: string + updated_by: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + version: + type: string + required: + - name + - enabled + - inputs + - id + - revision + - updated_at + - updated_by + - created_at + - created_by + type: array + revision: + type: number + schema_version: + type: string + space_ids: + items: + type: string + type: array + status: + enum: + - active + - inactive + type: string + supports_agentless: + default: false + description: >- + Indicates whether the agent policy supports + agentless integrations. + nullable: true + type: boolean + unenroll_timeout: + minimum: 0 + type: number + unprivileged_agents: + type: number + updated_at: + type: string + updated_by: + type: string + version: + type: string + required: + - id + - name + - namespace + - is_managed + - is_protected + - status + - updated_at + - updated_by + - revision + type: array required: - - id - - success - description: OK + - items '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete agent policy by ID + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - Elastic Agent policies - /api/fleet/agent_status: + /api/fleet/agent_policies/{agentPolicyId}: get: - operationId: get-agent-status + description: Get an agent policy by ID + operationId: '%2Fapi%2Ffleet%2Fagent_policies%2F%7BagentPolicyId%7D#0' parameters: - - in: query - name: policyId - required: false + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: agentPolicyId + required: true schema: type: string - - deprecated: true - in: query - name: kuery + - in: query + name: format required: false schema: + enum: + - simplified + - legacy type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - active: - type: integer - all: - type: integer - error: - type: integer - events: - type: integer - inactive: - type: integer - offline: - type: integer - online: - type: integer - other: - type: integer - total: - deprecated: true - type: integer - unenrolled: - type: integer - updating: - type: integer - required: - - active - - all - - error - - events - - inactive - - offline - - online - - other - - total - - updating - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get agent status summary - tags: - - Elastic Agent status - /api/fleet/agent_status/data: - get: - operationId: get-agent-data - parameters: - - in: query - name: agentsIds - required: true - schema: - items: - type: string - type: array - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - items: - items: - additionalProperties: + item: + additionalProperties: false + type: object + properties: + advanced_settings: + additionalProperties: false type: object properties: - data: + agent_download_target_directory: + nullable: true + agent_download_timeout: + default: 2h + nullable: true + agent_limits_go_max_procs: + nullable: true + agent_logging_level: + default: info + nullable: true + agent_logging_metrics_period: + default: 30s + nullable: true + agent_features: + items: + additionalProperties: false + type: object + properties: + enabled: + type: boolean + name: + type: string + required: + - name + - enabled + type: array + agents: + type: number + data_output_id: + nullable: true + type: string + description: + type: string + download_source_id: + nullable: true + type: string + fleet_server_host_id: + nullable: true + type: string + global_data_tags: + description: >- + User defined data tags that are added to all of the + inputs. The values can be strings or numbers. + items: + additionalProperties: false + type: object + properties: + name: + type: string + value: + anyOf: + - type: string + - type: number + required: + - name + - value + type: array + has_fleet_server: + type: boolean + id: + type: string + inactivity_timeout: + default: 1209600 + minimum: 0 + type: number + is_default: + type: boolean + is_default_fleet_server: + type: boolean + is_managed: + type: boolean + is_preconfigured: + type: boolean + is_protected: + description: >- + Indicates whether the agent policy has tamper + protection enabled. Default false. + type: boolean + keep_monitoring_alive: + default: false + description: >- + When set to true, monitoring will be enabled but + logs/metrics collection will be disabled + nullable: true + type: boolean + monitoring_diagnostics: + additionalProperties: false + type: object + properties: + limit: + additionalProperties: false + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + additionalProperties: false + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number + monitoring_enabled: + items: + enum: + - logs + - metrics + - traces + type: string + type: array + monitoring_http: + additionalProperties: false + type: object + properties: + buffer: + additionalProperties: false + type: object + properties: + enabled: + default: false + type: boolean + enabled: type: boolean - type: object - type: array - description: OK + host: + type: string + port: + maximum: 65353 + minimum: 0 + type: number + required: + - enabled + monitoring_output_id: + nullable: true + type: string + monitoring_pprof_enabled: + type: boolean + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + overrides: + additionalProperties: {} + description: >- + Override settings that are defined in the agent + policy. Input settings cannot be overridden. The + override option should be used only in unusual + circumstances and not as a routine procedure. + nullable: true + type: object + package_policies: + anyOf: + - items: + type: string + type: array + - description: >- + This field is present only when retrieving a + single agent policy, or when retrieving a list of + agent policies with the ?full=true parameter + items: + additionalProperties: false + type: object + properties: + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to + inherit the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the + package policy. The override option should + be used only in unusual circumstances and + not as a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy + will be added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy + will be added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + updated_at: + type: string + updated_by: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + version: + type: string + required: + - name + - enabled + - inputs + - id + - revision + - updated_at + - updated_by + - created_at + - created_by + type: array + revision: + type: number + schema_version: + type: string + space_ids: + items: + type: string + type: array + status: + enum: + - active + - inactive + type: string + supports_agentless: + default: false + description: >- + Indicates whether the agent policy supports agentless + integrations. + nullable: true + type: boolean + unenroll_timeout: + minimum: 0 + type: number + unprivileged_agents: + type: number + updated_at: + type: string + updated_by: + type: string + version: + type: string + required: + - id + - name + - namespace + - is_managed + - is_protected + - status + - updated_at + - updated_by + - revision + required: + - item '400': - $ref: '#/components/responses/Fleet_error' - summary: Get incoming agent data - tags: - - Elastic Agent status - /api/fleet/agent-status: - get: - deprecated: true - operationId: get-agent-status-deprecated - parameters: - - in: query - name: policyId - required: false - schema: - type: string - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: error: - type: integer - events: - type: integer - inactive: - type: integer - offline: - type: integer - online: - type: integer - other: - type: integer - total: - type: integer - updating: - type: integer + type: string + message: + type: string + statusCode: + type: number required: - - error - - events - - inactive - - offline - - online - - other - - total - - updating - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get agent status summary + - message + summary: '' tags: - - Elastic Agent status - /api/fleet/agents: - get: - operationId: get-agents - parameters: - - $ref: '#/components/parameters/Fleet_page_size' - - $ref: '#/components/parameters/Fleet_page_index' - - $ref: '#/components/parameters/Fleet_kuery' - - $ref: '#/components/parameters/Fleet_show_inactive' - - $ref: '#/components/parameters/Fleet_show_upgradeable' - - $ref: '#/components/parameters/Fleet_sort_field' - - $ref: '#/components/parameters/Fleet_sort_order' - - $ref: '#/components/parameters/Fleet_with_metrics' - - in: query - name: getStatusSummary - required: false - schema: - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Fleet_get_agents_response' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: List agents - tags: - - Elastic Agents - post: - operationId: get-agents-by-actions + - Elastic Agent policies + put: + description: Update an agent policy by ID + operationId: '%2Fapi%2Ffleet%2Fagent_policies%2F%7BagentPolicyId%7D#1' parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: agentPolicyId + required: true + schema: + type: string + - in: query + name: format + required: false + schema: + enum: + - simplified + - legacy + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - actionIds: + advanced_settings: + additionalProperties: false + type: object + properties: + agent_download_target_directory: + nullable: true + agent_download_timeout: + default: 2h + nullable: true + agent_limits_go_max_procs: + nullable: true + agent_logging_level: + default: info + nullable: true + agent_logging_metrics_period: + default: 30s + nullable: true + agent_features: items: - type: string + additionalProperties: false + type: object + properties: + enabled: + type: boolean + name: + type: string + required: + - name + - enabled type: array - required: - - policy_id - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Fleet_agent_get_by_actions' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: List agents by action ids - tags: - - Elastic Agents - /api/fleet/agents/{agentId}: - delete: - operationId: delete-agent - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - action: + data_output_id: + nullable: true + type: string + description: + type: string + download_source_id: + nullable: true + type: string + fleet_server_host_id: + nullable: true + type: string + force: + type: boolean + global_data_tags: + description: >- + User defined data tags that are added to all of the inputs. + The values can be strings or numbers. + items: + additionalProperties: false + type: object + properties: + name: + type: string + value: + anyOf: + - type: string + - type: number + required: + - name + - value + type: array + has_fleet_server: + type: boolean + id: + type: string + inactivity_timeout: + default: 1209600 + minimum: 0 + type: number + is_default: + type: boolean + is_default_fleet_server: + type: boolean + is_managed: + type: boolean + is_protected: + type: boolean + keep_monitoring_alive: + default: false + description: >- + When set to true, monitoring will be enabled but + logs/metrics collection will be disabled + nullable: true + type: boolean + monitoring_diagnostics: + additionalProperties: false + type: object + properties: + limit: + additionalProperties: false + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + additionalProperties: false + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number + monitoring_enabled: + items: enum: - - deleted + - logs + - metrics + - traces type: string - required: - - action - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete agent by ID - tags: - - Elastic Agents - get: - operationId: get-agent - parameters: - - $ref: '#/components/parameters/Fleet_with_metrics' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_agent' - required: - - item - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get agent by ID - tags: - - Elastic Agents - parameters: - - in: path - name: agentId - required: true - schema: - type: string - put: - operationId: update-agent - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - tags: + type: array + monitoring_http: + additionalProperties: false + type: object + properties: + buffer: + additionalProperties: false + type: object + properties: + enabled: + default: false + type: boolean + enabled: + type: boolean + host: + type: string + port: + maximum: 65353 + minimum: 0 + type: number + required: + - enabled + monitoring_output_id: + nullable: true + type: string + monitoring_pprof_enabled: + type: boolean + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + overrides: + additionalProperties: {} + description: >- + Override settings that are defined in the agent policy. + Input settings cannot be overridden. The override option + should be used only in unusual circumstances and not as a + routine procedure. + nullable: true + type: object + space_ids: items: type: string type: array - user_provided_metadata: - type: object - required: true + supports_agentless: + default: false + description: >- + Indicates whether the agent policy supports agentless + integrations. + nullable: true + type: boolean + unenroll_timeout: + minimum: 0 + type: number + required: + - name + - namespace responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: item: - $ref: '#/components/schemas/Fleet_agent' - required: - - item - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Update agent by ID - tags: - - Elastic Agents - /api/fleet/agents/{agentId}/actions: - parameters: - - in: path - name: agentId - required: true - schema: - type: string - post: - operationId: new-agent-action - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - action: - $ref: '#/components/schemas/Fleet_agent_action' - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - body: - items: - type: number - type: array - headers: - type: string - statusCode: - type: number - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Create agent action - tags: - - Elastic Agent actions - /api/fleet/agents/{agentId}/reassign: - parameters: - - in: path - name: agentId - required: true - schema: - type: string - post: - operationId: reassign-agent - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - policy_id: - type: string - required: - - policy_id - required: true - responses: - '200': + additionalProperties: false + type: object + properties: + advanced_settings: + additionalProperties: false + type: object + properties: + agent_download_target_directory: + nullable: true + agent_download_timeout: + default: 2h + nullable: true + agent_limits_go_max_procs: + nullable: true + agent_logging_level: + default: info + nullable: true + agent_logging_metrics_period: + default: 30s + nullable: true + agent_features: + items: + additionalProperties: false + type: object + properties: + enabled: + type: boolean + name: + type: string + required: + - name + - enabled + type: array + agents: + type: number + data_output_id: + nullable: true + type: string + description: + type: string + download_source_id: + nullable: true + type: string + fleet_server_host_id: + nullable: true + type: string + global_data_tags: + description: >- + User defined data tags that are added to all of the + inputs. The values can be strings or numbers. + items: + additionalProperties: false + type: object + properties: + name: + type: string + value: + anyOf: + - type: string + - type: number + required: + - name + - value + type: array + has_fleet_server: + type: boolean + id: + type: string + inactivity_timeout: + default: 1209600 + minimum: 0 + type: number + is_default: + type: boolean + is_default_fleet_server: + type: boolean + is_managed: + type: boolean + is_preconfigured: + type: boolean + is_protected: + description: >- + Indicates whether the agent policy has tamper + protection enabled. Default false. + type: boolean + keep_monitoring_alive: + default: false + description: >- + When set to true, monitoring will be enabled but + logs/metrics collection will be disabled + nullable: true + type: boolean + monitoring_diagnostics: + additionalProperties: false + type: object + properties: + limit: + additionalProperties: false + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + additionalProperties: false + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number + monitoring_enabled: + items: + enum: + - logs + - metrics + - traces + type: string + type: array + monitoring_http: + additionalProperties: false + type: object + properties: + buffer: + additionalProperties: false + type: object + properties: + enabled: + default: false + type: boolean + enabled: + type: boolean + host: + type: string + port: + maximum: 65353 + minimum: 0 + type: number + required: + - enabled + monitoring_output_id: + nullable: true + type: string + monitoring_pprof_enabled: + type: boolean + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + overrides: + additionalProperties: {} + description: >- + Override settings that are defined in the agent + policy. Input settings cannot be overridden. The + override option should be used only in unusual + circumstances and not as a routine procedure. + nullable: true + type: object + package_policies: + anyOf: + - items: + type: string + type: array + - description: >- + This field is present only when retrieving a + single agent policy, or when retrieving a list of + agent policies with the ?full=true parameter + items: + additionalProperties: false + type: object + properties: + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to + inherit the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the + package policy. The override option should + be used only in unusual circumstances and + not as a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy + will be added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy + will be added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + updated_at: + type: string + updated_by: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + version: + type: string + required: + - name + - enabled + - inputs + - id + - revision + - updated_at + - updated_by + - created_at + - created_by + type: array + revision: + type: number + schema_version: + type: string + space_ids: + items: + type: string + type: array + status: + enum: + - active + - inactive + type: string + supports_agentless: + default: false + description: >- + Indicates whether the agent policy supports agentless + integrations. + nullable: true + type: boolean + unenroll_timeout: + minimum: 0 + type: number + unprivileged_agents: + type: number + updated_at: + type: string + updated_by: + type: string + version: + type: string + required: + - id + - name + - namespace + - is_managed + - is_protected + - status + - updated_at + - updated_by + - revision + required: + - item + '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Reassign agent + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Elastic Agents - put: - deprecated: true - operationId: reassign-agent-deprecated + - Elastic Agent policies + /api/fleet/agent_policies/{agentPolicyId}/copy: + post: + description: Copy an agent policy by ID + operationId: '%2Fapi%2Ffleet%2Fagent_policies%2F%7BagentPolicyId%7D%2Fcopy#0' parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: agentPolicyId + required: true + schema: + type: string + - in: query + name: format + required: false + schema: + enum: + - simplified + - legacy + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - policy_id: + description: + type: string + name: + minLength: 1 type: string required: - - policy_id - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Reassign agent - tags: - - Elastic Agents - /api/fleet/agents/{agentId}/request_diagnostics: - parameters: - - in: path - name: agentId - required: true - schema: - type: string - post: - operationId: request-diagnostics-agent - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - additional_metrics: - items: - oneOf: - - enum: - - CPU - type: string - type: array + - name responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - actionId: - type: string - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Request agent diagnostics - tags: - - Elastic Agents - /api/fleet/agents/{agentId}/unenroll: - parameters: - - in: path - name: agentId - required: true - schema: - type: string - post: - operationId: unenroll-agent - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - force: - type: boolean - revoke: - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - description: OK + item: + additionalProperties: false + type: object + properties: + advanced_settings: + additionalProperties: false + type: object + properties: + agent_download_target_directory: + nullable: true + agent_download_timeout: + default: 2h + nullable: true + agent_limits_go_max_procs: + nullable: true + agent_logging_level: + default: info + nullable: true + agent_logging_metrics_period: + default: 30s + nullable: true + agent_features: + items: + additionalProperties: false + type: object + properties: + enabled: + type: boolean + name: + type: string + required: + - name + - enabled + type: array + agents: + type: number + data_output_id: + nullable: true + type: string + description: + type: string + download_source_id: + nullable: true + type: string + fleet_server_host_id: + nullable: true + type: string + global_data_tags: + description: >- + User defined data tags that are added to all of the + inputs. The values can be strings or numbers. + items: + additionalProperties: false + type: object + properties: + name: + type: string + value: + anyOf: + - type: string + - type: number + required: + - name + - value + type: array + has_fleet_server: + type: boolean + id: + type: string + inactivity_timeout: + default: 1209600 + minimum: 0 + type: number + is_default: + type: boolean + is_default_fleet_server: + type: boolean + is_managed: + type: boolean + is_preconfigured: + type: boolean + is_protected: + description: >- + Indicates whether the agent policy has tamper + protection enabled. Default false. + type: boolean + keep_monitoring_alive: + default: false + description: >- + When set to true, monitoring will be enabled but + logs/metrics collection will be disabled + nullable: true + type: boolean + monitoring_diagnostics: + additionalProperties: false + type: object + properties: + limit: + additionalProperties: false + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + additionalProperties: false + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number + monitoring_enabled: + items: + enum: + - logs + - metrics + - traces + type: string + type: array + monitoring_http: + additionalProperties: false + type: object + properties: + buffer: + additionalProperties: false + type: object + properties: + enabled: + default: false + type: boolean + enabled: + type: boolean + host: + type: string + port: + maximum: 65353 + minimum: 0 + type: number + required: + - enabled + monitoring_output_id: + nullable: true + type: string + monitoring_pprof_enabled: + type: boolean + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + overrides: + additionalProperties: {} + description: >- + Override settings that are defined in the agent + policy. Input settings cannot be overridden. The + override option should be used only in unusual + circumstances and not as a routine procedure. + nullable: true + type: object + package_policies: + anyOf: + - items: + type: string + type: array + - description: >- + This field is present only when retrieving a + single agent policy, or when retrieving a list of + agent policies with the ?full=true parameter + items: + additionalProperties: false + type: object + properties: + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to + inherit the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the + package policy. The override option should + be used only in unusual circumstances and + not as a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy + will be added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy + will be added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + updated_at: + type: string + updated_by: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + version: + type: string + required: + - name + - enabled + - inputs + - id + - revision + - updated_at + - updated_by + - created_at + - created_by + type: array + revision: + type: number + schema_version: + type: string + space_ids: + items: + type: string + type: array + status: + enum: + - active + - inactive + type: string + supports_agentless: + default: false + description: >- + Indicates whether the agent policy supports agentless + integrations. + nullable: true + type: boolean + unenroll_timeout: + minimum: 0 + type: number + unprivileged_agents: + type: number + updated_at: + type: string + updated_by: + type: string + version: + type: string + required: + - id + - name + - namespace + - is_managed + - is_protected + - status + - updated_at + - updated_by + - revision + required: + - item '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: error: @@ -14192,16412 +17438,30723 @@ paths: message: type: string statusCode: - enum: - - 400 type: number - description: BAD REQUEST - summary: Unenroll agent + required: + - message + summary: '' tags: - - Elastic Agents - /api/fleet/agents/{agentId}/upgrade: - parameters: - - in: path - name: agentId - required: true - schema: - type: string - post: - operationId: upgrade-agent + - Elastic Agent policies + /api/fleet/agent_policies/{agentPolicyId}/download: + get: + description: Download an agent policy by ID + operationId: '%2Fapi%2Ffleet%2Fagent_policies%2F%7BagentPolicyId%7D%2Fdownload#0' parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Fleet_upgrade_agent' - required: true + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: agentPolicyId + required: true + schema: + type: string + - in: query + name: download + required: false + schema: + type: boolean + - in: query + name: standalone + required: false + schema: + type: boolean + - in: query + name: kubernetes + required: false + schema: + type: boolean responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Fleet_upgrade_agent' - description: OK + type: string '400': - $ref: '#/components/responses/Fleet_error' - summary: Upgrade agent - tags: - - Elastic Agents - /api/fleet/agents/{agentId}/uploads: - get: - operationId: list-agent-uploads - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - body: - type: object - properties: - item: - items: - $ref: '#/components/schemas/Fleet_agent_diagnostics' - type: array - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: List agent uploads - tags: - - Elastic Agents - parameters: - - in: path - name: agentId - required: true - schema: - type: string - /api/fleet/agents/action_status: - get: - operationId: agents-action-status - parameters: - - $ref: '#/components/parameters/Fleet_page_size' - - $ref: '#/components/parameters/Fleet_page_index' - - in: query - name: errorSize - schema: - default: 5 - type: integer - responses: - '200': + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + '404': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - items: - items: - type: object - properties: - actionId: - type: string - cancellationTime: - type: string - completionTime: - type: string - creationTime: - description: creation time of action - type: string - expiration: - type: string - latestErrors: - description: >- - latest errors that happened when the agents executed - the action - items: - type: object - properties: - agentId: - type: string - error: - type: string - timestamp: - type: string - type: array - nbAgentsAck: - description: number of agents that acknowledged the action - type: number - nbAgentsActionCreated: - description: number of agents included in action from kibana - type: number - nbAgentsActioned: - description: number of agents actioned - type: number - nbAgentsFailed: - description: number of agents that failed to execute the action - type: number - newPolicyId: - description: new policy id (POLICY_REASSIGN action) - type: string - policyId: - description: policy id (POLICY_CHANGE action) - type: string - revision: - description: new policy revision (POLICY_CHANGE action) - type: string - startTime: - description: start time of action (scheduled actions) - type: string - status: - enum: - - COMPLETE - - EXPIRED - - CANCELLED - - FAILED - - IN_PROGRESS - - ROLLOUT_PASSED - type: string - type: - enum: - - POLICY_REASSIGN - - UPGRADE - - UNENROLL - - FORCE_UNENROLL - - UPDATE_TAGS - - CANCEL - - REQUEST_DIAGNOSTICS - - SETTINGS - - POLICY_CHANGE - - INPUT_ACTION - type: string - version: - description: agent version number (UPGRADE action) - type: string - required: - - actionId - - complete - - nbAgentsActioned - - nbAgentsActionCreated - - nbAgentsAck - - nbAgentsFailed - - status - - creationTime - - type - type: array + error: + type: string + message: + type: string + statusCode: + type: number required: - - items - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get agent action status + - message + summary: '' tags: - - Elastic Agent actions - /api/fleet/agents/actions/{actionId}/cancel: - parameters: - - in: path - name: actionId - required: true - schema: - type: string - post: - operationId: agent-action-cancel + - Elastic Agent policies + /api/fleet/agent_policies/{agentPolicyId}/full: + get: + description: Get a full agent policy by ID + operationId: '%2Fapi%2Ffleet%2Fagent_policies%2F%7BagentPolicyId%7D%2Ffull#0' parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: agentPolicyId + required: true + schema: + type: string + - in: query + name: download + required: false + schema: + type: boolean + - in: query + name: standalone + required: false + schema: + type: boolean + - in: query + name: kubernetes + required: false + schema: + type: boolean responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: item: - $ref: '#/components/schemas/Fleet_agent_action' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Cancel agent action - tags: - - Elastic Agent actions - /api/fleet/agents/bulk_reassign: - post: - operationId: bulk-reassign-agents - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - example: - agents: 'fleet-agents.policy_id : ("policy1" or "policy2")' - policy_id: policy_id - schema: - type: object - properties: - agents: - oneOf: - - description: KQL query string, leave empty to action all agents - type: string - - description: list of agent IDs - items: - type: string - type: array - policy_id: - description: new agent policy id - type: string - required: - - policy_id - - agents - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - actionId: - type: string - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Bulk reassign agents - tags: - - Elastic Agents - /api/fleet/agents/bulk_request_diagnostics: - post: - operationId: bulk-request-diagnostics - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - example: - agents: 'fleet-agents.policy_id : ("policy1" or "policy2")' - schema: - type: object - properties: - additional_metrics: - items: - oneOf: - - enum: - - CPU - type: string - type: array - agents: - oneOf: - - description: KQL query string, leave empty to action all agents - type: string - - description: list of agent IDs - items: - type: string - type: array - batchSize: - type: number - required: - - agents - responses: - '200': + anyOf: + - type: string + - additionalProperties: false + type: object + properties: + agent: + additionalProperties: false + type: object + properties: + download: + additionalProperties: false + type: object + properties: + sourceURI: + type: string + required: + - sourceURI + features: + additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + type: boolean + required: + - enabled + type: object + monitoring: + additionalProperties: false + type: object + properties: + enabled: + type: boolean + logs: + type: boolean + metrics: + type: boolean + namespace: + type: string + traces: + type: boolean + use_output: + type: string + required: + - enabled + - metrics + - logs + - traces + protection: + additionalProperties: false + type: object + properties: + enabled: + type: boolean + signing_key: + type: string + uninstall_token_hash: + type: string + required: + - enabled + - uninstall_token_hash + - signing_key + required: + - monitoring + - download + - features + fleet: + anyOf: + - additionalProperties: false + type: object + properties: + hosts: + items: + type: string + type: array + proxy_headers: {} + proxy_url: + type: string + ssl: + additionalProperties: false + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + renegotiation: + type: string + verification_mode: + type: string + required: + - hosts + - proxy_headers + - additionalProperties: false + type: object + properties: + kibana: + additionalProperties: false + type: object + properties: + hosts: + items: + type: string + type: array + path: + type: string + protocol: + type: string + required: + - hosts + - protocol + required: + - kibana + id: + type: string + inputs: + items: + additionalProperties: true + type: object + properties: + data_stream: + additionalProperties: true + type: object + properties: + namespace: + type: string + required: + - namespace + id: + type: string + meta: + additionalProperties: true + type: object + properties: + package: + additionalProperties: true + type: object + properties: + name: + type: string + version: + type: string + required: + - name + - version + name: + type: string + package_policy_id: + type: string + processors: + items: + additionalProperties: true + type: object + properties: + add_fields: + additionalProperties: true + type: object + properties: + fields: + additionalProperties: + anyOf: + - type: string + - type: number + type: object + target: + type: string + required: + - target + - fields + required: + - add_fields + type: array + revision: + type: number + streams: + items: + additionalProperties: true + type: object + properties: + data_stream: + additionalProperties: true + type: object + properties: + dataset: + type: string + type: + type: string + required: + - dataset + id: + type: string + required: + - id + - data_stream + type: array + type: + type: string + use_output: + type: string + required: + - id + - name + - revision + - type + - data_stream + - use_output + - package_policy_id + type: array + namespaces: + items: + type: string + type: array + output_permissions: + additionalProperties: + additionalProperties: {} + type: object + type: object + outputs: + additionalProperties: + additionalProperties: true + type: object + properties: + ca_sha256: + nullable: true + type: string + hosts: + items: + type: string + type: array + proxy_headers: {} + proxy_url: + type: string + type: + type: string + required: + - type + - proxy_headers + type: object + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + signed: + additionalProperties: false + type: object + properties: + data: + type: string + signature: + type: string + required: + - data + - signature + required: + - id + - outputs + - inputs + required: + - item + '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - actionId: + error: type: string - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Bulk request diagnostics from agents + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Elastic Agents - /api/fleet/agents/bulk_unenroll: + - Elastic Agent policies + /api/fleet/agent_policies/delete: post: - operationId: bulk-unenroll-agents + description: Delete agent policy by ID + operationId: '%2Fapi%2Ffleet%2Fagent_policies%2Fdelete#0' parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: - example: - agents: - - agent1 - - agent2 - force: false - revoke: true schema: + additionalProperties: false type: object properties: - agents: - oneOf: - - description: KQL query string, leave empty to action all agents - type: string - - description: list of agent IDs - items: - type: string - type: array + agentPolicyId: + type: string force: - description: Unenrolls hosted agents too - type: boolean - includeInactive: description: >- - When passing agents by KQL query, unenrolls inactive agents - too - type: boolean - revoke: - description: Revokes API keys of agents + bypass validation checks that can prevent agent policy + deletion type: boolean required: - - agents + - agentPolicyId responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - actionId: - type: string - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Bulk unenroll agents - tags: - - Elastic Agents - /api/fleet/agents/bulk_update_agent_tags: - post: - operationId: bulk-update-agent-tags - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - example: - agents: - - agent1 - - agent2 - tagsToAdd: - - newTag - tagsToRemove: - - existingTag - schema: - type: object - properties: - agents: - oneOf: - - description: KQL query string, leave empty to action all agents - type: string - - description: list of agent IDs - items: - type: string - type: array - batchSize: - type: number - tagsToAdd: - items: + id: type: string - type: array - tagsToRemove: - items: + name: type: string - type: array - required: - - agents - responses: - '200': + required: + - id + - name + '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - actionId: + error: type: string - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Bulk update agent tags + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Elastic Agents - /api/fleet/agents/bulk_upgrade: - post: - operationId: bulk-upgrade-agents + - Elastic Agent policies + /api/fleet/agent_status: + get: + description: Get agent status summary + operationId: '%2Fapi%2Ffleet%2Fagent_status#0' parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - example: - agents: - - agent1 - - agent2 - rollout_duration_seconds: 3600 - source_uri: https://artifacts.elastic.co/downloads/beats/elastic-agent - start_time: '2022-08-03T14:00:00.000Z' - version: 8.4.0 - schema: - $ref: '#/components/schemas/Fleet_bulk_upgrade_agents' - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - actionId: - type: string - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Bulk upgrade agents - tags: - - Elastic Agents - /api/fleet/agents/files/{fileId}: - delete: - operationId: delete-agent-upload-file + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: policyId + required: false + schema: + type: string + - in: query + name: policyIds + required: false + schema: + anyOf: + - items: + type: string + type: array + - type: string + - in: query + name: kuery + required: false + schema: + deprecated: true + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - body: + results: + additionalProperties: false type: object properties: - deleted: - type: boolean - id: - type: string - description: OK + active: + type: number + all: + type: number + error: + type: number + events: + type: number + inactive: + type: number + offline: + type: number + online: + type: number + other: + type: number + total: + deprecated: true + type: number + unenrolled: + type: number + updating: + type: number + required: + - events + - total + - online + - error + - offline + - other + - updating + - inactive + - unenrolled + - all + - active + required: + - results '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete file uploaded by agent - tags: - - Elastic Agents - parameters: - - in: path - name: fileId - required: true - schema: - type: string - /api/fleet/agents/files/{fileId}/{fileName}: - get: - operationId: get-agent-upload-file - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - body: - type: object - properties: - items: - type: object - properties: - body: {} - headers: {} - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get file uploaded by agent + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Elastic Agents - parameters: - - in: path - name: fileId - required: true - schema: - type: string - - in: path - name: fileName - required: true - schema: - type: string - /api/fleet/agents/setup: + - Elastic Agent status + /api/fleet/agent_status/data: get: - operationId: get-agents-setup-status - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Fleet_fleet_status_response' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get agent setup info - tags: - - Elastic Agents - post: - operationId: setup-agents + description: Get incoming agent data + operationId: '%2Fapi%2Ffleet%2Fagent_status%2Fdata#0' parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - admin_password: - type: string - admin_username: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: agentsIds + required: true + schema: + anyOf: + - items: type: string - required: - - admin_username - - admin_password - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Fleet_fleet_setup_response' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Initiate agent setup - tags: - - Elastic Agents - /api/fleet/agents/tags: - get: - operationId: get-agent-tags - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Fleet_get_agent_tags_response' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: List agent tags - tags: - - Elastic Agents - /api/fleet/data_streams: - get: - operationId: data-streams-list + type: array + - type: string + - in: query + name: previewData + required: false + schema: + default: false + type: boolean responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - data_streams: - items: - $ref: '#/components/schemas/Fleet_data_stream' + dataPreview: + items: {} type: array - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: List data streams - tags: - - Data streams - parameters: [] - /api/fleet/enrollment_api_keys: - get: - operationId: get-enrollment-api-keys - parameters: - - $ref: '#/components/parameters/Fleet_page_size' - - $ref: '#/components/parameters/Fleet_page_index' - - $ref: '#/components/parameters/Fleet_kuery' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: items: items: - $ref: '#/components/schemas/Fleet_enrollment_api_key' - type: array - list: - deprecated: true - items: - $ref: '#/components/schemas/Fleet_enrollment_api_key' + additionalProperties: + additionalProperties: false + type: object + properties: + data: + type: boolean + required: + - data + type: object type: array - page: - type: number - perPage: - type: number - total: - type: number required: - items - - page - - perPage - - total - description: OK + - dataPreview '400': - $ref: '#/components/responses/Fleet_error' - summary: List enrollment API keys - tags: - - Fleet enrollment API keys - post: - operationId: create-enrollment-api-keys - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - name: - description: The name of the enrollment API key. Must be unique. - type: string - policy_id: - description: >- - The ID of the agent policy the Elastic Agent will be - enrolled in. - type: string - required: - - policy_id - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - action: - enum: - - created + error: type: string - item: - $ref: '#/components/schemas/Fleet_enrollment_api_key' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Create enrollment API key - tags: - - Fleet enrollment API keys - /api/fleet/enrollment_api_keys/{keyId}: - delete: - operationId: delete-enrollment-api-key - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - action: - enum: - - deleted + message: type: string + statusCode: + type: number required: - - action - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Revoke enrollment API key by ID by marking it as inactive - tags: - - Fleet enrollment API keys - get: - operationId: get-enrollment-api-key - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_enrollment_api_key' - required: - - item - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get enrollment API key by ID + - message + summary: '' tags: - - Fleet enrollment API keys - parameters: - - in: path - name: keyId - required: true - schema: - type: string - /api/fleet/enrollment-api-keys: + - Elastic Agents + /api/fleet/agent-status: get: deprecated: true - operationId: get-enrollment-api-keys-deprecated - parameters: [] - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - items: - items: - $ref: '#/components/schemas/Fleet_enrollment_api_key' - type: array - list: - deprecated: true - items: - $ref: '#/components/schemas/Fleet_enrollment_api_key' - type: array - page: - type: number - perPage: - type: number - total: - type: number - required: - - items - - page - - perPage - - total - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: List enrollment API keys - tags: - - Fleet enrollment API keys - post: - deprecated: true - operationId: create-enrollment-api-keys-deprecated - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - action: - enum: - - created - type: string - item: - $ref: '#/components/schemas/Fleet_enrollment_api_key' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Create enrollment API key - tags: - - Fleet enrollment API keys - /api/fleet/enrollment-api-keys/{keyId}: - delete: - deprecated: true - operationId: delete-enrollment-api-key-deprecated + operationId: '%2Fapi%2Ffleet%2Fagent-status#0' parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - action: - enum: - - deleted - type: string - required: - - action - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete enrollment API key by ID - tags: - - Fleet enrollment API keys - get: - deprecated: true - operationId: get-enrollment-api-key-deprecated - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_enrollment_api_key' - required: - - item - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get enrollment API key by ID - tags: - - Fleet enrollment API keys - parameters: - - in: path - name: keyId - required: true - schema: - type: string - /api/fleet/epm/bulk_assets: - post: - operationId: bulk-get-assets - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - assetIds: - description: list of items necessary to fetch assets - items: - type: object - properties: - id: - type: string - type: - type: string - type: array - required: - - assetIds - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Fleet_get_bulk_assets_response' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Bulk get assets - tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/categories: - get: - operationId: get-package-categories - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Fleet_get_categories_response' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: List package categories - tags: - - Elastic Package Manager (EPM) - parameters: - - description: >- - Whether to include prerelease packages in categories count (e.g. beta, - rc, preview) - in: query - name: prerelease - schema: - default: false - type: boolean - - deprecated: true - in: query - name: experimental - schema: - default: false - type: boolean - - in: query - name: include_policy_templates - schema: - default: false - type: boolean - /api/fleet/epm/packages: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: policyId + required: false + schema: + type: string + - in: query + name: policyIds + required: false + schema: + anyOf: + - items: + type: string + type: array + - type: string + - in: query + name: kuery + required: false + schema: + deprecated: true + type: string + responses: {} + summary: '' + tags: [] + /api/fleet/agents: get: - operationId: list-all-packages + description: List agents + operationId: '%2Fapi%2Ffleet%2Fagents#0' parameters: - - description: >- - Whether to exclude the install status of each package. Enabling this - option will opt in to caching for the response via `cache-control` - headers. If you don't need up-to-date installation info for a - package, and are querying for a list of available packages, - providing this flag can improve performance substantially. - in: query - name: excludeInstallStatus + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: page + required: false + schema: + default: 1 + type: number + - in: query + name: perPage + required: false + schema: + default: 20 + type: number + - in: query + name: kuery + required: false + schema: + type: string + - in: query + name: showInactive + required: false schema: default: false type: boolean - - description: >- - Whether to return prerelease versions of packages (e.g. beta, rc, - preview) - in: query - name: prerelease + - in: query + name: withMetrics + required: false schema: default: false type: boolean - - deprecated: true - in: query - name: experimental + - in: query + name: showUpgradeable + required: false schema: default: false type: boolean - in: query - name: category + name: getStatusSummary + required: false + schema: + default: false + type: boolean + - in: query + name: sortField + required: false + schema: + type: string + - in: query + name: sortOrder + required: false schema: + enum: + - asc + - desc type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Fleet_get_packages_response' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: List packages - tags: - - Elastic Package Manager (EPM) - post: - description: '' - operationId: install-package-by-upload - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - - description: avoid erroring out on unexpected mapping update errors - in: query - name: ignoreMappingUpdateErrors - schema: - default: false - type: boolean - - description: >- - Skip data stream rollover during index template mapping or settings - update - in: query - name: skipDataStreamRollover - schema: - default: false - type: boolean - requestBody: - content: - application/gzip; Elastic-Api-Version=2023-10-31: - schema: - format: binary - type: string - application/zip; Elastic-Api-Version=2023-10-31: - schema: - format: binary - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: + additionalProperties: false type: object properties: - _meta: - type: object - properties: - install_source: - enum: - - upload - - registry - - bundled - type: string items: items: + additionalProperties: false type: object properties: + access_api_key: + type: string + access_api_key_id: + type: string + active: + type: boolean + agent: + additionalProperties: true + type: object + properties: + id: + type: string + version: + type: string + required: + - id + - version + components: + items: + additionalProperties: false + type: object + properties: + id: + type: string + message: + type: string + status: + enum: + - STARTING + - CONFIGURING + - HEALTHY + - DEGRADED + - FAILED + - STOPPING + - STOPPED + type: string + type: + type: string + units: + items: + additionalProperties: false + type: object + properties: + id: + type: string + message: + type: string + payload: + additionalProperties: {} + type: object + status: + enum: + - STARTING + - CONFIGURING + - HEALTHY + - DEGRADED + - FAILED + - STOPPING + - STOPPED + type: string + type: + enum: + - input + - output + type: string + required: + - id + - type + - status + - message + type: array + required: + - id + - type + - status + - message + type: array + default_api_key: + type: string + default_api_key_history: + items: + additionalProperties: false + deprecated: true + type: object + properties: + id: + type: string + retired_at: + type: string + required: + - id + - retired_at + type: array + default_api_key_id: + type: string + enrolled_at: + type: string id: type: string + last_checkin: + type: string + last_checkin_message: + type: string + last_checkin_status: + enum: + - error + - online + - degraded + - updating + - starting + type: string + local_metadata: + additionalProperties: {} + type: object + metrics: + additionalProperties: false + type: object + properties: + cpu_avg: + type: number + memory_size_byte_avg: + type: number + namespaces: + items: + type: string + type: array + outputs: + additionalProperties: + additionalProperties: false + type: object + properties: + api_key_id: + type: string + to_retire_api_key_ids: + items: + additionalProperties: false + type: object + properties: + id: + type: string + retired_at: + type: string + required: + - id + - retired_at + type: array + type: + type: string + required: + - api_key_id + - type + type: object + packages: + items: + type: string + type: array + policy_id: + type: string + policy_revision: + nullable: true + type: number + sort: + items: + anyOf: + - type: number + - type: string + - enum: [] + nullable: true + type: array + status: + enum: + - offline + - error + - online + - inactive + - enrolling + - unenrolling + - unenrolled + - updating + - degraded + type: string + tags: + items: + type: string + type: array type: - oneOf: - - $ref: >- - #/components/schemas/Fleet_kibana_saved_object_type - - $ref: >- - #/components/schemas/Fleet_elasticsearch_asset_type + enum: + - PERMANENT + - EPHEMERAL + - TEMPORARY + type: string + unenrolled_at: + type: string + unenrollment_started_at: + type: string + unhealthy_reason: + items: + enum: + - input + - output + - other + type: string + nullable: true + type: array + upgrade_details: + additionalProperties: false + type: object + properties: + action_id: + type: string + metadata: + additionalProperties: false + type: object + properties: + download_percent: + type: number + download_rate: + type: number + error_msg: + type: string + failed_state: + enum: + - UPG_REQUESTED + - UPG_SCHEDULED + - UPG_DOWNLOADING + - UPG_EXTRACTING + - UPG_REPLACING + - UPG_RESTARTING + - UPG_FAILED + - UPG_WATCHING + - UPG_ROLLBACK + type: string + retry_error_msg: + type: string + retry_until: + type: string + scheduled_at: + type: string + state: + enum: + - UPG_REQUESTED + - UPG_SCHEDULED + - UPG_DOWNLOADING + - UPG_EXTRACTING + - UPG_REPLACING + - UPG_RESTARTING + - UPG_FAILED + - UPG_WATCHING + - UPG_ROLLBACK + type: string + target_version: + type: string + required: + - target_version + - action_id + - state + upgrade_started_at: + nullable: true + type: string + upgraded_at: + nullable: true + type: string + user_provided_metadata: + additionalProperties: {} + type: object required: - id + - packages - type + - active + - enrolled_at + - local_metadata type: array - required: - - items - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - '429': - $ref: '#/components/responses/Fleet_error' - summary: Install by package by direct upload - tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/packages/_bulk: - post: - operationId: bulk-install-packages - parameters: - - description: >- - Whether to return prerelease versions of packages (e.g. beta, rc, - preview) - in: query - name: prerelease - schema: - default: false - type: boolean - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - force: - description: force install to ignore package verification errors - type: boolean - packages: - description: list of packages to install - items: - oneOf: - - description: package name - type: string - - type: object - properties: - name: - description: package name - type: string - version: - description: package version - type: string - type: array - required: - - packages - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Fleet_bulk_install_packages_response' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Bulk install packages - tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/packages/{pkgkey}: - delete: - deprecated: true - operationId: delete-package-deprecated - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - - in: path - name: pkgkey - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - force: - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - response: + list: + deprecated: true items: + additionalProperties: false type: object properties: - id: + access_api_key: + type: string + access_api_key_id: + type: string + active: + type: boolean + agent: + additionalProperties: true + type: object + properties: + id: + type: string + version: + type: string + required: + - id + - version + components: + items: + additionalProperties: false + type: object + properties: + id: + type: string + message: + type: string + status: + enum: + - STARTING + - CONFIGURING + - HEALTHY + - DEGRADED + - FAILED + - STOPPING + - STOPPED + type: string + type: + type: string + units: + items: + additionalProperties: false + type: object + properties: + id: + type: string + message: + type: string + payload: + additionalProperties: {} + type: object + status: + enum: + - STARTING + - CONFIGURING + - HEALTHY + - DEGRADED + - FAILED + - STOPPING + - STOPPED + type: string + type: + enum: + - input + - output + type: string + required: + - id + - type + - status + - message + type: array + required: + - id + - type + - status + - message + type: array + default_api_key: + type: string + default_api_key_history: + items: + additionalProperties: false + deprecated: true + type: object + properties: + id: + type: string + retired_at: + type: string + required: + - id + - retired_at + type: array + default_api_key_id: + type: string + enrolled_at: type: string - type: - oneOf: - - $ref: >- - #/components/schemas/Fleet_kibana_saved_object_type - - $ref: >- - #/components/schemas/Fleet_elasticsearch_asset_type - required: - - id - - type - type: array - required: - - response - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete ackage - tags: - - Elastic Package Manager (EPM) - get: - deprecated: true - operationId: get-package-deprecated - parameters: - - in: path - name: pkgkey - required: true - schema: - type: string - - description: >- - Whether to return prerelease versions of packages (e.g. beta, rc, - preview) - in: query - name: prerelease - schema: - default: false - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - allOf: - - properties: - response: - $ref: '#/components/schemas/Fleet_package_info' - - properties: - savedObject: - type: string - status: - enum: - - installed - - installing - - install_failed - - not_installed - type: string - required: - - status - - savedObject - type: object - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get package - tags: - - Elastic Package Manager (EPM) - post: - deprecated: true - description: '' - operationId: install-package-deprecated - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - - in: path - name: pkgkey - required: true - schema: - type: string - - description: avoid erroring out on unexpected mapping update errors - in: query - name: ignoreMappingUpdateErrors - schema: - default: false - type: boolean - - description: >- - Skip data stream rollover during index template mapping or settings - update - in: query - name: skipDataStreamRollover - schema: - default: false - type: boolean - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - force: - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - response: - items: - type: object - properties: id: type: string + last_checkin: + type: string + last_checkin_message: + type: string + last_checkin_status: + enum: + - error + - online + - degraded + - updating + - starting + type: string + local_metadata: + additionalProperties: {} + type: object + metrics: + additionalProperties: false + type: object + properties: + cpu_avg: + type: number + memory_size_byte_avg: + type: number + namespaces: + items: + type: string + type: array + outputs: + additionalProperties: + additionalProperties: false + type: object + properties: + api_key_id: + type: string + to_retire_api_key_ids: + items: + additionalProperties: false + type: object + properties: + id: + type: string + retired_at: + type: string + required: + - id + - retired_at + type: array + type: + type: string + required: + - api_key_id + - type + type: object + packages: + items: + type: string + type: array + policy_id: + type: string + policy_revision: + nullable: true + type: number + sort: + items: + anyOf: + - type: number + - type: string + - enum: [] + nullable: true + type: array + status: + enum: + - offline + - error + - online + - inactive + - enrolling + - unenrolling + - unenrolled + - updating + - degraded + type: string + tags: + items: + type: string + type: array type: - oneOf: - - $ref: >- - #/components/schemas/Fleet_kibana_saved_object_type - - $ref: >- - #/components/schemas/Fleet_elasticsearch_asset_type + enum: + - PERMANENT + - EPHEMERAL + - TEMPORARY + type: string + unenrolled_at: + type: string + unenrollment_started_at: + type: string + unhealthy_reason: + items: + enum: + - input + - output + - other + type: string + nullable: true + type: array + upgrade_details: + additionalProperties: false + type: object + properties: + action_id: + type: string + metadata: + additionalProperties: false + type: object + properties: + download_percent: + type: number + download_rate: + type: number + error_msg: + type: string + failed_state: + enum: + - UPG_REQUESTED + - UPG_SCHEDULED + - UPG_DOWNLOADING + - UPG_EXTRACTING + - UPG_REPLACING + - UPG_RESTARTING + - UPG_FAILED + - UPG_WATCHING + - UPG_ROLLBACK + type: string + retry_error_msg: + type: string + retry_until: + type: string + scheduled_at: + type: string + state: + enum: + - UPG_REQUESTED + - UPG_SCHEDULED + - UPG_DOWNLOADING + - UPG_EXTRACTING + - UPG_REPLACING + - UPG_RESTARTING + - UPG_FAILED + - UPG_WATCHING + - UPG_ROLLBACK + type: string + target_version: + type: string + required: + - target_version + - action_id + - state + upgrade_started_at: + nullable: true + type: string + upgraded_at: + nullable: true + type: string + user_provided_metadata: + additionalProperties: {} + type: object required: - id + - packages - type + - active + - enrolled_at + - local_metadata type: array + page: + type: number + perPage: + type: number + statusSummary: + additionalProperties: + type: number + type: object + total: + type: number required: - - response - description: OK + - items + - total + - page + - perPage '400': - $ref: '#/components/responses/Fleet_error' - summary: Install package + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/packages/{pkgName}/{pkgVersion}: - delete: - operationId: delete-package + - Elastic Agents + post: + description: List agents by action ids + operationId: '%2Fapi%2Ffleet%2Fagents#1' parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - - description: delete package even if policies used by agents - in: query - name: force + - description: The version of the API to use + in: header + name: elastic-api-version schema: - type: boolean + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: - deprecated: true + additionalProperties: false type: object properties: - force: - type: boolean + actionIds: + items: + type: string + type: array + required: + - actionIds responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: items: items: - type: object - properties: - id: - type: string - type: - oneOf: - - $ref: >- - #/components/schemas/Fleet_kibana_saved_object_type - - $ref: >- - #/components/schemas/Fleet_elasticsearch_asset_type - required: - - id - - type + type: string type: array required: - items - description: OK '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete package - tags: - - Elastic Package Manager (EPM) - get: - operationId: get-package - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - allOf: - - properties: - item: - $ref: '#/components/schemas/Fleet_package_info' - - properties: - keepPoliciesUpToDate: - type: boolean - latestVersion: - type: string - licensePath: - type: string - notice: - type: string - savedObject: - deprecated: true - type: object - status: - enum: - - installed - - installing - - install_failed - - not_installed - type: string - required: - - status - - savedObject + additionalProperties: false + description: Generic Error type: object - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get package + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Elastic Package Manager (EPM) - parameters: - - in: path - name: pkgName - required: true - schema: - type: string - - in: path - name: pkgVersion - required: true - schema: - type: string - - description: Ignore if the package is fails signature verification - in: query - name: ignoreUnverified - schema: - type: boolean - - description: >- - Return all fields from the package manifest, not just those supported - by the Elastic Package Registry - in: query - name: full - schema: - type: boolean - - description: >- - Whether to return prerelease versions of packages (e.g. beta, rc, - preview) - in: query - name: prerelease - schema: - default: false - type: boolean - post: - description: '' - operationId: install-package + - Elastic Agents + /api/fleet/agents/{agentId}: + delete: + description: Delete agent by ID + operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D#2' parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - - description: avoid erroring out on unexpected mapping update errors - in: query - name: ignoreMappingUpdateErrors + - description: The version of the API to use + in: header + name: elastic-api-version schema: - default: false - type: boolean - - description: >- - Skip data stream rollover during index template mapping or settings - update - in: query - name: skipDataStreamRollover + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true schema: - default: false - type: boolean - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - force: - type: boolean - ignore_constraints: - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - _meta: - type: object - properties: - install_source: - enum: - - registry - - upload - - bundled - type: string - items: - items: - type: object - properties: - id: - type: string - type: - oneOf: - - $ref: >- - #/components/schemas/Fleet_kibana_saved_object_type - - $ref: >- - #/components/schemas/Fleet_elasticsearch_asset_type - required: - - id - - type - type: array - required: - - items - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Install package - tags: - - Elastic Package Manager (EPM) - put: - description: '' - operationId: update-package - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - keepPoliciesUpToDate: - type: boolean + example: 'true' + type: string + - in: path + name: agentId + required: true + schema: + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - items: - items: - type: object - properties: - id: - type: string - type: - oneOf: - - $ref: >- - #/components/schemas/Fleet_kibana_saved_object_type - - $ref: >- - #/components/schemas/Fleet_elasticsearch_asset_type - required: - - id - - type - type: array + action: + enum: + - deleted + type: string required: - - items - description: OK + - action '400': - $ref: '#/components/responses/Fleet_error' - summary: Update package settings - tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/packages/{pkgName}/{pkgVersion}/{filePath}: - get: - operationId: packages-get-file - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - body: - type: object - headers: - type: object + error: + type: string + message: + type: string statusCode: type: number - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get package file + required: + - message + summary: '' tags: - - Elastic Package Manager (EPM) - parameters: - - in: path - name: pkgName - required: true - schema: - type: string - - in: path - name: pkgVersion - required: true - schema: - type: string - - in: path - name: filePath - required: true - schema: - type: string - /api/fleet/epm/packages/{pkgName}/{pkgVersion}/transforms/authorize: - post: - description: '' - operationId: reauthorize-transforms + - Elastic Agents + get: + description: Get agent by ID + operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D#0' parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - - in: path - name: pkgName - required: true + - description: The version of the API to use + in: header + name: elastic-api-version schema: + default: '2023-10-31' + enum: + - '2023-10-31' type: string - in: path - name: pkgVersion + name: agentId required: true schema: type: string - - description: >- - Whether to include prerelease packages in categories count (e.g. - beta, rc, preview) - in: query - name: prerelease + - in: query + name: withMetrics + required: false schema: default: false type: boolean - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - transforms: - items: - type: object - properties: - transformId: - type: string - type: array responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - items: - items: - type: object - properties: - error: + item: + additionalProperties: false + type: object + properties: + access_api_key: + type: string + access_api_key_id: + type: string + active: + type: boolean + agent: + additionalProperties: true + type: object + properties: + id: + type: string + version: + type: string + required: + - id + - version + components: + items: + additionalProperties: false + type: object + properties: + id: + type: string + message: + type: string + status: + enum: + - STARTING + - CONFIGURING + - HEALTHY + - DEGRADED + - FAILED + - STOPPING + - STOPPED + type: string + type: + type: string + units: + items: + additionalProperties: false + type: object + properties: + id: + type: string + message: + type: string + payload: + additionalProperties: {} + type: object + status: + enum: + - STARTING + - CONFIGURING + - HEALTHY + - DEGRADED + - FAILED + - STOPPING + - STOPPED + type: string + type: + enum: + - input + - output + type: string + required: + - id + - type + - status + - message + type: array + required: + - id + - type + - status + - message + type: array + default_api_key: + type: string + default_api_key_history: + items: + additionalProperties: false + deprecated: true + type: object + properties: + id: + type: string + retired_at: + type: string + required: + - id + - retired_at + type: array + default_api_key_id: + type: string + enrolled_at: + type: string + id: + type: string + last_checkin: + type: string + last_checkin_message: + type: string + last_checkin_status: + enum: + - error + - online + - degraded + - updating + - starting + type: string + local_metadata: + additionalProperties: {} + type: object + metrics: + additionalProperties: false + type: object + properties: + cpu_avg: + type: number + memory_size_byte_avg: + type: number + namespaces: + items: type: string - success: - type: boolean - transformId: + type: array + outputs: + additionalProperties: + additionalProperties: false + type: object + properties: + api_key_id: + type: string + to_retire_api_key_ids: + items: + additionalProperties: false + type: object + properties: + id: + type: string + retired_at: + type: string + required: + - id + - retired_at + type: array + type: + type: string + required: + - api_key_id + - type + type: object + packages: + items: type: string - required: - - transformId - - error - type: array - required: - - items - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Authorize transforms - tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/packages/{pkgName}/stats: - get: - operationId: get-package-stats - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - response: - $ref: '#/components/schemas/Fleet_package_usage_stats' + type: array + policy_id: + type: string + policy_revision: + nullable: true + type: number + sort: + items: + anyOf: + - type: number + - type: string + - enum: [] + nullable: true + type: array + status: + enum: + - offline + - error + - online + - inactive + - enrolling + - unenrolling + - unenrolled + - updating + - degraded + type: string + tags: + items: + type: string + type: array + type: + enum: + - PERMANENT + - EPHEMERAL + - TEMPORARY + type: string + unenrolled_at: + type: string + unenrollment_started_at: + type: string + unhealthy_reason: + items: + enum: + - input + - output + - other + type: string + nullable: true + type: array + upgrade_details: + additionalProperties: false + type: object + properties: + action_id: + type: string + metadata: + additionalProperties: false + type: object + properties: + download_percent: + type: number + download_rate: + type: number + error_msg: + type: string + failed_state: + enum: + - UPG_REQUESTED + - UPG_SCHEDULED + - UPG_DOWNLOADING + - UPG_EXTRACTING + - UPG_REPLACING + - UPG_RESTARTING + - UPG_FAILED + - UPG_WATCHING + - UPG_ROLLBACK + type: string + retry_error_msg: + type: string + retry_until: + type: string + scheduled_at: + type: string + state: + enum: + - UPG_REQUESTED + - UPG_SCHEDULED + - UPG_DOWNLOADING + - UPG_EXTRACTING + - UPG_REPLACING + - UPG_RESTARTING + - UPG_FAILED + - UPG_WATCHING + - UPG_ROLLBACK + type: string + target_version: + type: string + required: + - target_version + - action_id + - state + upgrade_started_at: + nullable: true + type: string + upgraded_at: + nullable: true + type: string + user_provided_metadata: + additionalProperties: {} + type: object + required: + - id + - packages + - type + - active + - enrolled_at + - local_metadata required: - - response - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get package stats - tags: - - Elastic Package Manager (EPM) - parameters: - - in: path - name: pkgName - required: true - schema: - type: string - /api/fleet/epm/packages/limited: - get: - operationId: list-limited-packages - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - items: - items: - type: string - type: array - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get limited package list - tags: - - Elastic Package Manager (EPM) - parameters: [] - /api/fleet/epm/templates/{pkgName}/{pkgVersion}/inputs: - get: - operationId: get-inputs-template - responses: - '200': - description: OK + - item '400': - $ref: '#/components/responses/Fleet_error' - summary: Get inputs template - tags: - - Elastic Package Manager (EPM) - parameters: - - in: path - name: pkgName - required: true - schema: - type: string - - in: path - name: pkgVersion - required: true - schema: - type: string - - description: Format of response - json or yaml - in: query - name: format - schema: - enum: - - json - - yaml - - yml - type: string - - description: Specify if version is prerelease - in: query - name: prerelease - schema: - type: boolean - - description: Ignore if the package is fails signature verification - in: query - name: ignoreUnverified - schema: - type: boolean - /api/fleet/epm/verification_key_id: - get: - operationId: packages-get-verification-key-id - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - body: - type: object - properties: - id: - description: >- - the key ID of the GPG key used to verify package - signatures - nullable: true - type: string - headers: - type: object + error: + type: string + message: + type: string statusCode: type: number - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get package signature verification key ID - tags: - - Elastic Package Manager (EPM) - parameters: [] - /api/fleet/fleet_server_hosts: - get: - operationId: get-fleet-server-hosts - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - items: - items: - $ref: '#/components/schemas/Fleet_fleet_server_host' - type: array - page: - type: integer - perPage: - type: integer - total: - type: integer - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: List Fleet Server hosts + required: + - message + summary: '' tags: - - Fleet Server hosts - post: - operationId: post-fleet-server-hosts + - Elastic Agents + put: + description: Update agent by ID + operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: agentId + required: true + schema: + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - host_urls: + tags: items: type: string type: array - id: - type: string - is_default: - type: boolean - is_internal: - type: boolean - name: - type: string - proxy_id: - description: >- - The ID of the proxy to use for this fleet server host. See - the proxies API for more information. - type: string - required: - - name - - host_urls - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_fleet_server_host' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Create Fleet Server host - tags: - - Fleet Server hosts - /api/fleet/fleet_server_hosts/{itemId}: - delete: - operationId: delete-fleet-server-hosts - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - id: - type: string - required: - - id - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete Fleet Server host by ID - tags: - - Fleet Server hosts - get: - operationId: get-one-fleet-server-hosts + user_provided_metadata: + additionalProperties: {} + type: object responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: item: - $ref: '#/components/schemas/Fleet_fleet_server_host' - required: - - item - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get Fleet Server host by ID - tags: - - Fleet Server hosts - parameters: - - in: path - name: itemId - required: true - schema: - type: string - put: - operationId: update-fleet-server-hosts - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - host_urls: - items: - type: string - type: array - is_default: - type: boolean - is_internal: - type: boolean - name: - type: string - proxy_id: - description: >- - The ID of the proxy to use for this fleet server host. See - the proxies API for more information. - nullable: true - type: string - responses: - '200': + additionalProperties: false + type: object + properties: + access_api_key: + type: string + access_api_key_id: + type: string + active: + type: boolean + agent: + additionalProperties: true + type: object + properties: + id: + type: string + version: + type: string + required: + - id + - version + components: + items: + additionalProperties: false + type: object + properties: + id: + type: string + message: + type: string + status: + enum: + - STARTING + - CONFIGURING + - HEALTHY + - DEGRADED + - FAILED + - STOPPING + - STOPPED + type: string + type: + type: string + units: + items: + additionalProperties: false + type: object + properties: + id: + type: string + message: + type: string + payload: + additionalProperties: {} + type: object + status: + enum: + - STARTING + - CONFIGURING + - HEALTHY + - DEGRADED + - FAILED + - STOPPING + - STOPPED + type: string + type: + enum: + - input + - output + type: string + required: + - id + - type + - status + - message + type: array + required: + - id + - type + - status + - message + type: array + default_api_key: + type: string + default_api_key_history: + items: + additionalProperties: false + deprecated: true + type: object + properties: + id: + type: string + retired_at: + type: string + required: + - id + - retired_at + type: array + default_api_key_id: + type: string + enrolled_at: + type: string + id: + type: string + last_checkin: + type: string + last_checkin_message: + type: string + last_checkin_status: + enum: + - error + - online + - degraded + - updating + - starting + type: string + local_metadata: + additionalProperties: {} + type: object + metrics: + additionalProperties: false + type: object + properties: + cpu_avg: + type: number + memory_size_byte_avg: + type: number + namespaces: + items: + type: string + type: array + outputs: + additionalProperties: + additionalProperties: false + type: object + properties: + api_key_id: + type: string + to_retire_api_key_ids: + items: + additionalProperties: false + type: object + properties: + id: + type: string + retired_at: + type: string + required: + - id + - retired_at + type: array + type: + type: string + required: + - api_key_id + - type + type: object + packages: + items: + type: string + type: array + policy_id: + type: string + policy_revision: + nullable: true + type: number + sort: + items: + anyOf: + - type: number + - type: string + - enum: [] + nullable: true + type: array + status: + enum: + - offline + - error + - online + - inactive + - enrolling + - unenrolling + - unenrolled + - updating + - degraded + type: string + tags: + items: + type: string + type: array + type: + enum: + - PERMANENT + - EPHEMERAL + - TEMPORARY + type: string + unenrolled_at: + type: string + unenrollment_started_at: + type: string + unhealthy_reason: + items: + enum: + - input + - output + - other + type: string + nullable: true + type: array + upgrade_details: + additionalProperties: false + type: object + properties: + action_id: + type: string + metadata: + additionalProperties: false + type: object + properties: + download_percent: + type: number + download_rate: + type: number + error_msg: + type: string + failed_state: + enum: + - UPG_REQUESTED + - UPG_SCHEDULED + - UPG_DOWNLOADING + - UPG_EXTRACTING + - UPG_REPLACING + - UPG_RESTARTING + - UPG_FAILED + - UPG_WATCHING + - UPG_ROLLBACK + type: string + retry_error_msg: + type: string + retry_until: + type: string + scheduled_at: + type: string + state: + enum: + - UPG_REQUESTED + - UPG_SCHEDULED + - UPG_DOWNLOADING + - UPG_EXTRACTING + - UPG_REPLACING + - UPG_RESTARTING + - UPG_FAILED + - UPG_WATCHING + - UPG_ROLLBACK + type: string + target_version: + type: string + required: + - target_version + - action_id + - state + upgrade_started_at: + nullable: true + type: string + upgraded_at: + nullable: true + type: string + user_provided_metadata: + additionalProperties: {} + type: object + required: + - id + - packages + - type + - active + - enrolled_at + - local_metadata + required: + - item + '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - item: - $ref: '#/components/schemas/Fleet_fleet_server_host' + error: + type: string + message: + type: string + statusCode: + type: number required: - - item - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Update Fleet Server host by ID + - message + summary: '' tags: - - Fleet Server hosts - /api/fleet/health_check: + - Elastic Agents + /api/fleet/agents/{agentId}/actions: post: - operationId: fleet-server-health-check + description: Create agent action + operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Factions#0' parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: agentId + required: true + schema: + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - host: - deprecated: true - type: string - id: - type: string + action: + anyOf: + - additionalProperties: false + type: object + properties: + ack_data: {} + data: {} + type: + enum: + - UNENROLL + - UPGRADE + - POLICY_REASSIGN + type: string + required: + - type + - data + - ack_data + - additionalProperties: false + type: object + properties: + data: + additionalProperties: false + type: object + properties: + log_level: + enum: + - debug + - info + - warning + - error + nullable: true + type: string + required: + - log_level + type: + enum: + - SETTINGS + type: string + required: + - type + - data required: - - id - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - host: - deprecated: true - type: string - id: - description: Fleet Server host id - type: string - status: - type: string - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Fleet Server health check - tags: - - Fleet internals - /api/fleet/kubernetes: - get: - operationId: get-full-k8s-manifest - parameters: - - in: query - name: download - required: false - schema: - type: boolean - - in: query - name: fleetServer - required: false - schema: - type: string - - in: query - name: enrolToken - required: false - schema: - type: string + - action responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: item: - type: string - description: OK + additionalProperties: false + type: object + properties: + ack_data: {} + agents: + items: + type: string + type: array + created_at: + type: string + data: {} + expiration: + type: string + id: + type: string + minimum_execution_duration: + type: number + namespaces: + items: + type: string + type: array + rollout_duration_seconds: + type: number + sent_at: + type: string + source_uri: + type: string + start_time: + type: string + total: + type: number + type: + type: string + required: + - id + - type + - data + - created_at + - ack_data + - agents + required: + - item '400': - $ref: '#/components/responses/Fleet_error' - summary: Get full K8s agent manifest - tags: - - Fleet Kubernetes - /api/fleet/logstash_api_keys: - post: - operationId: generate-logstash-api-key - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - api_key: + error: type: string - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Generate Logstash API key - tags: - - Fleet outputs - /api/fleet/outputs: - get: - operationId: get-outputs - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - items: - items: - $ref: '#/components/schemas/Fleet_output_create_request' - type: array - page: - type: integer - perPage: - type: integer - total: - type: integer - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: List outputs + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Fleet outputs + - Elastic Agent actions + /api/fleet/agents/{agentId}/reassign: post: - operationId: post-outputs + description: Reassign agent + operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Freassign#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: agentId + required: true + schema: + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Fleet_output_create_request' - required: true + additionalProperties: false + type: object + properties: + policy_id: + type: string + required: + - policy_id responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object - properties: - item: - $ref: '#/components/schemas/Fleet_output_create_request' - description: OK + properties: {} '400': - $ref: '#/components/responses/Fleet_error' - summary: Create output - tags: - - Fleet outputs - /api/fleet/outputs/{outputId}: - delete: - operationId: delete-output - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - id: + error: + type: string + message: type: string + statusCode: + type: number required: - - id - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete output by ID - tags: - - Fleet outputs - get: - operationId: get-output - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_output_create_request' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get output by ID + - message + summary: '' tags: - - Fleet outputs - parameters: - - in: path - name: outputId - required: true - schema: - type: string + - Elastic Agent actions put: - operationId: update-output + deprecated: true + operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Freassign#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: agentId + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + policy_id: + type: string + required: + - policy_id + responses: {} + summary: '' + tags: [] + /api/fleet/agents/{agentId}/request_diagnostics: + post: + description: Request agent diagnostics + operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Frequest_diagnostics#0' parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: agentId + required: true + schema: + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Fleet_output_update_request' + additionalProperties: false + nullable: true + type: object + properties: + additional_metrics: + items: + enum: + - CPU + type: string + type: array responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - item: - $ref: '#/components/schemas/Fleet_output_update_request' - description: OK + actionId: + type: string + required: + - actionId '400': - $ref: '#/components/responses/Fleet_error' - summary: Update output by ID - tags: - - Fleet outputs - /api/fleet/outputs/{outputId}/health: - get: - operationId: get-output-health - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - message: - description: long message if unhealthy - type: string - state: - description: state of output, HEALTHY or DEGRADED + error: type: string - timestamp: - description: timestamp of reported state + message: type: string - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get latest output health + statusCode: + type: number + required: + - message + summary: '' tags: - - Fleet outputs - parameters: - - in: path - name: outputId - required: true - schema: - type: string - /api/fleet/package_policies: - get: - operationId: get-package-policies - parameters: - - $ref: '#/components/parameters/Fleet_page_size' - - $ref: '#/components/parameters/Fleet_page_index' - - $ref: '#/components/parameters/Fleet_kuery' - - $ref: '#/components/parameters/Fleet_format' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - items: - items: - $ref: '#/components/schemas/Fleet_package_policy' - type: array - page: - type: number - perPage: - type: number - total: - type: number - required: - - items - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: List package policies - tags: - - Fleet package policies - parameters: [] + - Elastic Agent actions + /api/fleet/agents/{agentId}/unenroll: post: - operationId: create-package-policy + description: Unenroll agent + operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Funenroll#0' parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - - $ref: '#/components/parameters/Fleet_format' + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: agentId + required: true + schema: + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Fleet_package_policy_request' - description: >- - You should use inputs as an object and not use the deprecated inputs - array. - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_package_policy' - required: - - item - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - '409': - $ref: '#/components/responses/Fleet_error' - summary: Create package policy + additionalProperties: false + nullable: true + type: object + properties: + force: + type: boolean + revoke: + type: boolean + responses: {} + summary: '' tags: - - Fleet package policies - /api/fleet/package_policies/_bulk_get: + - Elastic Agent actions + /api/fleet/agents/{agentId}/upgrade: post: - operationId: bulk-get-package-policies + description: Upgrade agent + operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Fupgrade#0' parameters: - - $ref: '#/components/parameters/Fleet_format' + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: agentId + required: true + schema: + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - ids: - description: list of package policy ids - items: - type: string - type: array - ignoreMissing: + force: + type: boolean + skipRateLimitCheck: type: boolean + source_uri: + type: string + version: + type: string required: - - ids + - version responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object - properties: - items: - items: - $ref: '#/components/schemas/Fleet_package_policy' - type: array - required: - - items - description: OK + properties: {} '400': - $ref: '#/components/responses/Fleet_error' - summary: Bulk get package policies - tags: - - Fleet package policies - /api/fleet/package_policies/{packagePolicyId}: - delete: - operationId: delete-package-policy - parameters: - - in: query - name: force - schema: - type: boolean - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - id: + error: + type: string + message: type: string + statusCode: + type: number required: - - id - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete package policy by ID + - message + summary: '' tags: - - Fleet package policies + - Elastic Agent actions + /api/fleet/agents/{agentId}/uploads: get: - operationId: get-package-policy + description: List agent uploads + operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Fuploads#0' parameters: - - $ref: '#/components/parameters/Fleet_format' + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: agentId + required: true + schema: + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - item: - $ref: '#/components/schemas/Fleet_package_policy' + items: + items: + additionalProperties: false + type: object + properties: + actionId: + type: string + createTime: + type: string + error: + type: string + filePath: + type: string + id: + type: string + name: + type: string + status: + enum: + - READY + - AWAITING_UPLOAD + - DELETED + - EXPIRED + - IN_PROGRESS + - FAILED + type: string + required: + - id + - name + - filePath + - createTime + - status + - actionId + type: array required: - - item - description: OK + - items '400': - $ref: '#/components/responses/Fleet_error' - summary: Get package policy by ID + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Fleet package policies - parameters: - - in: path - name: packagePolicyId - required: true - schema: - type: string - put: - operationId: update-package-policy + - Elastic Agents + /api/fleet/agents/action_status: + get: + description: Get agent action status + operationId: '%2Fapi%2Ffleet%2Fagents%2Faction_status#0' parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - - $ref: '#/components/parameters/Fleet_format' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Fleet_package_policy_request' + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: page + required: false + schema: + default: 0 + type: number + - in: query + name: perPage + required: false + schema: + default: 20 + type: number + - in: query + name: date + required: false + schema: + type: string + - in: query + name: latest + required: false + schema: + type: number + - in: query + name: errorSize + required: false + schema: + default: 5 + type: number responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - item: - $ref: '#/components/schemas/Fleet_package_policy' - required: - - item - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Update package policy by ID - tags: - - Fleet package policies - /api/fleet/package_policies/delete: - post: - operationId: post-delete-package-policy - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - force: - type: boolean - packagePolicyIds: items: - type: string - type: array - required: - - packagePolicyIds - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - items: - type: object - properties: - id: - type: string - name: - type: string - success: - type: boolean - required: - - id - - success - type: array - description: OK + items: + additionalProperties: false + type: object + properties: + actionId: + type: string + cancellationTime: + type: string + completionTime: + type: string + creationTime: + description: creation time of action + type: string + expiration: + type: string + hasRolloutPeriod: + type: boolean + latestErrors: + items: + additionalProperties: false + description: >- + latest errors that happened when the agents + executed the action + type: object + properties: + agentId: + type: string + error: + type: string + hostname: + type: string + timestamp: + type: string + required: + - agentId + - error + - timestamp + type: array + nbAgentsAck: + description: number of agents that acknowledged the action + type: number + nbAgentsActionCreated: + description: number of agents included in action from kibana + type: number + nbAgentsActioned: + description: number of agents actioned + type: number + nbAgentsFailed: + description: number of agents that failed to execute the action + type: number + newPolicyId: + description: new policy id (POLICY_REASSIGN action) + type: string + policyId: + description: policy id (POLICY_CHANGE action) + type: string + revision: + description: new policy revision (POLICY_CHANGE action) + type: number + startTime: + description: start time of action (scheduled actions) + type: string + status: + enum: + - COMPLETE + - EXPIRED + - CANCELLED + - FAILED + - IN_PROGRESS + - ROLLOUT_PASSED + type: string + type: + enum: + - UPGRADE + - UNENROLL + - SETTINGS + - POLICY_REASSIGN + - CANCEL + - FORCE_UNENROLL + - REQUEST_DIAGNOSTICS + - UPDATE_TAGS + - POLICY_CHANGE + - INPUT_ACTION + type: string + version: + description: agent version number (UPGRADE action) + type: string + required: + - actionId + - nbAgentsActionCreated + - nbAgentsAck + - nbAgentsFailed + - type + - nbAgentsActioned + - status + - creationTime + type: array + required: + - items '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete package policy - tags: - - Fleet package policies - /api/fleet/package_policies/upgrade: - post: - operationId: upgrade-package-policy - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - packagePolicyIds: - items: - type: string - type: array - required: - - packagePolicyIds - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - items: - type: object - properties: - id: - type: string - name: - type: string - success: - type: boolean - required: - - id - - success - type: array - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - '409': - $ref: '#/components/responses/Fleet_error' - summary: Upgrade package policy to a newer package version + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Fleet package policies - /api/fleet/package_policies/upgrade/dryrun: + - Elastic Agent actions + /api/fleet/agents/actions/{actionId}/cancel: post: - operationId: upgrade-package-policy-dry-run - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - packagePolicyIds: - items: - type: string - type: array - packageVersion: - type: string - required: - - packagePolicyIds + description: Cancel agent action + operationId: '%2Fapi%2Ffleet%2Fagents%2Factions%2F%7BactionId%7D%2Fcancel#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: actionId + required: true + schema: + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - items: - type: object - properties: - agent_diff: - $ref: '#/components/schemas/Fleet_upgrade_agent_diff' - diff: - $ref: '#/components/schemas/Fleet_upgrade_diff' - hasErrors: - type: boolean - required: - - hasErrors - type: array - description: OK + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + ack_data: {} + agents: + items: + type: string + type: array + created_at: + type: string + data: {} + expiration: + type: string + id: + type: string + minimum_execution_duration: + type: number + namespaces: + items: + type: string + type: array + rollout_duration_seconds: + type: number + sent_at: + type: string + source_uri: + type: string + start_time: + type: string + total: + type: number + type: + type: string + required: + - id + - type + - data + - created_at + - ack_data + - agents + required: + - item '400': - $ref: '#/components/responses/Fleet_error' - summary: Dry run package policy upgrade - tags: - - Fleet package policies - /api/fleet/proxies: - get: - operationId: get-fleet-proxies - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - items: - items: - $ref: '#/components/schemas/Fleet_proxies' - type: array - page: - type: integer - perPage: - type: integer - total: - type: integer - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: List proxies - tags: - - Fleet proxies - post: - operationId: post-fleet-proxies - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - certificate: - type: string - certificate_authorities: - type: string - certificate_key: - type: string - id: - type: string - name: - type: string - proxy_headers: - type: object - url: - type: string - required: - - name - - url - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - item: - $ref: '#/components/schemas/Fleet_proxies' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Create proxy + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Fleet proxies - /api/fleet/proxies/{itemId}: - delete: - operationId: delete-fleet-proxies + - Elastic Agent actions + /api/fleet/agents/available_versions: + get: + description: Get available agent versions + operationId: '%2Fapi%2Ffleet%2Fagents%2Favailable_versions#0' parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - id: - type: string + items: + items: + type: string + type: array required: - - id - description: OK + - items '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete proxy by ID - tags: - - Fleet proxies - get: - operationId: get-one-fleet-proxies - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - item: - $ref: '#/components/schemas/Fleet_proxies' + error: + type: string + message: + type: string + statusCode: + type: number required: - - item - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get proxy by ID + - message + summary: '' tags: - - Fleet proxies - parameters: - - in: path - name: itemId - required: true - schema: - type: string - put: - operationId: update-fleet-proxies + - Elastic Agents + /api/fleet/agents/bulk_reassign: + post: + description: Bulk reassign agents + operationId: '%2Fapi%2Ffleet%2Fagents%2Fbulk_reassign#0' parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - certificate: - type: string - certificate_authorities: - type: string - certificate_key: - type: string - name: - type: string - proxy_headers: - type: object - url: + agents: + anyOf: + - items: + type: string + type: array + - type: string + batchSize: + type: number + includeInactive: + default: false + type: boolean + policy_id: type: string + required: + - policy_id + - agents responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - item: - $ref: '#/components/schemas/Fleet_proxies' + actionId: + type: string required: - - item - description: OK + - actionId '400': - $ref: '#/components/responses/Fleet_error' - summary: Update proxy by ID - tags: - - Fleet proxies - /api/fleet/service_tokens: - post: - operationId: generate-service-token - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - name: + error: type: string - value: + message: type: string - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Create service token + statusCode: + type: number + required: + - message + summary: '' tags: - - Fleet service tokens - /api/fleet/service-tokens: + - Elastic Agent actions + /api/fleet/agents/bulk_request_diagnostics: post: - deprecated: true - operationId: generate-service-token-deprecated + description: Bulk request diagnostics from agents + operationId: '%2Fapi%2Ffleet%2Fagents%2Fbulk_request_diagnostics#0' parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - name: - type: string - value: - type: string - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Create service token - tags: - - Fleet service tokens - /api/fleet/settings: - get: - operationId: get-settings - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Fleet_fleet_settings_response' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get settings - tags: - - Fleet internals - put: - operationId: update-settings + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - additional_yaml_config: - type: string - fleet_server_hosts: - description: Protocol and path must be the same for each URL + additional_metrics: items: + enum: + - CPU type: string type: array - has_seen_add_data_notice: - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Fleet_fleet_settings_response' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Update settings - tags: - - Fleet internals - /api/fleet/setup: - post: - operationId: setup - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + agents: + anyOf: + - items: + type: string + type: array + - type: string + batchSize: + type: number + required: + - agents responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Fleet_fleet_setup_response' - description: OK + additionalProperties: false + type: object + properties: + actionId: + type: string + required: + - actionId '400': - $ref: '#/components/responses/Fleet_error' - '500': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: + error: + type: string message: type: string - description: Internal Server Error - summary: Initiate Fleet setup - tags: - - Fleet internals - /api/fleet/uninstall_tokens: - get: - operationId: get-uninstall-tokens + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agent actions + /api/fleet/agents/bulk_unenroll: + post: + description: Bulk unenroll agents + operationId: '%2Fapi%2Ffleet%2Fagents%2Fbulk_unenroll#0' parameters: - - description: The number of items to return - in: query - name: perPage - required: false + - description: The version of the API to use + in: header + name: elastic-api-version schema: - default: 20 - minimum: 5 - type: integer - - $ref: '#/components/parameters/Fleet_page_index' - - description: Partial match filtering for policy IDs - in: query - name: policyId - required: false + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true schema: + example: 'true' type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + agents: + anyOf: + - items: + description: KQL query string, leave empty to action all agents + type: string + type: array + - description: list of agent IDs + type: string + batchSize: + type: number + force: + description: Unenrolls hosted agents too + type: boolean + includeInactive: + description: >- + When passing agents by KQL query, unenrolls inactive agents + too + type: boolean + revoke: + description: Revokes API keys of agents + type: boolean + required: + - agents responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - items: - items: - type: object - properties: - created_at: - type: string - id: - type: string - policy_id: - type: string - required: - - id - - policy_id - - created_at - type: array - page: - type: number - perPage: - type: number - total: - type: number + actionId: + type: string required: - - items - - total - - page - - perPage - description: OK + - actionId '400': - $ref: '#/components/responses/Fleet_error' - summary: List metadata for latest uninstall tokens per agent policy + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Fleet uninstall tokens - /api/fleet/uninstall_tokens/{uninstallTokenId}: - get: - operationId: get-uninstall-token + - Elastic Agent actions + /api/fleet/agents/bulk_update_agent_tags: + post: + description: Bulk update agent tags + operationId: '%2Fapi%2Ffleet%2Fagents%2Fbulk_update_agent_tags#0' parameters: - - in: path - name: uninstallTokenId + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf required: true schema: + example: 'true' type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + agents: + anyOf: + - items: + type: string + type: array + - type: string + batchSize: + type: number + includeInactive: + default: false + type: boolean + tagsToAdd: + items: + type: string + type: array + tagsToRemove: + items: + type: string + type: array + required: + - agents responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - item: - type: object - properties: - created_at: - type: string - id: - type: string - policy_id: - type: string - token: - type: string - required: - - id - - token - - policy_id - - created_at + actionId: + type: string required: - - item - description: OK + - actionId '400': - $ref: '#/components/responses/Fleet_error' - summary: Get one decrypted uninstall token by its ID + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Fleet uninstall tokens - /api/lists: - delete: - description: | - Delete a list using the list ID. - > info - > When you delete a list, all of its list items are also deleted. - operationId: DeleteList + - Elastic Agent actions + /api/fleet/agents/bulk_upgrade: + post: + description: Bulk upgrade agents + operationId: '%2Fapi%2Ffleet%2Fagents%2Fbulk_upgrade#0' parameters: - - description: List's `id` value - in: query - name: id - required: true - schema: - $ref: '#/components/schemas/Security_Lists_API_ListId' - - in: query - name: deleteReferences - required: false + - description: The version of the API to use + in: header + name: elastic-api-version schema: - default: false - type: boolean - - in: query - name: ignoreReferences - required: false + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true schema: - default: false - type: boolean + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + agents: + anyOf: + - items: + type: string + type: array + - type: string + batchSize: + type: number + force: + type: boolean + includeInactive: + default: false + type: boolean + rollout_duration_seconds: + minimum: 600 + type: number + skipRateLimitCheck: + type: boolean + source_uri: + type: string + start_time: + type: string + version: + type: string + required: + - agents + - version responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Security_Lists_API_List' - description: Successful response + additionalProperties: false + type: object + properties: + actionId: + type: string + required: + - actionId '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agent actions + /api/fleet/agents/files/{fileId}: + delete: + description: Delete file uploaded by agent + operationId: '%2Fapi%2Ffleet%2Fagents%2Ffiles%2F%7BfileId%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: fileId + required: true + schema: + type: string + responses: + '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': + additionalProperties: false + type: object + properties: + deleted: + type: boolean + id: + type: string + required: + - id + - deleted + '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '404': + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agents + /api/fleet/agents/files/{fileId}/{fileName}: + get: + description: Get file uploaded by agent + operationId: '%2Fapi%2Ffleet%2Fagents%2Ffiles%2F%7BfileId%7D%2F%7BfileName%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: fileId + required: true + schema: + type: string + - in: path + name: fileName + required: true + schema: + type: string + responses: + '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List not found response - '500': + type: object + '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Delete a list + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Security Lists API + - Elastic Agents + /api/fleet/agents/setup: get: - description: Get the details of a list using the list ID. - operationId: ReadList + description: Get agent setup info + operationId: '%2Fapi%2Ffleet%2Fagents%2Fsetup#0' parameters: - - description: List's `id` value - in: query - name: id - required: true + - description: The version of the API to use + in: header + name: elastic-api-version schema: - $ref: '#/components/schemas/Security_Lists_API_ListId' + default: '2023-10-31' + enum: + - '2023-10-31' + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Security_Lists_API_List' - description: Successful response + additionalProperties: false + description: >- + A summary of the agent setup status. `isReady` indicates + whether the setup is ready. If the setup is not ready, + `missing_requirements` lists which requirements are missing. + type: object + properties: + is_secrets_storage_enabled: + type: boolean + is_space_awareness_enabled: + type: boolean + isReady: + type: boolean + missing_optional_features: + items: + enum: + - encrypted_saved_object_encryption_key_required + type: string + type: array + missing_requirements: + items: + enum: + - security_required + - tls_required + - api_keys + - fleet_admin_user + - fleet_server + type: string + type: array + package_verification_key_id: + type: string + required: + - isReady + - missing_requirements + - missing_optional_features '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agents + post: + description: Initiate agent setup + operationId: '%2Fapi%2Ffleet%2Fagents%2Fsetup#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + responses: + '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': + additionalProperties: false + description: >- + A summary of the result of Fleet's `setup` lifecycle. If + `isInitialized` is true, Fleet is ready to accept agent + enrollment. `nonFatalErrors` may include useful insight into + non-blocking issues with Fleet setup. + type: object + properties: + isInitialized: + type: boolean + nonFatalErrors: + items: + additionalProperties: false + type: object + properties: + message: + type: string + name: + type: string + required: + - name + - message + type: array + required: + - isInitialized + - nonFatalErrors + '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '404': + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agents + /api/fleet/agents/tags: + get: + description: List agent tags + operationId: '%2Fapi%2Ffleet%2Fagents%2Ftags#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: kuery + required: false + schema: + type: string + - in: query + name: showInactive + required: false + schema: + default: false + type: boolean + responses: + '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List not found response - '500': + additionalProperties: false + type: object + properties: + items: + items: + type: string + type: array + required: + - items + '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Get list details + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Security Lists API - patch: - description: Update specific fields of an existing list using the list ID. - operationId: PatchList - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - _version: - type: string - description: - $ref: '#/components/schemas/Security_Lists_API_ListDescription' - id: - $ref: '#/components/schemas/Security_Lists_API_ListId' - meta: - $ref: '#/components/schemas/Security_Lists_API_ListMetadata' - name: - $ref: '#/components/schemas/Security_Lists_API_ListName' - version: - minimum: 1 - type: integer - required: - - id - description: List's properties - required: true + - Elastic Agents + /api/fleet/check-permissions: + get: + description: Check permissions + operationId: '%2Fapi%2Ffleet%2Fcheck-permissions#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: fleetServerSetup + required: false + schema: + type: boolean responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Security_Lists_API_List' - description: Successful response + additionalProperties: false + type: object + properties: + error: + enum: + - MISSING_SECURITY + - MISSING_PRIVILEGES + - MISSING_FLEET_SERVER_SETUP_PRIVILEGES + type: string + success: + type: boolean + required: + - success '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Patch a list + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Security Lists API - post: - description: Create a new list. - operationId: CreateList - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - description: - $ref: '#/components/schemas/Security_Lists_API_ListDescription' - deserializer: - type: string - id: - $ref: '#/components/schemas/Security_Lists_API_ListId' - meta: - $ref: '#/components/schemas/Security_Lists_API_ListMetadata' - name: - $ref: '#/components/schemas/Security_Lists_API_ListName' - serializer: - type: string - type: - $ref: '#/components/schemas/Security_Lists_API_ListType' - version: - default: 1 - minimum: 1 - type: integer - required: - - name - - description - - type - description: List's properties - required: true + - Fleet internals + /api/fleet/data_streams: + get: + description: List data streams + operationId: '%2Fapi%2Ffleet%2Fdata_streams#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Security_Lists_API_List' - description: Successful response + additionalProperties: false + type: object + properties: + data_streams: + items: + additionalProperties: false + type: object + properties: + dashboards: + items: + additionalProperties: false + type: object + properties: + id: + type: string + title: + type: string + required: + - id + - title + type: array + dataset: + type: string + index: + type: string + last_activity_ms: + type: number + namespace: + type: string + package: + type: string + package_version: + type: string + serviceDetails: + additionalProperties: false + nullable: true + type: object + properties: + environment: + type: string + serviceName: + type: string + required: + - environment + - serviceName + size_in_bytes: + type: number + size_in_bytes_formatted: + anyOf: + - type: number + - type: string + type: + type: string + required: + - index + - dataset + - namespace + - type + - package + - package_version + - last_activity_ms + - size_in_bytes + - size_in_bytes_formatted + - dashboards + - serviceDetails + type: array + required: + - data_streams '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Data streams + /api/fleet/enrollment_api_keys: + get: + description: List enrollment API keys + operationId: '%2Fapi%2Ffleet%2Fenrollment_api_keys#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: page + required: false + schema: + default: 1 + type: number + - in: query + name: perPage + required: false + schema: + default: 20 + type: number + - in: query + name: kuery + required: false + schema: + type: string + responses: + '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '409': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List already exists response - '500': + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + active: + description: >- + When false, the enrollment API key is revoked and + cannot be used for enrolling Elastic Agents. + type: boolean + api_key: + description: >- + The enrollment API key (token) used for enrolling + Elastic Agents. + type: string + api_key_id: + description: The ID of the API key in the Security API. + type: string + created_at: + type: string + id: + type: string + name: + description: The name of the enrollment API key. + type: string + policy_id: + description: >- + The ID of the agent policy the Elastic Agent will be + enrolled in. + type: string + required: + - id + - api_key_id + - api_key + - active + - created_at + type: array + list: + deprecated: true + items: + additionalProperties: false + type: object + properties: + active: + description: >- + When false, the enrollment API key is revoked and + cannot be used for enrolling Elastic Agents. + type: boolean + api_key: + description: >- + The enrollment API key (token) used for enrolling + Elastic Agents. + type: string + api_key_id: + description: The ID of the API key in the Security API. + type: string + created_at: + type: string + id: + type: string + name: + description: The name of the enrollment API key. + type: string + policy_id: + description: >- + The ID of the agent policy the Elastic Agent will be + enrolled in. + type: string + required: + - id + - api_key_id + - api_key + - active + - created_at + type: array + page: + type: number + perPage: + type: number + total: + type: number + required: + - items + - total + - page + - perPage + - list + '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Create a list + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Security Lists API - put: - description: > - Update a list using the list ID. The original list is replaced, and all - unspecified fields are deleted. - - > info - - > You cannot modify the `id` value. - operationId: UpdateList + - Fleet enrollment API keys + post: + description: Create enrollment API key + operationId: '%2Fapi%2Ffleet%2Fenrollment_api_keys#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - _version: + expiration: type: string - description: - $ref: '#/components/schemas/Security_Lists_API_ListDescription' - id: - $ref: '#/components/schemas/Security_Lists_API_ListId' - meta: - $ref: '#/components/schemas/Security_Lists_API_ListMetadata' name: - $ref: '#/components/schemas/Security_Lists_API_ListName' - version: - minimum: 1 - type: integer + type: string + policy_id: + type: string required: - - id - - name - - description - description: List's properties - required: true + - policy_id responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Security_Lists_API_List' - description: Successful response + additionalProperties: false + type: object + properties: + action: + enum: + - created + type: string + item: + additionalProperties: false + type: object + properties: + active: + description: >- + When false, the enrollment API key is revoked and + cannot be used for enrolling Elastic Agents. + type: boolean + api_key: + description: >- + The enrollment API key (token) used for enrolling + Elastic Agents. + type: string + api_key_id: + description: The ID of the API key in the Security API. + type: string + created_at: + type: string + id: + type: string + name: + description: The name of the enrollment API key. + type: string + policy_id: + description: >- + The ID of the agent policy the Elastic Agent will be + enrolled in. + type: string + required: + - id + - api_key_id + - api_key + - active + - created_at + required: + - item + - action '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '404': + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet enrollment API keys + /api/fleet/enrollment_api_keys/{keyId}: + delete: + description: Revoke enrollment API key by ID by marking it as inactive + operationId: '%2Fapi%2Ffleet%2Fenrollment_api_keys%2F%7BkeyId%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: keyId + required: true + schema: + type: string + responses: + '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List not found response - '500': + additionalProperties: false + type: object + properties: + action: + enum: + - deleted + type: string + required: + - action + '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Update a list + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Security Lists API - /api/lists/_find: + - Fleet enrollment API keys get: - description: >- - Get a paginated subset of lists. By default, the first page is returned, - with 20 results per page. - operationId: FindLists + description: Get enrollment API key by ID + operationId: '%2Fapi%2Ffleet%2Fenrollment_api_keys%2F%7BkeyId%7D#0' parameters: - - description: The page number to return - in: query - name: page - required: false - schema: - type: integer - - description: The number of lists to return per page - in: query - name: per_page - required: false - schema: - type: integer - - description: Determines which field is used to sort the results - in: query - name: sort_field - required: false - schema: - $ref: '#/components/schemas/Security_Lists_API_NonEmptyString' - - description: Determines the sort order, which can be `desc` or `asc` - in: query - name: sort_order - required: false + - description: The version of the API to use + in: header + name: elastic-api-version schema: + default: '2023-10-31' enum: - - desc - - asc + - '2023-10-31' type: string - - description: > - Returns the list that come after the last list returned in the - previous call - - (use the cursor value returned in the previous call). This parameter - uses - - the `tie_breaker_id` field to ensure all lists are sorted and - returned correctly. - in: query - name: cursor - required: false - schema: - $ref: '#/components/schemas/Security_Lists_API_FindListsCursor' - - description: > - Filters the returned results according to the value of the specified - field, - - using the : syntax. - in: query - name: filter - required: false + - in: path + name: keyId + required: true schema: - $ref: '#/components/schemas/Security_Lists_API_FindListsFilter' + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - cursor: - $ref: '#/components/schemas/Security_Lists_API_FindListsCursor' - data: - items: - $ref: '#/components/schemas/Security_Lists_API_List' - type: array - page: - minimum: 0 - type: integer - per_page: - minimum: 0 - type: integer - total: - minimum: 0 - type: integer + item: + additionalProperties: false + type: object + properties: + active: + description: >- + When false, the enrollment API key is revoked and + cannot be used for enrolling Elastic Agents. + type: boolean + api_key: + description: >- + The enrollment API key (token) used for enrolling + Elastic Agents. + type: string + api_key_id: + description: The ID of the API key in the Security API. + type: string + created_at: + type: string + id: + type: string + name: + description: The name of the enrollment API key. + type: string + policy_id: + description: >- + The ID of the agent policy the Elastic Agent will be + enrolled in. + type: string + required: + - id + - api_key_id + - api_key + - active + - created_at required: - - data - - page - - per_page - - total - - cursor - description: Successful response + - item '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Get lists - tags: - - Security Lists API - /api/lists/index: - delete: - description: Delete the `.lists` and `.items` data streams. - operationId: DeleteListIndex - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: + additionalProperties: false + description: Generic Error type: object properties: - acknowledged: - type: boolean + error: + type: string + message: + type: string + statusCode: + type: number required: - - acknowledged - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List data stream not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Delete list data streams + - message + summary: '' tags: - - Security Lists API + - Fleet enrollment API keys + /api/fleet/enrollment-api-keys: get: - description: Verify that `.lists` and `.items` data streams exist. - operationId: ReadListIndex - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - list_index: - type: boolean - list_item_index: - type: boolean - required: - - list_index - - list_item_index - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List data stream(s) not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Get status of list data streams - tags: - - Security Lists API - post: - description: Create `.lists` and `.items` data streams in the relevant space. - operationId: CreateListIndex - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - acknowledged: - type: boolean - required: - - acknowledged - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '409': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List data stream exists response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Create list data streams - tags: - - Security Lists API - /api/lists/items: - delete: - description: Delete a list item using its `id`, or its `list_id` and `value` fields. - operationId: DeleteListItem + deprecated: true + operationId: '%2Fapi%2Ffleet%2Fenrollment-api-keys#0' parameters: - - description: Required if `list_id` and `value` are not specified - in: query - name: id - required: false + - description: The version of the API to use + in: header + name: elastic-api-version schema: - $ref: '#/components/schemas/Security_Lists_API_ListId' - - description: Required if `id` is not specified - in: query - name: list_id + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: page required: false schema: - $ref: '#/components/schemas/Security_Lists_API_ListId' - - description: Required if `id` is not specified - in: query - name: value + default: 1 + type: number + - in: query + name: perPage required: false schema: - type: string - - description: >- - Determines when changes made by the request are made visible to - search - in: query - name: refresh + default: 20 + type: number + - in: query + name: kuery required: false schema: - default: 'false' - enum: - - 'true' - - 'false' - - wait_for type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: '#/components/schemas/Security_Lists_API_ListItem' - - items: - $ref: '#/components/schemas/Security_Lists_API_ListItem' - type: array - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List item not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Delete a list item - tags: - - Security Lists API - get: - description: Get the details of a list item. - operationId: ReadListItem + responses: {} + summary: '' + tags: [] + post: + deprecated: true + operationId: '%2Fapi%2Ffleet%2Fenrollment-api-keys#1' parameters: - - description: Required if `list_id` and `value` are not specified - in: query - name: id - required: false - schema: - $ref: '#/components/schemas/Security_Lists_API_ListId' - - description: Required if `id` is not specified - in: query - name: list_id - required: false + - description: The version of the API to use + in: header + name: elastic-api-version schema: - $ref: '#/components/schemas/Security_Lists_API_ListId' - - description: Required if `id` is not specified - in: query - name: value - required: false + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true schema: + example: 'true' type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: '#/components/schemas/Security_Lists_API_ListItem' - - items: - $ref: '#/components/schemas/Security_Lists_API_ListItem' - type: array - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List item not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Get a list item - tags: - - Security Lists API - patch: - description: Update specific fields of an existing list item using the list item ID. - operationId: PatchListItem requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - _version: + expiration: type: string - id: - $ref: '#/components/schemas/Security_Lists_API_ListItemId' - meta: - $ref: '#/components/schemas/Security_Lists_API_ListItemMetadata' - refresh: - description: >- - Determines when changes made by the request are made visible - to search - enum: - - 'true' - - 'false' - - wait_for + name: + type: string + policy_id: type: string - value: - $ref: '#/components/schemas/Security_Lists_API_ListItemValue' required: - - id - description: List item's properties - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_ListItem' - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List item not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Patch a list item - tags: - - Security Lists API + - policy_id + responses: {} + summary: '' + tags: [] + /api/fleet/enrollment-api-keys/{keyId}: + delete: + deprecated: true + operationId: '%2Fapi%2Ffleet%2Fenrollment-api-keys%2F%7BkeyId%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: keyId + required: true + schema: + type: string + responses: {} + summary: '' + tags: [] + get: + deprecated: true + operationId: '%2Fapi%2Ffleet%2Fenrollment-api-keys%2F%7BkeyId%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: keyId + required: true + schema: + type: string + responses: {} + summary: '' + tags: [] + /api/fleet/epm/bulk_assets: post: - description: > - Create a list item and associate it with the specified list. - - - All list items in the same list must be the same type. For example, each - list item in an `ip` list must define a specific IP address. - - > info - - > Before creating a list item, you must create a list. - operationId: CreateListItem + description: Bulk get assets + operationId: '%2Fapi%2Ffleet%2Fepm%2Fbulk_assets#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - id: - $ref: '#/components/schemas/Security_Lists_API_ListItemId' - list_id: - $ref: '#/components/schemas/Security_Lists_API_ListId' - meta: - $ref: '#/components/schemas/Security_Lists_API_ListItemMetadata' - refresh: - description: >- - Determines when changes made by the request are made visible - to search - enum: - - 'true' - - 'false' - - wait_for - type: string - value: - $ref: '#/components/schemas/Security_Lists_API_ListItemValue' + assetIds: + items: + additionalProperties: false + type: object + properties: + id: + type: string + type: + type: string + required: + - id + - type + type: array required: - - list_id - - value - description: List item's properties - required: true + - assetIds responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Security_Lists_API_ListItem' - description: Successful response + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + appLink: + type: string + attributes: + additionalProperties: false + type: object + properties: + description: + type: string + service: + type: string + title: + type: string + id: + type: string + type: + type: string + updatedAt: + type: string + required: + - id + - type + - attributes + type: array + required: + - items '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/categories: + get: + description: List package categories + operationId: '%2Fapi%2Ffleet%2Fepm%2Fcategories#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: prerelease + required: false + schema: + type: boolean + - in: query + name: experimental + required: false + schema: + type: boolean + - in: query + name: include_policy_templates + required: false + schema: + type: boolean + responses: + '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '409': + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + count: + type: number + id: + type: string + parent_id: + type: string + parent_title: + type: string + title: + type: string + required: + - id + - title + - count + type: array + response: + items: + additionalProperties: false + deprecated: true + type: object + properties: + count: + type: number + id: + type: string + parent_id: + type: string + parent_title: + type: string + title: + type: string + required: + - id + - title + - count + type: array + required: + - items + '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List item already exists response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Create a list item + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Security Lists API - put: - description: > - Update a list item using the list item ID. The original list item is - replaced, and all unspecified fields are deleted. - - > info - - > You cannot modify the `id` value. - operationId: UpdateListItem + - Elastic Package Manager (EPM) + /api/fleet/epm/custom_integrations: + post: + description: Create custom integration + operationId: '%2Fapi%2Ffleet%2Fepm%2Fcustom_integrations#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - _version: + datasets: + items: + additionalProperties: false + type: object + properties: + name: + type: string + type: + enum: + - logs + - metrics + - traces + - synthetics + - profiling + type: string + required: + - name + - type + type: array + force: + type: boolean + integrationName: type: string - id: - $ref: '#/components/schemas/Security_Lists_API_ListItemId' - meta: - $ref: '#/components/schemas/Security_Lists_API_ListItemMetadata' - value: - $ref: '#/components/schemas/Security_Lists_API_ListItemValue' required: - - id - - value - description: List item's properties - required: true + - integrationName + - datasets responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Security_Lists_API_ListItem' - description: Successful response + additionalProperties: false + type: object + properties: + _meta: + additionalProperties: false + type: object + properties: + install_source: + type: string + required: + - install_source + items: + items: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + - additionalProperties: false + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + response: + deprecated: true + items: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + - additionalProperties: false + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + required: + - items + - _meta '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List item not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Update a list item + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - Security Lists API - /api/lists/items/_export: - post: - description: Export list item values from the specified list. - operationId: ExportListItems + - Elastic Package Manager (EPM) + /api/fleet/epm/data_streams: + get: + description: List data streams + operationId: '%2Fapi%2Ffleet%2Fepm%2Fdata_streams#0' parameters: - - description: List's id to export - in: query - name: list_id - required: true + - description: The version of the API to use + in: header + name: elastic-api-version schema: - $ref: '#/components/schemas/Security_Lists_API_ListId' + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: type + required: false + schema: + enum: + - logs + - metrics + - traces + - synthetics + - profiling + type: string + - in: query + name: datasetQuery + required: false + schema: + type: string + - in: query + name: sortOrder + required: false + schema: + default: asc + enum: + - asc + - desc + type: string + - in: query + name: uncategorisedOnly + required: false + schema: + default: false + type: boolean responses: '200': - content: - application/ndjson; Elastic-Api-Version=2023-10-31: - schema: - description: A `.txt` file containing list items from the specified list - format: binary - type: string - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Export list items - tags: - - Security Lists API - /api/lists/items/_find: - get: - description: Get all list items in the specified list. - operationId: FindListItems - parameters: - - description: List's id - in: query - name: list_id - required: true - schema: - $ref: '#/components/schemas/Security_Lists_API_ListId' - - description: The page number to return - in: query - name: page - required: false - schema: - type: integer - - description: The number of list items to return per page - in: query - name: per_page - required: false - schema: - type: integer - - description: Determines which field is used to sort the results - in: query - name: sort_field - required: false - schema: - $ref: '#/components/schemas/Security_Lists_API_NonEmptyString' - - description: Determines the sort order, which can be `desc` or `asc` - in: query - name: sort_order - required: false - schema: - enum: - - desc - - asc - type: string - - description: > - Returns the list that come after the last list returned in the - previous call - - (use the cursor value returned in the previous call). This parameter - uses - - the `tie_breaker_id` field to ensure all lists are sorted and - returned correctly. - in: query - name: cursor - required: false - schema: - $ref: '#/components/schemas/Security_Lists_API_FindListItemsCursor' - - description: > - Filters the returned results according to the value of the specified - field, - - using the : syntax. - in: query - name: filter - required: false - schema: - $ref: '#/components/schemas/Security_Lists_API_FindListItemsFilter' - responses: - '200': + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + name: + type: string + required: + - name + type: array + required: + - items + '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object properties: - cursor: - $ref: >- - #/components/schemas/Security_Lists_API_FindListItemsCursor - data: - items: - $ref: '#/components/schemas/Security_Lists_API_ListItem' - type: array - page: - minimum: 0 - type: integer - per_page: - minimum: 0 - type: integer - total: - minimum: 0 - type: integer + error: + type: string + message: + type: string + statusCode: + type: number required: - - data - - page - - per_page - - total - - cursor - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Get list items + - message + summary: '' tags: - - Security Lists API - /api/lists/items/_import: - post: - description: > - Import list items from a TXT or CSV file. The maximum file size is 9 - million bytes. - - - You can import items to a new or existing list. - operationId: ImportListItems + - Data streams + /api/fleet/epm/packages: + get: + description: List packages + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages#0' parameters: - - description: | - List's id. - - Required when importing to an existing list. - in: query - name: list_id - required: false + - description: The version of the API to use + in: header + name: elastic-api-version schema: - $ref: '#/components/schemas/Security_Lists_API_ListId' - - description: > - Type of the importing list. - - - Required when importing a new list that is `list_id` is not - specified. - in: query - name: type + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: category required: false schema: - $ref: '#/components/schemas/Security_Lists_API_ListType' + type: string - in: query - name: serializer + name: prerelease required: false schema: - type: string + type: boolean - in: query - name: deserializer + name: experimental required: false schema: - type: string - - description: >- - Determines when changes made by the request are made visible to - search - in: query - name: refresh + type: boolean + - in: query + name: excludeInstallStatus required: false schema: - enum: - - 'true' - - 'false' - - wait_for - type: string - requestBody: - content: - multipart/form-data; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - file: - description: >- - A `.txt` or `.csv` file containing newline separated list - items - format: binary - type: string - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_List' - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '409': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List with specified list_id does not exist response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Import list items - tags: - - Security Lists API - /api/lists/privileges: - get: - operationId: ReadListPrivileges - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - is_authenticated: - type: boolean - listItems: - $ref: '#/components/schemas/Security_Lists_API_ListItemPrivileges' - lists: - $ref: '#/components/schemas/Security_Lists_API_ListPrivileges' - required: - - lists - - listItems - - is_authenticated - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Get list privileges - tags: - - Security Lists API - /api/ml/saved_objects/sync: - get: - description: > - Synchronizes Kibana saved objects for machine learning jobs and trained - models in the default space. You must have `all` privileges for the - **Machine Learning** feature in the **Analytics** section of the Kibana - feature privileges. This API runs automatically when you start Kibana - and periodically thereafter. - operationId: mlSync - parameters: - - $ref: '#/components/parameters/Machine_learning_APIs_simulateParam' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - syncExample: - $ref: '#/components/examples/Machine_learning_APIs_mlSyncExample' - schema: - $ref: '#/components/schemas/Machine_learning_APIs_mlSync200Response' - description: Indicates a successful call - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Machine_learning_APIs_mlSync4xxResponse' - description: Authorization information is missing or invalid. - summary: Sync saved objects in the default space - tags: - - ml - /api/note: - delete: - description: Delete a note from a Timeline using the note ID. - operationId: DeleteNote - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - nullable: true - type: object - properties: - noteId: - type: string - required: - - noteId - - nullable: true - type: object - properties: - noteIds: - items: - type: string - nullable: true - type: array - required: - - noteIds - description: The ID of the note to delete. - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - data: - type: object - description: Indicates the note was successfully deleted. - summary: Delete a note - tags: - - Security Timeline API - - access:securitySolution - get: - description: Get all notes for a given document. - operationId: GetNotes - parameters: - - in: query - name: documentIds - schema: - $ref: '#/components/schemas/Security_Timeline_API_DocumentIds' - - in: query - name: savedObjectIds - schema: - $ref: '#/components/schemas/Security_Timeline_API_SavedObjectIds' - - in: query - name: page - schema: - nullable: true - type: string - - in: query - name: perPage - schema: - nullable: true - type: string - - in: query - name: search - schema: - nullable: true - type: string - - in: query - name: sortField - schema: - nullable: true - type: string - - in: query - name: sortOrder - schema: - nullable: true - type: string - - in: query - name: filter - schema: - nullable: true - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: '#/components/schemas/Security_Timeline_API_GetNotesResult' - - type: object - description: Indicates the requested notes were returned. - summary: Get notes - tags: - - Security Timeline API - - access:securitySolution - patch: - description: Add a note to a Timeline or update an existing note. - operationId: PersistNoteRoute - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - eventDataView: - nullable: true - type: string - eventIngested: - nullable: true - type: string - eventTimestamp: - nullable: true - type: string - note: - $ref: '#/components/schemas/Security_Timeline_API_BareNote' - noteId: - nullable: true - type: string - overrideOwner: - nullable: true - type: boolean - version: - nullable: true - type: string - required: - - note - description: The note to add or update, along with additional metadata. - required: true + type: boolean responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - data: - type: object - properties: - persistNote: - $ref: >- - #/components/schemas/Security_Timeline_API_ResponseNote - required: - - persistNote - required: - - data - description: Indicates the note was successfully created. - summary: Add or update a note - tags: - - Security Timeline API - - access:securitySolution - /api/osquery/live_queries: - get: - description: Get a list of all live queries. - operationId: OsqueryFindLiveQueries - parameters: - - in: query - name: query - required: true - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_FindLiveQueryRequestQuery - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Get live queries - tags: - - Security Osquery API - post: - description: Create and run a live query. - operationId: OsqueryCreateLiveQuery - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_CreateLiveQueryRequestBody - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Create a live query - tags: - - Security Osquery API - /api/osquery/live_queries/{id}: - get: - description: Get the details of a live query using the query ID. - operationId: OsqueryGetLiveQueryDetails - parameters: - - in: path - name: id - required: true - schema: - $ref: '#/components/schemas/Security_Osquery_API_Id' - - in: query - name: query - schema: - additionalProperties: true - type: object - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Get live query details - tags: - - Security Osquery API - /api/osquery/live_queries/{id}/results/{actionId}: - get: - description: Get the results of a live query using the query action ID. - operationId: OsqueryGetLiveQueryResults - parameters: - - in: path - name: id - required: true - schema: - $ref: '#/components/schemas/Security_Osquery_API_Id' - - in: path - name: actionId - required: true - schema: - $ref: '#/components/schemas/Security_Osquery_API_Id' - - in: query - name: query - required: true - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_GetLiveQueryResultsRequestQuery - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Get live query results - tags: - - Security Osquery API - /api/osquery/packs: - get: - description: Get a list of all query packs. - operationId: OsqueryFindPacks - parameters: - - in: query - name: query - required: true - schema: - $ref: '#/components/schemas/Security_Osquery_API_FindPacksRequestQuery' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Get packs - tags: - - Security Osquery API - post: - description: Create a query pack. - operationId: OsqueryCreatePacks - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Osquery_API_CreatePacksRequestBody' - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Create a pack - tags: - - Security Osquery API - /api/osquery/packs/{id}: - delete: - description: Delete a query pack using the pack ID. - operationId: OsqueryDeletePacks - parameters: - - in: path - name: id - required: true - schema: - $ref: '#/components/schemas/Security_Osquery_API_PackId' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Delete a pack - tags: - - Security Osquery API - get: - description: Get the details of a query pack using the pack ID. - operationId: OsqueryGetPacksDetails - parameters: - - in: path - name: id - required: true - schema: - $ref: '#/components/schemas/Security_Osquery_API_PackId' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Get pack details - tags: - - Security Osquery API - put: - description: | - Update a query pack using the pack ID. - > info - > You cannot update a prebuilt pack. - operationId: OsqueryUpdatePacks - parameters: - - in: path - name: id - required: true - schema: - $ref: '#/components/schemas/Security_Osquery_API_PackId' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Osquery_API_UpdatePacksRequestBody' - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Update a pack - tags: - - Security Osquery API - /api/osquery/saved_queries: - get: - description: Get a list of all saved queries. - operationId: OsqueryFindSavedQueries - parameters: - - in: query - name: query - required: true - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_FindSavedQueryRequestQuery - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Get saved queries - tags: - - Security Osquery API - post: - description: Create and run a saved query. - operationId: OsqueryCreateSavedQuery - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_CreateSavedQueryRequestBody - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Create a saved query - tags: - - Security Osquery API - /api/osquery/saved_queries/{id}: - delete: - description: Delete a saved query using the query ID. - operationId: OsqueryDeleteSavedQuery - parameters: - - in: path - name: id - required: true - schema: - $ref: '#/components/schemas/Security_Osquery_API_SavedQueryId' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Delete a saved query - tags: - - Security Osquery API - get: - description: Get the details of a saved query using the query ID. - operationId: OsqueryGetSavedQueryDetails - parameters: - - in: path - name: id - required: true - schema: - $ref: '#/components/schemas/Security_Osquery_API_SavedQueryId' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Get saved query details - tags: - - Security Osquery API - put: - description: | - Update a saved query using the query ID. - > info - > You cannot update a prebuilt saved query. - operationId: OsqueryUpdateSavedQuery - parameters: - - in: path - name: id - required: true - schema: - $ref: '#/components/schemas/Security_Osquery_API_SavedQueryId' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_UpdateSavedQueryRequestBody - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Update a saved query - tags: - - Security Osquery API - /api/pinned_event: - patch: - description: Pin an event to an existing Timeline. - operationId: PersistPinnedEventRoute - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - eventId: - type: string - pinnedEventId: - nullable: true - type: string - timelineId: - type: string - required: - - eventId - - timelineId - description: The pinned event to add or update, along with additional metadata. - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - data: - type: object - properties: - persistPinnedEventOnTimeline: - $ref: >- - #/components/schemas/Security_Timeline_API_PersistPinnedEventResponse - required: - - persistPinnedEventOnTimeline - required: - - data - description: Indicates the event was successfully pinned to the Timeline. - summary: Pin an event - tags: - - Security Timeline API - - access:securitySolution - /api/risk_score/engine/dangerously_delete_data: - delete: - description: >- - Cleaning up the the Risk Engine by removing the indices, mapping and - transforms - operationId: CleanUpRiskEngine - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - cleanup_successful: - type: boolean - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_TaskManagerUnavailableResponse - description: Task manager is unavailable - default: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_CleanUpRiskEngineErrorResponse - description: Unexpected error - summary: Cleanup the Risk Engine - tags: - - Security Entity Analytics API - /api/risk_score/engine/schedule_now: - post: - description: >- - Schedule the risk scoring engine to run as soon as possible. You can use - this to recalculate entity risk scores after updating their asset - criticality. - operationId: ScheduleRiskEngineNow - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: {} - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_RiskEngineScheduleNowResponse - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_TaskManagerUnavailableResponse - description: Task manager is unavailable - default: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_RiskEngineScheduleNowErrorResponse - description: Unexpected error - summary: Run the risk scoring engine - tags: - - Security Entity Analytics API - /api/saved_objects/_bulk_create: - post: - deprecated: true - operationId: bulkCreateSavedObjects - parameters: - - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - - description: When true, overwrites the document with the same identifier. - in: query - name: overwrite - schema: - type: boolean - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - items: - type: object - type: array - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Saved_objects_400_response' - description: Bad request - summary: Create saved objects - tags: - - saved objects - /api/saved_objects/_bulk_delete: - post: - deprecated: true - description: | - WARNING: When you delete a saved object, it cannot be recovered. - operationId: bulkDeleteSavedObjects - parameters: - - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - - description: > - When true, force delete objects that exist in multiple namespaces. - Note that the option applies to the whole request. Use the delete - object API to specify per-object deletion behavior. TIP: Use this if - you attempted to delete objects and received an HTTP 400 error with - the following message: "Unable to delete saved object that exists in - multiple namespaces, use the force option to delete it anyway". - WARNING: When you bulk delete objects that exist in multiple - namespaces, the API also deletes legacy url aliases that reference - the object. These requests are batched to minimise the impact but - they can place a heavy load on Kibana. Make sure you limit the - number of objects that exist in multiple namespaces in a single bulk - delete operation. - in: query - name: force - schema: - type: boolean - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - items: - type: object - type: array - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - description: > - Indicates a successful call. NOTE: This HTTP response code indicates - that the bulk operation succeeded. Errors pertaining to individual - objects will be returned in the response body. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Saved_objects_400_response' - description: Bad request - summary: Delete saved objects - tags: - - saved objects - /api/saved_objects/_bulk_get: - post: - deprecated: true - operationId: bulkGetSavedObjects - parameters: - - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - items: - type: object - type: array - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Saved_objects_400_response' - description: Bad request - summary: Get saved objects - tags: - - saved objects - /api/saved_objects/_bulk_resolve: - post: - deprecated: true - description: > - Retrieve multiple Kibana saved objects by identifier using any legacy - URL aliases if they exist. Under certain circumstances when Kibana is - upgraded, saved object migrations may necessitate regenerating some - object IDs to enable new features. When an object's ID is regenerated, a - legacy URL alias is created for that object, preserving its old ID. In - such a scenario, that object can be retrieved by the bulk resolve API - using either its new ID or its old ID. - operationId: bulkResolveSavedObjects - parameters: - - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - items: - type: object - type: array - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - description: > - Indicates a successful call. NOTE: This HTTP response code indicates - that the bulk operation succeeded. Errors pertaining to individual - objects will be returned in the response body. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Saved_objects_400_response' - description: Bad request - summary: Resolve saved objects - tags: - - saved objects - /api/saved_objects/_bulk_update: - post: - deprecated: true - description: Update the attributes for multiple Kibana saved objects. - operationId: bulkUpdateSavedObjects - parameters: - - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - items: - type: object - type: array - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - description: > - Indicates a successful call. NOTE: This HTTP response code indicates - that the bulk operation succeeded. Errors pertaining to individual - objects will be returned in the response body. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Saved_objects_400_response' - description: Bad request - summary: Update saved objects - tags: - - saved objects - /api/saved_objects/_export: - post: - description: > - Retrieve sets of saved objects that you want to import into Kibana. - - You must include `type` or `objects` in the request body. - - - Exported saved objects are not backwards compatible and cannot be - imported into an older version of Kibana. - - - NOTE: The `savedObjects.maxImportExportSize` configuration setting - limits the number of saved objects which may be exported. - - - This functionality is in technical preview and may be changed or removed - in a future release. Elastic will work to fix any issues, but features - in technical preview are not subject to the support SLA of official GA - features. - operationId: exportSavedObjectsDefault - parameters: - - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - exportSavedObjectsRequest: - $ref: '#/components/examples/Saved_objects_export_objects_request' - schema: - type: object - properties: - excludeExportDetails: - default: false - description: Do not add export details entry at the end of the stream. - type: boolean - includeReferencesDeep: - description: >- - Includes all of the referenced objects in the exported - objects. - type: boolean - objects: - description: A list of objects to export. - items: - type: object - type: array - type: - description: >- - The saved object types to include in the export. Use `*` to - export all the types. - oneOf: - - type: string - - items: - type: string - type: array - required: true - responses: - '200': - content: - application/x-ndjson; Elastic-Api-Version=2023-10-31: - examples: - exportSavedObjectsResponse: - $ref: '#/components/examples/Saved_objects_export_objects_response' - schema: - additionalProperties: true - type: object - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Saved_objects_400_response' - description: Bad request. - summary: Export saved objects - tags: - - saved objects - /api/saved_objects/_find: - get: - deprecated: true - description: Retrieve a paginated set of Kibana saved objects. - operationId: findSavedObjects - parameters: - - description: > - An aggregation structure, serialized as a string. The field format - is similar to filter, meaning that to use a saved object type - attribute in the aggregation, the `savedObjectType.attributes.title: - "myTitle"` format must be used. For root fields, the syntax is - `savedObjectType.rootField`. NOTE: As objects change in Kibana, the - results on each page of the response also change. Use the find API - for traditional paginated results, but avoid using it to export - large amounts of data. - in: query - name: aggs - schema: - type: string - - description: The default operator to use for the `simple_query_string`. - in: query - name: default_search_operator - schema: - type: string - - description: The fields to return in the attributes key of the response. - in: query - name: fields - schema: - oneOf: - - type: string - - type: array - - description: > - The filter is a KQL string with the caveat that if you filter with - an attribute from your saved object type, it should look like that: - `savedObjectType.attributes.title: "myTitle"`. However, if you use a - root attribute of a saved object such as `updated_at`, you will have - to define your filter like that: `savedObjectType.updated_at > - 2018-12-22`. - in: query - name: filter - schema: - type: string - - description: >- - Filters to objects that do not have a relationship with the type and - identifier combination. - in: query - name: has_no_reference - schema: - type: object - - description: >- - The operator to use for the `has_no_reference` parameter. Either - `OR` or `AND`. Defaults to `OR`. - in: query - name: has_no_reference_operator - schema: - type: string - - description: >- - Filters to objects that have a relationship with the type and ID - combination. - in: query - name: has_reference - schema: - type: object - - description: >- - The operator to use for the `has_reference` parameter. Either `OR` - or `AND`. Defaults to `OR`. - in: query - name: has_reference_operator - schema: - type: string - - description: The page of objects to return. - in: query - name: page - schema: - type: integer - - description: The number of objects to return per page. - in: query - name: per_page - schema: - type: integer - - description: >- - An Elasticsearch `simple_query_string` query that filters the - objects in the response. - in: query - name: search - schema: - type: string - - description: >- - The fields to perform the `simple_query_string` parsed query - against. - in: query - name: search_fields - schema: - oneOf: - - type: string - - type: array - - description: > - Sorts the response. Includes "root" and "type" fields. "root" fields - exist for all saved objects, such as "updated_at". "type" fields are - specific to an object type, such as fields returned in the - attributes key of the response. When a single type is defined in the - type parameter, the "root" and "type" fields are allowed, and - validity checks are made in that order. When multiple types are - defined in the type parameter, only "root" fields are allowed. - in: query - name: sort_field - schema: - type: string - - description: The saved object types to include. - in: query - name: type - required: true - schema: - oneOf: - - type: string - - type: array - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Saved_objects_400_response' - description: Bad request - summary: Search for saved objects - tags: - - saved objects - /api/saved_objects/_import: - post: - description: > - Create sets of Kibana saved objects from a file created by the export - API. - - Saved objects can be imported only into the same version, a newer minor - on the same major, or the next major. Exported saved objects are not - backwards compatible and cannot be imported into an older version of - Kibana. - - - This functionality is in technical preview and may be changed or removed - in a future release. Elastic will work to fix any issues, but features - in technical preview are not subject to the support SLA of official GA - features. - operationId: importSavedObjectsDefault - parameters: - - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - - description: > - Creates copies of saved objects, regenerates each object ID, and - resets the origin. When used, potential conflict errors are avoided. - NOTE: This option cannot be used with the `overwrite` and - `compatibilityMode` options. - in: query - name: createNewCopies - required: false - schema: - type: boolean - - description: > - Overwrites saved objects when they already exist. When used, - potential conflict errors are automatically resolved by overwriting - the destination object. NOTE: This option cannot be used with the - `createNewCopies` option. - in: query - name: overwrite - required: false - schema: - type: boolean - - description: > - Applies various adjustments to the saved objects that are being - imported to maintain compatibility between different Kibana - versions. Use this option only if you encounter issues with imported - saved objects. NOTE: This option cannot be used with the - `createNewCopies` option. - in: query - name: compatibilityMode - required: false - schema: - type: boolean - requestBody: - content: - multipart/form-data; Elastic-Api-Version=2023-10-31: - examples: - importObjectsRequest: - $ref: '#/components/examples/Saved_objects_import_objects_request' - schema: - type: object - properties: - file: - description: > - A file exported using the export API. NOTE: The - `savedObjects.maxImportExportSize` configuration setting - limits the number of saved objects which may be included in - this file. Similarly, the - `savedObjects.maxImportPayloadBytes` setting limits the - overall size of the file that can be imported. - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - importObjectsResponse: - $ref: '#/components/examples/Saved_objects_import_objects_response' - schema: - type: object - properties: - errors: - description: > - Indicates the import was unsuccessful and specifies the - objects that failed to import. - - - NOTE: One object may result in multiple errors, which - requires separate steps to resolve. For instance, a - `missing_references` error and conflict error. - items: - type: object - type: array - success: - description: > - Indicates when the import was successfully completed. When - set to false, some objects may not have been created. For - additional information, refer to the `errors` and - `successResults` properties. - type: boolean - successCount: - description: Indicates the number of successfully imported records. - type: integer - successResults: - description: > - Indicates the objects that are successfully imported, with - any metadata if applicable. - - - NOTE: Objects are created only when all resolvable errors - are addressed, including conflicts and missing references. - If objects are created as new copies, each entry in the - `successResults` array includes a `destinationId` - attribute. - items: - type: object - type: array - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Saved_objects_400_response' - description: Bad request. - summary: Import saved objects - tags: - - saved objects - x-codeSamples: - - label: Import with createNewCopies - lang: cURL - source: | - curl \ - -X POST api/saved_objects/_import?createNewCopies=true - -H "kbn-xsrf: true" - --form file=@file.ndjson - /api/saved_objects/_resolve_import_errors: - post: - description: > - To resolve errors from the Import objects API, you can: - - - * Retry certain saved objects - - * Overwrite specific saved objects - - * Change references to different saved objects - - - This functionality is in technical preview and may be changed or removed - in a future release. Elastic will work to fix any issues, but features - in technical preview are not subject to the support SLA of official GA - features. - operationId: resolveImportErrors - parameters: - - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - - description: > - Applies various adjustments to the saved objects that are being - imported to maintain compatibility between different Kibana - versions. When enabled during the initial import, also enable when - resolving import errors. This option cannot be used with the - `createNewCopies` option. - in: query - name: compatibilityMode - required: false - schema: - type: boolean - - description: > - Creates copies of the saved objects, regenerates each object ID, and - resets the origin. When enabled during the initial import, also - enable when resolving import errors. - in: query - name: createNewCopies - required: false - schema: - type: boolean - requestBody: - content: - multipart/form-data; Elastic-Api-Version=2023-10-31: - examples: - resolveImportErrorsRequest: - $ref: >- - #/components/examples/Saved_objects_resolve_missing_reference_request - schema: - type: object - properties: - file: - description: The same file given to the import API. - format: binary - type: string - retries: - description: >- - The retry operations, which can specify how to resolve - different types of errors. - items: - type: object - properties: - destinationId: - description: >- - Specifies the destination ID that the imported object - should have, if different from the current ID. - type: string - id: - description: The saved object ID. - type: string - ignoreMissingReferences: - description: >- - When set to `true`, ignores missing reference errors. - When set to `false`, does nothing. - type: boolean - overwrite: - description: >- - When set to `true`, the source object overwrites the - conflicting destination object. When set to `false`, - does nothing. - type: boolean - replaceReferences: - description: >- - A list of `type`, `from`, and `to` used to change the - object references. - items: - type: object - properties: - from: - type: string - to: - type: string - type: - type: string - type: array - type: - description: The saved object type. - type: string - required: - - type - - id - type: array - required: - - retries - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - resolveImportErrorsResponse: - $ref: >- - #/components/examples/Saved_objects_resolve_missing_reference_response - schema: - type: object - properties: - errors: - description: > - Specifies the objects that failed to resolve. - - - NOTE: One object can result in multiple errors, which - requires separate steps to resolve. For instance, a - `missing_references` error and a `conflict` error. - items: - type: object - type: array - success: - description: > - Indicates a successful import. When set to `false`, some - objects may not have been created. For additional - information, refer to the `errors` and `successResults` - properties. - type: boolean - successCount: - description: | - Indicates the number of successfully resolved records. - type: number - successResults: - description: > - Indicates the objects that are successfully imported, with - any metadata if applicable. - - - NOTE: Objects are only created when all resolvable errors - are addressed, including conflict and missing references. - items: - type: object - type: array - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Saved_objects_400_response' - description: Bad request. - summary: Resolve import errors - tags: - - saved objects - /api/saved_objects/{type}: - post: - deprecated: true - description: Create a Kibana saved object with a randomly generated identifier. - operationId: createSavedObject - parameters: - - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - - $ref: '#/components/parameters/Saved_objects_saved_object_type' - - description: If true, overwrites the document with the same identifier. - in: query - name: overwrite - schema: - type: boolean - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - attributes: - $ref: '#/components/schemas/Saved_objects_attributes' - initialNamespaces: - $ref: '#/components/schemas/Saved_objects_initial_namespaces' - references: - $ref: '#/components/schemas/Saved_objects_references' - required: - - attributes - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - description: Indicates a successful call. - '409': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - description: Indicates a conflict error. - summary: Create a saved object - tags: - - saved objects - /api/saved_objects/{type}/{id}: - get: - deprecated: true - description: Retrieve a single Kibana saved object by identifier. - operationId: getSavedObject - parameters: - - $ref: '#/components/parameters/Saved_objects_saved_object_id' - - $ref: '#/components/parameters/Saved_objects_saved_object_type' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Saved_objects_400_response' - description: Bad request. - summary: Get a saved object - tags: - - saved objects - post: - deprecated: true - description: >- - Create a Kibana saved object and specify its identifier instead of using - a randomly generated ID. - operationId: createSavedObjectId - parameters: - - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - - $ref: '#/components/parameters/Saved_objects_saved_object_id' - - $ref: '#/components/parameters/Saved_objects_saved_object_type' - - description: If true, overwrites the document with the same identifier. - in: query - name: overwrite - schema: - type: boolean - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - attributes: - $ref: '#/components/schemas/Saved_objects_attributes' - initialNamespaces: - $ref: '#/components/schemas/Saved_objects_initial_namespaces' - references: - $ref: '#/components/schemas/Saved_objects_initial_namespaces' - required: - - attributes - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - description: Indicates a successful call. - '409': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - description: Indicates a conflict error. - summary: Create a saved object - tags: - - saved objects - put: - deprecated: true - description: Update the attributes for Kibana saved objects. - operationId: updateSavedObject - parameters: - - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - - $ref: '#/components/parameters/Saved_objects_saved_object_id' - - $ref: '#/components/parameters/Saved_objects_saved_object_type' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - description: Indicates a successful call. - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - description: Indicates the object was not found. - '409': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - description: Indicates a conflict error. - summary: Update a saved object - tags: - - saved objects - /api/saved_objects/resolve/{type}/{id}: - get: - deprecated: true - description: > - Retrieve a single Kibana saved object by identifier using any legacy URL - alias if it exists. Under certain circumstances, when Kibana is - upgraded, saved object migrations may necessitate regenerating some - object IDs to enable new features. When an object's ID is regenerated, a - legacy URL alias is created for that object, preserving its old ID. In - such a scenario, that object can be retrieved using either its new ID or - its old ID. - operationId: resolveSavedObject - parameters: - - $ref: '#/components/parameters/Saved_objects_saved_object_id' - - $ref: '#/components/parameters/Saved_objects_saved_object_type' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Saved_objects_400_response' - description: Bad request. - summary: Resolve a saved object - tags: - - saved objects - /api/security_ai_assistant/anonymization_fields/_bulk_action: - post: - description: >- - Apply a bulk action to multiple anonymization fields. The bulk action is - applied to all anonymization fields that match the filter or to the list - of anonymization fields by their IDs. - operationId: PerformAnonymizationFieldsBulkAction - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - create: - items: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldCreateProps - type: array - delete: - type: object - properties: - ids: - description: Array of anonymization fields IDs - items: - type: string - minItems: 1 - type: array - query: - description: Query to filter anonymization fields - type: string - update: - items: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldUpdateProps - type: array - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldsBulkCrudActionResponse - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - description: Generic Error - summary: Apply a bulk action to anonymization fields - tags: - - Security AI Assistant API - - Bulk API - /api/security_ai_assistant/anonymization_fields/_find: - get: - description: Get a list of all anonymization fields. - operationId: FindAnonymizationFields - parameters: - - in: query - name: fields - required: false - schema: - items: - type: string - type: array - - description: Search query - in: query - name: filter - required: false - schema: - type: string - - description: Field to sort by - in: query - name: sort_field - required: false - schema: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_FindAnonymizationFieldsSortField - - description: Sort order - in: query - name: sort_order - required: false - schema: - $ref: '#/components/schemas/Security_AI_Assistant_API_SortOrder' - - description: Page number - in: query - name: page - required: false - schema: - default: 1 - minimum: 1 - type: integer - - description: AnonymizationFields per page - in: query - name: per_page - required: false - schema: - default: 20 - minimum: 0 - type: integer - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - data: - items: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldResponse - type: array - page: - type: integer - perPage: - type: integer - total: - type: integer - required: - - page - - perPage - - total - - data - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - description: Generic Error - summary: Get anonymization fields - tags: - - Security AI Assistant API - - AnonymizationFields API - /api/security_ai_assistant/chat/complete: - post: - description: Create a model response for the given chat conversation. - operationId: ChatComplete - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_AI_Assistant_API_ChatCompleteProps' - required: true - responses: - '200': - content: - application/octet-stream; Elastic-Api-Version=2023-10-31: - schema: - format: binary - type: string - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - description: Generic Error - summary: Create a model response - tags: - - Security AI Assistant API - - Chat Complete API - /api/security_ai_assistant/current_user/conversations: - post: - description: Create a new Security AI Assistant conversation. - operationId: CreateConversation - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_ConversationCreateProps - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_ConversationResponse - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - description: Generic Error - summary: Create a conversation - tags: - - Security AI Assistant API - - Conversation API - /api/security_ai_assistant/current_user/conversations/_find: - get: - description: Get a list of all conversations for the current user. - operationId: FindConversations - parameters: - - in: query - name: fields - required: false - schema: - items: - type: string - type: array - - description: Search query - in: query - name: filter - required: false - schema: - type: string - - description: Field to sort by - in: query - name: sort_field - required: false - schema: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_FindConversationsSortField - - description: Sort order - in: query - name: sort_order - required: false - schema: - $ref: '#/components/schemas/Security_AI_Assistant_API_SortOrder' - - description: Page number - in: query - name: page - required: false - schema: - default: 1 - minimum: 1 - type: integer - - description: Conversations per page - in: query - name: per_page - required: false - schema: - default: 20 - minimum: 0 - type: integer - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - data: - items: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_ConversationResponse - type: array - page: - type: integer - perPage: - type: integer - total: - type: integer - required: - - page - - perPage - - total - - data - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - description: Generic Error - summary: Get conversations - tags: - - Security AI Assistant API - - Conversations API - /api/security_ai_assistant/current_user/conversations/{id}: - delete: - description: Delete an existing conversation using the conversation ID. - operationId: DeleteConversation - parameters: - - description: The conversation's `id` value. - in: path - name: id - required: true - schema: - $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_ConversationResponse - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - description: Generic Error - summary: Delete a conversation - tags: - - Security AI Assistant API - - Conversation API - get: - description: Get the details of an existing conversation using the conversation ID. - operationId: ReadConversation - parameters: - - description: The conversation's `id` value. - in: path - name: id - required: true - schema: - $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_ConversationResponse - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - description: Generic Error - summary: Get a conversation - tags: - - Security AI Assistant API - - Conversations API - put: - description: Update an existing conversation using the conversation ID. - operationId: UpdateConversation - parameters: - - description: The conversation's `id` value. - in: path - name: id - required: true - schema: - $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_ConversationUpdateProps - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_ConversationResponse - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - description: Generic Error - summary: Update a conversation - tags: - - Security AI Assistant API - - Conversation API - /api/security_ai_assistant/prompts/_bulk_action: - post: - description: >- - Apply a bulk action to multiple prompts. The bulk action is applied to - all prompts that match the filter or to the list of prompts by their - IDs. - operationId: PerformPromptsBulkAction - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - create: - items: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_PromptCreateProps - type: array - delete: - type: object - properties: - ids: - description: Array of prompts IDs - items: - type: string - minItems: 1 - type: array - query: - description: Query to filter promps - type: string - update: - items: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_PromptUpdateProps - type: array - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_PromptsBulkCrudActionResponse - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - description: Generic Error - summary: Apply a bulk action to prompts - tags: - - Security AI Assistant API - - Bulk API - /api/security_ai_assistant/prompts/_find: - get: - description: Get a list of all prompts. - operationId: FindPrompts - parameters: - - in: query - name: fields - required: false - schema: - items: - type: string - type: array - - description: Search query - in: query - name: filter - required: false - schema: - type: string - - description: Field to sort by - in: query - name: sort_field - required: false - schema: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_FindPromptsSortField - - description: Sort order - in: query - name: sort_order - required: false - schema: - $ref: '#/components/schemas/Security_AI_Assistant_API_SortOrder' - - description: Page number - in: query - name: page - required: false - schema: - default: 1 - minimum: 1 - type: integer - - description: Prompts per page - in: query - name: per_page - required: false - schema: - default: 20 - minimum: 0 - type: integer - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - data: - items: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_PromptResponse - type: array - page: - type: integer - perPage: - type: integer - total: - type: integer - required: - - page - - perPage - - total - - data - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - description: Generic Error - summary: Get prompts - tags: - - Security AI Assistant API - - Prompts API - /api/security/role: - get: - operationId: '%2Fapi%2Fsecurity%2Frole#0' - parameters: [] - responses: {} - summary: Get all roles - tags: - - roles - /api/security/role/{name}: - delete: - operationId: '%2Fapi%2Fsecurity%2Frole%2F%7Bname%7D#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: name - required: true - schema: - minLength: 1 - type: string - responses: {} - summary: Delete a role - tags: - - roles - get: - operationId: '%2Fapi%2Fsecurity%2Frole%2F%7Bname%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: name - required: true - schema: - minLength: 1 - type: string - responses: {} - summary: Get a role - tags: - - roles - put: - operationId: '%2Fapi%2Fsecurity%2Frole%2F%7Bname%7D#2' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: name - required: true - schema: - maxLength: 1024 - minLength: 1 - type: string - - in: query - name: createOnly - required: false - schema: - default: false - type: boolean - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - description: - maxLength: 2048 - type: string - elasticsearch: - additionalProperties: false - type: object - properties: - cluster: - items: - type: string - type: array - indices: - items: - additionalProperties: false - type: object - properties: - allow_restricted_indices: - type: boolean - field_security: - additionalProperties: - items: - type: string - type: array - type: object - names: - items: - type: string - minItems: 1 - type: array - privileges: - items: - type: string - minItems: 1 - type: array - query: - type: string - required: - - names - - privileges - type: array - remote_cluster: - items: - additionalProperties: false - type: object - properties: - clusters: - items: - type: string - minItems: 1 - type: array - privileges: - items: - type: string - minItems: 1 - type: array - required: - - privileges - - clusters - type: array - remote_indices: - items: - additionalProperties: false - type: object - properties: - allow_restricted_indices: - type: boolean - clusters: - items: - type: string - minItems: 1 - type: array - field_security: - additionalProperties: - items: - type: string - type: array - type: object - names: - items: - type: string - minItems: 1 - type: array - privileges: - items: - type: string - minItems: 1 - type: array - query: - type: string - required: - - clusters - - names - - privileges - type: array - run_as: - items: - type: string - type: array - kibana: - items: - additionalProperties: false - type: object - properties: - base: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - items: - type: string - type: array - - items: - type: string - type: array - feature: - additionalProperties: - items: - type: string - type: array - type: object - spaces: - anyOf: - - items: - enum: - - '*' - type: string - maxItems: 1 - minItems: 1 - type: array - - items: - type: string - type: array - default: - - '*' - required: - - base - type: array - metadata: - additionalProperties: {} - type: object - required: - - elasticsearch - responses: {} - summary: Create or update a role - tags: - - roles - /api/security/roles: - post: - operationId: '%2Fapi%2Fsecurity%2Froles#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - roles: - additionalProperties: - additionalProperties: false - type: object - properties: - description: - maxLength: 2048 - type: string - elasticsearch: - additionalProperties: false - type: object - properties: - cluster: - items: - type: string - type: array - indices: - items: - additionalProperties: false - type: object - properties: - allow_restricted_indices: - type: boolean - field_security: - additionalProperties: - items: - type: string - type: array - type: object - names: - items: - type: string - minItems: 1 - type: array - privileges: - items: - type: string - minItems: 1 - type: array - query: - type: string - required: - - names - - privileges - type: array - remote_cluster: - items: - additionalProperties: false - type: object - properties: - clusters: - items: - type: string - minItems: 1 - type: array - privileges: - items: - type: string - minItems: 1 - type: array - required: - - privileges - - clusters - type: array - remote_indices: - items: - additionalProperties: false - type: object - properties: - allow_restricted_indices: - type: boolean - clusters: - items: - type: string - minItems: 1 - type: array - field_security: - additionalProperties: - items: - type: string - type: array - type: object - names: - items: - type: string - minItems: 1 - type: array - privileges: - items: - type: string - minItems: 1 - type: array - query: - type: string - required: - - clusters - - names - - privileges - type: array - run_as: - items: - type: string - type: array - kibana: - items: - additionalProperties: false - type: object - properties: - base: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - items: - type: string - type: array - - items: - type: string - type: array - feature: - additionalProperties: - items: - type: string - type: array - type: object - spaces: - anyOf: - - items: - enum: - - '*' - type: string - maxItems: 1 - minItems: 1 - type: array - - items: - type: string - type: array - default: - - '*' - required: - - base - type: array - metadata: - additionalProperties: {} - type: object - required: - - elasticsearch - type: object - required: - - roles - responses: {} - summary: Create or update roles - tags: - - roles - /api/spaces/_copy_saved_objects: - post: - description: Copy saved objects to spaces - operationId: '%2Fapi%2Fspaces%2F_copy_saved_objects#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - compatibilityMode: - default: false - type: boolean - createNewCopies: - default: true - type: boolean - includeReferences: - default: false - type: boolean - objects: - items: - additionalProperties: false - type: object - properties: - id: - type: string - type: - type: string - required: - - type - - id - type: array - overwrite: - default: false - type: boolean - spaces: - items: - type: string - type: array - required: - - spaces - - objects - responses: {} - summary: '' - tags: [] - /api/spaces/_disable_legacy_url_aliases: - post: - description: Disable legacy URL aliases - operationId: '%2Fapi%2Fspaces%2F_disable_legacy_url_aliases#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - aliases: - items: - additionalProperties: false - type: object - properties: - sourceId: - type: string - targetSpace: - type: string - targetType: - type: string - required: - - targetSpace - - targetType - - sourceId - type: array - required: - - aliases - responses: {} - summary: '' - tags: [] - /api/spaces/_get_shareable_references: - post: - description: Get shareable references - operationId: '%2Fapi%2Fspaces%2F_get_shareable_references#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - objects: - items: - additionalProperties: false - type: object - properties: - id: - type: string - type: - type: string - required: - - type - - id - type: array - required: - - objects - responses: {} - summary: '' - tags: [] - /api/spaces/_resolve_copy_saved_objects_errors: - post: - description: Resolve conflicts copying saved objects - operationId: '%2Fapi%2Fspaces%2F_resolve_copy_saved_objects_errors#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - compatibilityMode: - default: false - type: boolean - createNewCopies: - default: true - type: boolean - includeReferences: - default: false - type: boolean - objects: - items: - additionalProperties: false - type: object - properties: - id: - type: string - type: - type: string - required: - - type - - id - type: array - retries: - additionalProperties: - items: - additionalProperties: false - type: object - properties: - createNewCopy: - type: boolean - destinationId: - type: string - id: - type: string - ignoreMissingReferences: - type: boolean - overwrite: - default: false - type: boolean - type: - type: string - required: - - type - - id - type: array - type: object - required: - - retries - - objects - responses: {} - summary: '' - tags: [] - /api/spaces/_update_objects_spaces: - post: - description: Update saved objects in spaces - operationId: '%2Fapi%2Fspaces%2F_update_objects_spaces#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - objects: - items: - additionalProperties: false - type: object - properties: - id: - type: string - type: - type: string - required: - - type - - id - type: array - spacesToAdd: - items: - type: string - type: array - spacesToRemove: - items: - type: string - type: array - required: - - objects - - spacesToAdd - - spacesToRemove - responses: {} - summary: '' - tags: [] - /api/spaces/space: - get: - description: Get all spaces - operationId: '%2Fapi%2Fspaces%2Fspace#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: query - name: purpose - required: false - schema: - enum: - - any - - copySavedObjectsIntoSpace - - shareSavedObjectsIntoSpace - type: string - - in: query - name: include_authorized_purposes - required: true - schema: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - enum: - - false - type: boolean - x-oas-optional: true - - type: boolean - x-oas-optional: true - responses: {} - summary: '' - tags: - - spaces - post: - description: Create a space - operationId: '%2Fapi%2Fspaces%2Fspace#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - _reserved: - type: boolean - color: - type: string - description: - type: string - disabledFeatures: - default: [] - items: - type: string - type: array - id: - type: string - imageUrl: - type: string - initials: - maxLength: 2 - type: string - name: - minLength: 1 - type: string - solution: - enum: - - security - - oblt - - es - - classic - type: string - required: - - id - - name - responses: {} - summary: '' - tags: - - spaces - /api/spaces/space/{id}: - delete: - description: Delete a space - operationId: '%2Fapi%2Fspaces%2Fspace%2F%7Bid%7D#2' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: id - required: true - schema: - type: string - responses: {} - summary: '' - tags: - - spaces - get: - description: Get a space - operationId: '%2Fapi%2Fspaces%2Fspace%2F%7Bid%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: id - required: true - schema: - type: string - responses: {} - summary: '' - tags: - - spaces - put: - description: Update a space - operationId: '%2Fapi%2Fspaces%2Fspace%2F%7Bid%7D#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: id - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - _reserved: - type: boolean - color: - type: string - description: - type: string - disabledFeatures: - default: [] - items: - type: string - type: array - id: - type: string - imageUrl: - type: string - initials: - maxLength: 2 - type: string - name: - minLength: 1 - type: string - solution: - enum: - - security - - oblt - - es - - classic - type: string - required: - - id - - name - responses: {} - summary: '' - tags: - - spaces - /api/status: - get: - operationId: '%2Fapi%2Fstatus#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: Set to "true" to get the response in v7 format. - in: query - name: v7format - required: false - schema: - type: boolean - - description: Set to "true" to get the response in v8 format. - in: query - name: v8format - required: false - schema: - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - anyOf: - - $ref: '#/components/schemas/Kibana_HTTP_APIs_core_status_response' - - $ref: >- - #/components/schemas/Kibana_HTTP_APIs_core_status_redactedResponse - description: >- - Kibana's operational status. A minimal response is sent for - unauthorized users. - description: Overall status is OK and Kibana should be functioning normally. - '503': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - anyOf: - - $ref: '#/components/schemas/Kibana_HTTP_APIs_core_status_response' - - $ref: >- - #/components/schemas/Kibana_HTTP_APIs_core_status_redactedResponse - description: >- - Kibana's operational status. A minimal response is sent for - unauthorized users. - description: >- - Kibana or some of it's essential services are unavailable. Kibana - may be degraded or unavailable. - summary: Get Kibana's current status - tags: - - system - /api/timeline: - delete: - description: Delete one or more Timelines or Timeline templates. - operationId: DeleteTimelines - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - savedObjectIds: - items: - type: string - type: array - searchIds: - description: >- - Saved search ids that should be deleted alongside the - timelines - items: - type: string - type: array - required: - - savedObjectIds - description: The IDs of the Timelines or Timeline templates to delete. - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - data: - type: object - properties: - deleteTimeline: - type: boolean - required: - - deleteTimeline - required: - - data - description: Indicates the Timeline was successfully deleted. - summary: Delete Timelines or Timeline templates - tags: - - Security Timeline API - - access:securitySolution - get: - description: Get the details of an existing saved Timeline or Timeline template. - operationId: GetTimeline - parameters: - - description: The ID of the template timeline to retrieve - in: query - name: template_timeline_id - schema: - type: string - - description: The ID of the Timeline to retrieve. - in: query - name: id - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - type: object - properties: - data: - type: object - properties: - getOneTimeline: - $ref: >- - #/components/schemas/Security_Timeline_API_TimelineResponse - required: - - getOneTimeline - required: - - data - - additionalProperties: false - type: object - description: Indicates that the (template) Timeline was found and returned. - summary: Get Timeline or Timeline template details - tags: - - Security Timeline API - - access:securitySolution - patch: - description: >- - Update an existing Timeline. You can update the title, description, date - range, pinned events, pinned queries, and/or pinned saved queries of an - existing Timeline. - operationId: PatchTimeline - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - timeline: - $ref: '#/components/schemas/Security_Timeline_API_SavedTimeline' - timelineId: - nullable: true - type: string - version: - nullable: true - type: string - required: - - timelineId - - version - - timeline - description: The Timeline updates, along with the Timeline ID and version. - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Timeline_API_PersistTimelineResponse - description: >- - Indicates that the draft Timeline was successfully created. In the - event the user already has a draft Timeline, the existing draft - Timeline is cleared and returned. - '405': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - body: - type: string - statusCode: - type: number - description: >- - Indicates that the user does not have the required access to create - a draft Timeline. - summary: Update a Timeline - tags: - - Security Timeline API - - access:securitySolution - post: - description: Create a new Timeline or Timeline template. - operationId: CreateTimelines - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - status: - $ref: '#/components/schemas/Security_Timeline_API_TimelineStatus' - nullable: true - templateTimelineId: - nullable: true - type: string - templateTimelineVersion: - nullable: true - type: number - timeline: - $ref: '#/components/schemas/Security_Timeline_API_SavedTimeline' - timelineId: - nullable: true - type: string - timelineType: - $ref: '#/components/schemas/Security_Timeline_API_TimelineType' - nullable: true - version: - nullable: true - type: string - required: - - timeline - description: >- - The required Timeline fields used to create a new Timeline, along with - optional fields that will be created if not provided. - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Timeline_API_PersistTimelineResponse - description: Indicates the Timeline was successfully created. - '405': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - body: - type: string - statusCode: - type: number - description: Indicates that there was an error in the Timeline creation. - summary: Create a Timeline or Timeline template - tags: - - Security Timeline API - - access:securitySolution - /api/timeline/_copy: - get: - description: | - Copies and returns a timeline or timeline template. - operationId: CopyTimeline - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - timeline: - $ref: '#/components/schemas/Security_Timeline_API_SavedTimeline' - timelineIdToCopy: - type: string - required: - - timeline - - timelineIdToCopy - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Timeline_API_PersistTimelineResponse - description: Indicates that the timeline has been successfully copied. - summary: Copies timeline or timeline template - tags: - - Security Timeline API - - access:securitySolution - /api/timeline/_draft: - get: - description: >- - Get the details of the draft Timeline or Timeline template for the - current user. If the user doesn't have a draft Timeline, an empty - Timeline is returned. - operationId: GetDraftTimelines - parameters: - - in: query - name: timelineType - required: true - schema: - $ref: '#/components/schemas/Security_Timeline_API_TimelineType' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Timeline_API_PersistTimelineResponse - description: Indicates that the draft Timeline was successfully retrieved. - '403': - content: - application:json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - message: - type: string - status_code: - type: number - description: >- - If a draft Timeline was not found and we attempted to create one, it - indicates that the user does not have the required permissions to - create a draft Timeline. - '409': - content: - application:json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - message: - type: string - status_code: - type: number - description: >- - This should never happen, but if a draft Timeline was not found and - we attempted to create one, it indicates that there is already a - draft Timeline with the given `timelineId`. - summary: Get draft Timeline or Timeline template details - tags: - - Security Timeline API - - access:securitySolution - post: - description: > - Create a clean draft Timeline or Timeline template for the current user. - - > info - - > If the user already has a draft Timeline, the existing draft Timeline - is cleared and returned. - operationId: CleanDraftTimelines - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - timelineType: - $ref: '#/components/schemas/Security_Timeline_API_TimelineType' - required: - - timelineType - description: >- - The type of Timeline to create. Valid values are `default` and - `template`. - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Timeline_API_PersistTimelineResponse - description: >- - Indicates that the draft Timeline was successfully created. In the - event the user already has a draft Timeline, the existing draft - Timeline is cleared and returned. - '403': - content: - application:json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - message: - type: string - status_code: - type: number - description: >- - Indicates that the user does not have the required permissions to - create a draft Timeline. - '409': - content: - application:json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - message: - type: string - status_code: - type: number - description: >- - Indicates that there is already a draft Timeline with the given - `timelineId`. - summary: Create a clean draft Timeline or Timeline template - tags: - - Security Timeline API - - access:securitySolution - /api/timeline/_export: - post: - description: Export Timelines as an NDJSON file. - operationId: ExportTimelines - parameters: - - description: The name of the file to export - in: query - name: file_name - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - ids: - items: - type: string - nullable: true - type: array - description: The IDs of the Timelines to export. - required: true - responses: - '200': - content: - application/ndjson; Elastic-Api-Version=2023-10-31: - schema: - description: NDJSON of the exported Timelines - type: string - description: Indicates the Timelines were successfully exported. - '400': - content: - application/ndjson; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - body: - type: string - statusCode: - type: number - description: Indicates that the export size limit was exceeded. - summary: Export Timelines - tags: - - Security Timeline API - - access:securitySolution - /api/timeline/_favorite: - patch: - description: Favorite a Timeline or Timeline template for the current user. - operationId: PersistFavoriteRoute - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - templateTimelineId: - nullable: true - type: string - templateTimelineVersion: - nullable: true - type: number - timelineId: - nullable: true - type: string - timelineType: - $ref: '#/components/schemas/Security_Timeline_API_TimelineType' - nullable: true - required: - - timelineId - - templateTimelineId - - templateTimelineVersion - - timelineType - description: The required fields used to favorite a (template) Timeline. - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - data: - type: object - properties: - persistFavorite: - $ref: >- - #/components/schemas/Security_Timeline_API_FavoriteTimelineResponse - required: - - persistFavorite - required: - - data - description: Indicates the favorite status was successfully updated. - '403': - content: - application:json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - body: - type: string - statusCode: - type: number - description: >- - Indicates the user does not have the required permissions to persist - the favorite status. - summary: Favorite a Timeline or Timeline template - tags: - - Security Timeline API - - access:securitySolution - /api/timeline/_import: - post: - description: Import Timelines. - operationId: ImportTimelines - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - file: {} - isImmutable: - enum: - - 'true' - - 'false' - type: string - required: - - file - description: The Timelines to import as a readable stream. - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Timeline_API_ImportTimelineResult - description: Indicates the import of Timelines was successful. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - body: - type: string - id: - type: string - statusCode: - type: number - description: >- - Indicates the import of Timelines was unsuccessful because of an - invalid file extension. - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - id: - type: string - statusCode: - type: number - description: >- - Indicates that we were unable to locate the saved object client - necessary to handle the import. - '409': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - body: - type: string - id: - type: string - statusCode: - type: number - description: Indicates the import of Timelines was unsuccessful. - summary: Import Timelines - tags: - - Security Timeline API - - access:securitySolution - /api/timeline/_prepackaged: - post: - description: Install or update prepackaged Timelines. - operationId: InstallPrepackedTimelines - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - prepackagedTimelines: - items: - $ref: >- - #/components/schemas/Security_Timeline_API_TimelineSavedToReturnObject - nullable: true - type: array - timelinesToInstall: - items: - $ref: '#/components/schemas/Security_Timeline_API_ImportTimelines' - nullable: true - type: array - timelinesToUpdate: - items: - $ref: '#/components/schemas/Security_Timeline_API_ImportTimelines' - nullable: true - type: array - required: - - timelinesToInstall - - timelinesToUpdate - - prepackagedTimelines - description: The Timelines to install or update. - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Timeline_API_ImportTimelineResult - description: Indicates the installation of prepackaged Timelines was successful. - '500': - content: - application:json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - body: - type: string - statusCode: - type: number - description: >- - Indicates the installation of prepackaged Timelines was - unsuccessful. - summary: Install prepackaged Timelines - tags: - - Security Timeline API - - access:securitySolution - /api/timeline/resolve: - get: - operationId: ResolveTimeline - parameters: - - description: The ID of the template timeline to resolve - in: query - name: template_timeline_id - schema: - type: string - - description: The ID of the timeline to resolve - in: query - name: id - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - type: object - properties: - data: - $ref: >- - #/components/schemas/Security_Timeline_API_ResolvedTimeline - required: - - data - - additionalProperties: false - type: object - description: The (template) Timeline has been found - '400': - description: The request is missing parameters - '404': - description: The (template) Timeline was not found - summary: Get an existing saved Timeline or Timeline template - tags: - - Security Timeline API - - access:securitySolution - /api/timelines: - get: - description: Get a list of all saved Timelines or Timeline templates. - operationId: GetTimelines - parameters: - - description: >- - If true, only timelines that are marked as favorites by the user are - returned. - in: query - name: only_user_favorite - schema: - enum: - - 'true' - - 'false' - nullable: true - type: string - - in: query - name: timeline_type - schema: - $ref: '#/components/schemas/Security_Timeline_API_TimelineType' - nullable: true - - in: query - name: sort_field - schema: - $ref: '#/components/schemas/Security_Timeline_API_SortFieldTimeline' - - in: query - name: sort_order - schema: - enum: - - asc - - desc - type: string - - in: query - name: page_size - schema: - nullable: true - type: string - - in: query - name: page_index - schema: - nullable: true - type: string - - in: query - name: search - schema: - nullable: true - type: string - - in: query - name: status - schema: - $ref: '#/components/schemas/Security_Timeline_API_TimelineStatus' - nullable: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - customTemplateTimelineCount: - type: number - defaultTimelineCount: - type: number - elasticTemplateTimelineCount: - type: number - favoriteCount: - type: number - templateTimelineCount: - type: number - timeline: - items: - $ref: >- - #/components/schemas/Security_Timeline_API_TimelineResponse - type: array - totalCount: - type: number - required: - - timeline - - totalCount - description: Indicates that the (template) Timelines were found and returned. - '400': - content: - application:json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - body: - type: string - statusCode: - type: number - description: Bad request. The user supplied invalid data. - summary: Get Timelines or Timeline templates - tags: - - Security Timeline API - - access:securitySolution - /s/{spaceId}/api/observability/slos: - get: - description: > - You must have the `read` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: findSlosOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - description: A valid kql query to filter the SLO with - example: 'slo.name:latency* and slo.tags : "prod"' - in: query - name: kqlQuery - schema: - type: string - - description: The page to use for pagination, must be greater or equal than 1 - example: 1 - in: query - name: page - schema: - default: 1 - type: integer - - description: Number of SLOs returned by page - example: 25 - in: query - name: perPage - schema: - default: 25 - maximum: 5000 - type: integer - - description: Sort by field - example: status - in: query - name: sortBy - schema: - default: status - enum: - - sli_value - - status - - error_budget_consumed - - error_budget_remaining - type: string - - description: Sort order - example: asc - in: query - name: sortDirection - schema: - default: asc - enum: - - asc - - desc - type: string - - description: >- - Hide stale SLOs from the list as defined by stale SLO threshold in - SLO settings - in: query - name: hideStale - schema: - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_find_slo_response' - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_404_response' - description: Not found response - summary: Get a paginated list of SLOs - tags: - - slo - post: - description: > - You must have `all` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: createSloOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_create_slo_request' - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_create_slo_response' - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '409': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_409_response' - description: Conflict - The SLO id already exists - summary: Create an SLO - tags: - - slo - /s/{spaceId}/api/observability/slos/_delete_instances: - post: - description: > - The deletion occurs for the specified list of `sloId` and `instanceId`. - You must have `all` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: deleteSloInstancesOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_delete_slo_instances_request' - required: true - responses: - '204': - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - summary: Batch delete rollup and summary data - tags: - - slo - /s/{spaceId}/api/observability/slos/{sloId}: - delete: - description: > - You must have the `write` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: deleteSloOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - $ref: '#/components/parameters/SLOs_slo_id' - responses: - '204': - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_404_response' - description: Not found response - summary: Delete an SLO - tags: - - slo - get: - description: > - You must have the `read` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: getSloOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - $ref: '#/components/parameters/SLOs_slo_id' - - description: the specific instanceId used by the summary calculation - example: host-abcde - in: query - name: instanceId - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_slo_with_summary_response' - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_404_response' - description: Not found response - summary: Get an SLO - tags: - - slo - put: - description: > - You must have the `write` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: updateSloOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - $ref: '#/components/parameters/SLOs_slo_id' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_update_slo_request' - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_slo_definition_response' - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_404_response' - description: Not found response - summary: Update an SLO - tags: - - slo - /s/{spaceId}/api/observability/slos/{sloId}/_reset: - post: - description: > - You must have the `write` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: resetSloOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - $ref: '#/components/parameters/SLOs_slo_id' - responses: - '204': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_slo_definition_response' - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_404_response' - description: Not found response - summary: Reset an SLO - tags: - - slo - /s/{spaceId}/api/observability/slos/{sloId}/disable: - post: - description: > - You must have the `write` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: disableSloOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - $ref: '#/components/parameters/SLOs_slo_id' - responses: - '200': - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_404_response' - description: Not found response - summary: Disable an SLO - tags: - - slo - /s/{spaceId}/api/observability/slos/{sloId}/enable: - post: - description: > - You must have the `write` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: enableSloOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - $ref: '#/components/parameters/SLOs_slo_id' - responses: - '204': - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_404_response' - description: Not found response - summary: Enable an SLO - tags: - - slo -components: - examples: - Alerting_get_health_response: - summary: Retrieve information about the health of the alerting framework. - value: - alerting_framework_health: - decryption_health: - status: ok - timestamp: '2023-01-13T01:28:00.280Z' - execution_health: - status: ok - timestamp: '2023-01-13T01:28:00.280Z' - read_health: - status: ok - timestamp: '2023-01-13T01:28:00.280Z' - has_permanent_encryption_key: true - is_sufficiently_secure: true - Alerting_get_rule_types_response: - summary: Retrieve rule types associated with Kibana machine learning features - value: - - action_groups: - - id: anomaly_score_match - name: Anomaly score matched the condition - - id: recovered - name: Recovered - action_variables: - context: - - description: The bucket timestamp of the anomaly - name: timestamp - - description: The bucket time of the anomaly in ISO8601 format - name: timestampIso8601 - - description: List of job IDs that triggered the alert - name: jobIds - - description: Alert info message - name: message - - description: Indicate if top hits contain interim results - name: isInterim - - description: Anomaly score at the time of the notification action - name: score - - description: Top records - name: topRecords - - description: Top influencers - name: topInfluencers - - description: URL to open in the Anomaly Explorer - name: anomalyExplorerUrl - useWithTripleBracesInTemplates: true - params: [] - state: [] - alerts: - context: ml.anomaly-detection - mappings: - fieldMap: - kibana.alert.anomaly_score: - array: false - type: double - required: false - kibana.alert.anomaly_timestamp: - array: false - type: date - required: false - kibana.alert.is_interim: - array: false - type: boolean - required: false - kibana.alert.job_id: - array: false - type: keyword - required: true - kibana.alert.top_influencers: - array: true - dynamic: false - type: object - properties: - influencer_field_name: - type: keyword - influencer_field_value: - type: keyword - influencer_score: - type: double - initial_influencer_score: - type: double - is_interim: - type: boolean - job_id: - type: keyword - timestamp: - type: date - required: false - kibana.alert.top_records: - array: true - dynamic: false - type: object - properties: - actual: - type: double - by_field_name: - type: keyword - by_field_value: - type: keyword - detector_index: - type: integer - field_name: - type: keyword - function: - type: keyword - initial_record_score: - type: double - is_interim: - type: boolean - job_id: - type: keyword - over_field_name: - type: keyword - over_field_value: - type: keyword - partition_field_name: - type: keyword - partition_field_value: - type: keyword - record_score: - type: double - timestamp: - type: date - typical: - type: double - required: false - shouldWrite: true - authorized_consumers: - alerts: - all: true - read: true - apm: - all: true - read: true - discover: - all: true - read: true - infrastructure: - all: true - read: true - logs: - all: true - read: true - ml: - all: true - read: true - monitoring: - all: true - read: true - siem: - all: true - read: true - slo: - all: true - read: true - stackAlerts: - all: true - read: true - uptime: - all: true - read: true - category: management - default_action_group_id: anomaly_score_match - does_set_recovery_context: true - enabled_in_license: true - has_alerts_mappings: true - has_fields_for_a_a_d: false - id: xpack.ml.anomaly_detection_alert - is_exportable: true - minimum_license_required: platinum - name: Anomaly detection alert - producer: ml - recovery_action_group: - id: recovered - name: Recovered - rule_task_timeout: 5m - - action_groups: - - id: anomaly_detection_realtime_issue - name: Issue detected - - id: recovered - name: Recovered - action_variables: - context: - - description: Results of the rule execution - name: results - - description: Alert info message - name: message - params: [] - state: [] - authorized_consumers: - alerts: - all: true - read: true - apm: - all: true - read: true - discover: - all: true - read: true - infrastructure: - all: true - read: true - logs: - all: true - read: true - ml: - all: true - read: true - monitoring: - all: true - read: true - siem: - all: true - read: true - slo: - all: true - read: true - stackAlerts: - all: true - read: true - uptime: - all: true - read: true - category: management - default_action_group_id: anomaly_detection_realtime_issue - does_set_recovery_context: true - enabled_in_license: true - has_alerts_mappings: false - has_fields_for_a_a_d: false - id: xpack.ml.anomaly_detection_jobs_health - is_exportable: true - minimum_license_required: platinum - name: Anomaly detection jobs health - producer: ml - recovery_action_group: - id: recovered - name: Recovered - rule_task_timeout: 5m - Cases_add_comment_request: - summary: Adds a comment to a case. - value: - comment: A new comment. - owner: cases - type: user - Cases_add_comment_response: - summary: >- - The add comment to case API returns a JSON object that contains details - about the case and its comments. - value: - assignees: [] - category: null - closed_at: null - closed_by: null - comments: - - comment: A new comment. - created_at: '2022-10-02T00:49:47.716Z' - created_by: - email: null - full_name: null - username: elastic - id: 8af6ac20-74f6-11ea-b83a-553aecdb28b6 - owner: cases - type: user - version: WzIwNDMxLDFd - connector: - fields: null - id: none - name: none - type: .none - created_at: '2022-03-24T00:37:03.906Z' - created_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - customFields: - - key: d312efda-ec2b-42ec-9e2c-84981795c581 - type: text - value: Field value - - key: fcc6840d-eb14-42df-8aaf-232201a705ec - type: toggle - value: true - description: A case description. - duration: null - external_service: null - id: 293f1bc0-74f6-11ea-b83a-553aecdb28b6 - owner: cases - settings: - syncAlerts: false - severity: low - status: open - tags: - - tag 1 - title: Case title 1 - totalAlerts: 0 - totalComment: 1 - updated_at: '2022-06-03T00:49:47.716Z' - updated_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - version: WzIzMzgsMV0= - Cases_create_case_request: - summary: Create a security case that uses a Jira connector. - value: - connector: - fields: - issueType: '10006' - parent: null - priority: High - id: 131d4448-abe0-4789-939d-8ef60680b498 - name: My connector - type: .jira - customFields: - - key: d312efda-ec2b-42ec-9e2c-84981795c581 - type: text - value: My field value - description: A case description. - owner: cases - settings: - syncAlerts: true - tags: - - tag-1 - title: Case title 1 - Cases_create_case_response: - summary: >- - The create case API returns a JSON object that contains details about - the case. - value: - assignees: [] - closed_at: null - closed_by: null - comments: [] - connector: - fields: - issueType: '10006' - parent: null - priority: High - id: 131d4448-abe0-4789-939d-8ef60680b498 - name: My connector - type: .jira - created_at: '2022-10-13T15:33:50.604Z' - created_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - customFields: - - key: d312efda-ec2b-42ec-9e2c-84981795c581 - type: text - value: My field value - - key: fcc6840d-eb14-42df-8aaf-232201a705ec - type: toggle - value: null - description: A case description. - duration: null - external_service: null - id: 66b9aa00-94fa-11ea-9f74-e7e108796192 - owner: cases - settings: - syncAlerts: true - severity: low - status: open - tags: - - tag 1 - title: Case title 1 - totalAlerts: 0 - totalComment: 0 - updated_at: null - updated_by: null - version: WzUzMiwxXQ== - Cases_find_case_activity_response: - summary: Retrieves all activity for a case - value: - page: 1 - perPage: 20 - total: 3 - userActions: - - action: create - comment_id: null - created_at: '2023-10-20T01:17:22.150Z' - created_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - id: b4cd0770-07c9-11ed-a5fd-47154cb8767e - owner: cases - payload: - assignees: [] - category: null - connector: - fields: null - id: none - name: none - type: .none - customFields: - - key: d312efda-ec2b-42ec-9e2c-84981795c581 - type: text - value: My field value - - key: fcc6840d-eb14-42df-8aaf-232201a705ec - type: toggle - value: null - description: A case description. - owner: cases - settings: - syncAlerts: false - severity: low - status: open - tags: - - tag 1 - title: Case title 1 - type: create_case - version: WzM1ODg4LDFd - - action: create - comment_id: 578608d0-03b1-11ed-920c-974bfa104448 - created_at: '2023-10-14T20:12:53.354Z' - created_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - id: 57af14a0-03b1-11ed-920c-974bfa104448 - owner: cases - payload: - comment: A new comment - owner: cases - type: user - type: comment - version: WzM1ODg4LDFa - - action: add - comment_id: null - created_at: '2023-10-20T01:10:28.238Z' - created_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - id: 573c6980-6123-11ed-aa41-81a0a61fe447 - owner: cases - payload: - assignees: - uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - type: assignees - version: WzM1ODg4LDFb - Cases_find_case_response: - summary: >- - Retrieve the first five cases with the `tag-1` tag, in ascending order - by last update time. - value: - cases: - - assignees: [] - category: null - closed_at: null - closed_by: null - comments: [] - connector: - fields: null - id: none - name: none - type: .none - created_at: '2023-10-12T00:16:36.371Z' - created_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - customFields: - - key: d312efda-ec2b-42ec-9e2c-84981795c581 - type: text - value: My field value - - key: fcc6840d-eb14-42df-8aaf-232201a705ec - type: toggle - value: null - description: Case description - duration: null - external_service: null - id: abed3a70-71bd-11ea-a0b2-c51ea50a58e2 - owner: cases - settings: - syncAlerts: true - severity: low - status: open - tags: - - tag-1 - title: Case title - totalAlerts: 0 - totalComment: 1 - updated_at: '2023-10-12T00:27:58.162Z' - updated_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - version: WzExMCwxXQ== - count_closed_cases: 0 - count_in_progress_cases: 0 - count_open_cases: 1 - page: 1 - per_page: 5 - total: 1 - Cases_find_connector_response: - summary: Retrieve information about the connectors and their settings. - value: - - actionTypeId: .jira - config: - apiUrl: https://elastic.atlassian.net/ - projectKey: ES - id: 61787f53-4eee-4741-8df6-8fe84fa616f7 - isDeprecated: false - isMissingSecrets: false - isPreconfigured: false - name: my-Jira - referencedByCount: 0 - Cases_get_case_alerts_response: - summary: Retrieves all alerts attached to a case - value: - - attached_at: '2022-07-25T20:09:40.963Z' - id: f6a7d0c3-d52d-432c-b2e6-447cd7fce04d - index: .alerts-observability.logs.alerts-default - Cases_get_case_configuration_response: - summary: Get the case configuration. - value: - - closure_type: close-by-user - connector: - fields: null - id: none - name: none - type: .none - created_at: '2024-07-01T17:07:17.767Z' - created_by: - email: null - full_name: null - username: elastic - customFields: - - defaultValue: Custom text field value. - key: d312efda-ec2b-42ec-9e2c-84981795c581 - label: my-text-field - type: text - required: false - error: null - id: 856ee650-6c82-11ee-a20a-6164169afa58 - mappings: [] - owner: cases - templates: - - caseFields: - assignees: - - uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - category: Default-category - connector: - fields: null - id: none - name: none - type: .none - customFields: - - key: d312efda-ec2b-42ec-9e2c-84981795c581 - type: text - value: Default text field value. - description: A default description for cases. - settings: - syncAlerts: false - tags: - - Default case tag - title: Default case title - description: A description of the template. - key: 505932fe-ee3a-4960-a661-c781b5acdb05 - name: template-1 - tags: - - Template tag 1 - updated_at: null - updated_by: null - version: WzEyLDNd - Cases_get_case_observability_response: - summary: >- - Retrieves information about an Observability case including its alerts - and comments. - value: - assignees: - - uid: u_0wpfV1MqYDaXzLtRVY-gLMrddKDEmfz51Fszhj7hWC8_0 - category: null - closed_at: null - closed_by: null - comments: - - alertId: - - a6e12ac4-7bce-457b-84f6-d7ce8deb8446 - created_at: '2023-11-06T19:29:38.424Z' - created_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - id: 59d438d0-79a9-4864-8d4b-e63adacebf6e - index: - - .internal.alerts-observability.logs.alerts-default-000001 - owner: observability - pushed_at: null - pushed_by: null - rule: - id: 03e4eb87-62ca-4e5d-9570-3d7625e9669d - name: Observability rule - type: alert - updated_at: null - updated_by: null - version: WzY3LDJd - - comment: The first comment. - created_at: '2023-11-06T19:29:57.812Z' - created_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - id: d99342d3-3aa3-4b80-90ec-a702607604f5 - owner: observability - pushed_at: null - pushed_by: null - type: user - updated_at: null - updated_by: null - version: WzcyLDJd - connector: - fields: null - id: none - name: none - type: .none - created_at: '2023-11-06T19:29:04.086Z' - created_by: - email: null - full_name: null - username: elastic - customFields: [] - description: An Observability case description. - duration: null - external_service: null - id: c3ff7550-def1-4e90-b6bc-c9969a4a09b1 - owner: observability - settings: - syncAlerts: false - severity: low - status: in-progress - tags: - - observability - - tag 1 - title: Observability case title 1 - totalAlerts: 1 - totalComment: 1 - updated_at: '2023-11-06T19:47:55.662Z' - updated_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - version: WzI0NywyXQ== - Cases_get_case_response: - summary: Retrieves information about a case including its comments. - value: - assignees: - - uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - category: null - closed_at: null - closed_by: null - comments: - - comment: A new comment - created_at: '2023-10-13T15:40:32.335Z' - created_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - id: 2134c1d0-02c2-11ed-85f2-4f7c222ca2fa - owner: cases - pushed_at: null - pushed_by: null - type: user - updated_at: null - updated_by: null - version: WzM3LDFd - connector: - fields: null - id: none - name: none - type: .none - created_at: '2023-10-13T15:33:50.604Z' - created_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - customFields: - - key: d312efda-ec2b-42ec-9e2c-84981795c581 - type: text - value: My field value - - key: fcc6840d-eb14-42df-8aaf-232201a705ec - type: toggle - value: null - description: A case description - duration: null - external_service: null - id: 31cdada0-02c1-11ed-85f2-4f7c222ca2fa - owner: cases - settings: - syncAlerts: true - severity: low - status: open - tags: - - tag 1 - title: Case title 1 - totalAlerts: 0 - totalComment: 1 - updated_at: '2023-10-13T15:40:32.335Z' - updated_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - version: WzM2LDFd - Cases_get_comment_response: - summary: A single user comment retrieved from a case - value: - comment: A new comment - created_at: '2023-10-07T19:32:13.104Z' - created_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - id: 8048b460-fe2b-11ec-b15d-779a7c8bbcc3 - owner: cases - pushed_at: null - pushed_by: null - type: user - updated_at: null - updated_by: null - version: WzIzLDFd - Cases_get_reporters_response: - summary: A list of two users that opened cases - value: - - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - - email: jdoe@example.com - full_name: Jane Doe - profile_uid: u_0wpfV1MqYDaXzLtRVY-gLMrddKDEmfz51Fszhj7hWC8_0 - username: jdoe - Cases_get_tags_response: - summary: A list of tags that are used in cases - value: - - observability - - security - - tag 1 - - tag 2 - Cases_push_case_response: - summary: >- - The push case API returns a JSON object with details about the case and - the external service. - value: - closed_at: null - closed_by: null - comments: [] - connector: - fields: - issueType: '10006' - parent: null - priority: Low - id: 09f8c0b0-0eda-11ed-bd18-65557fe66949 - name: My connector - type: .jira - created_at: '2022-07-29T00:59:39.444Z' - created_by: - email: null - full_name: null - username: elastic - description: A case description. - duration: null - external_service: - connector_id: 09f8c0b0-0eda-11ed-bd18-65557fe66949 - connector_name: My connector - external_id: '71926' - external_title: ES-554 - external_url: https://cases.jira.com - pushed_at: '2022-07-29T01:20:58.436Z' - pushed_by: - email: null - full_name: null - username: elastic - id: b917f300-0ed9-11ed-bd18-65557fe66949 - owner: cases - settings: - syncAlerts: true - severity: low - status: open - tags: - - tag 1 - title: Case title 1 - totalAlerts: 0 - totalComment: 0 - updated_at: '2022-07-29T01:20:58.436Z' - updated_by: - email: null - full_name: null - username: elastic - version: WzE3NjgsM10= - Cases_set_case_configuration_request: - summary: >- - Set the closure type, custom fields, and default connector for Stack - Management cases. - value: - closure_type: close-by-user - connector: - fields: null - id: 5e656730-e1ca-11ec-be9b-9b1838238ee6 - name: my-jira-connector - type: .jira - customFields: - - defaultValue: My custom field default value. - key: d312efda-ec2b-42ec-9e2c-84981795c581 - label: my-text-field - type: text - required: false - owner: cases - templates: - - caseFields: - assignees: - - uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - category: Default-category - customFields: - - key: d312efda-ec2b-42ec-9e2c-84981795c581 - type: text - value: A text field value for the template. - description: A default description for cases. - tags: - - Default case tag - title: Default case title - description: A description of the template. - key: 505932fe-ee3a-4960-a661-c781b5acdb05 - name: template-1 - tags: - - Template tag 1 - Cases_set_case_configuration_response: - summary: This is an example response for case settings. - value: - closure_type: close-by-user - connector: - fields: null - id: 5e656730-e1ca-11ec-be9b-9b1838238ee6 - name: my-jira-connector - type: .jira - created_at: '2024-07-01T17:07:17.767Z' - created_by: - email: null, - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - customFields: - - defaultValue: My custom field default value. - key: d312efda-ec2b-42ec-9e2c-84981795c581 - label: my-text-field - type: text - required: false - error: null - id: 4a97a440-e1cd-11ec-be9b-9b1838238ee6 - mappings: - - action_type: overwrite - source: title - target: summary - - action_type: overwrite - source: description - target: description - - action_type: append - source: comments - target: comments - - action_type: overwrite - source: tags - target: labels - owner: cases - templates: - - caseFields: - assignees: - - uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - category: Default-category - customFields: - - key: d312efda-ec2b-42ec-9e2c-84981795c581 - type: text - value: A text field value for the template. - description: A default description for cases. - tags: - - Default case tag - title: Default case title - description: A description of the template. - key: 505932fe-ee3a-4960-a661-c781b5acdb05 - name: template-1 - tags: - - Template tag 1 - updated_at: null - updated_by: null - version: WzIwNzMsMV0= - Cases_update_case_configuration_request: - summary: Update the case settings. - value: - closure_type: close-by-user - connector: - fields: null - id: 5e656730-e1ca-11ec-be9b-9b1838238ee6 - name: my-jira-connector - type: .jira - customFields: - - defaultValue: A new default value. - key: d312efda-ec2b-42ec-9e2c-84981795c581 - label: my-text-field - type: text - required: true - - key: fcc6840d-eb14-42df-8aaf-232201a705ec - label: my-toggle - type: toggle - required: false - version: WzExOSw0XQ== - Cases_update_case_configuration_response: - summary: This is an example response when the case configuration was updated. - value: - closure_type: close-by-user - connector: - fields: null - id: 5e656730-e1ca-11ec-be9b-9b1838238ee6 - name: my-jira-connector - type: .jira - created_at: '2024-07-01T17:07:17.767Z' - created_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - customFields: - - defaultValue: A new default value. - key: d312efda-ec2b-42ec-9e2c-84981795c581 - label: my-text-field - type: text - required: true - - key: fcc6840d-eb14-42df-8aaf-232201a705ec - label: my-toggle - type: toggle - required: false - error: null - id: 4a97a440-e1cd-11ec-be9b-9b1838238ee6 - mappings: - - action_type: overwrite - source: title - target: summary - - action_type: overwrite - source: description - target: description - - action_type: overwrite - source: tags - target: labels - - action_type: append - source: comments - target: comments - owner: cases - templates: [] - updated_at: '2024-07-19T00:52:42.401Z' - updated_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - version: WzI2LDNd - Cases_update_case_request: - summary: Update the case description, tags, and connector. - value: - cases: - - connector: - fields: - issueType: '10006' - parent: null - priority: null - id: 131d4448-abe0-4789-939d-8ef60680b498 - name: My connector - type: .jira - customFields: - - key: fcc6840d-eb14-42df-8aaf-232201a705ec - type: toggle - value: false - - key: d312efda-ec2b-42ec-9e2c-84981795c581 - type: text - value: My new field value - description: A case description. - id: a18b38a0-71b0-11ea-a0b2-c51ea50a58e2 - settings: - syncAlerts: true - tags: - - tag-1 - version: WzIzLDFd - Cases_update_case_response: - summary: >- - This is an example response when the case description, tags, and - connector were updated. - value: - - assignees: [] - category: null - closed_at: null - closed_by: null - comments: [] - connector: - fields: - issueType: '10006' - parent: null - priority: null - id: 131d4448-abe0-4789-939d-8ef60680b498 - name: My connector - type: .jira - created_at: '2023-10-13T09:16:17.416Z' - created_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - customFields: - - key: d312efda-ec2b-42ec-9e2c-84981795c581 - type: text - value: My new field value - - key: fcc6840d-eb14-42df-8aaf-232201a705ec - type: toggle - value: false - description: A case description. - duration: null - external_service: - connector_id: 05da469f-1fde-4058-99a3-91e4807e2de8 - connector_name: Jira - external_id: '10003' - external_title: IS-4 - external_url: https://hms.atlassian.net/browse/IS-4 - pushed_at: '2023-10-13T09:20:40.672Z' - pushed_by: - email: null - full_name: null - username: elastic - id: 66b9aa00-94fa-11ea-9f74-e7e108796192 - owner: cases - settings: - syncAlerts: true - severity: low - status: open - tags: - - tag-1 - title: Case title 1 - totalAlerts: 0 - totalComment: 0 - updated_at: '2023-10-13T09:48:33.043Z' - updated_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - version: WzU0OCwxXQ== - Cases_update_comment_request: - summary: Updates a comment of a case. - value: - comment: An updated comment. - id: 8af6ac20-74f6-11ea-b83a-553aecdb28b6 - owner: cases - type: user - version: Wzk1LDFd - Cases_update_comment_response: - summary: >- - The add comment to case API returns a JSON object that contains details - about the case and its comments. - value: - assignees: [] - category: null - closed_at: null - closed_by: null - comments: - - comment: An updated comment. - created_at: '2023-10-24T00:37:10.832Z' - created_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - id: 8af6ac20-74f6-11ea-b83a-553aecdb28b6 - owner: cases - pushed_at: null - pushed_by: null - type: user - updated_at: '2023-10-24T01:27:06.210Z' - updated_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - version: WzIwNjM3LDFd - connector: - fields: null - id: none - name: none - type: .none - created_at: '2023-10-24T00:37:03.906Z' - created_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - customFields: - - key: d312efda-ec2b-42ec-9e2c-84981795c581 - type: text - value: My new field value - - key: fcc6840d-eb14-42df-8aaf-232201a705ec - type: toggle - value: false - description: A case description. - duration: null - external_service: null - id: 293f1bc0-74f6-11ea-b83a-553aecdb28b6 - owner: cases - settings: - syncAlerts: false - severity: low - status: open - tags: - - tag 1 - title: Case title 1 - totalAlerts: 0 - totalComment: 1 - updated_at: '2023-10-24T01:27:06.210Z' - updated_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - version: WzIwNjM2LDFd - Data_views_create_data_view_request: - summary: Create a data view with runtime fields. - value: - data_view: - name: My Logstash data view - runtimeFieldMap: - runtime_shape_name: - script: - source: emit(doc['shape_name'].value) - type: keyword - title: logstash-* - Data_views_create_runtime_field_request: - summary: Create a runtime field. - value: - name: runtimeFoo - runtimeField: - script: - source: emit(doc["foo"].value) - type: long - Data_views_get_data_view_response: - summary: >- - The get data view API returns a JSON object that contains information - about the data view. - value: - data_view: - allowNoIndex: false - fieldAttrs: - products.manufacturer: - count: 1 - products.price: - count: 1 - products.product_name: - count: 1 - total_quantity: - count: 1 - fieldFormats: - products.base_price: - id: number - params: - pattern: $0,0.00 - products.base_unit_price: - id: number - params: - pattern: $0,0.00 - products.min_price: - id: number - params: - pattern: $0,0.00 - products.price: - id: number - params: - pattern: $0,0.00 - products.taxful_price: - id: number - params: - pattern: $0,0.00 - products.taxless_price: - id: number - params: - pattern: $0,0.00 - taxful_total_price: - id: number - params: - pattern: $0,0.[00] - taxless_total_price: - id: number - params: - pattern: $0,0.00 - fields: - _id: - aggregatable: false - count: 0 - esTypes: - - _id - format: - id: string - isMapped: true - name: _id - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - _index: - aggregatable: true - count: 0 - esTypes: - - _index - format: - id: string - isMapped: true - name: _index - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - _score: - aggregatable: false - count: 0 - format: - id: number - isMapped: true - name: _score - readFromDocValues: false - scripted: false - searchable: false - shortDotsEnable: false - type: number - _source: - aggregatable: false - count: 0 - esTypes: - - _source - format: - id: _source - isMapped: true - name: _source - readFromDocValues: false - scripted: false - searchable: false - shortDotsEnable: false - type: _source - category: - aggregatable: false - count: 0 - esTypes: - - text - format: - id: string - isMapped: true - name: category - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - category.keyword: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: category.keyword - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - subType: - multi: - parent: category - type: string - currency: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: currency - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - customer_birth_date: - aggregatable: true - count: 0 - esTypes: - - date - format: - id: date - isMapped: true - name: customer_birth_date - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: date - customer_first_name: - aggregatable: false - count: 0 - esTypes: - - text - format: - id: string - isMapped: true - name: customer_first_name - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - customer_first_name.keyword: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: customer_first_name.keyword - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - subType: - multi: - parent: customer_first_name - type: string - customer_full_name: - aggregatable: false - count: 0 - esTypes: - - text - format: - id: string - isMapped: true - name: customer_full_name - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - customer_full_name.keyword: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: customer_full_name.keyword - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - subType: - multi: - parent: customer_full_name - type: string - customer_gender: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: customer_gender - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - customer_id: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: customer_id - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - customer_last_name: - aggregatable: false - count: 0 - esTypes: - - text - format: - id: string - isMapped: true - name: customer_last_name - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - customer_last_name.keyword: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: customer_last_name.keyword - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - subType: - multi: - parent: customer_last_name - type: string - customer_phone: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: customer_phone - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - day_of_week: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: day_of_week - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - day_of_week_i: - aggregatable: true - count: 0 - esTypes: - - integer - format: - id: number - isMapped: true - name: day_of_week_i - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - email: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: email - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - event.dataset: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: event.dataset - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - geoip.city_name: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: geoip.city_name - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - geoip.continent_name: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: geoip.continent_name - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - geoip.country_iso_code: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: geoip.country_iso_code - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - geoip.location: - aggregatable: true - count: 0 - esTypes: - - geo_point - format: - id: geo_point - params: - transform: wkt - isMapped: true - name: geoip.location - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: geo_point - geoip.region_name: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: geoip.region_name - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - manufacturer: - aggregatable: false - count: 0 - esTypes: - - text - format: - id: string - isMapped: true - name: manufacturer - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - manufacturer.keyword: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: manufacturer.keyword - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - subType: - multi: - parent: manufacturer - type: string - order_date: - aggregatable: true - count: 0 - esTypes: - - date - format: - id: date - isMapped: true - name: order_date - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: date - order_id: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: order_id - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - products._id: - aggregatable: false - count: 0 - esTypes: - - text - format: - id: string - isMapped: true - name: products._id - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - products._id.keyword: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: products._id.keyword - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - subType: - multi: - parent: products._id - type: string - products.base_price: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - params: - pattern: $0,0.00 - isMapped: true - name: products.base_price - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.base_unit_price: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - params: - pattern: $0,0.00 - isMapped: true - name: products.base_unit_price - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.category: - aggregatable: false - count: 0 - esTypes: - - text - format: - id: string - isMapped: true - name: products.category - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - products.category.keyword: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: products.category.keyword - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - subType: - multi: - parent: products.category - type: string - products.created_on: - aggregatable: true - count: 0 - esTypes: - - date - format: - id: date - isMapped: true - name: products.created_on - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: date - products.discount_amount: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - isMapped: true - name: products.discount_amount - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.discount_percentage: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - isMapped: true - name: products.discount_percentage - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.manufacturer: - aggregatable: false - count: 1 - esTypes: - - text - format: - id: string - isMapped: true - name: products.manufacturer - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - products.manufacturer.keyword: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: products.manufacturer.keyword - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - subType: - multi: - parent: products.manufacturer - type: string - products.min_price: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - params: - pattern: $0,0.00 - isMapped: true - name: products.min_price - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.price: - aggregatable: true - count: 1 - esTypes: - - half_float - format: - id: number - params: - pattern: $0,0.00 - isMapped: true - name: products.price - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.product_id: - aggregatable: true - count: 0 - esTypes: - - long - format: - id: number - isMapped: true - name: products.product_id - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.product_name: - aggregatable: false - count: 1 - esTypes: - - text - format: - id: string - isMapped: true - name: products.product_name - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - products.product_name.keyword: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: products.product_name.keyword - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - subType: - multi: - parent: products.product_name - type: string - products.quantity: - aggregatable: true - count: 0 - esTypes: - - integer - format: - id: number - isMapped: true - name: products.quantity - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.sku: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: products.sku - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - products.tax_amount: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - isMapped: true - name: products.tax_amount - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.taxful_price: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - params: - pattern: $0,0.00 - isMapped: true - name: products.taxful_price - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.taxless_price: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - params: - pattern: $0,0.00 - isMapped: true - name: products.taxless_price - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.unit_discount_amount: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - isMapped: true - name: products.unit_discount_amount - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - sku: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: sku - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - taxful_total_price: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - params: - pattern: $0,0.[00] - isMapped: true - name: taxful_total_price - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - taxless_total_price: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - params: - pattern: $0,0.00 - isMapped: true - name: taxless_total_price - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - total_quantity: - aggregatable: true - count: 1 - esTypes: - - integer - format: - id: number - isMapped: true - name: total_quantity - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - total_unique_products: - aggregatable: true - count: 0 - esTypes: - - integer - format: - id: number - isMapped: true - name: total_unique_products - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - type: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: type - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - user: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: user - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - id: ff959d40-b880-11e8-a6d9-e546fe2bba5f - name: Kibana Sample Data eCommerce - namespaces: - - default - runtimeFieldMap: {} - sourceFilters: [] - timeFieldName: order_date - title: kibana_sample_data_ecommerce - typeMeta: {} - version: WzUsMV0= - Data_views_get_data_views_response: - summary: The get all data views API returns a list of data views. - value: - data_view: - - id: ff959d40-b880-11e8-a6d9-e546fe2bba5f - name: Kibana Sample Data eCommerce - namespaces: - - default - title: kibana_sample_data_ecommerce - typeMeta: {} - - id: d3d7af60-4c81-11e8-b3d7-01146121b73d - name: Kibana Sample Data Flights - namespaces: - - default - title: kibana_sample_data_flights - - id: 90943e30-9a47-11e8-b64d-95841ca0b247 - name: Kibana Sample Data Logs - namespaces: - - default - title: kibana_sample_data_logs - Data_views_get_default_data_view_response: - summary: The get default data view API returns the default data view identifier. - value: - data_view_id: ff959d40-b880-11e8-a6d9-e546fe2bba5f - Data_views_get_runtime_field_response: - summary: >- - The get runtime field API returns a JSON object that contains - information about the runtime field (`hour_of_day`) and the data view - (`d3d7af60-4c81-11e8-b3d7-01146121b73d`). - value: - data_view: - allowNoIndex: false - fieldAttrs: {} - fieldFormats: - AvgTicketPrice: - id: number - params: - pattern: $0,0.[00] - hour_of_day: - id: number - params: - pattern: '00' - fields: - _id: - aggregatable: false - count: 0 - esTypes: - - _id - format: - id: string - isMapped: true - name: _id - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - _index: - aggregatable: true - count: 0 - esTypes: - - _index - format: - id: string - isMapped: true - name: _index - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - _score: - aggregatable: false - count: 0 - format: - id: number - isMapped: true - name: _score - readFromDocValues: false - scripted: false - searchable: false - shortDotsEnable: false - type: number - _source: - aggregatable: false - count: 0 - esTypes: - - _source - format: - id: _source - isMapped: true - name: _source - readFromDocValues: false - scripted: false - searchable: false - shortDotsEnable: false - type: _source - AvgTicketPrice: - aggregatable: true - count: 0 - esTypes: - - float - format: - id: number - params: - pattern: $0,0.[00] - isMapped: true - name: AvgTicketPrice - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - Cancelled: - aggregatable: true - count: 0 - esTypes: - - boolean - format: - id: boolean - isMapped: true - name: Cancelled - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: boolean - Carrier: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: Carrier - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - dayOfWeek: - aggregatable: true - count: 0 - esTypes: - - integer - format: - id: number - isMapped: true - name: dayOfWeek - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - Dest: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: Dest - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - DestAirportID: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: DestAirportID - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - DestCityName: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: DestCityName - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - DestCountry: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: DestCountry - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - DestLocation: - aggregatable: true - count: 0 - esTypes: - - geo_point - format: - id: geo_point - params: - transform: wkt - isMapped: true - name: DestLocation - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: geo_point - DestRegion: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: DestRegion - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - DestWeather: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: DestWeather - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - DistanceKilometers: - aggregatable: true - count: 0 - esTypes: - - float - format: - id: number - isMapped: true - name: DistanceKilometers - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - DistanceMiles: - aggregatable: true - count: 0 - esTypes: - - float - format: - id: number - isMapped: true - name: DistanceMiles - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - FlightDelay: - aggregatable: true - count: 0 - esTypes: - - boolean - format: - id: boolean - isMapped: true - name: FlightDelay - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: boolean - FlightDelayMin: - aggregatable: true - count: 0 - esTypes: - - integer - format: - id: number - isMapped: true - name: FlightDelayMin - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - FlightDelayType: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: FlightDelayType - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - FlightNum: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: FlightNum - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - FlightTimeHour: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: FlightTimeHour - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - FlightTimeMin: - aggregatable: true - count: 0 - esTypes: - - float - format: - id: number - isMapped: true - name: FlightTimeMin - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - hour_of_day: - aggregatable: true - count: 0 - esTypes: - - long - format: - id: number - params: - pattern: '00' - name: hour_of_day - readFromDocValues: false - runtimeField: - script: - source: emit(doc['timestamp'].value.getHour()); - type: long - scripted: false - searchable: true - shortDotsEnable: false - type: number - Origin: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: Origin - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - OriginAirportID: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: OriginAirportID - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - OriginCityName: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: OriginCityName - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - OriginCountry: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: OriginCountry - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - OriginLocation: - aggregatable: true - count: 0 - esTypes: - - geo_point - format: - id: geo_point - params: - transform: wkt - isMapped: true - name: OriginLocation - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: geo_point - OriginRegion: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: OriginRegion - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - OriginWeather: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: OriginWeather - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - timestamp: - aggregatable: true - count: 0 - esTypes: - - date - format: - id: date - isMapped: true - name: timestamp - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: date - id: d3d7af60-4c81-11e8-b3d7-01146121b73d - name: Kibana Sample Data Flights - runtimeFieldMap: - hour_of_day: - script: - source: emit(doc['timestamp'].value.getHour()); - type: long - sourceFilters: [] - timeFieldName: timestamp - title: kibana_sample_data_flights - version: WzM2LDJd - fields: - - aggregatable: true - count: 0 - esTypes: - - long - name: hour_of_day - readFromDocValues: false - runtimeField: - script: - source: emit(doc['timestamp'].value.getHour()); - type: long - scripted: false - searchable: true - shortDotsEnable: false - type: number - Data_views_preview_swap_data_view_request: - summary: Preview swapping references from data view ID "abcd-efg" to "xyz-123". - value: - fromId: abcd-efg - toId: xyz-123 - Data_views_set_default_data_view_request: - summary: Set the default data view identifier. - value: - data_view_id: ff959d40-b880-11e8-a6d9-e546fe2bba5f - force: true - Data_views_swap_data_view_request: - summary: >- - Swap references from data view ID "abcd-efg" to "xyz-123" and remove the - data view that is no longer referenced. - value: - delete: true - fromId: abcd-efg - toId: xyz-123 - Data_views_update_data_view_request: - summary: Update some properties for a data view. - value: - data_view: - allowNoIndex: false - name: Kibana Sample Data eCommerce - timeFieldName: order_date - title: kibana_sample_data_ecommerce - refresh_fields: true - Data_views_update_field_metadata_request: - summary: Update metadata for multiple fields. - value: - fields: - field1: - count: 123 - customLabel: Field 1 label - field2: - customDescription: Field 2 description - customLabel: Field 2 label - Data_views_update_runtime_field_request: - summary: Update an existing runtime field on a data view. - value: - runtimeField: - script: - source: emit(doc["bar"].value) - Machine_learning_APIs_mlSyncExample: - summary: Two anomaly detection jobs required synchronization in this example. - value: - datafeedsAdded: {} - datafeedsRemoved: {} - savedObjectsCreated: - anomaly-detector: - myjob1: - success: true - myjob2: - success: true - savedObjectsDeleted: {} - Saved_objects_export_objects_request: - summary: Export a specific saved object. - value: - excludeExportDetails: true - includeReferencesDeep: false - objects: - - id: de71f4f0-1902-11e9-919b-ffe5949a18d2 - type: map - Saved_objects_export_objects_response: - summary: >- - The export objects API response contains a JSON record for each exported - object. - value: - attributes: - description: '' - layerListJSON: >- - [{"id":"0hmz5","alpha":1,"sourceDescriptor":{"type":"EMS_TMS","isAutoSelect":true,"lightModeDefault":"road_map_desaturated"},"visible":true,"style":{},"type":"EMS_VECTOR_TILE","minZoom":0,"maxZoom":24},{"id":"edh66","label":"Total - Requests by - Destination","minZoom":0,"maxZoom":24,"alpha":0.5,"sourceDescriptor":{"type":"EMS_FILE","id":"world_countries","tooltipProperties":["name","iso2"]},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"DYNAMIC","options":{"field":{"name":"__kbnjoin__count__673ff994-fc75-4c67-909b-69fcb0e1060e","origin":"join"},"color":"Greys","fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"lineColor":{"type":"STATIC","options":{"color":"#FFFFFF"}},"lineWidth":{"type":"STATIC","options":{"size":1}},"iconSize":{"type":"STATIC","options":{"size":10}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR","joins":[{"leftField":"iso2","right":{"type":"ES_TERM_SOURCE","id":"673ff994-fc75-4c67-909b-69fcb0e1060e","indexPatternTitle":"kibana_sample_data_logs","term":"geo.dest","indexPatternRefName":"layer_1_join_0_index_pattern","metrics":[{"type":"count","label":"web - logs - count"}],"applyGlobalQuery":true}}]},{"id":"gaxya","label":"Actual - Requests","minZoom":9,"maxZoom":24,"alpha":1,"sourceDescriptor":{"id":"b7486535-171b-4d3b-bb2e-33c1a0a2854c","type":"ES_SEARCH","geoField":"geo.coordinates","limit":2048,"filterByMapBounds":true,"tooltipProperties":["clientip","timestamp","host","request","response","machine.os","agent","bytes"],"indexPatternRefName":"layer_2_source_index_pattern","applyGlobalQuery":true,"scalingType":"LIMIT"},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"STATIC","options":{"color":"#2200ff"}},"lineColor":{"type":"STATIC","options":{"color":"#FFFFFF"}},"lineWidth":{"type":"STATIC","options":{"size":2}},"iconSize":{"type":"DYNAMIC","options":{"field":{"name":"bytes","origin":"source"},"minSize":1,"maxSize":23,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR"},{"id":"tfi3f","label":"Total - Requests and - Bytes","minZoom":0,"maxZoom":9,"alpha":1,"sourceDescriptor":{"type":"ES_GEO_GRID","resolution":"COARSE","id":"8aaa65b5-a4e9-448b-9560-c98cb1c5ac5b","geoField":"geo.coordinates","requestType":"point","metrics":[{"type":"count","label":"web - logs - count"},{"type":"sum","field":"bytes"}],"indexPatternRefName":"layer_3_source_index_pattern","applyGlobalQuery":true},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"color":"Blues","fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"lineColor":{"type":"STATIC","options":{"color":"#cccccc"}},"lineWidth":{"type":"STATIC","options":{"size":1}},"iconSize":{"type":"DYNAMIC","options":{"field":{"name":"sum_of_bytes","origin":"source"},"minSize":7,"maxSize":25,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"labelText":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"labelSize":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"minSize":12,"maxSize":24,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR"}] - mapStateJSON: >- - {"zoom":3.64,"center":{"lon":-88.92107,"lat":42.16337},"timeFilters":{"from":"now-7d","to":"now"},"refreshConfig":{"isPaused":true,"interval":0},"query":{"language":"kuery","query":""},"settings":{"autoFitToDataBounds":false}} - title: '[Logs] Total Requests and Bytes' - uiStateJSON: '{"isDarkMode":false}' - coreMigrationVersion: 8.8.0 - created_at: '2023-08-23T20:03:32.204Z' - id: de71f4f0-1902-11e9-919b-ffe5949a18d2 - managed: false - references: - - id: 90943e30-9a47-11e8-b64d-95841ca0b247 - name: layer_1_join_0_index_pattern - type: index-pattern - - id: 90943e30-9a47-11e8-b64d-95841ca0b247 - name: layer_2_source_index_pattern - type: index-pattern - - id: 90943e30-9a47-11e8-b64d-95841ca0b247 - name: layer_3_source_index_pattern - type: index-pattern - type: map - typeMigrationVersion: 8.4.0 - updated_at: '2023-08-23T20:03:32.204Z' - version: WzEzLDFd - Saved_objects_import_objects_request: - value: - file: file.ndjson - Saved_objects_import_objects_response: - summary: >- - The import objects API response indicates a successful import and the - objects are created. Since these objects are created as new copies, each - entry in the successResults array includes a destinationId attribute. - value: - success: true - successCount: 1 - successResults: - - destinationId: 82d2760c-468f-49cf-83aa-b9a35b6a8943 - id: 90943e30-9a47-11e8-b64d-95841ca0b247 - managed: false - meta: - icon: indexPatternApp - title: Kibana Sample Data Logs - type: index-pattern - Saved_objects_key_rotation_response: - summary: Encryption key rotation using default parameters. - value: - failed: 0 - successful: 300 - total: 1000 - Saved_objects_resolve_missing_reference_request: - value: - file: file.ndjson - retries: - - id: my-pattern - overwrite: true - type: index-pattern - - destinationId: another-vis - id: my-vis - overwrite: true - type: visualization - - destinationId: yet-another-canvas - id: my-canvas - overwrite: true - type: canvas - - id: my-dashboard - type: dashboard - Saved_objects_resolve_missing_reference_response: - summary: Resolve missing reference errors. - value: - success: true - successCount: 3 - successResults: - - id: my-vis - meta: - icon: visualizeApp - title: Look at my visualization - type: visualization - - id: my-search - meta: - icon: searchApp - title: Look at my search - type: search - - id: my-dashboard - meta: - icon: dashboardApp - title: Look at my dashboard - type: dashboard - parameters: - Alerting_kbn_xsrf: - description: Cross-site request forgery protection - in: header - name: kbn-xsrf - required: true - schema: - type: string - Cases_alert_id: - description: An identifier for the alert. - in: path - name: alertId - required: true - schema: - example: 09f0c261e39e36351d75995b78bb83673774d1bc2cca9df2d15f0e5c0a99a540 - type: string - Cases_assignees_filter: + items: + items: + additionalProperties: true + type: object + properties: + categories: + items: + type: string + type: array + conditions: + additionalProperties: true + type: object + properties: + elastic: + additionalProperties: true + type: object + properties: + capabilities: + items: + type: string + type: array + subscription: + type: string + kibana: + additionalProperties: true + type: object + properties: + version: + type: string + data_streams: + items: + additionalProperties: {} + type: object + type: array + description: + type: string + download: + type: string + format_version: + type: string + icons: + items: + additionalProperties: true + type: object + properties: + dark_mode: + type: boolean + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + type: array + id: + type: string + installationInfo: + additionalProperties: true + type: object + properties: + additional_spaces_installed_kibana: + additionalProperties: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + type: object + created_at: + type: string + experimental_data_stream_features: + items: + additionalProperties: true + type: object + properties: + data_stream: + type: string + features: + additionalProperties: true + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + install_format_schema_version: + type: string + install_source: + enum: + - registry + - upload + - bundled + - custom + type: string + install_status: + enum: + - installed + - installing + - install_failed + type: string + installed_es: + items: + additionalProperties: true + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + installed_kibana: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + installed_kibana_space_id: + type: string + latest_executed_state: + additionalProperties: true + type: object + properties: + error: + type: string + name: + type: string + started_at: + type: string + required: + - name + - started_at + latest_install_failed_attempts: + items: + additionalProperties: true + type: object + properties: + created_at: + type: string + error: + additionalProperties: true + type: object + properties: + message: + type: string + name: + type: string + stack: + type: string + required: + - name + - message + target_version: + type: string + required: + - created_at + - target_version + - error + type: array + name: + type: string + namespaces: + items: + type: string + type: array + type: + type: string + updated_at: + type: string + verification_key_id: + nullable: true + type: string + verification_status: + enum: + - unverified + - verified + - unknown + type: string + version: + type: string + required: + - type + - installed_kibana + - installed_es + - name + - version + - install_status + - install_source + - verification_status + integration: + type: string + internal: + type: boolean + latestVersion: + type: string + name: + type: string + owner: + additionalProperties: true + type: object + properties: + github: + type: string + type: + enum: + - elastic + - partner + - community + type: string + path: + type: string + policy_templates: + items: + additionalProperties: {} + type: object + type: array + readme: + type: string + release: + enum: + - ga + - beta + - experimental + type: string + savedObject: {} + signature_path: + type: string + source: + additionalProperties: true + type: object + properties: + license: + type: string + required: + - license + status: + type: string + title: + type: string + type: + enum: + - integration + - input + type: string + vars: + items: + additionalProperties: {} + type: object + type: array + version: + type: string + required: + - savedObject + - name + - version + - title + - id + type: array + response: + items: + additionalProperties: true + deprecated: true + type: object + properties: + categories: + items: + type: string + type: array + conditions: + additionalProperties: true + type: object + properties: + elastic: + additionalProperties: true + type: object + properties: + capabilities: + items: + type: string + type: array + subscription: + type: string + kibana: + additionalProperties: true + type: object + properties: + version: + type: string + data_streams: + items: + additionalProperties: {} + type: object + type: array + description: + type: string + download: + type: string + format_version: + type: string + icons: + items: + additionalProperties: true + type: object + properties: + dark_mode: + type: boolean + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + type: array + id: + type: string + installationInfo: + additionalProperties: true + type: object + properties: + additional_spaces_installed_kibana: + additionalProperties: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + type: object + created_at: + type: string + experimental_data_stream_features: + items: + additionalProperties: true + type: object + properties: + data_stream: + type: string + features: + additionalProperties: true + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + install_format_schema_version: + type: string + install_source: + enum: + - registry + - upload + - bundled + - custom + type: string + install_status: + enum: + - installed + - installing + - install_failed + type: string + installed_es: + items: + additionalProperties: true + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + installed_kibana: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + installed_kibana_space_id: + type: string + latest_executed_state: + additionalProperties: true + type: object + properties: + error: + type: string + name: + type: string + started_at: + type: string + required: + - name + - started_at + latest_install_failed_attempts: + items: + additionalProperties: true + type: object + properties: + created_at: + type: string + error: + additionalProperties: true + type: object + properties: + message: + type: string + name: + type: string + stack: + type: string + required: + - name + - message + target_version: + type: string + required: + - created_at + - target_version + - error + type: array + name: + type: string + namespaces: + items: + type: string + type: array + type: + type: string + updated_at: + type: string + verification_key_id: + nullable: true + type: string + verification_status: + enum: + - unverified + - verified + - unknown + type: string + version: + type: string + required: + - type + - installed_kibana + - installed_es + - name + - version + - install_status + - install_source + - verification_status + integration: + type: string + internal: + type: boolean + latestVersion: + type: string + name: + type: string + owner: + additionalProperties: true + type: object + properties: + github: + type: string + type: + enum: + - elastic + - partner + - community + type: string + path: + type: string + policy_templates: + items: + additionalProperties: {} + type: object + type: array + readme: + type: string + release: + enum: + - ga + - beta + - experimental + type: string + savedObject: {} + signature_path: + type: string + source: + additionalProperties: true + type: object + properties: + license: + type: string + required: + - license + status: + type: string + title: + type: string + type: + enum: + - integration + - input + type: string + vars: + items: + additionalProperties: {} + type: object + type: array + version: + type: string + required: + - savedObject + - name + - version + - title + - id + type: array + required: + - items + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + post: + description: Install package by upload + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: query + name: ignoreMappingUpdateErrors + required: false + schema: + default: false + type: boolean + - in: query + name: skipDataStreamRollover + required: false + schema: + default: false + type: boolean + requestBody: + content: + application/gzip; application/zip; Elastic-Api-Version=2023-10-31: + schema: + format: binary + type: string + responses: + '200': + content: + application/gzip; application/zip; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + _meta: + additionalProperties: false + type: object + properties: + install_source: + type: string + required: + - install_source + items: + items: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + - additionalProperties: false + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + response: + deprecated: true + items: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + - additionalProperties: false + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + required: + - items + - _meta + '400': + content: + application/gzip; application/zip; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/_bulk: + post: + description: Bulk install packages + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F_bulk#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: query + name: prerelease + required: false + schema: + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + force: + default: false + type: boolean + packages: + items: + anyOf: + - type: string + - additionalProperties: false + type: object + properties: + name: + type: string + prerelease: + type: boolean + version: + type: string + required: + - name + - version + minItems: 1 + type: array + required: + - packages + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + anyOf: + - additionalProperties: false + type: object + properties: + name: + type: string + result: + additionalProperties: false + type: object + properties: + assets: + items: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + - additionalProperties: false + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + error: {} + installSource: + type: string + installType: + type: string + status: + enum: + - installed + - already_installed + type: string + required: + - error + - installType + version: + type: string + required: + - name + - version + - result + - additionalProperties: false + type: object + properties: + error: + anyOf: + - type: string + - {} + name: + type: string + statusCode: + type: number + required: + - name + - statusCode + - error + type: array + response: + deprecated: true + items: + anyOf: + - additionalProperties: false + type: object + properties: + name: + type: string + result: + additionalProperties: false + type: object + properties: + assets: + items: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + - additionalProperties: false + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + error: {} + installSource: + type: string + installType: + type: string + status: + enum: + - installed + - already_installed + type: string + required: + - error + - installType + version: + type: string + required: + - name + - version + - result + - additionalProperties: false + type: object + properties: + error: + anyOf: + - type: string + - {} + name: + type: string + statusCode: + type: number + required: + - name + - statusCode + - error + type: array + required: + - items + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/{pkgkey}: + delete: + deprecated: true + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#3' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: pkgkey + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + nullable: true + type: object + properties: + force: + type: boolean + required: + - force + responses: {} + summary: '' + tags: [] + get: + deprecated: true + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: pkgkey + required: true + schema: + type: string + - in: query + name: ignoreUnverified + required: false + schema: + type: boolean + - in: query + name: prerelease + required: false + schema: + type: boolean + - in: query + name: full + required: false + schema: + type: boolean + - in: query + name: withMetadata + required: false + schema: + default: false + type: boolean + responses: {} + summary: '' + tags: [] + post: + deprecated: true + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#2' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: pkgkey + required: true + schema: + type: string + - in: query + name: prerelease + required: false + schema: + type: boolean + - in: query + name: ignoreMappingUpdateErrors + required: false + schema: + default: false + type: boolean + - in: query + name: skipDataStreamRollover + required: false + schema: + default: false + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + nullable: true + type: object + properties: + force: + type: boolean + required: + - force + responses: {} + summary: '' + tags: [] + put: + deprecated: true + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: pkgkey + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + keepPoliciesUpToDate: + type: boolean + required: + - keepPoliciesUpToDate + responses: {} + summary: '' + tags: [] + /api/fleet/epm/packages/{pkgName}/{pkgVersion}: + delete: + description: Delete package + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D#3' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: pkgName + required: true + schema: + type: string + - in: path + name: pkgVersion + required: true + schema: + type: string + - in: query + name: force + required: false + schema: + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + nullable: true + type: object + properties: + force: + type: boolean + required: + - force + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + - additionalProperties: false + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + response: + deprecated: true + items: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + - additionalProperties: false + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + required: + - items + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + get: + description: Get package + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: pkgName + required: true + schema: + type: string + - in: path + name: pkgVersion + required: true + schema: + type: string + - in: query + name: ignoreUnverified + required: false + schema: + type: boolean + - in: query + name: prerelease + required: false + schema: + type: boolean + - in: query + name: full + required: false + schema: + type: boolean + - in: query + name: withMetadata + required: false + schema: + default: false + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: true + type: object + properties: + agent: + additionalProperties: false + type: object + properties: + privileges: + additionalProperties: false + type: object + properties: + root: + type: boolean + asset_tags: + items: + additionalProperties: false + type: object + properties: + asset_ids: + items: + type: string + type: array + asset_types: + items: + type: string + type: array + text: + type: string + required: + - text + type: array + assets: + additionalProperties: {} + type: object + categories: + items: + type: string + type: array + conditions: + additionalProperties: true + type: object + properties: + elastic: + additionalProperties: true + type: object + properties: + capabilities: + items: + type: string + type: array + subscription: + type: string + kibana: + additionalProperties: true + type: object + properties: + version: + type: string + data_streams: + items: + additionalProperties: {} + type: object + type: array + description: + type: string + download: + type: string + elasticsearch: + additionalProperties: {} + type: object + format_version: + type: string + icons: + items: + additionalProperties: true + type: object + properties: + dark_mode: + type: boolean + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + type: array + installationInfo: + additionalProperties: true + type: object + properties: + additional_spaces_installed_kibana: + additionalProperties: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + type: object + created_at: + type: string + experimental_data_stream_features: + items: + additionalProperties: true + type: object + properties: + data_stream: + type: string + features: + additionalProperties: true + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + install_format_schema_version: + type: string + install_source: + enum: + - registry + - upload + - bundled + - custom + type: string + install_status: + enum: + - installed + - installing + - install_failed + type: string + installed_es: + items: + additionalProperties: true + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + installed_kibana: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + installed_kibana_space_id: + type: string + latest_executed_state: + additionalProperties: true + type: object + properties: + error: + type: string + name: + type: string + started_at: + type: string + required: + - name + - started_at + latest_install_failed_attempts: + items: + additionalProperties: true + type: object + properties: + created_at: + type: string + error: + additionalProperties: true + type: object + properties: + message: + type: string + name: + type: string + stack: + type: string + required: + - name + - message + target_version: + type: string + required: + - created_at + - target_version + - error + type: array + name: + type: string + namespaces: + items: + type: string + type: array + type: + type: string + updated_at: + type: string + verification_key_id: + nullable: true + type: string + verification_status: + enum: + - unverified + - verified + - unknown + type: string + version: + type: string + required: + - type + - installed_kibana + - installed_es + - name + - version + - install_status + - install_source + - verification_status + internal: + type: boolean + keepPoliciesUpToDate: + type: boolean + latestVersion: + type: string + license: + type: string + licensePath: + type: string + name: + type: string + notice: + type: string + owner: + additionalProperties: true + type: object + properties: + github: + type: string + type: + enum: + - elastic + - partner + - community + type: string + path: + type: string + policy_templates: + items: + additionalProperties: {} + type: object + type: array + readme: + type: string + release: + enum: + - ga + - beta + - experimental + type: string + savedObject: {} + screenshots: + items: + additionalProperties: false + type: object + properties: + dark_mode: + type: boolean + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + type: array + signature_path: + type: string + source: + additionalProperties: true + type: object + properties: + license: + type: string + required: + - license + status: + type: string + title: + type: string + type: + enum: + - integration + - input + type: string + vars: + items: + additionalProperties: {} + type: object + type: array + version: + type: string + required: + - savedObject + - name + - version + - title + - assets + metadata: + additionalProperties: false + type: object + properties: + has_policies: + type: boolean + required: + - has_policies + response: + additionalProperties: true + deprecated: true + type: object + properties: + agent: + additionalProperties: false + type: object + properties: + privileges: + additionalProperties: false + type: object + properties: + root: + type: boolean + asset_tags: + items: + additionalProperties: false + type: object + properties: + asset_ids: + items: + type: string + type: array + asset_types: + items: + type: string + type: array + text: + type: string + required: + - text + type: array + assets: + additionalProperties: {} + type: object + categories: + items: + type: string + type: array + conditions: + additionalProperties: true + type: object + properties: + elastic: + additionalProperties: true + type: object + properties: + capabilities: + items: + type: string + type: array + subscription: + type: string + kibana: + additionalProperties: true + type: object + properties: + version: + type: string + data_streams: + items: + additionalProperties: {} + type: object + type: array + description: + type: string + download: + type: string + elasticsearch: + additionalProperties: {} + type: object + format_version: + type: string + icons: + items: + additionalProperties: true + type: object + properties: + dark_mode: + type: boolean + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + type: array + installationInfo: + additionalProperties: true + type: object + properties: + additional_spaces_installed_kibana: + additionalProperties: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + type: object + created_at: + type: string + experimental_data_stream_features: + items: + additionalProperties: true + type: object + properties: + data_stream: + type: string + features: + additionalProperties: true + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + install_format_schema_version: + type: string + install_source: + enum: + - registry + - upload + - bundled + - custom + type: string + install_status: + enum: + - installed + - installing + - install_failed + type: string + installed_es: + items: + additionalProperties: true + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + installed_kibana: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + installed_kibana_space_id: + type: string + latest_executed_state: + additionalProperties: true + type: object + properties: + error: + type: string + name: + type: string + started_at: + type: string + required: + - name + - started_at + latest_install_failed_attempts: + items: + additionalProperties: true + type: object + properties: + created_at: + type: string + error: + additionalProperties: true + type: object + properties: + message: + type: string + name: + type: string + stack: + type: string + required: + - name + - message + target_version: + type: string + required: + - created_at + - target_version + - error + type: array + name: + type: string + namespaces: + items: + type: string + type: array + type: + type: string + updated_at: + type: string + verification_key_id: + nullable: true + type: string + verification_status: + enum: + - unverified + - verified + - unknown + type: string + version: + type: string + required: + - type + - installed_kibana + - installed_es + - name + - version + - install_status + - install_source + - verification_status + internal: + type: boolean + keepPoliciesUpToDate: + type: boolean + latestVersion: + type: string + license: + type: string + licensePath: + type: string + name: + type: string + notice: + type: string + owner: + additionalProperties: true + type: object + properties: + github: + type: string + type: + enum: + - elastic + - partner + - community + type: string + path: + type: string + policy_templates: + items: + additionalProperties: {} + type: object + type: array + readme: + type: string + release: + enum: + - ga + - beta + - experimental + type: string + savedObject: {} + screenshots: + items: + additionalProperties: false + type: object + properties: + dark_mode: + type: boolean + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + type: array + signature_path: + type: string + source: + additionalProperties: true + type: object + properties: + license: + type: string + required: + - license + status: + type: string + title: + type: string + type: + enum: + - integration + - input + type: string + vars: + items: + additionalProperties: {} + type: object + type: array + version: + type: string + required: + - savedObject + - name + - version + - title + - assets + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + post: + description: Install package from registry + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D#2' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: pkgName + required: true + schema: + type: string + - in: path + name: pkgVersion + required: true + schema: + type: string + - in: query + name: prerelease + required: false + schema: + type: boolean + - in: query + name: ignoreMappingUpdateErrors + required: false + schema: + default: false + type: boolean + - in: query + name: skipDataStreamRollover + required: false + schema: + default: false + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + nullable: true + type: object + properties: + force: + default: false + type: boolean + ignore_constraints: + default: false + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + _meta: + additionalProperties: false + type: object + properties: + install_source: + type: string + required: + - install_source + items: + items: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + - additionalProperties: false + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + response: + deprecated: true + items: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + - additionalProperties: false + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + required: + - items + - _meta + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + put: + description: Update package settings + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: pkgName + required: true + schema: + type: string + - in: path + name: pkgVersion + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + keepPoliciesUpToDate: + type: boolean + required: + - keepPoliciesUpToDate + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: true + type: object + properties: + agent: + additionalProperties: false + type: object + properties: + privileges: + additionalProperties: false + type: object + properties: + root: + type: boolean + asset_tags: + items: + additionalProperties: false + type: object + properties: + asset_ids: + items: + type: string + type: array + asset_types: + items: + type: string + type: array + text: + type: string + required: + - text + type: array + assets: + additionalProperties: {} + type: object + categories: + items: + type: string + type: array + conditions: + additionalProperties: true + type: object + properties: + elastic: + additionalProperties: true + type: object + properties: + capabilities: + items: + type: string + type: array + subscription: + type: string + kibana: + additionalProperties: true + type: object + properties: + version: + type: string + data_streams: + items: + additionalProperties: {} + type: object + type: array + description: + type: string + download: + type: string + elasticsearch: + additionalProperties: {} + type: object + format_version: + type: string + icons: + items: + additionalProperties: true + type: object + properties: + dark_mode: + type: boolean + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + type: array + installationInfo: + additionalProperties: true + type: object + properties: + additional_spaces_installed_kibana: + additionalProperties: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + type: object + created_at: + type: string + experimental_data_stream_features: + items: + additionalProperties: true + type: object + properties: + data_stream: + type: string + features: + additionalProperties: true + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + install_format_schema_version: + type: string + install_source: + enum: + - registry + - upload + - bundled + - custom + type: string + install_status: + enum: + - installed + - installing + - install_failed + type: string + installed_es: + items: + additionalProperties: true + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + installed_kibana: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + installed_kibana_space_id: + type: string + latest_executed_state: + additionalProperties: true + type: object + properties: + error: + type: string + name: + type: string + started_at: + type: string + required: + - name + - started_at + latest_install_failed_attempts: + items: + additionalProperties: true + type: object + properties: + created_at: + type: string + error: + additionalProperties: true + type: object + properties: + message: + type: string + name: + type: string + stack: + type: string + required: + - name + - message + target_version: + type: string + required: + - created_at + - target_version + - error + type: array + name: + type: string + namespaces: + items: + type: string + type: array + type: + type: string + updated_at: + type: string + verification_key_id: + nullable: true + type: string + verification_status: + enum: + - unverified + - verified + - unknown + type: string + version: + type: string + required: + - type + - installed_kibana + - installed_es + - name + - version + - install_status + - install_source + - verification_status + internal: + type: boolean + keepPoliciesUpToDate: + type: boolean + latestVersion: + type: string + license: + type: string + licensePath: + type: string + name: + type: string + notice: + type: string + owner: + additionalProperties: true + type: object + properties: + github: + type: string + type: + enum: + - elastic + - partner + - community + type: string + path: + type: string + policy_templates: + items: + additionalProperties: {} + type: object + type: array + readme: + type: string + release: + enum: + - ga + - beta + - experimental + type: string + savedObject: {} + screenshots: + items: + additionalProperties: false + type: object + properties: + dark_mode: + type: boolean + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + type: array + signature_path: + type: string + source: + additionalProperties: true + type: object + properties: + license: + type: string + required: + - license + status: + type: string + title: + type: string + type: + enum: + - integration + - input + type: string + vars: + items: + additionalProperties: {} + type: object + type: array + version: + type: string + required: + - savedObject + - name + - version + - title + - assets + response: + additionalProperties: true + deprecated: true + type: object + properties: + agent: + additionalProperties: false + type: object + properties: + privileges: + additionalProperties: false + type: object + properties: + root: + type: boolean + asset_tags: + items: + additionalProperties: false + type: object + properties: + asset_ids: + items: + type: string + type: array + asset_types: + items: + type: string + type: array + text: + type: string + required: + - text + type: array + assets: + additionalProperties: {} + type: object + categories: + items: + type: string + type: array + conditions: + additionalProperties: true + type: object + properties: + elastic: + additionalProperties: true + type: object + properties: + capabilities: + items: + type: string + type: array + subscription: + type: string + kibana: + additionalProperties: true + type: object + properties: + version: + type: string + data_streams: + items: + additionalProperties: {} + type: object + type: array + description: + type: string + download: + type: string + elasticsearch: + additionalProperties: {} + type: object + format_version: + type: string + icons: + items: + additionalProperties: true + type: object + properties: + dark_mode: + type: boolean + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + type: array + installationInfo: + additionalProperties: true + type: object + properties: + additional_spaces_installed_kibana: + additionalProperties: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + type: object + created_at: + type: string + experimental_data_stream_features: + items: + additionalProperties: true + type: object + properties: + data_stream: + type: string + features: + additionalProperties: true + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + install_format_schema_version: + type: string + install_source: + enum: + - registry + - upload + - bundled + - custom + type: string + install_status: + enum: + - installed + - installing + - install_failed + type: string + installed_es: + items: + additionalProperties: true + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + installed_kibana: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + installed_kibana_space_id: + type: string + latest_executed_state: + additionalProperties: true + type: object + properties: + error: + type: string + name: + type: string + started_at: + type: string + required: + - name + - started_at + latest_install_failed_attempts: + items: + additionalProperties: true + type: object + properties: + created_at: + type: string + error: + additionalProperties: true + type: object + properties: + message: + type: string + name: + type: string + stack: + type: string + required: + - name + - message + target_version: + type: string + required: + - created_at + - target_version + - error + type: array + name: + type: string + namespaces: + items: + type: string + type: array + type: + type: string + updated_at: + type: string + verification_key_id: + nullable: true + type: string + verification_status: + enum: + - unverified + - verified + - unknown + type: string + version: + type: string + required: + - type + - installed_kibana + - installed_es + - name + - version + - install_status + - install_source + - verification_status + internal: + type: boolean + keepPoliciesUpToDate: + type: boolean + latestVersion: + type: string + license: + type: string + licensePath: + type: string + name: + type: string + notice: + type: string + owner: + additionalProperties: true + type: object + properties: + github: + type: string + type: + enum: + - elastic + - partner + - community + type: string + path: + type: string + policy_templates: + items: + additionalProperties: {} + type: object + type: array + readme: + type: string + release: + enum: + - ga + - beta + - experimental + type: string + savedObject: {} + screenshots: + items: + additionalProperties: false + type: object + properties: + dark_mode: + type: boolean + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + type: array + signature_path: + type: string + source: + additionalProperties: true + type: object + properties: + license: + type: string + required: + - license + status: + type: string + title: + type: string + type: + enum: + - integration + - input + type: string + vars: + items: + additionalProperties: {} + type: object + type: array + version: + type: string + required: + - savedObject + - name + - version + - title + - assets + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/{pkgName}/{pkgVersion}/{filePath*}: + get: + description: Get package file + operationId: >- + %2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D%2F%7BfilePath*%7D#0 + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: pkgName + required: true + schema: + type: string + - in: path + name: pkgVersion + required: true + schema: + type: string + - in: path + name: filePath + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: {} + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/{pkgName}/{pkgVersion}/transforms/authorize: + post: + description: Authorize transforms + operationId: >- + %2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D%2Ftransforms%2Fauthorize#0 + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: pkgName + required: true + schema: + type: string + - in: path + name: pkgVersion + required: true + schema: + type: string + - in: query + name: prerelease + required: false + schema: + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + transforms: + items: + additionalProperties: false + type: object + properties: + transformId: + type: string + required: + - transformId + type: array + required: + - transforms + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + additionalProperties: false + type: object + properties: + error: + nullable: true + success: + type: boolean + transformId: + type: string + required: + - transformId + - success + - error + type: array + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/{pkgName}/stats: + get: + description: Get package stats + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2Fstats#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: pkgName + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + response: + additionalProperties: false + type: object + properties: + agent_policy_count: + type: number + required: + - agent_policy_count + required: + - response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/installed: + get: + description: Get installed packages + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2Finstalled#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: dataStreamType + required: false + schema: + enum: + - logs + - metrics + - traces + - synthetics + - profiling + type: string + - in: query + name: showOnlyActiveDataStreams + required: false + schema: + type: boolean + - in: query + name: nameQuery + required: false + schema: + type: string + - in: query + name: searchAfter + required: false + schema: + items: + anyOf: + - type: string + - type: number + type: array + - in: query + name: perPage + required: false + schema: + default: 15 + type: number + - in: query + name: sortOrder + required: false + schema: + default: asc + enum: + - asc + - desc + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + dataStreams: + items: + additionalProperties: false + type: object + properties: + name: + type: string + title: + type: string + required: + - name + - title + type: array + description: + type: string + icons: + items: + additionalProperties: false + type: object + properties: + dark_mode: + type: boolean + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + type: array + name: + type: string + status: + type: string + title: + type: string + version: + type: string + required: + - name + - version + - status + - dataStreams + type: array + searchAfter: + items: + anyOf: + - type: string + - type: number + - type: boolean + - enum: [] + nullable: true + - {} + type: array + total: + type: number + required: + - items + - total + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/limited: + get: + description: Get limited package list + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2Flimited#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + type: string + type: array + response: + deprecated: true + items: + type: string + type: array + required: + - items + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/templates/{pkgName}/{pkgVersion}/inputs: + get: + description: Get inputs template + operationId: >- + %2Fapi%2Ffleet%2Fepm%2Ftemplates%2F%7BpkgName%7D%2F%7BpkgVersion%7D%2Finputs#0 + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: pkgName + required: true + schema: + type: string + - in: path + name: pkgVersion + required: true + schema: + type: string + - in: query + name: format + required: false + schema: + default: json + enum: + - json + - yml + - yaml + type: string + - in: query + name: prerelease + required: false + schema: + type: boolean + - in: query + name: ignoreUnverified + required: false + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + anyOf: + - type: string + - additionalProperties: false + type: object + properties: + inputs: + items: + additionalProperties: false + type: object + properties: + id: + type: string + streams: + items: + additionalProperties: true + type: object + properties: + data_stream: + additionalProperties: true + type: object + properties: + dataset: + type: string + type: + type: string + required: + - dataset + id: + type: string + required: + - id + - data_stream + type: array + type: + type: string + required: + - id + - type + type: array + required: + - inputs + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/verification_key_id: + get: + description: Get a package signature verification key ID + operationId: '%2Fapi%2Ffleet%2Fepm%2Fverification_key_id#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + id: + nullable: true + type: string + required: + - id + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + /api/fleet/fleet_server_hosts: + get: + description: List Fleet Server hosts + operationId: '%2Fapi%2Ffleet%2Ffleet_server_hosts#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + host_urls: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + default: false + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + required: + - id + - name + - host_urls + type: array + page: + type: number + perPage: + type: number + total: + type: number + required: + - items + - total + - page + - perPage + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet Server hosts + post: + description: Create Fleet Server host + operationId: '%2Fapi%2Ffleet%2Ffleet_server_hosts#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + host_urls: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + default: false + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + required: + - name + - host_urls + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + host_urls: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + default: false + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + required: + - id + - name + - host_urls + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet Server hosts + /api/fleet/fleet_server_hosts/{itemId}: + delete: + description: Delete Fleet Server host by ID + operationId: '%2Fapi%2Ffleet%2Ffleet_server_hosts%2F%7BitemId%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: itemId + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet Server hosts + get: + description: Get Fleet Server host by ID + operationId: '%2Fapi%2Ffleet%2Ffleet_server_hosts%2F%7BitemId%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: itemId + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + host_urls: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + default: false + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + required: + - id + - name + - host_urls + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet Server hosts + put: + description: Update Fleet Server host by ID + operationId: '%2Fapi%2Ffleet%2Ffleet_server_hosts%2F%7BitemId%7D#2' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: itemId + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + host_urls: + items: + type: string + minItems: 1 + type: array + is_default: + type: boolean + is_internal: + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + required: + - proxy_id + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + host_urls: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + default: false + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + required: + - id + - name + - host_urls + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet Server hosts + /api/fleet/health_check: + post: + description: Check Fleet Server health + operationId: '%2Fapi%2Ffleet%2Fhealth_check#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + host: + format: uri + type: string + id: + type: string + required: + - id + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + host: + deprecated: true + type: string + host_id: + type: string + name: + type: string + status: + type: string + required: + - status + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet internals + /api/fleet/kubernetes: + get: + description: Get full K8s agent manifest + operationId: '%2Fapi%2Ffleet%2Fkubernetes#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: download + required: false + schema: + type: boolean + - in: query + name: fleetServer + required: false + schema: + type: string + - in: query + name: enrolToken + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + type: string + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agent policies + /api/fleet/kubernetes/download: + get: + operationId: '%2Fapi%2Ffleet%2Fkubernetes%2Fdownload#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: download + required: false + schema: + type: boolean + - in: query + name: fleetServer + required: false + schema: + type: string + - in: query + name: enrolToken + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: string + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agent policies + /api/fleet/logstash_api_keys: + post: + description: Generate Logstash API keyy + operationId: '%2Fapi%2Ffleet%2Flogstash_api_keys#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + api_key: + type: string + required: + - api_key + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet outputs + /api/fleet/message_signing_service/rotate_key_pair: + post: + description: Rotate fleet message signing key pair + operationId: '%2Fapi%2Ffleet%2Fmessage_signing_service%2Frotate_key_pair#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: query + name: acknowledge + required: false + schema: + default: false + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + message: + type: string + required: + - message + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Message Signing Service + /api/fleet/outputs: + get: + description: List outputs + operationId: '%2Fapi%2Ffleet%2Foutputs#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + anyOf: + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - elasticsearch + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: true + type: object + properties: + service_token: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + service_token: + nullable: true + type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - remote_elasticsearch + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: true + type: object + properties: + ssl: + additionalProperties: true + type: object + properties: + key: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - logstash + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + auth_type: + enum: + - none + - user_pass + - ssl + - kerberos + type: string + broker_timeout: + type: number + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + client_id: + type: string + compression: + enum: + - gzip + - snappy + - lz4 + - none + type: string + compression_level: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: number + - not: {} + config_yaml: + nullable: true + type: string + connection_type: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - enum: + - plaintext + - encryption + type: string + - not: {} + hash: + additionalProperties: true + type: object + properties: + hash: + type: string + random: + type: boolean + headers: + items: + additionalProperties: true + type: object + properties: + key: + type: string + value: + type: string + required: + - key + - value + type: array + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + key: + type: string + name: + type: string + partition: + enum: + - random + - round_robin + - hash + type: string + password: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - not: {} + - anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + proxy_id: + nullable: true + type: string + random: + additionalProperties: true + type: object + properties: + group_events: + type: number + required_acks: + enum: + - 1 + - 0 + - -1 + type: integer + round_robin: + additionalProperties: true + type: object + properties: + group_events: + type: number + sasl: + additionalProperties: true + nullable: true + type: object + properties: + mechanism: + enum: + - PLAIN + - SCRAM-SHA-256 + - SCRAM-SHA-512 + type: string + secrets: + additionalProperties: true + type: object + properties: + password: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + ssl: + additionalProperties: true + type: object + properties: + key: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + required: + - key + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + timeout: + type: number + topic: + type: string + topics: + items: + additionalProperties: true + type: object + properties: + topic: + type: string + when: + additionalProperties: true + type: object + properties: + condition: + type: string + type: + enum: + - equals + - contains + - regexp + type: string + required: + - topic + minItems: 1 + type: array + type: + enum: + - kafka + type: string + username: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + version: + type: string + required: + - name + - type + - hosts + - compression_level + - auth_type + - connection_type + - username + - password + type: array + page: + type: number + perPage: + type: number + total: + type: number + required: + - items + - total + - page + - perPage + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet outputs + post: + description: Create output + operationId: '%2Fapi%2Ffleet%2Foutputs#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + anyOf: + - additionalProperties: false + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + shipper: + additionalProperties: false + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: false + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - elasticsearch + type: string + required: + - name + - type + - hosts + - additionalProperties: false + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: false + type: object + properties: + service_token: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + - type: string + service_token: + nullable: true + type: string + shipper: + additionalProperties: false + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: false + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - remote_elasticsearch + type: string + required: + - name + - type + - hosts + - additionalProperties: false + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: false + type: object + properties: + ssl: + additionalProperties: false + type: object + properties: + key: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + - type: string + shipper: + additionalProperties: false + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: false + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - logstash + type: string + required: + - name + - type + - hosts + - additionalProperties: false + type: object + properties: + allow_edit: + items: + type: string + type: array + auth_type: + enum: + - none + - user_pass + - ssl + - kerberos + type: string + broker_timeout: + type: number + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + client_id: + type: string + compression: + enum: + - gzip + - snappy + - lz4 + - none + type: string + compression_level: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: number + - not: {} + config_yaml: + nullable: true + type: string + connection_type: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - enum: + - plaintext + - encryption + type: string + - not: {} + hash: + additionalProperties: false + type: object + properties: + hash: + type: string + random: + type: boolean + headers: + items: + additionalProperties: false + type: object + properties: + key: + type: string + value: + type: string + required: + - key + - value + type: array + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + key: + type: string + name: + type: string + partition: + enum: + - random + - round_robin + - hash + type: string + password: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - not: {} + - anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + proxy_id: + nullable: true + type: string + random: + additionalProperties: false + type: object + properties: + group_events: + type: number + required_acks: + enum: + - 1 + - 0 + - -1 + type: integer + round_robin: + additionalProperties: false + type: object + properties: + group_events: + type: number + sasl: + additionalProperties: false + nullable: true + type: object + properties: + mechanism: + enum: + - PLAIN + - SCRAM-SHA-256 + - SCRAM-SHA-512 + type: string + secrets: + additionalProperties: false + type: object + properties: + password: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + - type: string + ssl: + additionalProperties: false + type: object + properties: + key: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + - type: string + required: + - key + shipper: + additionalProperties: false + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: false + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + timeout: + type: number + topic: + type: string + topics: + items: + additionalProperties: false + type: object + properties: + topic: + type: string + when: + additionalProperties: false + type: object + properties: + condition: + type: string + type: + enum: + - equals + - contains + - regexp + type: string + required: + - topic + minItems: 1 + type: array + type: + enum: + - kafka + type: string + username: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + version: + type: string + required: + - name + - type + - hosts + - compression_level + - auth_type + - connection_type + - username + - password + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + anyOf: + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - elasticsearch + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: true + type: object + properties: + service_token: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + service_token: + nullable: true + type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - remote_elasticsearch + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: true + type: object + properties: + ssl: + additionalProperties: true + type: object + properties: + key: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - logstash + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + auth_type: + enum: + - none + - user_pass + - ssl + - kerberos + type: string + broker_timeout: + type: number + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + client_id: + type: string + compression: + enum: + - gzip + - snappy + - lz4 + - none + type: string + compression_level: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: number + - not: {} + config_yaml: + nullable: true + type: string + connection_type: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - enum: + - plaintext + - encryption + type: string + - not: {} + hash: + additionalProperties: true + type: object + properties: + hash: + type: string + random: + type: boolean + headers: + items: + additionalProperties: true + type: object + properties: + key: + type: string + value: + type: string + required: + - key + - value + type: array + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + key: + type: string + name: + type: string + partition: + enum: + - random + - round_robin + - hash + type: string + password: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - not: {} + - anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + proxy_id: + nullable: true + type: string + random: + additionalProperties: true + type: object + properties: + group_events: + type: number + required_acks: + enum: + - 1 + - 0 + - -1 + type: integer + round_robin: + additionalProperties: true + type: object + properties: + group_events: + type: number + sasl: + additionalProperties: true + nullable: true + type: object + properties: + mechanism: + enum: + - PLAIN + - SCRAM-SHA-256 + - SCRAM-SHA-512 + type: string + secrets: + additionalProperties: true + type: object + properties: + password: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + ssl: + additionalProperties: true + type: object + properties: + key: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + required: + - key + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + timeout: + type: number + topic: + type: string + topics: + items: + additionalProperties: true + type: object + properties: + topic: + type: string + when: + additionalProperties: true + type: object + properties: + condition: + type: string + type: + enum: + - equals + - contains + - regexp + type: string + required: + - topic + minItems: 1 + type: array + type: + enum: + - kafka + type: string + username: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + version: + type: string + required: + - name + - type + - hosts + - compression_level + - auth_type + - connection_type + - username + - password + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet outputs + /api/fleet/outputs/{outputId}: + delete: + description: Delete output by ID + operationId: '%2Fapi%2Ffleet%2Foutputs%2F%7BoutputId%7D#2' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: outputId + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet outputs + get: + description: Get output by ID + operationId: '%2Fapi%2Ffleet%2Foutputs%2F%7BoutputId%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: outputId + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + anyOf: + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - elasticsearch + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: true + type: object + properties: + service_token: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + service_token: + nullable: true + type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - remote_elasticsearch + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: true + type: object + properties: + ssl: + additionalProperties: true + type: object + properties: + key: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - logstash + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + auth_type: + enum: + - none + - user_pass + - ssl + - kerberos + type: string + broker_timeout: + type: number + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + client_id: + type: string + compression: + enum: + - gzip + - snappy + - lz4 + - none + type: string + compression_level: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: number + - not: {} + config_yaml: + nullable: true + type: string + connection_type: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - enum: + - plaintext + - encryption + type: string + - not: {} + hash: + additionalProperties: true + type: object + properties: + hash: + type: string + random: + type: boolean + headers: + items: + additionalProperties: true + type: object + properties: + key: + type: string + value: + type: string + required: + - key + - value + type: array + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + key: + type: string + name: + type: string + partition: + enum: + - random + - round_robin + - hash + type: string + password: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - not: {} + - anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + proxy_id: + nullable: true + type: string + random: + additionalProperties: true + type: object + properties: + group_events: + type: number + required_acks: + enum: + - 1 + - 0 + - -1 + type: integer + round_robin: + additionalProperties: true + type: object + properties: + group_events: + type: number + sasl: + additionalProperties: true + nullable: true + type: object + properties: + mechanism: + enum: + - PLAIN + - SCRAM-SHA-256 + - SCRAM-SHA-512 + type: string + secrets: + additionalProperties: true + type: object + properties: + password: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + ssl: + additionalProperties: true + type: object + properties: + key: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + required: + - key + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + timeout: + type: number + topic: + type: string + topics: + items: + additionalProperties: true + type: object + properties: + topic: + type: string + when: + additionalProperties: true + type: object + properties: + condition: + type: string + type: + enum: + - equals + - contains + - regexp + type: string + required: + - topic + minItems: 1 + type: array + type: + enum: + - kafka + type: string + username: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + version: + type: string + required: + - name + - type + - hosts + - compression_level + - auth_type + - connection_type + - username + - password + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet outputs + put: + description: Update output by ID + operationId: '%2Fapi%2Ffleet%2Foutputs%2F%7BoutputId%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: outputId + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + anyOf: + - additionalProperties: false + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + type: boolean + is_default_monitoring: + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + shipper: + additionalProperties: false + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: false + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - elasticsearch + type: string + - additionalProperties: false + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + type: boolean + is_default_monitoring: + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: false + type: object + properties: + service_token: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + - type: string + service_token: + nullable: true + type: string + shipper: + additionalProperties: false + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: false + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - remote_elasticsearch + type: string + - additionalProperties: false + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + type: boolean + is_default_monitoring: + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: false + type: object + properties: + ssl: + additionalProperties: false + type: object + properties: + key: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + - type: string + shipper: + additionalProperties: false + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: false + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - logstash + type: string + - additionalProperties: false + type: object + properties: + allow_edit: + items: + type: string + type: array + auth_type: + enum: + - none + - user_pass + - ssl + - kerberos + type: string + broker_timeout: + type: number + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + client_id: + type: string + compression: + enum: + - gzip + - snappy + - lz4 + - none + type: string + compression_level: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: number + - not: {} + config_yaml: + nullable: true + type: string + connection_type: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - enum: + - plaintext + - encryption + type: string + - not: {} + hash: + additionalProperties: false + type: object + properties: + hash: + type: string + random: + type: boolean + headers: + items: + additionalProperties: false + type: object + properties: + key: + type: string + value: + type: string + required: + - key + - value + type: array + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + key: + type: string + name: + type: string + partition: + enum: + - random + - round_robin + - hash + type: string + password: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - not: {} + - anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + proxy_id: + nullable: true + type: string + random: + additionalProperties: false + type: object + properties: + group_events: + type: number + required_acks: + enum: + - 1 + - 0 + - -1 + type: integer + round_robin: + additionalProperties: false + type: object + properties: + group_events: + type: number + sasl: + additionalProperties: false + nullable: true + type: object + properties: + mechanism: + enum: + - PLAIN + - SCRAM-SHA-256 + - SCRAM-SHA-512 + type: string + secrets: + additionalProperties: false + type: object + properties: + password: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + - type: string + ssl: + additionalProperties: false + type: object + properties: + key: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + - type: string + required: + - key + shipper: + additionalProperties: false + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: false + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + timeout: + type: number + topic: + type: string + topics: + items: + additionalProperties: false + type: object + properties: + topic: + type: string + when: + additionalProperties: false + type: object + properties: + condition: + type: string + type: + enum: + - equals + - contains + - regexp + type: string + required: + - topic + minItems: 1 + type: array + type: + enum: + - kafka + type: string + username: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + version: + type: string + required: + - name + - compression_level + - connection_type + - username + - password + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + anyOf: + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - elasticsearch + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: true + type: object + properties: + service_token: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + service_token: + nullable: true + type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - remote_elasticsearch + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: true + type: object + properties: + ssl: + additionalProperties: true + type: object + properties: + key: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - logstash + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + auth_type: + enum: + - none + - user_pass + - ssl + - kerberos + type: string + broker_timeout: + type: number + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + client_id: + type: string + compression: + enum: + - gzip + - snappy + - lz4 + - none + type: string + compression_level: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: number + - not: {} + config_yaml: + nullable: true + type: string + connection_type: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - enum: + - plaintext + - encryption + type: string + - not: {} + hash: + additionalProperties: true + type: object + properties: + hash: + type: string + random: + type: boolean + headers: + items: + additionalProperties: true + type: object + properties: + key: + type: string + value: + type: string + required: + - key + - value + type: array + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + key: + type: string + name: + type: string + partition: + enum: + - random + - round_robin + - hash + type: string + password: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - not: {} + - anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + proxy_id: + nullable: true + type: string + random: + additionalProperties: true + type: object + properties: + group_events: + type: number + required_acks: + enum: + - 1 + - 0 + - -1 + type: integer + round_robin: + additionalProperties: true + type: object + properties: + group_events: + type: number + sasl: + additionalProperties: true + nullable: true + type: object + properties: + mechanism: + enum: + - PLAIN + - SCRAM-SHA-256 + - SCRAM-SHA-512 + type: string + secrets: + additionalProperties: true + type: object + properties: + password: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + ssl: + additionalProperties: true + type: object + properties: + key: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + required: + - key + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + timeout: + type: number + topic: + type: string + topics: + items: + additionalProperties: true + type: object + properties: + topic: + type: string + when: + additionalProperties: true + type: object + properties: + condition: + type: string + type: + enum: + - equals + - contains + - regexp + type: string + required: + - topic + minItems: 1 + type: array + type: + enum: + - kafka + type: string + username: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + version: + type: string + required: + - name + - type + - hosts + - compression_level + - auth_type + - connection_type + - username + - password + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet outputs + /api/fleet/outputs/{outputId}/health: + get: + description: Get latest output health + operationId: '%2Fapi%2Ffleet%2Foutputs%2F%7BoutputId%7D%2Fhealth#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: outputId + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + message: + description: long message if unhealthy + type: string + state: + description: state of output, HEALTHY or DEGRADED + type: string + timestamp: + description: timestamp of reported state + type: string + required: + - state + - message + - timestamp + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet outputs + /api/fleet/package_policies: + get: + description: List package policies + operationId: '%2Fapi%2Ffleet%2Fpackage_policies#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: page + required: false + schema: + type: number + - in: query + name: perPage + required: false + schema: + type: number + - in: query + name: sortField + required: false + schema: + type: string + - in: query + name: sortOrder + required: false + schema: + enum: + - desc + - asc + type: string + - in: query + name: showUpgradeable + required: false + schema: + type: boolean + - in: query + name: kuery + required: false + schema: + type: string + - in: query + name: format + required: false + schema: + enum: + - simplified + - legacy + type: string + - in: query + name: withAgentCount + required: false + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + agents: + type: number + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + anyOf: + - items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + - additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that input, (default to + true) + type: boolean + streams: + additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that stream, (default + to true) + type: boolean + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see + integration documentation for more + information) + type: object + description: >- + Input streams (see integration + documentation to know what streams are + available) + type: object + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see + integration documentation for more + information) + type: object + description: >- + Package policy inputs (see integration + documentation to know what inputs are available) + type: object + x-oas-optional: true + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to inherit + the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the package + policy. The override option should be used only in + unusual circumstances and not as a routine + procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy will be + added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy will be + added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + spaceIds: + items: + type: string + type: array + updated_at: + type: string + updated_by: + type: string + vars: + anyOf: + - additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration documentation + for more information) + type: object + - additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + x-oas-optional: true + version: + type: string + required: + - name + - enabled + - inputs + - id + - revision + - updated_at + - updated_by + - created_at + - created_by + type: array + page: + type: number + perPage: + type: number + total: + type: number + required: + - items + - total + - page + - perPage + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet package policies + post: + description: Create package policy + operationId: '%2Fapi%2Ffleet%2Fpackage_policies#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: query + name: format + required: false + schema: + enum: + - simplified + - legacy + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + anyOf: + - additionalProperties: false + type: object + properties: + description: + description: Package policy description + type: string + enabled: + type: boolean + force: + description: >- + Force package policy creation even if package is not + verified, or if the agent policy is managed. + type: boolean + id: + description: Package policy unique identifier + type: string + inputs: + items: + additionalProperties: false + type: object + properties: + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration documentation + for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration documentation + for more information) + type: object + required: + - type + - enabled + type: array + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to inherit the + agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the package + policy. The override option should be used only in + unusual circumstances and not as a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: Agent policy ID where that package policy will be added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy will be + added + type: string + type: array + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration documentation for more + information) + type: object + required: + - name + - inputs + - additionalProperties: false + type: object + properties: + description: + type: string + force: + type: boolean + id: + type: string + inputs: + additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: enable or disable that input, (default to true) + type: boolean + streams: + additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that stream, (default to + true) + type: boolean + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + description: >- + Input streams (see integration documentation to + know what streams are available) + type: object + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + description: >- + Package policy inputs (see integration documentation to + know what inputs are available) + type: object + name: + type: string + namespace: + type: string + output_id: + nullable: true + type: string + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + nullable: true + type: string + policy_ids: + items: + type: string + type: array + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + required: + - name + - package + description: >- + You should use inputs as an object and not use the deprecated + inputs array. + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + agents: + type: number + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + anyOf: + - items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + - additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that input, (default to + true) + type: boolean + streams: + additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that stream, (default + to true) + type: boolean + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see + integration documentation for more + information) + type: object + description: >- + Input streams (see integration documentation + to know what streams are available) + type: object + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + description: >- + Package policy inputs (see integration + documentation to know what inputs are available) + type: object + x-oas-optional: true + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to inherit + the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the package + policy. The override option should be used only in + unusual circumstances and not as a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy will be + added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy will be + added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + spaceIds: + items: + type: string + type: array + updated_at: + type: string + updated_by: + type: string + vars: + anyOf: + - additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration documentation + for more information) + type: object + - additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + x-oas-optional: true + version: + type: string + required: + - name + - enabled + - inputs + - id + - revision + - updated_at + - updated_by + - created_at + - created_by + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet package policies + /api/fleet/package_policies/_bulk_get: + post: + description: Bulk get package policies + operationId: '%2Fapi%2Ffleet%2Fpackage_policies%2F_bulk_get#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: query + name: format + required: false + schema: + enum: + - simplified + - legacy + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + ids: + description: list of package policy ids + items: + type: string + type: array + ignoreMissing: + type: boolean + required: + - ids + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + agents: + type: number + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + anyOf: + - items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + - additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that input, (default to + true) + type: boolean + streams: + additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that stream, (default + to true) + type: boolean + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see + integration documentation for more + information) + type: object + description: >- + Input streams (see integration + documentation to know what streams are + available) + type: object + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see + integration documentation for more + information) + type: object + description: >- + Package policy inputs (see integration + documentation to know what inputs are available) + type: object + x-oas-optional: true + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to inherit + the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the package + policy. The override option should be used only in + unusual circumstances and not as a routine + procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy will be + added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy will be + added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + spaceIds: + items: + type: string + type: array + updated_at: + type: string + updated_by: + type: string + vars: + anyOf: + - additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration documentation + for more information) + type: object + - additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + x-oas-optional: true + version: + type: string + required: + - name + - enabled + - inputs + - id + - revision + - updated_at + - updated_by + - created_at + - created_by + type: array + required: + - items + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + message: + type: string + required: + - message + summary: '' + tags: + - Fleet package policies + /api/fleet/package_policies/{packagePolicyId}: + delete: + description: Delete package policy by ID + operationId: '%2Fapi%2Ffleet%2Fpackage_policies%2F%7BpackagePolicyId%7D#2' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: packagePolicyId + required: true + schema: + type: string + - in: query + name: force + required: false + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet package policies + get: + description: Get package policy by ID + operationId: '%2Fapi%2Ffleet%2Fpackage_policies%2F%7BpackagePolicyId%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: packagePolicyId + required: true + schema: + type: string + - in: query + name: format + required: false + schema: + enum: + - simplified + - legacy + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + agents: + type: number + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + anyOf: + - items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + - additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that input, (default to + true) + type: boolean + streams: + additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that stream, (default + to true) + type: boolean + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see + integration documentation for more + information) + type: object + description: >- + Input streams (see integration documentation + to know what streams are available) + type: object + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + description: >- + Package policy inputs (see integration + documentation to know what inputs are available) + type: object + x-oas-optional: true + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to inherit + the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the package + policy. The override option should be used only in + unusual circumstances and not as a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy will be + added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy will be + added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + spaceIds: + items: + type: string + type: array + updated_at: + type: string + updated_by: + type: string + vars: + anyOf: + - additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration documentation + for more information) + type: object + - additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + x-oas-optional: true + version: + type: string + required: + - name + - enabled + - inputs + - id + - revision + - updated_at + - updated_by + - created_at + - created_by + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + message: + type: string + required: + - message + summary: '' + tags: + - Fleet package policies + put: + description: Update package policy by ID + operationId: '%2Fapi%2Ffleet%2Fpackage_policies%2F%7BpackagePolicyId%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: packagePolicyId + required: true + schema: + type: string + - in: query + name: format + required: false + schema: + enum: + - simplified + - legacy + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + anyOf: + - additionalProperties: false + type: object + properties: + description: + description: Package policy description + type: string + enabled: + type: boolean + force: + type: boolean + inputs: + items: + additionalProperties: false + type: object + properties: + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration documentation + for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration documentation + for more information) + type: object + required: + - type + - enabled + type: array + is_managed: + type: boolean + name: + type: string + namespace: + description: >- + The package policy namespace. Leave blank to inherit the + agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the package + policy. The override option should be used only in + unusual circumstances and not as a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: Agent policy ID where that package policy will be added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy will be + added + type: string + type: array + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration documentation for more + information) + type: object + version: + type: string + - additionalProperties: false + type: object + properties: + description: + type: string + force: + type: boolean + id: + type: string + inputs: + additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: enable or disable that input, (default to true) + type: boolean + streams: + additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that stream, (default to + true) + type: boolean + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + description: >- + Input streams (see integration documentation to + know what streams are available) + type: object + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + description: >- + Package policy inputs (see integration documentation to + know what inputs are available) + type: object + name: + type: string + namespace: + type: string + output_id: + nullable: true + type: string + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + nullable: true + type: string + policy_ids: + items: + type: string + type: array + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + required: + - name + - package + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + agents: + type: number + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + anyOf: + - items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + - additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that input, (default to + true) + type: boolean + streams: + additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that stream, (default + to true) + type: boolean + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see + integration documentation for more + information) + type: object + description: >- + Input streams (see integration documentation + to know what streams are available) + type: object + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + description: >- + Package policy inputs (see integration + documentation to know what inputs are available) + type: object + x-oas-optional: true + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to inherit + the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the package + policy. The override option should be used only in + unusual circumstances and not as a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy will be + added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy will be + added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + spaceIds: + items: + type: string + type: array + updated_at: + type: string + updated_by: + type: string + vars: + anyOf: + - additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration documentation + for more information) + type: object + - additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + x-oas-optional: true + version: + type: string + required: + - name + - enabled + - inputs + - id + - revision + - updated_at + - updated_by + - created_at + - created_by + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet package policies + /api/fleet/package_policies/delete: + post: + description: Bulk delete package policies + operationId: '%2Fapi%2Ffleet%2Fpackage_policies%2Fdelete#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + force: + type: boolean + packagePolicyIds: + items: + type: string + type: array + required: + - packagePolicyIds + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + additionalProperties: false + type: object + properties: + body: + additionalProperties: false + type: object + properties: + message: + type: string + required: + - message + id: + type: string + name: + type: string + output_id: + nullable: true + type: string + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: Use `policy_ids` instead + nullable: true + type: string + policy_ids: + items: + type: string + type: array + statusCode: + type: number + success: + type: boolean + required: + - id + - success + - policy_ids + - package + type: array + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet package policies + /api/fleet/package_policies/upgrade: + post: + description: Upgrade package policy to a newer package version + operationId: '%2Fapi%2Ffleet%2Fpackage_policies%2Fupgrade#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + packagePolicyIds: + items: + type: string + type: array + required: + - packagePolicyIds + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + additionalProperties: false + type: object + properties: + body: + additionalProperties: false + type: object + properties: + message: + type: string + required: + - message + id: + type: string + name: + type: string + statusCode: + type: number + success: + type: boolean + required: + - id + - success + type: array + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet package policies + /api/fleet/package_policies/upgrade/dryrun: + post: + description: Dry run package policy upgrade + operationId: '%2Fapi%2Ffleet%2Fpackage_policies%2Fupgrade%2Fdryrun#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + packagePolicyIds: + items: + type: string + type: array + packageVersion: + type: string + required: + - packagePolicyIds + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + additionalProperties: false + type: object + properties: + agent_diff: + items: + items: + additionalProperties: true + type: object + properties: + data_stream: + additionalProperties: true + type: object + properties: + namespace: + type: string + required: + - namespace + id: + type: string + meta: + additionalProperties: true + type: object + properties: + package: + additionalProperties: true + type: object + properties: + name: + type: string + version: + type: string + required: + - name + - version + required: + - package + name: + type: string + package_policy_id: + type: string + processors: + items: + additionalProperties: true + type: object + properties: + add_fields: + additionalProperties: true + type: object + properties: + fields: + additionalProperties: + anyOf: + - type: string + - type: number + type: object + target: + type: string + required: + - target + - fields + required: + - add_fields + type: array + revision: + type: number + streams: + items: + additionalProperties: true + type: object + properties: + data_stream: + additionalProperties: true + type: object + properties: + dataset: + type: string + type: + type: string + required: + - dataset + id: + type: string + required: + - id + - data_stream + type: array + type: + type: string + use_output: + type: string + required: + - id + - name + - revision + - type + - data_stream + - use_output + - package_policy_id + type: array + type: array + body: + additionalProperties: false + type: object + properties: + message: + type: string + required: + - message + diff: + items: + anyOf: + - additionalProperties: false + type: object + properties: + agents: + type: number + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + anyOf: + - items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + - additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that input, (default + to true) + type: boolean + streams: + additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that stream, (default + to true) + type: boolean + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see + integration documentation for more + information) + type: object + description: >- + Input streams (see integration + documentation to know what streams are + available) + type: object + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see + integration documentation for more + information) + type: object + description: >- + Package policy inputs (see integration + documentation to know what inputs are + available) + type: object + x-oas-optional: true + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to + inherit the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the + package policy. The override option should be + used only in unusual circumstances and not as + a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy will + be added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy + will be added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + spaceIds: + items: + type: string + type: array + updated_at: + type: string + updated_by: + type: string + vars: + anyOf: + - additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + - additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see + integration documentation for more + information) + type: object + x-oas-optional: true + version: + type: string + required: + - name + - enabled + - inputs + - revision + - updated_at + - updated_by + - created_at + - created_by + - additionalProperties: false + type: object + properties: + description: + description: Package policy description + type: string + enabled: + type: boolean + errors: + items: + additionalProperties: false + type: object + properties: + key: + type: string + message: + type: string + required: + - message + type: array + force: + type: boolean + id: + type: string + inputs: + items: + additionalProperties: false + type: object + properties: + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + type: array + is_managed: + type: boolean + missingVars: + items: + type: string + type: array + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to + inherit the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the + package policy. The override option should be + used only in unusual circumstances and not as + a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy will + be added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy + will be added + type: string + type: array + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - name + - enabled + - inputs + type: array + hasErrors: + type: boolean + name: + type: string + statusCode: + type: number + required: + - hasErrors + type: array + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet package policies + /api/fleet/proxies: + get: + description: List proxies + operationId: '%2Fapi%2Ffleet%2Fproxies#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + certificate: + nullable: true + type: string + certificate_authorities: + nullable: true + type: string + certificate_key: + nullable: true + type: string + id: + type: string + is_preconfigured: + default: false + type: boolean + name: + type: string + proxy_headers: + additionalProperties: + anyOf: + - type: string + - type: boolean + - type: number + nullable: true + type: object + url: + type: string + required: + - id + - url + - name + type: array + page: + type: number + perPage: + type: number + total: + type: number + required: + - items + - total + - page + - perPage + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet proxies + post: + description: Create proxy + operationId: '%2Fapi%2Ffleet%2Fproxies#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + certificate: + nullable: true + type: string + certificate_authorities: + nullable: true + type: string + certificate_key: + nullable: true + type: string + id: + type: string + is_preconfigured: + default: false + type: boolean + name: + type: string + proxy_headers: + additionalProperties: + anyOf: + - type: string + - type: boolean + - type: number + nullable: true + type: object + url: + type: string + required: + - url + - name + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + certificate: + nullable: true + type: string + certificate_authorities: + nullable: true + type: string + certificate_key: + nullable: true + type: string + id: + type: string + is_preconfigured: + default: false + type: boolean + name: + type: string + proxy_headers: + additionalProperties: + anyOf: + - type: string + - type: boolean + - type: number + nullable: true + type: object + url: + type: string + required: + - id + - url + - name + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet proxies + /api/fleet/proxies/{itemId}: + delete: + description: Delete proxy by ID + operationId: '%2Fapi%2Ffleet%2Fproxies%2F%7BitemId%7D#2' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: itemId + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet proxies + get: + description: Get proxy by ID + operationId: '%2Fapi%2Ffleet%2Fproxies%2F%7BitemId%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: itemId + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + certificate: + nullable: true + type: string + certificate_authorities: + nullable: true + type: string + certificate_key: + nullable: true + type: string + id: + type: string + is_preconfigured: + default: false + type: boolean + name: + type: string + proxy_headers: + additionalProperties: + anyOf: + - type: string + - type: boolean + - type: number + nullable: true + type: object + url: + type: string + required: + - id + - url + - name + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet proxies + put: + description: Update proxy by ID + operationId: '%2Fapi%2Ffleet%2Fproxies%2F%7BitemId%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: itemId + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + certificate: + nullable: true + type: string + certificate_authorities: + nullable: true + type: string + certificate_key: + nullable: true + type: string + name: + type: string + proxy_headers: + additionalProperties: + anyOf: + - type: string + - type: boolean + - type: number + nullable: true + type: object + url: + type: string + required: + - proxy_headers + - certificate_authorities + - certificate + - certificate_key + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + certificate: + nullable: true + type: string + certificate_authorities: + nullable: true + type: string + certificate_key: + nullable: true + type: string + id: + type: string + is_preconfigured: + default: false + type: boolean + name: + type: string + proxy_headers: + additionalProperties: + anyOf: + - type: string + - type: boolean + - type: number + nullable: true + type: object + url: + type: string + required: + - id + - url + - name + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet proxies + /api/fleet/service_tokens: + post: + description: Create a service token + operationId: '%2Fapi%2Ffleet%2Fservice_tokens#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + nullable: true + type: object + properties: + remote: + default: false + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + name: + type: string + value: + type: string + required: + - name + - value + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet service tokens + /api/fleet/service-tokens: + post: + deprecated: true + description: Create a service token + operationId: '%2Fapi%2Ffleet%2Fservice-tokens#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + responses: {} + summary: '' + tags: [] + /api/fleet/settings: + get: + description: Get settings + operationId: '%2Fapi%2Ffleet%2Fsettings#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + fleet_server_hosts: + items: + type: string + type: array + has_seen_add_data_notice: + type: boolean + id: + type: string + output_secret_storage_requirements_met: + type: boolean + preconfigured_fields: + items: + enum: + - fleet_server_hosts + type: string + type: array + prerelease_integrations_enabled: + type: boolean + secret_storage_requirements_met: + type: boolean + use_space_awareness_migration_started_at: + type: string + use_space_awareness_migration_status: + enum: + - pending + - success + - error + type: string + version: + type: string + required: + - prerelease_integrations_enabled + - id + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + message: + type: string + required: + - message + summary: '' + tags: + - Fleet internals + put: + description: Update settings + operationId: '%2Fapi%2Ffleet%2Fsettings#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + additional_yaml_config: + type: string + fleet_server_hosts: + items: + format: uri + type: string + type: array + has_seen_add_data_notice: + type: boolean + kibana_ca_sha256: + type: string + kibana_urls: + items: + format: uri + type: string + type: array + prerelease_integrations_enabled: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + fleet_server_hosts: + items: + type: string + type: array + has_seen_add_data_notice: + type: boolean + id: + type: string + output_secret_storage_requirements_met: + type: boolean + preconfigured_fields: + items: + enum: + - fleet_server_hosts + type: string + type: array + prerelease_integrations_enabled: + type: boolean + secret_storage_requirements_met: + type: boolean + use_space_awareness_migration_started_at: + type: string + use_space_awareness_migration_status: + enum: + - pending + - success + - error + type: string + version: + type: string + required: + - prerelease_integrations_enabled + - id + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + message: + type: string + required: + - message + summary: '' + tags: + - Fleet internals + /api/fleet/setup: + post: + description: Initiate Fleet setup + operationId: '%2Fapi%2Ffleet%2Fsetup#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: >- + A summary of the result of Fleet's `setup` lifecycle. If + `isInitialized` is true, Fleet is ready to accept agent + enrollment. `nonFatalErrors` may include useful insight into + non-blocking issues with Fleet setup. + type: object + properties: + isInitialized: + type: boolean + nonFatalErrors: + items: + additionalProperties: false + type: object + properties: + message: + type: string + name: + type: string + required: + - name + - message + type: array + required: + - isInitialized + - nonFatalErrors + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Internal Server Error + type: object + properties: + message: + type: string + required: + - message + summary: '' + tags: + - Fleet internals + /api/fleet/uninstall_tokens: + get: + description: List metadata for latest uninstall tokens per agent policy + operationId: '%2Fapi%2Ffleet%2Funinstall_tokens#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: Partial match filtering for policy IDs + in: query + name: policyId + required: false + schema: + maxLength: 50 + type: string + - in: query + name: search + required: false + schema: + maxLength: 50 + type: string + - description: The number of items to return + in: query + name: perPage + required: false + schema: + minimum: 5 + type: number + - in: query + name: page + required: false + schema: + minimum: 1 + type: number + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + created_at: + type: string + id: + type: string + namespaces: + items: + type: string + type: array + policy_id: + type: string + policy_name: + nullable: true + type: string + required: + - id + - policy_id + - created_at + type: array + page: + type: number + perPage: + type: number + total: + type: number + required: + - items + - total + - page + - perPage + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet uninstall tokens + /api/fleet/uninstall_tokens/{uninstallTokenId}: + get: + description: Get one decrypted uninstall token by its ID + operationId: '%2Fapi%2Ffleet%2Funinstall_tokens%2F%7BuninstallTokenId%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: uninstallTokenId + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + created_at: + type: string + id: + type: string + namespaces: + items: + type: string + type: array + policy_id: + type: string + policy_name: + nullable: true + type: string + token: + type: string + required: + - id + - policy_id + - created_at + - token + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet uninstall tokens + /api/lists: + delete: + description: | + Delete a list using the list ID. + > info + > When you delete a list, all of its list items are also deleted. + operationId: DeleteList + parameters: + - description: List's `id` value + in: query + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Lists_API_ListId' + - in: query + name: deleteReferences + required: false + schema: + default: false + type: boolean + - in: query + name: ignoreReferences + required: false + schema: + default: false + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Delete a list + tags: + - Security Lists API + get: + description: Get the details of a list using the list ID. + operationId: ReadList + parameters: + - description: List's `id` value + in: query + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Lists_API_ListId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Get list details + tags: + - Security Lists API + patch: + description: Update specific fields of an existing list using the list ID. + operationId: PatchList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + description: + $ref: '#/components/schemas/Security_Lists_API_ListDescription' + id: + $ref: '#/components/schemas/Security_Lists_API_ListId' + meta: + $ref: '#/components/schemas/Security_Lists_API_ListMetadata' + name: + $ref: '#/components/schemas/Security_Lists_API_ListName' + version: + minimum: 1 + type: integer + required: + - id + description: List's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Patch a list + tags: + - Security Lists API + post: + description: Create a new list. + operationId: CreateList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + description: + $ref: '#/components/schemas/Security_Lists_API_ListDescription' + deserializer: + type: string + id: + $ref: '#/components/schemas/Security_Lists_API_ListId' + meta: + $ref: '#/components/schemas/Security_Lists_API_ListMetadata' + name: + $ref: '#/components/schemas/Security_Lists_API_ListName' + serializer: + type: string + type: + $ref: '#/components/schemas/Security_Lists_API_ListType' + version: + default: 1 + minimum: 1 + type: integer + required: + - name + - description + - type + description: List's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List already exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Create a list + tags: + - Security Lists API + put: + description: > + Update a list using the list ID. The original list is replaced, and all + unspecified fields are deleted. + + > info + + > You cannot modify the `id` value. + operationId: UpdateList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + description: + $ref: '#/components/schemas/Security_Lists_API_ListDescription' + id: + $ref: '#/components/schemas/Security_Lists_API_ListId' + meta: + $ref: '#/components/schemas/Security_Lists_API_ListMetadata' + name: + $ref: '#/components/schemas/Security_Lists_API_ListName' + version: + minimum: 1 + type: integer + required: + - id + - name + - description + description: List's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Update a list + tags: + - Security Lists API + /api/lists/_find: + get: + description: >- + Get a paginated subset of lists. By default, the first page is returned, + with 20 results per page. + operationId: FindLists + parameters: + - description: The page number to return + in: query + name: page + required: false + schema: + type: integer + - description: The number of lists to return per page + in: query + name: per_page + required: false + schema: + type: integer + - description: Determines which field is used to sort the results + in: query + name: sort_field + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_NonEmptyString' + - description: Determines the sort order, which can be `desc` or `asc` + in: query + name: sort_order + required: false + schema: + enum: + - desc + - asc + type: string + - description: > + Returns the list that come after the last list returned in the + previous call + + (use the cursor value returned in the previous call). This parameter + uses + + the `tie_breaker_id` field to ensure all lists are sorted and + returned correctly. + in: query + name: cursor + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_FindListsCursor' + - description: > + Filters the returned results according to the value of the specified + field, + + using the : syntax. + in: query + name: filter + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_FindListsFilter' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + cursor: + $ref: '#/components/schemas/Security_Lists_API_FindListsCursor' + data: + items: + $ref: '#/components/schemas/Security_Lists_API_List' + type: array + page: + minimum: 0 + type: integer + per_page: + minimum: 0 + type: integer + total: + minimum: 0 + type: integer + required: + - data + - page + - per_page + - total + - cursor + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Get lists + tags: + - Security Lists API + /api/lists/index: + delete: + description: Delete the `.lists` and `.items` data streams. + operationId: DeleteListIndex + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + acknowledged: + type: boolean + required: + - acknowledged + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List data stream not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Delete list data streams + tags: + - Security Lists API + get: + description: Verify that `.lists` and `.items` data streams exist. + operationId: ReadListIndex + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + list_index: + type: boolean + list_item_index: + type: boolean + required: + - list_index + - list_item_index + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List data stream(s) not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Get status of list data streams + tags: + - Security Lists API + post: + description: Create `.lists` and `.items` data streams in the relevant space. + operationId: CreateListIndex + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + acknowledged: + type: boolean + required: + - acknowledged + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List data stream exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Create list data streams + tags: + - Security Lists API + /api/lists/items: + delete: + description: Delete a list item using its `id`, or its `list_id` and `value` fields. + operationId: DeleteListItem + parameters: + - description: Required if `list_id` and `value` are not specified + in: query + name: id + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_ListId' + - description: Required if `id` is not specified + in: query + name: list_id + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_ListId' + - description: Required if `id` is not specified + in: query + name: value + required: false + schema: + type: string + - description: >- + Determines when changes made by the request are made visible to + search + in: query + name: refresh + required: false + schema: + default: 'false' + enum: + - 'true' + - 'false' + - wait_for + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: '#/components/schemas/Security_Lists_API_ListItem' + - items: + $ref: '#/components/schemas/Security_Lists_API_ListItem' + type: array + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Delete a list item + tags: + - Security Lists API + get: + description: Get the details of a list item. + operationId: ReadListItem + parameters: + - description: Required if `list_id` and `value` are not specified + in: query + name: id + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_ListId' + - description: Required if `id` is not specified + in: query + name: list_id + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_ListId' + - description: Required if `id` is not specified + in: query + name: value + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: '#/components/schemas/Security_Lists_API_ListItem' + - items: + $ref: '#/components/schemas/Security_Lists_API_ListItem' + type: array + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Get a list item + tags: + - Security Lists API + patch: + description: Update specific fields of an existing list item using the list item ID. + operationId: PatchListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + id: + $ref: '#/components/schemas/Security_Lists_API_ListItemId' + meta: + $ref: '#/components/schemas/Security_Lists_API_ListItemMetadata' + refresh: + description: >- + Determines when changes made by the request are made visible + to search + enum: + - 'true' + - 'false' + - wait_for + type: string + value: + $ref: '#/components/schemas/Security_Lists_API_ListItemValue' + required: + - id + description: List item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_ListItem' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Patch a list item + tags: + - Security Lists API + post: + description: > + Create a list item and associate it with the specified list. + + + All list items in the same list must be the same type. For example, each + list item in an `ip` list must define a specific IP address. + + > info + + > Before creating a list item, you must create a list. + operationId: CreateListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + id: + $ref: '#/components/schemas/Security_Lists_API_ListItemId' + list_id: + $ref: '#/components/schemas/Security_Lists_API_ListId' + meta: + $ref: '#/components/schemas/Security_Lists_API_ListItemMetadata' + refresh: + description: >- + Determines when changes made by the request are made visible + to search + enum: + - 'true' + - 'false' + - wait_for + type: string + value: + $ref: '#/components/schemas/Security_Lists_API_ListItemValue' + required: + - list_id + - value + description: List item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_ListItem' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List item already exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Create a list item + tags: + - Security Lists API + put: + description: > + Update a list item using the list item ID. The original list item is + replaced, and all unspecified fields are deleted. + + > info + + > You cannot modify the `id` value. + operationId: UpdateListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + id: + $ref: '#/components/schemas/Security_Lists_API_ListItemId' + meta: + $ref: '#/components/schemas/Security_Lists_API_ListItemMetadata' + value: + $ref: '#/components/schemas/Security_Lists_API_ListItemValue' + required: + - id + - value + description: List item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_ListItem' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Update a list item + tags: + - Security Lists API + /api/lists/items/_export: + post: + description: Export list item values from the specified list. + operationId: ExportListItems + parameters: + - description: List's id to export + in: query + name: list_id + required: true + schema: + $ref: '#/components/schemas/Security_Lists_API_ListId' + responses: + '200': + content: + application/ndjson; Elastic-Api-Version=2023-10-31: + schema: + description: A `.txt` file containing list items from the specified list + format: binary + type: string + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Export list items + tags: + - Security Lists API + /api/lists/items/_find: + get: + description: Get all list items in the specified list. + operationId: FindListItems + parameters: + - description: List's id + in: query + name: list_id + required: true + schema: + $ref: '#/components/schemas/Security_Lists_API_ListId' + - description: The page number to return + in: query + name: page + required: false + schema: + type: integer + - description: The number of list items to return per page + in: query + name: per_page + required: false + schema: + type: integer + - description: Determines which field is used to sort the results + in: query + name: sort_field + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_NonEmptyString' + - description: Determines the sort order, which can be `desc` or `asc` + in: query + name: sort_order + required: false + schema: + enum: + - desc + - asc + type: string + - description: > + Returns the list that come after the last list returned in the + previous call + + (use the cursor value returned in the previous call). This parameter + uses + + the `tie_breaker_id` field to ensure all lists are sorted and + returned correctly. + in: query + name: cursor + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_FindListItemsCursor' + - description: > + Filters the returned results according to the value of the specified + field, + + using the : syntax. + in: query + name: filter + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_FindListItemsFilter' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + cursor: + $ref: >- + #/components/schemas/Security_Lists_API_FindListItemsCursor + data: + items: + $ref: '#/components/schemas/Security_Lists_API_ListItem' + type: array + page: + minimum: 0 + type: integer + per_page: + minimum: 0 + type: integer + total: + minimum: 0 + type: integer + required: + - data + - page + - per_page + - total + - cursor + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Get list items + tags: + - Security Lists API + /api/lists/items/_import: + post: + description: > + Import list items from a TXT or CSV file. The maximum file size is 9 + million bytes. + + + You can import items to a new or existing list. + operationId: ImportListItems + parameters: + - description: | + List's id. + + Required when importing to an existing list. + in: query + name: list_id + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_ListId' + - description: > + Type of the importing list. + + + Required when importing a new list that is `list_id` is not + specified. + in: query + name: type + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_ListType' + - in: query + name: serializer + required: false + schema: + type: string + - in: query + name: deserializer + required: false + schema: + type: string + - description: >- + Determines when changes made by the request are made visible to + search + in: query + name: refresh + required: false + schema: + enum: + - 'true' + - 'false' + - wait_for + type: string + requestBody: + content: + multipart/form-data; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + file: + description: >- + A `.txt` or `.csv` file containing newline separated list + items + format: binary + type: string + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List with specified list_id does not exist response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Import list items + tags: + - Security Lists API + /api/lists/privileges: + get: + operationId: ReadListPrivileges + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + is_authenticated: + type: boolean + listItems: + $ref: '#/components/schemas/Security_Lists_API_ListItemPrivileges' + lists: + $ref: '#/components/schemas/Security_Lists_API_ListPrivileges' + required: + - lists + - listItems + - is_authenticated + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Get list privileges + tags: + - Security Lists API + /api/ml/saved_objects/sync: + get: + description: > + Synchronizes Kibana saved objects for machine learning jobs and trained + models in the default space. You must have `all` privileges for the + **Machine Learning** feature in the **Analytics** section of the Kibana + feature privileges. This API runs automatically when you start Kibana + and periodically thereafter. + operationId: mlSync + parameters: + - $ref: '#/components/parameters/Machine_learning_APIs_simulateParam' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + syncExample: + $ref: '#/components/examples/Machine_learning_APIs_mlSyncExample' + schema: + $ref: '#/components/schemas/Machine_learning_APIs_mlSync200Response' + description: Indicates a successful call + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Machine_learning_APIs_mlSync4xxResponse' + description: Authorization information is missing or invalid. + summary: Sync saved objects in the default space + tags: + - ml + /api/note: + delete: + description: Delete a note from a Timeline using the note ID. + operationId: DeleteNote + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - nullable: true + type: object + properties: + noteId: + type: string + required: + - noteId + - nullable: true + type: object + properties: + noteIds: + items: + type: string + nullable: true + type: array + required: + - noteIds + description: The ID of the note to delete. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + description: Indicates the note was successfully deleted. + summary: Delete a note + tags: + - Security Timeline API + - access:securitySolution + get: + description: Get all notes for a given document. + operationId: GetNotes + parameters: + - in: query + name: documentIds + schema: + $ref: '#/components/schemas/Security_Timeline_API_DocumentIds' + - in: query + name: savedObjectIds + schema: + $ref: '#/components/schemas/Security_Timeline_API_SavedObjectIds' + - in: query + name: page + schema: + nullable: true + type: string + - in: query + name: perPage + schema: + nullable: true + type: string + - in: query + name: search + schema: + nullable: true + type: string + - in: query + name: sortField + schema: + nullable: true + type: string + - in: query + name: sortOrder + schema: + nullable: true + type: string + - in: query + name: filter + schema: + nullable: true + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: '#/components/schemas/Security_Timeline_API_GetNotesResult' + - type: object + description: Indicates the requested notes were returned. + summary: Get notes + tags: + - Security Timeline API + - access:securitySolution + patch: + description: Add a note to a Timeline or update an existing note. + operationId: PersistNoteRoute + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + eventDataView: + nullable: true + type: string + eventIngested: + nullable: true + type: string + eventTimestamp: + nullable: true + type: string + note: + $ref: '#/components/schemas/Security_Timeline_API_BareNote' + noteId: + nullable: true + type: string + overrideOwner: + nullable: true + type: boolean + version: + nullable: true + type: string + required: + - note + description: The note to add or update, along with additional metadata. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistNote: + $ref: >- + #/components/schemas/Security_Timeline_API_ResponseNote + required: + - persistNote + required: + - data + description: Indicates the note was successfully created. + summary: Add or update a note + tags: + - Security Timeline API + - access:securitySolution + /api/osquery/live_queries: + get: + description: Get a list of all live queries. + operationId: OsqueryFindLiveQueries + parameters: + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_FindLiveQueryRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get live queries + tags: + - Security Osquery API + post: + description: Create and run a live query. + operationId: OsqueryCreateLiveQuery + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_CreateLiveQueryRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Create a live query + tags: + - Security Osquery API + /api/osquery/live_queries/{id}: + get: + description: Get the details of a live query using the query ID. + operationId: OsqueryGetLiveQueryDetails + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Osquery_API_Id' + - in: query + name: query + schema: + additionalProperties: true + type: object + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get live query details + tags: + - Security Osquery API + /api/osquery/live_queries/{id}/results/{actionId}: + get: + description: Get the results of a live query using the query action ID. + operationId: OsqueryGetLiveQueryResults + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Osquery_API_Id' + - in: path + name: actionId + required: true + schema: + $ref: '#/components/schemas/Security_Osquery_API_Id' + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_GetLiveQueryResultsRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get live query results + tags: + - Security Osquery API + /api/osquery/packs: + get: + description: Get a list of all query packs. + operationId: OsqueryFindPacks + parameters: + - in: query + name: query + required: true + schema: + $ref: '#/components/schemas/Security_Osquery_API_FindPacksRequestQuery' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get packs + tags: + - Security Osquery API + post: + description: Create a query pack. + operationId: OsqueryCreatePacks + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Osquery_API_CreatePacksRequestBody' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Create a pack + tags: + - Security Osquery API + /api/osquery/packs/{id}: + delete: + description: Delete a query pack using the pack ID. + operationId: OsqueryDeletePacks + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Osquery_API_PackId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Delete a pack + tags: + - Security Osquery API + get: + description: Get the details of a query pack using the pack ID. + operationId: OsqueryGetPacksDetails + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Osquery_API_PackId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get pack details + tags: + - Security Osquery API + put: + description: | + Update a query pack using the pack ID. + > info + > You cannot update a prebuilt pack. + operationId: OsqueryUpdatePacks + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Osquery_API_PackId' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Osquery_API_UpdatePacksRequestBody' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Update a pack + tags: + - Security Osquery API + /api/osquery/saved_queries: + get: + description: Get a list of all saved queries. + operationId: OsqueryFindSavedQueries + parameters: + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_FindSavedQueryRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get saved queries + tags: + - Security Osquery API + post: + description: Create and run a saved query. + operationId: OsqueryCreateSavedQuery + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_CreateSavedQueryRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Create a saved query + tags: + - Security Osquery API + /api/osquery/saved_queries/{id}: + delete: + description: Delete a saved query using the query ID. + operationId: OsqueryDeleteSavedQuery + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Osquery_API_SavedQueryId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Delete a saved query + tags: + - Security Osquery API + get: + description: Get the details of a saved query using the query ID. + operationId: OsqueryGetSavedQueryDetails + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Osquery_API_SavedQueryId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get saved query details + tags: + - Security Osquery API + put: + description: | + Update a saved query using the query ID. + > info + > You cannot update a prebuilt saved query. + operationId: OsqueryUpdateSavedQuery + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Osquery_API_SavedQueryId' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_UpdateSavedQueryRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Update a saved query + tags: + - Security Osquery API + /api/pinned_event: + patch: + description: Pin an event to an existing Timeline. + operationId: PersistPinnedEventRoute + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + eventId: + type: string + pinnedEventId: + nullable: true + type: string + timelineId: + type: string + required: + - eventId + - timelineId + description: The pinned event to add or update, along with additional metadata. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistPinnedEventOnTimeline: + $ref: >- + #/components/schemas/Security_Timeline_API_PersistPinnedEventResponse + required: + - persistPinnedEventOnTimeline + required: + - data + description: Indicates the event was successfully pinned to the Timeline. + summary: Pin an event + tags: + - Security Timeline API + - access:securitySolution + /api/risk_score/engine/dangerously_delete_data: + delete: + description: >- + Cleaning up the the Risk Engine by removing the indices, mapping and + transforms + operationId: CleanUpRiskEngine + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + cleanup_successful: + type: boolean + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_TaskManagerUnavailableResponse + description: Task manager is unavailable + default: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_CleanUpRiskEngineErrorResponse + description: Unexpected error + summary: Cleanup the Risk Engine + tags: + - Security Entity Analytics API + /api/risk_score/engine/schedule_now: + post: + description: >- + Schedule the risk scoring engine to run as soon as possible. You can use + this to recalculate entity risk scores after updating their asset + criticality. + operationId: ScheduleRiskEngineNow + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: {} + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_RiskEngineScheduleNowResponse + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_TaskManagerUnavailableResponse + description: Task manager is unavailable + default: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_RiskEngineScheduleNowErrorResponse + description: Unexpected error + summary: Run the risk scoring engine + tags: + - Security Entity Analytics API + /api/saved_objects/_bulk_create: + post: + deprecated: true + operationId: bulkCreateSavedObjects + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + - description: When true, overwrites the document with the same identifier. + in: query + name: overwrite + schema: + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + type: object + type: array + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request + summary: Create saved objects + tags: + - saved objects + /api/saved_objects/_bulk_delete: + post: + deprecated: true + description: | + WARNING: When you delete a saved object, it cannot be recovered. + operationId: bulkDeleteSavedObjects + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + - description: > + When true, force delete objects that exist in multiple namespaces. + Note that the option applies to the whole request. Use the delete + object API to specify per-object deletion behavior. TIP: Use this if + you attempted to delete objects and received an HTTP 400 error with + the following message: "Unable to delete saved object that exists in + multiple namespaces, use the force option to delete it anyway". + WARNING: When you bulk delete objects that exist in multiple + namespaces, the API also deletes legacy url aliases that reference + the object. These requests are batched to minimise the impact but + they can place a heavy load on Kibana. Make sure you limit the + number of objects that exist in multiple namespaces in a single bulk + delete operation. + in: query + name: force + schema: + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + type: object + type: array + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: > + Indicates a successful call. NOTE: This HTTP response code indicates + that the bulk operation succeeded. Errors pertaining to individual + objects will be returned in the response body. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request + summary: Delete saved objects + tags: + - saved objects + /api/saved_objects/_bulk_get: + post: + deprecated: true + operationId: bulkGetSavedObjects + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + type: object + type: array + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request + summary: Get saved objects + tags: + - saved objects + /api/saved_objects/_bulk_resolve: + post: + deprecated: true + description: > + Retrieve multiple Kibana saved objects by identifier using any legacy + URL aliases if they exist. Under certain circumstances when Kibana is + upgraded, saved object migrations may necessitate regenerating some + object IDs to enable new features. When an object's ID is regenerated, a + legacy URL alias is created for that object, preserving its old ID. In + such a scenario, that object can be retrieved by the bulk resolve API + using either its new ID or its old ID. + operationId: bulkResolveSavedObjects + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + type: object + type: array + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: > + Indicates a successful call. NOTE: This HTTP response code indicates + that the bulk operation succeeded. Errors pertaining to individual + objects will be returned in the response body. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request + summary: Resolve saved objects + tags: + - saved objects + /api/saved_objects/_bulk_update: + post: + deprecated: true + description: Update the attributes for multiple Kibana saved objects. + operationId: bulkUpdateSavedObjects + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + type: object + type: array + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: > + Indicates a successful call. NOTE: This HTTP response code indicates + that the bulk operation succeeded. Errors pertaining to individual + objects will be returned in the response body. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request + summary: Update saved objects + tags: + - saved objects + /api/saved_objects/_export: + post: + description: > + Retrieve sets of saved objects that you want to import into Kibana. + + You must include `type` or `objects` in the request body. + + + Exported saved objects are not backwards compatible and cannot be + imported into an older version of Kibana. + + + NOTE: The `savedObjects.maxImportExportSize` configuration setting + limits the number of saved objects which may be exported. + + + This functionality is in technical preview and may be changed or removed + in a future release. Elastic will work to fix any issues, but features + in technical preview are not subject to the support SLA of official GA + features. + operationId: exportSavedObjectsDefault + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + exportSavedObjectsRequest: + $ref: '#/components/examples/Saved_objects_export_objects_request' + schema: + type: object + properties: + excludeExportDetails: + default: false + description: Do not add export details entry at the end of the stream. + type: boolean + includeReferencesDeep: + description: >- + Includes all of the referenced objects in the exported + objects. + type: boolean + objects: + description: A list of objects to export. + items: + type: object + type: array + type: + description: >- + The saved object types to include in the export. Use `*` to + export all the types. + oneOf: + - type: string + - items: + type: string + type: array + required: true + responses: + '200': + content: + application/x-ndjson; Elastic-Api-Version=2023-10-31: + examples: + exportSavedObjectsResponse: + $ref: '#/components/examples/Saved_objects_export_objects_response' + schema: + additionalProperties: true + type: object + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request. + summary: Export saved objects + tags: + - saved objects + /api/saved_objects/_find: + get: + deprecated: true + description: Retrieve a paginated set of Kibana saved objects. + operationId: findSavedObjects + parameters: + - description: > + An aggregation structure, serialized as a string. The field format + is similar to filter, meaning that to use a saved object type + attribute in the aggregation, the `savedObjectType.attributes.title: + "myTitle"` format must be used. For root fields, the syntax is + `savedObjectType.rootField`. NOTE: As objects change in Kibana, the + results on each page of the response also change. Use the find API + for traditional paginated results, but avoid using it to export + large amounts of data. + in: query + name: aggs + schema: + type: string + - description: The default operator to use for the `simple_query_string`. + in: query + name: default_search_operator + schema: + type: string + - description: The fields to return in the attributes key of the response. + in: query + name: fields + schema: + oneOf: + - type: string + - type: array + - description: > + The filter is a KQL string with the caveat that if you filter with + an attribute from your saved object type, it should look like that: + `savedObjectType.attributes.title: "myTitle"`. However, if you use a + root attribute of a saved object such as `updated_at`, you will have + to define your filter like that: `savedObjectType.updated_at > + 2018-12-22`. + in: query + name: filter + schema: + type: string + - description: >- + Filters to objects that do not have a relationship with the type and + identifier combination. + in: query + name: has_no_reference + schema: + type: object + - description: >- + The operator to use for the `has_no_reference` parameter. Either + `OR` or `AND`. Defaults to `OR`. + in: query + name: has_no_reference_operator + schema: + type: string + - description: >- + Filters to objects that have a relationship with the type and ID + combination. + in: query + name: has_reference + schema: + type: object + - description: >- + The operator to use for the `has_reference` parameter. Either `OR` + or `AND`. Defaults to `OR`. + in: query + name: has_reference_operator + schema: + type: string + - description: The page of objects to return. + in: query + name: page + schema: + type: integer + - description: The number of objects to return per page. + in: query + name: per_page + schema: + type: integer + - description: >- + An Elasticsearch `simple_query_string` query that filters the + objects in the response. + in: query + name: search + schema: + type: string + - description: >- + The fields to perform the `simple_query_string` parsed query + against. + in: query + name: search_fields + schema: + oneOf: + - type: string + - type: array + - description: > + Sorts the response. Includes "root" and "type" fields. "root" fields + exist for all saved objects, such as "updated_at". "type" fields are + specific to an object type, such as fields returned in the + attributes key of the response. When a single type is defined in the + type parameter, the "root" and "type" fields are allowed, and + validity checks are made in that order. When multiple types are + defined in the type parameter, only "root" fields are allowed. + in: query + name: sort_field + schema: + type: string + - description: The saved object types to include. + in: query + name: type + required: true + schema: + oneOf: + - type: string + - type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request + summary: Search for saved objects + tags: + - saved objects + /api/saved_objects/_import: + post: + description: > + Create sets of Kibana saved objects from a file created by the export + API. + + Saved objects can be imported only into the same version, a newer minor + on the same major, or the next major. Exported saved objects are not + backwards compatible and cannot be imported into an older version of + Kibana. + + + This functionality is in technical preview and may be changed or removed + in a future release. Elastic will work to fix any issues, but features + in technical preview are not subject to the support SLA of official GA + features. + operationId: importSavedObjectsDefault + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + - description: > + Creates copies of saved objects, regenerates each object ID, and + resets the origin. When used, potential conflict errors are avoided. + NOTE: This option cannot be used with the `overwrite` and + `compatibilityMode` options. + in: query + name: createNewCopies + required: false + schema: + type: boolean + - description: > + Overwrites saved objects when they already exist. When used, + potential conflict errors are automatically resolved by overwriting + the destination object. NOTE: This option cannot be used with the + `createNewCopies` option. + in: query + name: overwrite + required: false + schema: + type: boolean + - description: > + Applies various adjustments to the saved objects that are being + imported to maintain compatibility between different Kibana + versions. Use this option only if you encounter issues with imported + saved objects. NOTE: This option cannot be used with the + `createNewCopies` option. + in: query + name: compatibilityMode + required: false + schema: + type: boolean + requestBody: + content: + multipart/form-data; Elastic-Api-Version=2023-10-31: + examples: + importObjectsRequest: + $ref: '#/components/examples/Saved_objects_import_objects_request' + schema: + type: object + properties: + file: + description: > + A file exported using the export API. NOTE: The + `savedObjects.maxImportExportSize` configuration setting + limits the number of saved objects which may be included in + this file. Similarly, the + `savedObjects.maxImportPayloadBytes` setting limits the + overall size of the file that can be imported. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + importObjectsResponse: + $ref: '#/components/examples/Saved_objects_import_objects_response' + schema: + type: object + properties: + errors: + description: > + Indicates the import was unsuccessful and specifies the + objects that failed to import. + + + NOTE: One object may result in multiple errors, which + requires separate steps to resolve. For instance, a + `missing_references` error and conflict error. + items: + type: object + type: array + success: + description: > + Indicates when the import was successfully completed. When + set to false, some objects may not have been created. For + additional information, refer to the `errors` and + `successResults` properties. + type: boolean + successCount: + description: Indicates the number of successfully imported records. + type: integer + successResults: + description: > + Indicates the objects that are successfully imported, with + any metadata if applicable. + + + NOTE: Objects are created only when all resolvable errors + are addressed, including conflicts and missing references. + If objects are created as new copies, each entry in the + `successResults` array includes a `destinationId` + attribute. + items: + type: object + type: array + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request. + summary: Import saved objects + tags: + - saved objects + x-codeSamples: + - label: Import with createNewCopies + lang: cURL + source: | + curl \ + -X POST api/saved_objects/_import?createNewCopies=true + -H "kbn-xsrf: true" + --form file=@file.ndjson + /api/saved_objects/_resolve_import_errors: + post: + description: > + To resolve errors from the Import objects API, you can: + + + * Retry certain saved objects + + * Overwrite specific saved objects + + * Change references to different saved objects + + + This functionality is in technical preview and may be changed or removed + in a future release. Elastic will work to fix any issues, but features + in technical preview are not subject to the support SLA of official GA + features. + operationId: resolveImportErrors + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + - description: > + Applies various adjustments to the saved objects that are being + imported to maintain compatibility between different Kibana + versions. When enabled during the initial import, also enable when + resolving import errors. This option cannot be used with the + `createNewCopies` option. + in: query + name: compatibilityMode + required: false + schema: + type: boolean + - description: > + Creates copies of the saved objects, regenerates each object ID, and + resets the origin. When enabled during the initial import, also + enable when resolving import errors. + in: query + name: createNewCopies + required: false + schema: + type: boolean + requestBody: + content: + multipart/form-data; Elastic-Api-Version=2023-10-31: + examples: + resolveImportErrorsRequest: + $ref: >- + #/components/examples/Saved_objects_resolve_missing_reference_request + schema: + type: object + properties: + file: + description: The same file given to the import API. + format: binary + type: string + retries: + description: >- + The retry operations, which can specify how to resolve + different types of errors. + items: + type: object + properties: + destinationId: + description: >- + Specifies the destination ID that the imported object + should have, if different from the current ID. + type: string + id: + description: The saved object ID. + type: string + ignoreMissingReferences: + description: >- + When set to `true`, ignores missing reference errors. + When set to `false`, does nothing. + type: boolean + overwrite: + description: >- + When set to `true`, the source object overwrites the + conflicting destination object. When set to `false`, + does nothing. + type: boolean + replaceReferences: + description: >- + A list of `type`, `from`, and `to` used to change the + object references. + items: + type: object + properties: + from: + type: string + to: + type: string + type: + type: string + type: array + type: + description: The saved object type. + type: string + required: + - type + - id + type: array + required: + - retries + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + resolveImportErrorsResponse: + $ref: >- + #/components/examples/Saved_objects_resolve_missing_reference_response + schema: + type: object + properties: + errors: + description: > + Specifies the objects that failed to resolve. + + + NOTE: One object can result in multiple errors, which + requires separate steps to resolve. For instance, a + `missing_references` error and a `conflict` error. + items: + type: object + type: array + success: + description: > + Indicates a successful import. When set to `false`, some + objects may not have been created. For additional + information, refer to the `errors` and `successResults` + properties. + type: boolean + successCount: + description: | + Indicates the number of successfully resolved records. + type: number + successResults: + description: > + Indicates the objects that are successfully imported, with + any metadata if applicable. + + + NOTE: Objects are only created when all resolvable errors + are addressed, including conflict and missing references. + items: + type: object + type: array + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request. + summary: Resolve import errors + tags: + - saved objects + /api/saved_objects/{type}: + post: + deprecated: true + description: Create a Kibana saved object with a randomly generated identifier. + operationId: createSavedObject + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + - $ref: '#/components/parameters/Saved_objects_saved_object_type' + - description: If true, overwrites the document with the same identifier. + in: query + name: overwrite + schema: + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + attributes: + $ref: '#/components/schemas/Saved_objects_attributes' + initialNamespaces: + $ref: '#/components/schemas/Saved_objects_initial_namespaces' + references: + $ref: '#/components/schemas/Saved_objects_references' + required: + - attributes + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a successful call. + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a conflict error. + summary: Create a saved object + tags: + - saved objects + /api/saved_objects/{type}/{id}: + get: + deprecated: true + description: Retrieve a single Kibana saved object by identifier. + operationId: getSavedObject + parameters: + - $ref: '#/components/parameters/Saved_objects_saved_object_id' + - $ref: '#/components/parameters/Saved_objects_saved_object_type' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request. + summary: Get a saved object + tags: + - saved objects + post: + deprecated: true + description: >- + Create a Kibana saved object and specify its identifier instead of using + a randomly generated ID. + operationId: createSavedObjectId + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + - $ref: '#/components/parameters/Saved_objects_saved_object_id' + - $ref: '#/components/parameters/Saved_objects_saved_object_type' + - description: If true, overwrites the document with the same identifier. + in: query + name: overwrite + schema: + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + attributes: + $ref: '#/components/schemas/Saved_objects_attributes' + initialNamespaces: + $ref: '#/components/schemas/Saved_objects_initial_namespaces' + references: + $ref: '#/components/schemas/Saved_objects_initial_namespaces' + required: + - attributes + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a successful call. + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a conflict error. + summary: Create a saved object + tags: + - saved objects + put: + deprecated: true + description: Update the attributes for Kibana saved objects. + operationId: updateSavedObject + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + - $ref: '#/components/parameters/Saved_objects_saved_object_id' + - $ref: '#/components/parameters/Saved_objects_saved_object_type' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a successful call. + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates the object was not found. + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a conflict error. + summary: Update a saved object + tags: + - saved objects + /api/saved_objects/resolve/{type}/{id}: + get: + deprecated: true description: > - Filters the returned cases by assignees. Valid values are `none` or - unique identifiers for the user profiles. These identifiers can be found - by using the suggest user profile API. - in: query - name: assignees - schema: - oneOf: - - type: string - - items: - type: string - maxItems: 100 - type: array - Cases_case_id: + Retrieve a single Kibana saved object by identifier using any legacy URL + alias if it exists. Under certain circumstances, when Kibana is + upgraded, saved object migrations may necessitate regenerating some + object IDs to enable new features. When an object's ID is regenerated, a + legacy URL alias is created for that object, preserving its old ID. In + such a scenario, that object can be retrieved using either its new ID or + its old ID. + operationId: resolveSavedObject + parameters: + - $ref: '#/components/parameters/Saved_objects_saved_object_id' + - $ref: '#/components/parameters/Saved_objects_saved_object_type' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request. + summary: Resolve a saved object + tags: + - saved objects + /api/security_ai_assistant/anonymization_fields/_bulk_action: + post: description: >- - The identifier for the case. To retrieve case IDs, use the find cases - API. All non-ASCII characters must be URL encoded. - in: path - name: caseId - required: true - schema: - example: 9c235210-6834-11ea-a78c-6ffb38a34414 - type: string - Cases_category: - description: Filters the returned cases by category. - in: query - name: category - schema: - oneOf: - - example: my-category - type: string - - items: + Apply a bulk action to multiple anonymization fields. The bulk action is + applied to all anonymization fields that match the filter or to the list + of anonymization fields by their IDs. + operationId: PerformAnonymizationFieldsBulkAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + create: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldCreateProps + type: array + delete: + type: object + properties: + ids: + description: Array of anonymization fields IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter anonymization fields + type: string + update: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldUpdateProps + type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldsBulkCrudActionResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Apply a bulk action to anonymization fields + tags: + - Security AI Assistant API + - Bulk API + /api/security_ai_assistant/anonymization_fields/_find: + get: + description: Get a list of all anonymization fields. + operationId: FindAnonymizationFields + parameters: + - in: query + name: fields + required: false + schema: + items: type: string - maxItems: 100 - type: array - Cases_comment_id: - description: > - The identifier for the comment. To retrieve comment IDs, use the get - case or find cases APIs. - in: path - name: commentId - required: true - schema: - example: 71ec1870-725b-11ea-a0b2-c51ea50a58e2 - type: string - Cases_configuration_id: - description: An identifier for the configuration. - in: path - name: configurationId - required: true - schema: - example: 3297a0f0-b5ec-11ec-b141-0fdb20a7f9a9 - type: string - Cases_connector_id: - description: >- - An identifier for the connector. To retrieve connector IDs, use the find - connectors API. - in: path - name: connectorId - required: true - schema: - example: abed3a70-71bd-11ea-a0b2-c51ea50a58e2 - type: string - Cases_defaultSearchOperator: - description: he default operator to use for the simple_query_string. - example: OR - in: query - name: defaultSearchOperator - schema: - default: OR - type: string - Cases_from: - description: > - Returns only cases that were created after a specific date. The date - must be specified as a KQL data range or date match expression. - in: query - name: from - schema: - example: now-1d - type: string - Cases_ids: - description: > - The cases that you want to removed. All non-ASCII characters must be URL - encoded. - example: d4e7abb0-b462-11ec-9a8d-698504725a43 - in: query - name: ids - required: true - schema: - items: - maxItems: 100 - minItems: 1 - type: string - type: array - Cases_includeComments: - deprecated: true - description: >- - Deprecated in 8.1.0. This parameter is deprecated and will be removed in - a future release. It determines whether case comments are returned. - in: query - name: includeComments - schema: - default: true - type: boolean - Cases_kbn_xsrf: - description: Cross-site request forgery protection - in: header - name: kbn-xsrf - required: true - schema: - type: string - Cases_owner: - description: > - A filter to limit the response to a specific set of applications. If - this parameter is omitted, the response contains information about all - the cases that the user has access to read. - example: cases - in: query - name: owner - schema: - oneOf: - - $ref: '#/components/schemas/Cases_owners' - - items: - $ref: '#/components/schemas/Cases_owners' type: array - Cases_page_index: - description: The page number to return. - in: query - name: page - required: false - schema: - default: 1 - type: integer - Cases_page_size: - description: The number of items to return. Limited to 100 items. - in: query - name: perPage - required: false - schema: - default: 20 - maximum: 100 - type: integer - Cases_reporters: - description: Filters the returned cases by the user name of the reporter. - example: elastic - in: query - name: reporters - schema: - oneOf: - - type: string - - items: + - description: Search query + in: query + name: filter + required: false + schema: + type: string + - description: Field to sort by + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_FindAnonymizationFieldsSortField + - description: Sort order + in: query + name: sort_order + required: false + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_SortOrder' + - description: Page number + in: query + name: page + required: false + schema: + default: 1 + minimum: 1 + type: integer + - description: AnonymizationFields per page + in: query + name: per_page + required: false + schema: + default: 20 + minimum: 0 + type: integer + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldResponse + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + required: + - page + - perPage + - total + - data + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Get anonymization fields + tags: + - Security AI Assistant API + - AnonymizationFields API + /api/security_ai_assistant/chat/complete: + post: + description: Create a model response for the given chat conversation. + operationId: ChatComplete + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_ChatCompleteProps' + required: true + responses: + '200': + content: + application/octet-stream; Elastic-Api-Version=2023-10-31: + schema: + format: binary + type: string + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Create a model response + tags: + - Security AI Assistant API + - Chat Complete API + /api/security_ai_assistant/current_user/conversations: + post: + description: Create a new Security AI Assistant conversation. + operationId: CreateConversation + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationCreateProps + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Create a conversation + tags: + - Security AI Assistant API + - Conversation API + /api/security_ai_assistant/current_user/conversations/_find: + get: + description: Get a list of all conversations for the current user. + operationId: FindConversations + parameters: + - in: query + name: fields + required: false + schema: + items: type: string - maxItems: 100 - type: array - Cases_search: - description: >- - An Elasticsearch simple_query_string query that filters the objects in - the response. - in: query - name: search - schema: - type: string - Cases_searchFields: - description: The fields to perform the simple_query_string parsed query against. - in: query - name: searchFields - schema: - oneOf: - - $ref: '#/components/schemas/Cases_searchFieldsType' - - items: - $ref: '#/components/schemas/Cases_searchFieldsType' type: array - Cases_severity: - description: The severity of the case. - in: query - name: severity - schema: - enum: - - critical - - high - - low - - medium - type: string - Cases_sort_order: - description: Determines the sort order. - in: query - name: sortOrder - required: false - schema: - default: desc - enum: - - asc - - desc - type: string - Cases_sortField: - description: Determines which field is used to sort the results. - example: updatedAt - in: query - name: sortField - schema: - default: createdAt - enum: - - createdAt - - updatedAt - - closedAt - - title - - category - - status - - severity - type: string - Cases_status: - description: Filters the returned cases by state. - example: open - in: query - name: status - schema: - enum: - - closed - - in-progress - - open - type: string - Cases_tags: - description: Filters the returned cases by tags. - example: tag-1 - in: query - name: tags - schema: - oneOf: - - type: string - - items: + - description: Search query + in: query + name: filter + required: false + schema: + type: string + - description: Field to sort by + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_FindConversationsSortField + - description: Sort order + in: query + name: sort_order + required: false + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_SortOrder' + - description: Page number + in: query + name: page + required: false + schema: + default: 1 + minimum: 1 + type: integer + - description: Conversations per page + in: query + name: per_page + required: false + schema: + default: 20 + minimum: 0 + type: integer + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + required: + - page + - perPage + - total + - data + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Get conversations + tags: + - Security AI Assistant API + - Conversations API + /api/security_ai_assistant/current_user/conversations/{id}: + delete: + description: Delete an existing conversation using the conversation ID. + operationId: DeleteConversation + parameters: + - description: The conversation's `id` value. + in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Delete a conversation + tags: + - Security AI Assistant API + - Conversation API + get: + description: Get the details of an existing conversation using the conversation ID. + operationId: ReadConversation + parameters: + - description: The conversation's `id` value. + in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Get a conversation + tags: + - Security AI Assistant API + - Conversations API + put: + description: Update an existing conversation using the conversation ID. + operationId: UpdateConversation + parameters: + - description: The conversation's `id` value. + in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationUpdateProps + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Update a conversation + tags: + - Security AI Assistant API + - Conversation API + /api/security_ai_assistant/prompts/_bulk_action: + post: + description: >- + Apply a bulk action to multiple prompts. The bulk action is applied to + all prompts that match the filter or to the list of prompts by their + IDs. + operationId: PerformPromptsBulkAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + create: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptCreateProps + type: array + delete: + type: object + properties: + ids: + description: Array of prompts IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter promps + type: string + update: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptUpdateProps + type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptsBulkCrudActionResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Apply a bulk action to prompts + tags: + - Security AI Assistant API + - Bulk API + /api/security_ai_assistant/prompts/_find: + get: + description: Get a list of all prompts. + operationId: FindPrompts + parameters: + - in: query + name: fields + required: false + schema: + items: type: string - maxItems: 100 type: array - Cases_to: - description: > - Returns only cases that were created before a specific date. The date - must be specified as a KQL data range or date match expression. - example: now+1d - in: query - name: to - schema: - type: string - Cases_user_action_types: - description: Determines the types of user actions to return. - example: create_case - in: query - name: types - schema: - items: - enum: - - action - - alert - - assignees - - attachment - - comment - - connector - - create_case - - description - - pushed - - settings - - severity - - status - - tags - - title - - user - type: string - type: array - Data_views_field_name: - description: The name of the runtime field. - in: path - name: fieldName - required: true - schema: - example: hour_of_day - type: string - Data_views_kbn_xsrf: - description: Cross-site request forgery protection - in: header - name: kbn-xsrf - required: true - schema: - type: string - Data_views_view_id: - description: An identifier for the data view. - in: path - name: viewId - required: true - schema: - example: ff959d40-b880-11e8-a6d9-e546fe2bba5f - type: string - Fleet_format: - description: Simplified or legacy format for package inputs - in: query - name: format - required: false - schema: - enum: - - simplified - - legacy - type: string - Fleet_kbn_xsrf: - description: Kibana's anti Cross-Site Request Forgery token. Can be any string value. - in: header - name: kbn-xsrf - required: true - schema: - type: string - Fleet_kuery: - in: query - name: kuery - required: false - schema: - type: string - Fleet_page_index: - in: query - name: page - required: false - schema: - default: 1 - type: integer - Fleet_page_size: - description: The number of items to return - in: query - name: perPage - required: false - schema: - default: 20 - type: integer - Fleet_show_inactive: - in: query - name: showInactive - required: false - schema: - type: boolean - Fleet_show_upgradeable: - in: query - name: showUpgradeable - required: false - schema: - type: boolean - Fleet_sort_field: - in: query - name: sortField - required: false - schema: - deprecated: true - type: string - Fleet_sort_order: - in: query - name: sortOrder - required: false - schema: - enum: - - asc - - desc - type: string - Fleet_with_metrics: - description: Return agent metrics, false by default - in: query - name: withMetrics - required: false - schema: - type: boolean - Machine_learning_APIs_simulateParam: - description: >- - When true, simulates the synchronization by returning only the list of - actions that would be performed. - example: 'true' - in: query - name: simulate - required: false - schema: - type: boolean - Saved_objects_kbn_xsrf: - description: Cross-site request forgery protection - in: header - name: kbn-xsrf - required: true - schema: - type: string - Saved_objects_saved_object_id: - description: An identifier for the saved object. - in: path - name: id - required: true - schema: - type: string - Saved_objects_saved_object_type: + - description: Search query + in: query + name: filter + required: false + schema: + type: string + - description: Field to sort by + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_FindPromptsSortField + - description: Sort order + in: query + name: sort_order + required: false + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_SortOrder' + - description: Page number + in: query + name: page + required: false + schema: + default: 1 + minimum: 1 + type: integer + - description: Prompts per page + in: query + name: per_page + required: false + schema: + default: 20 + minimum: 0 + type: integer + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptResponse + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + required: + - page + - perPage + - total + - data + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Get prompts + tags: + - Security AI Assistant API + - Prompts API + /api/security/role: + get: + operationId: '%2Fapi%2Fsecurity%2Frole#0' + parameters: [] + responses: {} + summary: Get all roles + tags: + - roles + /api/security/role/{name}: + delete: + operationId: '%2Fapi%2Fsecurity%2Frole%2F%7Bname%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: name + required: true + schema: + minLength: 1 + type: string + responses: {} + summary: Delete a role + tags: + - roles + get: + operationId: '%2Fapi%2Fsecurity%2Frole%2F%7Bname%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: name + required: true + schema: + minLength: 1 + type: string + responses: {} + summary: Get a role + tags: + - roles + put: + operationId: '%2Fapi%2Fsecurity%2Frole%2F%7Bname%7D#2' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: name + required: true + schema: + maxLength: 1024 + minLength: 1 + type: string + - in: query + name: createOnly + required: false + schema: + default: false + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + description: + maxLength: 2048 + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + cluster: + items: + type: string + type: array + indices: + items: + additionalProperties: false + type: object + properties: + allow_restricted_indices: + type: boolean + field_security: + additionalProperties: + items: + type: string + type: array + type: object + names: + items: + type: string + minItems: 1 + type: array + privileges: + items: + type: string + minItems: 1 + type: array + query: + type: string + required: + - names + - privileges + type: array + remote_cluster: + items: + additionalProperties: false + type: object + properties: + clusters: + items: + type: string + minItems: 1 + type: array + privileges: + items: + type: string + minItems: 1 + type: array + required: + - privileges + - clusters + type: array + remote_indices: + items: + additionalProperties: false + type: object + properties: + allow_restricted_indices: + type: boolean + clusters: + items: + type: string + minItems: 1 + type: array + field_security: + additionalProperties: + items: + type: string + type: array + type: object + names: + items: + type: string + minItems: 1 + type: array + privileges: + items: + type: string + minItems: 1 + type: array + query: + type: string + required: + - clusters + - names + - privileges + type: array + run_as: + items: + type: string + type: array + kibana: + items: + additionalProperties: false + type: object + properties: + base: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - items: + type: string + type: array + - items: + type: string + type: array + feature: + additionalProperties: + items: + type: string + type: array + type: object + spaces: + anyOf: + - items: + enum: + - '*' + type: string + maxItems: 1 + minItems: 1 + type: array + - items: + type: string + type: array + default: + - '*' + required: + - base + type: array + metadata: + additionalProperties: {} + type: object + required: + - elasticsearch + responses: {} + summary: Create or update a role + tags: + - roles + /api/security/roles: + post: + operationId: '%2Fapi%2Fsecurity%2Froles#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + roles: + additionalProperties: + additionalProperties: false + type: object + properties: + description: + maxLength: 2048 + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + cluster: + items: + type: string + type: array + indices: + items: + additionalProperties: false + type: object + properties: + allow_restricted_indices: + type: boolean + field_security: + additionalProperties: + items: + type: string + type: array + type: object + names: + items: + type: string + minItems: 1 + type: array + privileges: + items: + type: string + minItems: 1 + type: array + query: + type: string + required: + - names + - privileges + type: array + remote_cluster: + items: + additionalProperties: false + type: object + properties: + clusters: + items: + type: string + minItems: 1 + type: array + privileges: + items: + type: string + minItems: 1 + type: array + required: + - privileges + - clusters + type: array + remote_indices: + items: + additionalProperties: false + type: object + properties: + allow_restricted_indices: + type: boolean + clusters: + items: + type: string + minItems: 1 + type: array + field_security: + additionalProperties: + items: + type: string + type: array + type: object + names: + items: + type: string + minItems: 1 + type: array + privileges: + items: + type: string + minItems: 1 + type: array + query: + type: string + required: + - clusters + - names + - privileges + type: array + run_as: + items: + type: string + type: array + kibana: + items: + additionalProperties: false + type: object + properties: + base: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - items: + type: string + type: array + - items: + type: string + type: array + feature: + additionalProperties: + items: + type: string + type: array + type: object + spaces: + anyOf: + - items: + enum: + - '*' + type: string + maxItems: 1 + minItems: 1 + type: array + - items: + type: string + type: array + default: + - '*' + required: + - base + type: array + metadata: + additionalProperties: {} + type: object + required: + - elasticsearch + type: object + required: + - roles + responses: {} + summary: Create or update roles + tags: + - roles + /api/spaces/_copy_saved_objects: + post: + description: Copy saved objects to spaces + operationId: '%2Fapi%2Fspaces%2F_copy_saved_objects#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + compatibilityMode: + default: false + type: boolean + createNewCopies: + default: true + type: boolean + includeReferences: + default: false + type: boolean + objects: + items: + additionalProperties: false + type: object + properties: + id: + type: string + type: + type: string + required: + - type + - id + type: array + overwrite: + default: false + type: boolean + spaces: + items: + type: string + type: array + required: + - spaces + - objects + responses: {} + summary: '' + tags: [] + /api/spaces/_disable_legacy_url_aliases: + post: + description: Disable legacy URL aliases + operationId: '%2Fapi%2Fspaces%2F_disable_legacy_url_aliases#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + aliases: + items: + additionalProperties: false + type: object + properties: + sourceId: + type: string + targetSpace: + type: string + targetType: + type: string + required: + - targetSpace + - targetType + - sourceId + type: array + required: + - aliases + responses: {} + summary: '' + tags: [] + /api/spaces/_get_shareable_references: + post: + description: Get shareable references + operationId: '%2Fapi%2Fspaces%2F_get_shareable_references#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + objects: + items: + additionalProperties: false + type: object + properties: + id: + type: string + type: + type: string + required: + - type + - id + type: array + required: + - objects + responses: {} + summary: '' + tags: [] + /api/spaces/_resolve_copy_saved_objects_errors: + post: + description: Resolve conflicts copying saved objects + operationId: '%2Fapi%2Fspaces%2F_resolve_copy_saved_objects_errors#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + compatibilityMode: + default: false + type: boolean + createNewCopies: + default: true + type: boolean + includeReferences: + default: false + type: boolean + objects: + items: + additionalProperties: false + type: object + properties: + id: + type: string + type: + type: string + required: + - type + - id + type: array + retries: + additionalProperties: + items: + additionalProperties: false + type: object + properties: + createNewCopy: + type: boolean + destinationId: + type: string + id: + type: string + ignoreMissingReferences: + type: boolean + overwrite: + default: false + type: boolean + type: + type: string + required: + - type + - id + type: array + type: object + required: + - retries + - objects + responses: {} + summary: '' + tags: [] + /api/spaces/_update_objects_spaces: + post: + description: Update saved objects in spaces + operationId: '%2Fapi%2Fspaces%2F_update_objects_spaces#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + objects: + items: + additionalProperties: false + type: object + properties: + id: + type: string + type: + type: string + required: + - type + - id + type: array + spacesToAdd: + items: + type: string + type: array + spacesToRemove: + items: + type: string + type: array + required: + - objects + - spacesToAdd + - spacesToRemove + responses: {} + summary: '' + tags: [] + /api/spaces/space: + get: + description: Get all spaces + operationId: '%2Fapi%2Fspaces%2Fspace#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: purpose + required: false + schema: + enum: + - any + - copySavedObjectsIntoSpace + - shareSavedObjectsIntoSpace + type: string + - in: query + name: include_authorized_purposes + required: true + schema: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - enum: + - false + type: boolean + x-oas-optional: true + - type: boolean + x-oas-optional: true + responses: {} + summary: '' + tags: + - spaces + post: + description: Create a space + operationId: '%2Fapi%2Fspaces%2Fspace#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + _reserved: + type: boolean + color: + type: string + description: + type: string + disabledFeatures: + default: [] + items: + type: string + type: array + id: + type: string + imageUrl: + type: string + initials: + maxLength: 2 + type: string + name: + minLength: 1 + type: string + solution: + enum: + - security + - oblt + - es + - classic + type: string + required: + - id + - name + responses: {} + summary: '' + tags: + - spaces + /api/spaces/space/{id}: + delete: + description: Delete a space + operationId: '%2Fapi%2Fspaces%2Fspace%2F%7Bid%7D#2' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: id + required: true + schema: + type: string + responses: {} + summary: '' + tags: + - spaces + get: + description: Get a space + operationId: '%2Fapi%2Fspaces%2Fspace%2F%7Bid%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: id + required: true + schema: + type: string + responses: {} + summary: '' + tags: + - spaces + put: + description: Update a space + operationId: '%2Fapi%2Fspaces%2Fspace%2F%7Bid%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: id + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + _reserved: + type: boolean + color: + type: string + description: + type: string + disabledFeatures: + default: [] + items: + type: string + type: array + id: + type: string + imageUrl: + type: string + initials: + maxLength: 2 + type: string + name: + minLength: 1 + type: string + solution: + enum: + - security + - oblt + - es + - classic + type: string + required: + - id + - name + responses: {} + summary: '' + tags: + - spaces + /api/status: + get: + operationId: '%2Fapi%2Fstatus#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: Set to "true" to get the response in v7 format. + in: query + name: v7format + required: false + schema: + type: boolean + - description: Set to "true" to get the response in v8 format. + in: query + name: v8format + required: false + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + anyOf: + - $ref: '#/components/schemas/Kibana_HTTP_APIs_core_status_response' + - $ref: >- + #/components/schemas/Kibana_HTTP_APIs_core_status_redactedResponse + description: >- + Kibana's operational status. A minimal response is sent for + unauthorized users. + description: Overall status is OK and Kibana should be functioning normally. + '503': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + anyOf: + - $ref: '#/components/schemas/Kibana_HTTP_APIs_core_status_response' + - $ref: >- + #/components/schemas/Kibana_HTTP_APIs_core_status_redactedResponse + description: >- + Kibana's operational status. A minimal response is sent for + unauthorized users. + description: >- + Kibana or some of it's essential services are unavailable. Kibana + may be degraded or unavailable. + summary: Get Kibana's current status + tags: + - system + /api/timeline: + delete: + description: Delete one or more Timelines or Timeline templates. + operationId: DeleteTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + savedObjectIds: + items: + type: string + type: array + searchIds: + description: >- + Saved search ids that should be deleted alongside the + timelines + items: + type: string + type: array + required: + - savedObjectIds + description: The IDs of the Timelines or Timeline templates to delete. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + deleteTimeline: + type: boolean + required: + - deleteTimeline + required: + - data + description: Indicates the Timeline was successfully deleted. + summary: Delete Timelines or Timeline templates + tags: + - Security Timeline API + - access:securitySolution + get: + description: Get the details of an existing saved Timeline or Timeline template. + operationId: GetTimeline + parameters: + - description: The ID of the template timeline to retrieve + in: query + name: template_timeline_id + schema: + type: string + - description: The ID of the Timeline to retrieve. + in: query + name: id + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - type: object + properties: + data: + type: object + properties: + getOneTimeline: + $ref: >- + #/components/schemas/Security_Timeline_API_TimelineResponse + required: + - getOneTimeline + required: + - data + - additionalProperties: false + type: object + description: Indicates that the (template) Timeline was found and returned. + summary: Get Timeline or Timeline template details + tags: + - Security Timeline API + - access:securitySolution + patch: description: >- - Valid options include `visualization`, `dashboard`, `search`, - `index-pattern`, `config`. - in: path - name: type - required: true - schema: - type: string - SLOs_kbn_xsrf: - description: Cross-site request forgery protection - in: header - name: kbn-xsrf - required: true - schema: - type: string - SLOs_slo_id: - description: An identifier for the slo. - in: path - name: sloId - required: true - schema: - example: 9c235211-6834-11ea-a78c-6feb38a34414 - type: string - SLOs_space_id: + Update an existing Timeline. You can update the title, description, date + range, pinned events, pinned queries, and/or pinned saved queries of an + existing Timeline. + operationId: PatchTimeline + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + timeline: + $ref: '#/components/schemas/Security_Timeline_API_SavedTimeline' + timelineId: + nullable: true + type: string + version: + nullable: true + type: string + required: + - timelineId + - version + - timeline + description: The Timeline updates, along with the Timeline ID and version. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Timeline_API_PersistTimelineResponse + description: >- + Indicates that the draft Timeline was successfully created. In the + event the user already has a draft Timeline, the existing draft + Timeline is cleared and returned. + '405': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: >- + Indicates that the user does not have the required access to create + a draft Timeline. + summary: Update a Timeline + tags: + - Security Timeline API + - access:securitySolution + post: + description: Create a new Timeline or Timeline template. + operationId: CreateTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + status: + $ref: '#/components/schemas/Security_Timeline_API_TimelineStatus' + nullable: true + templateTimelineId: + nullable: true + type: string + templateTimelineVersion: + nullable: true + type: number + timeline: + $ref: '#/components/schemas/Security_Timeline_API_SavedTimeline' + timelineId: + nullable: true + type: string + timelineType: + $ref: '#/components/schemas/Security_Timeline_API_TimelineType' + nullable: true + version: + nullable: true + type: string + required: + - timeline + description: >- + The required Timeline fields used to create a new Timeline, along with + optional fields that will be created if not provided. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Timeline_API_PersistTimelineResponse + description: Indicates the Timeline was successfully created. + '405': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: Indicates that there was an error in the Timeline creation. + summary: Create a Timeline or Timeline template + tags: + - Security Timeline API + - access:securitySolution + /api/timeline/_copy: + get: + description: | + Copies and returns a timeline or timeline template. + operationId: CopyTimeline + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + timeline: + $ref: '#/components/schemas/Security_Timeline_API_SavedTimeline' + timelineIdToCopy: + type: string + required: + - timeline + - timelineIdToCopy + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Timeline_API_PersistTimelineResponse + description: Indicates that the timeline has been successfully copied. + summary: Copies timeline or timeline template + tags: + - Security Timeline API + - access:securitySolution + /api/timeline/_draft: + get: description: >- - An identifier for the space. If `/s/` and the identifier are omitted - from the path, the default space is used. - in: path - name: spaceId - required: true - schema: - example: default - type: string - responses: - Fleet_error: - content: - application/json; Elastic-Api-Version=2023-10-31: + Get the details of the draft Timeline or Timeline template for the + current user. If the user doesn't have a draft Timeline, an empty + Timeline is returned. + operationId: GetDraftTimelines + parameters: + - in: query + name: timelineType + required: true + schema: + $ref: '#/components/schemas/Security_Timeline_API_TimelineType' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Timeline_API_PersistTimelineResponse + description: Indicates that the draft Timeline was successfully retrieved. + '403': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + message: + type: string + status_code: + type: number + description: >- + If a draft Timeline was not found and we attempted to create one, it + indicates that the user does not have the required permissions to + create a draft Timeline. + '409': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + message: + type: string + status_code: + type: number + description: >- + This should never happen, but if a draft Timeline was not found and + we attempted to create one, it indicates that there is already a + draft Timeline with the given `timelineId`. + summary: Get draft Timeline or Timeline template details + tags: + - Security Timeline API + - access:securitySolution + post: + description: > + Create a clean draft Timeline or Timeline template for the current user. + + > info + + > If the user already has a draft Timeline, the existing draft Timeline + is cleared and returned. + operationId: CleanDraftTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + timelineType: + $ref: '#/components/schemas/Security_Timeline_API_TimelineType' + required: + - timelineType + description: >- + The type of Timeline to create. Valid values are `default` and + `template`. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Timeline_API_PersistTimelineResponse + description: >- + Indicates that the draft Timeline was successfully created. In the + event the user already has a draft Timeline, the existing draft + Timeline is cleared and returned. + '403': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + message: + type: string + status_code: + type: number + description: >- + Indicates that the user does not have the required permissions to + create a draft Timeline. + '409': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + message: + type: string + status_code: + type: number + description: >- + Indicates that there is already a draft Timeline with the given + `timelineId`. + summary: Create a clean draft Timeline or Timeline template + tags: + - Security Timeline API + - access:securitySolution + /api/timeline/_export: + post: + description: Export Timelines as an NDJSON file. + operationId: ExportTimelines + parameters: + - description: The name of the file to export + in: query + name: file_name + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + ids: + items: + type: string + nullable: true + type: array + description: The IDs of the Timelines to export. + required: true + responses: + '200': + content: + application/ndjson; Elastic-Api-Version=2023-10-31: + schema: + description: NDJSON of the exported Timelines + type: string + description: Indicates the Timelines were successfully exported. + '400': + content: + application/ndjson; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: Indicates that the export size limit was exceeded. + summary: Export Timelines + tags: + - Security Timeline API + - access:securitySolution + /api/timeline/_favorite: + patch: + description: Favorite a Timeline or Timeline template for the current user. + operationId: PersistFavoriteRoute + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + templateTimelineId: + nullable: true + type: string + templateTimelineVersion: + nullable: true + type: number + timelineId: + nullable: true + type: string + timelineType: + $ref: '#/components/schemas/Security_Timeline_API_TimelineType' + nullable: true + required: + - timelineId + - templateTimelineId + - templateTimelineVersion + - timelineType + description: The required fields used to favorite a (template) Timeline. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistFavorite: + $ref: >- + #/components/schemas/Security_Timeline_API_FavoriteTimelineResponse + required: + - persistFavorite + required: + - data + description: Indicates the favorite status was successfully updated. + '403': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: >- + Indicates the user does not have the required permissions to persist + the favorite status. + summary: Favorite a Timeline or Timeline template + tags: + - Security Timeline API + - access:securitySolution + /api/timeline/_import: + post: + description: Import Timelines. + operationId: ImportTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + file: {} + isImmutable: + enum: + - 'true' + - 'false' + type: string + required: + - file + description: The Timelines to import as a readable stream. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Timeline_API_ImportTimelineResult + description: Indicates the import of Timelines was successful. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + id: + type: string + statusCode: + type: number + description: >- + Indicates the import of Timelines was unsuccessful because of an + invalid file extension. + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + id: + type: string + statusCode: + type: number + description: >- + Indicates that we were unable to locate the saved object client + necessary to handle the import. + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + id: + type: string + statusCode: + type: number + description: Indicates the import of Timelines was unsuccessful. + summary: Import Timelines + tags: + - Security Timeline API + - access:securitySolution + /api/timeline/_prepackaged: + post: + description: Install or update prepackaged Timelines. + operationId: InstallPrepackedTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + prepackagedTimelines: + items: + $ref: >- + #/components/schemas/Security_Timeline_API_TimelineSavedToReturnObject + nullable: true + type: array + timelinesToInstall: + items: + $ref: '#/components/schemas/Security_Timeline_API_ImportTimelines' + nullable: true + type: array + timelinesToUpdate: + items: + $ref: '#/components/schemas/Security_Timeline_API_ImportTimelines' + nullable: true + type: array + required: + - timelinesToInstall + - timelinesToUpdate + - prepackagedTimelines + description: The Timelines to install or update. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Timeline_API_ImportTimelineResult + description: Indicates the installation of prepackaged Timelines was successful. + '500': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: >- + Indicates the installation of prepackaged Timelines was + unsuccessful. + summary: Install prepackaged Timelines + tags: + - Security Timeline API + - access:securitySolution + /api/timeline/resolve: + get: + operationId: ResolveTimeline + parameters: + - description: The ID of the template timeline to resolve + in: query + name: template_timeline_id schema: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - description: Generic Error - schemas: - Alerting_401_response: - properties: - error: - enum: - - Unauthorized - example: Unauthorized - type: string - message: - type: string - statusCode: - enum: - - 401 - example: 401 - type: integer - title: Unsuccessful rule API response - type: object - Alerting_alert_response_properties: - title: Legacy alert response properties - type: object - properties: - actions: - items: - type: object - type: array - alertTypeId: - example: .index-threshold - type: string - apiKeyOwner: - example: elastic - nullable: true - type: string - createdAt: - description: The date and time that the alert was created. - example: '2022-12-05T23:36:58.284Z' - format: date-time - type: string - createdBy: - description: The identifier for the user that created the alert. - example: elastic - type: string - enabled: - description: Indicates whether the alert is currently enabled. - example: true - type: boolean - executionStatus: - type: object - properties: - lastExecutionDate: - example: '2022-12-06T00:13:43.890Z' - format: date-time - type: string - status: - example: ok - type: string - id: - description: The identifier for the alert. - example: b530fed0-74f5-11ed-9801-35303b735aef - type: string - muteAll: - example: false - type: boolean - mutedInstanceIds: - items: type: string - nullable: true - type: array - name: - description: The name of the alert. - example: my alert - type: string - notifyWhen: - example: onActionGroupChange - type: string - params: - additionalProperties: true - type: object - schedule: - type: object - properties: - interval: - type: string - scheduledTaskId: - example: b530fed0-74f5-11ed-9801-35303b735aef - type: string - tags: - items: + - description: The ID of the timeline to resolve + in: query + name: id + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - type: object + properties: + data: + $ref: >- + #/components/schemas/Security_Timeline_API_ResolvedTimeline + required: + - data + - additionalProperties: false + type: object + description: The (template) Timeline has been found + '400': + description: The request is missing parameters + '404': + description: The (template) Timeline was not found + summary: Get an existing saved Timeline or Timeline template + tags: + - Security Timeline API + - access:securitySolution + /api/timelines: + get: + description: Get a list of all saved Timelines or Timeline templates. + operationId: GetTimelines + parameters: + - description: >- + If true, only timelines that are marked as favorites by the user are + returned. + in: query + name: only_user_favorite + schema: + enum: + - 'true' + - 'false' + nullable: true + type: string + - in: query + name: timeline_type + schema: + $ref: '#/components/schemas/Security_Timeline_API_TimelineType' + nullable: true + - in: query + name: sort_field + schema: + $ref: '#/components/schemas/Security_Timeline_API_SortFieldTimeline' + - in: query + name: sort_order + schema: + enum: + - asc + - desc + type: string + - in: query + name: page_size + schema: + nullable: true type: string - type: array - throttle: - nullable: true - type: string - updatedAt: - example: '2022-12-05T23:36:58.284Z' - type: string - updatedBy: - description: The identifier for the user that updated this alert most recently. - example: elastic - nullable: true - type: string - Alerting_fieldmap_properties: - title: Field map objects in the get rule types response - type: object - properties: - array: - description: Indicates whether the field is an array. - type: boolean - dynamic: - description: Indicates whether it is a dynamic field mapping. - type: boolean - format: - description: > - Indicates the format of the field. For example, if the `type` is - `date_range`, the `format` can be - `epoch_millis||strict_date_optional_time`. - type: string - ignore_above: - description: >- - Specifies the maximum length of a string field. Longer strings are - not indexed or stored. - type: integer - index: - description: Indicates whether field values are indexed. - type: boolean - path: - description: TBD - type: string - properties: - additionalProperties: - type: object - properties: - type: - description: The data type for each object property. - type: string - description: > - Details about the object properties. This property is applicable - when `type` is `object`. - type: object - required: - description: Indicates whether the field is required. - type: boolean - scaling_factor: - description: > - The scaling factor to use when encoding values. This property is - applicable when `type` is `scaled_float`. Values will be multiplied - by this factor at index time and rounded to the closest long value. - type: integer - type: - description: Specifies the data type for the field. - example: scaled_float - type: string - Cases_4xx_response: - properties: - error: - example: Unauthorized - type: string - message: - type: string - statusCode: - example: 401 - type: integer - title: Unsuccessful cases API response - type: object - Cases_action_types: - description: The type of action. - enum: - - assignees - - create_case - - comment - - connector - - delete_case - - description - - pushed - - tags - - title - - status - - settings - - severity - example: create_case - type: string - Cases_actions: - enum: - - add - - create - - delete - - push_to_service - - update - example: create - type: string - Cases_add_alert_comment_request_properties: - description: Defines properties for case comment requests when type is alert. - type: object - properties: - alertId: - $ref: '#/components/schemas/Cases_alert_identifiers' - index: - $ref: '#/components/schemas/Cases_alert_indices' - owner: - $ref: '#/components/schemas/Cases_owners' - rule: - $ref: '#/components/schemas/Cases_rule' - type: - description: The type of comment. - enum: - - alert - example: alert - type: string - required: - - alertId - - index - - owner - - rule - - type - title: Add case comment request properties for alerts - Cases_add_case_comment_request: - description: >- - The add comment to case API request body varies depending on whether you - are adding an alert or a comment. - discriminator: - mapping: - alert: '#/components/schemas/Cases_add_alert_comment_request_properties' - user: '#/components/schemas/Cases_add_user_comment_request_properties' - propertyName: type - oneOf: - - $ref: '#/components/schemas/Cases_add_alert_comment_request_properties' - - $ref: '#/components/schemas/Cases_add_user_comment_request_properties' - title: Add case comment request - Cases_add_user_comment_request_properties: - description: Defines properties for case comment requests when type is user. - properties: - comment: - description: The new comment. It is required only when `type` is `user`. - example: A new comment. - maxLength: 30000 - type: string - owner: - $ref: '#/components/schemas/Cases_owners' - type: - description: The type of comment. - enum: - - user - example: user - type: string - required: - - comment - - owner - - type - title: Add case comment request properties for user comments - type: object - Cases_alert_comment_response_properties: - title: Add case comment response properties for alerts - type: object - properties: - alertId: - items: - example: a6e12ac4-7bce-457b-84f6-d7ce8deb8446 + - in: query + name: page_index + schema: + nullable: true + type: string + - in: query + name: search + schema: + nullable: true + type: string + - in: query + name: status + schema: + $ref: '#/components/schemas/Security_Timeline_API_TimelineStatus' + nullable: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + customTemplateTimelineCount: + type: number + defaultTimelineCount: + type: number + elasticTemplateTimelineCount: + type: number + favoriteCount: + type: number + templateTimelineCount: + type: number + timeline: + items: + $ref: >- + #/components/schemas/Security_Timeline_API_TimelineResponse + type: array + totalCount: + type: number + required: + - timeline + - totalCount + description: Indicates that the (template) Timelines were found and returned. + '400': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: Bad request. The user supplied invalid data. + summary: Get Timelines or Timeline templates + tags: + - Security Timeline API + - access:securitySolution + /s/{spaceId}/api/observability/slos: + get: + description: > + You must have the `read` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: findSlosOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - description: A valid kql query to filter the SLO with + example: 'slo.name:latency* and slo.tags : "prod"' + in: query + name: kqlQuery + schema: type: string - type: array - created_at: - example: '2023-11-06T19:29:38.424Z' - format: date-time - type: string - created_by: - type: object - properties: - email: - example: null - nullable: true - type: string - full_name: - example: null - nullable: true - type: string - profile_uid: - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - type: string - username: - example: elastic - nullable: true - type: string - required: - - email - - full_name - - username - id: - example: 73362370-ab1a-11ec-985f-97e55adae8b9 - type: string - index: - items: - example: .internal.alerts-security.alerts-default-000001 + - description: The page to use for pagination, must be greater or equal than 1 + example: 1 + in: query + name: page + schema: + default: 1 + type: integer + - description: Number of SLOs returned by page + example: 25 + in: query + name: perPage + schema: + default: 25 + maximum: 5000 + type: integer + - description: Sort by field + example: status + in: query + name: sortBy + schema: + default: status + enum: + - sli_value + - status + - error_budget_consumed + - error_budget_remaining + type: string + - description: Sort order + example: asc + in: query + name: sortDirection + schema: + default: asc + enum: + - asc + - desc + type: string + - description: >- + Hide stale SLOs from the list as defined by stale SLO threshold in + SLO settings + in: query + name: hideStale + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_find_slo_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Get a paginated list of SLOs + tags: + - slo + post: + description: > + You must have `all` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: createSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_create_slo_request' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_create_slo_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_409_response' + description: Conflict - The SLO id already exists + summary: Create an SLO + tags: + - slo + /s/{spaceId}/api/observability/slos/_delete_instances: + post: + description: > + The deletion occurs for the specified list of `sloId` and `instanceId`. + You must have `all` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: deleteSloInstancesOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_delete_slo_instances_request' + required: true + responses: + '204': + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + summary: Batch delete rollup and summary data + tags: + - slo + /s/{spaceId}/api/observability/slos/{sloId}: + delete: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: deleteSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + responses: + '204': + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Delete an SLO + tags: + - slo + get: + description: > + You must have the `read` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: getSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + - description: the specific instanceId used by the summary calculation + example: host-abcde + in: query + name: instanceId + schema: type: string - type: array - owner: - $ref: '#/components/schemas/Cases_owners' - pushed_at: - example: null - format: date-time - nullable: true - type: string - pushed_by: - nullable: true - type: object - properties: - email: - example: null - nullable: true - type: string - full_name: - example: null - nullable: true - type: string - profile_uid: - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - type: string - username: - example: elastic - nullable: true - type: string - required: - - email - - full_name - - username - rule: - type: object - properties: - id: - description: The rule identifier. - example: 94d80550-aaf4-11ec-985f-97e55adae8b9 - type: string - name: - description: The rule name. - example: security_rule - type: string - type: - enum: - - alert - example: alert - type: string - updated_at: - format: date-time - nullable: true - type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_slo_with_summary_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Get an SLO + tags: + - slo + put: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: updateSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_update_slo_request' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_slo_definition_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Update an SLO + tags: + - slo + /s/{spaceId}/api/observability/slos/{sloId}/_reset: + post: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: resetSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + responses: + '204': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_slo_definition_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Reset an SLO + tags: + - slo + /s/{spaceId}/api/observability/slos/{sloId}/disable: + post: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: disableSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + responses: + '200': + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Disable an SLO + tags: + - slo + /s/{spaceId}/api/observability/slos/{sloId}/enable: + post: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: enableSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + responses: + '204': + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Enable an SLO + tags: + - slo +components: + examples: + Alerting_get_health_response: + summary: Retrieve information about the health of the alerting framework. + value: + alerting_framework_health: + decryption_health: + status: ok + timestamp: '2023-01-13T01:28:00.280Z' + execution_health: + status: ok + timestamp: '2023-01-13T01:28:00.280Z' + read_health: + status: ok + timestamp: '2023-01-13T01:28:00.280Z' + has_permanent_encryption_key: true + is_sufficiently_secure: true + Alerting_get_rule_types_response: + summary: Retrieve rule types associated with Kibana machine learning features + value: + - action_groups: + - id: anomaly_score_match + name: Anomaly score matched the condition + - id: recovered + name: Recovered + action_variables: + context: + - description: The bucket timestamp of the anomaly + name: timestamp + - description: The bucket time of the anomaly in ISO8601 format + name: timestampIso8601 + - description: List of job IDs that triggered the alert + name: jobIds + - description: Alert info message + name: message + - description: Indicate if top hits contain interim results + name: isInterim + - description: Anomaly score at the time of the notification action + name: score + - description: Top records + name: topRecords + - description: Top influencers + name: topInfluencers + - description: URL to open in the Anomaly Explorer + name: anomalyExplorerUrl + useWithTripleBracesInTemplates: true + params: [] + state: [] + alerts: + context: ml.anomaly-detection + mappings: + fieldMap: + kibana.alert.anomaly_score: + array: false + type: double + required: false + kibana.alert.anomaly_timestamp: + array: false + type: date + required: false + kibana.alert.is_interim: + array: false + type: boolean + required: false + kibana.alert.job_id: + array: false + type: keyword + required: true + kibana.alert.top_influencers: + array: true + dynamic: false + type: object + properties: + influencer_field_name: + type: keyword + influencer_field_value: + type: keyword + influencer_score: + type: double + initial_influencer_score: + type: double + is_interim: + type: boolean + job_id: + type: keyword + timestamp: + type: date + required: false + kibana.alert.top_records: + array: true + dynamic: false + type: object + properties: + actual: + type: double + by_field_name: + type: keyword + by_field_value: + type: keyword + detector_index: + type: integer + field_name: + type: keyword + function: + type: keyword + initial_record_score: + type: double + is_interim: + type: boolean + job_id: + type: keyword + over_field_name: + type: keyword + over_field_value: + type: keyword + partition_field_name: + type: keyword + partition_field_value: + type: keyword + record_score: + type: double + timestamp: + type: date + typical: + type: double + required: false + shouldWrite: true + authorized_consumers: + alerts: + all: true + read: true + apm: + all: true + read: true + discover: + all: true + read: true + infrastructure: + all: true + read: true + logs: + all: true + read: true + ml: + all: true + read: true + monitoring: + all: true + read: true + siem: + all: true + read: true + slo: + all: true + read: true + stackAlerts: + all: true + read: true + uptime: + all: true + read: true + category: management + default_action_group_id: anomaly_score_match + does_set_recovery_context: true + enabled_in_license: true + has_alerts_mappings: true + has_fields_for_a_a_d: false + id: xpack.ml.anomaly_detection_alert + is_exportable: true + minimum_license_required: platinum + name: Anomaly detection alert + producer: ml + recovery_action_group: + id: recovered + name: Recovered + rule_task_timeout: 5m + - action_groups: + - id: anomaly_detection_realtime_issue + name: Issue detected + - id: recovered + name: Recovered + action_variables: + context: + - description: Results of the rule execution + name: results + - description: Alert info message + name: message + params: [] + state: [] + authorized_consumers: + alerts: + all: true + read: true + apm: + all: true + read: true + discover: + all: true + read: true + infrastructure: + all: true + read: true + logs: + all: true + read: true + ml: + all: true + read: true + monitoring: + all: true + read: true + siem: + all: true + read: true + slo: + all: true + read: true + stackAlerts: + all: true + read: true + uptime: + all: true + read: true + category: management + default_action_group_id: anomaly_detection_realtime_issue + does_set_recovery_context: true + enabled_in_license: true + has_alerts_mappings: false + has_fields_for_a_a_d: false + id: xpack.ml.anomaly_detection_jobs_health + is_exportable: true + minimum_license_required: platinum + name: Anomaly detection jobs health + producer: ml + recovery_action_group: + id: recovered + name: Recovered + rule_task_timeout: 5m + Cases_add_comment_request: + summary: Adds a comment to a case. + value: + comment: A new comment. + owner: cases + type: user + Cases_add_comment_response: + summary: >- + The add comment to case API returns a JSON object that contains details + about the case and its comments. + value: + assignees: [] + category: null + closed_at: null + closed_by: null + comments: + - comment: A new comment. + created_at: '2022-10-02T00:49:47.716Z' + created_by: + email: null + full_name: null + username: elastic + id: 8af6ac20-74f6-11ea-b83a-553aecdb28b6 + owner: cases + type: user + version: WzIwNDMxLDFd + connector: + fields: null + id: none + name: none + type: .none + created_at: '2022-03-24T00:37:03.906Z' + created_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + customFields: + - key: d312efda-ec2b-42ec-9e2c-84981795c581 + type: text + value: Field value + - key: fcc6840d-eb14-42df-8aaf-232201a705ec + type: toggle + value: true + description: A case description. + duration: null + external_service: null + id: 293f1bc0-74f6-11ea-b83a-553aecdb28b6 + owner: cases + settings: + syncAlerts: false + severity: low + status: open + tags: + - tag 1 + title: Case title 1 + totalAlerts: 0 + totalComment: 1 + updated_at: '2022-06-03T00:49:47.716Z' updated_by: - nullable: true - type: object - properties: - email: - example: null - nullable: true - type: string - full_name: - example: null - nullable: true - type: string - profile_uid: - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - type: string - username: - example: elastic - nullable: true - type: string - required: - - email - - full_name - - username - version: - example: WzMwNDgsMV0= - type: string - required: - - type - Cases_alert_identifiers: - description: > - The alert identifiers. It is required only when `type` is `alert`. You - can use an array of strings to add multiple alerts to a case, provided - that they all relate to the same rule; `index` must also be an array - with the same length or number of elements. Adding multiple alerts in - this manner is recommended rather than calling the API multiple times. - This functionality is in technical preview and may be changed or removed - in a future release. Elastic will work to fix any issues, but features - in technical preview are not subject to the support SLA of official GA - features. - example: 6b24c4dc44bc720cfc92797f3d61fff952f2b2627db1fb4f8cc49f4530c4ff42 - oneOf: - - type: string - - items: - type: string - maxItems: 1000 - type: array - title: Alert identifiers - x-technical-preview: true - Cases_alert_indices: - description: > - The alert indices. It is required only when `type` is `alert`. If you - are adding multiple alerts to a case, use an array of strings; the - position of each index name in the array must match the position of the - corresponding alert identifier in the `alertId` array. This - functionality is in technical preview and may be changed or removed in a - future release. Elastic will work to fix any issues, but features in - technical preview are not subject to the support SLA of official GA - features. - oneOf: - - type: string - - items: - type: string - maxItems: 1000 - type: array - title: Alert indices - x-technical-preview: true - Cases_alert_response_properties: - type: object - properties: - attached_at: - format: date-time - type: string - id: - description: The alert identifier. - type: string - index: - description: The alert index. - type: string - Cases_assignees: - description: An array containing users that are assigned to the case. - items: - type: object - properties: - uid: - description: >- - A unique identifier for the user profile. These identifiers can be - found by using the suggest user profile API. - example: u_0wpfV1MqYDaXzLtRVY-gLMrddKDEmfz51Fszhj7hWC8_0 - type: string - required: - - uid - maxItems: 10 - nullable: true - type: array - Cases_case_category: - description: A word or phrase that categorizes the case. - maxLength: 50 - type: string - Cases_case_description: - description: The description for the case. - maxLength: 30000 - type: string - Cases_case_response_closed_by_properties: - nullable: true - properties: - email: - example: null - nullable: true - type: string - full_name: - example: null - nullable: true - type: string - profile_uid: - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - type: string - username: - example: elastic - nullable: true - type: string - required: - - email - - full_name - - username - title: Case response properties for closed_by - type: object - Cases_case_response_created_by_properties: - title: Case response properties for created_by - type: object - properties: - email: - example: null - nullable: true - type: string - full_name: - example: null - nullable: true - type: string - profile_uid: - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - type: string - username: - example: elastic - nullable: true - type: string - required: - - email - - full_name - - username - Cases_case_response_properties: - title: Case response properties - type: object - properties: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + version: WzIzMzgsMV0= + Cases_create_case_request: + summary: Create a security case that uses a Jira connector. + value: + connector: + fields: + issueType: '10006' + parent: null + priority: High + id: 131d4448-abe0-4789-939d-8ef60680b498 + name: My connector + type: .jira + customFields: + - key: d312efda-ec2b-42ec-9e2c-84981795c581 + type: text + value: My field value + description: A case description. + owner: cases + settings: + syncAlerts: true + tags: + - tag-1 + title: Case title 1 + Cases_create_case_response: + summary: >- + The create case API returns a JSON object that contains details about + the case. + value: + assignees: [] + closed_at: null + closed_by: null + comments: [] + connector: + fields: + issueType: '10006' + parent: null + priority: High + id: 131d4448-abe0-4789-939d-8ef60680b498 + name: My connector + type: .jira + created_at: '2022-10-13T15:33:50.604Z' + created_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + customFields: + - key: d312efda-ec2b-42ec-9e2c-84981795c581 + type: text + value: My field value + - key: fcc6840d-eb14-42df-8aaf-232201a705ec + type: toggle + value: null + description: A case description. + duration: null + external_service: null + id: 66b9aa00-94fa-11ea-9f74-e7e108796192 + owner: cases + settings: + syncAlerts: true + severity: low + status: open + tags: + - tag 1 + title: Case title 1 + totalAlerts: 0 + totalComment: 0 + updated_at: null + updated_by: null + version: WzUzMiwxXQ== + Cases_find_case_activity_response: + summary: Retrieves all activity for a case + value: + page: 1 + perPage: 20 + total: 3 + userActions: + - action: create + comment_id: null + created_at: '2023-10-20T01:17:22.150Z' + created_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + id: b4cd0770-07c9-11ed-a5fd-47154cb8767e + owner: cases + payload: + assignees: [] + category: null + connector: + fields: null + id: none + name: none + type: .none + customFields: + - key: d312efda-ec2b-42ec-9e2c-84981795c581 + type: text + value: My field value + - key: fcc6840d-eb14-42df-8aaf-232201a705ec + type: toggle + value: null + description: A case description. + owner: cases + settings: + syncAlerts: false + severity: low + status: open + tags: + - tag 1 + title: Case title 1 + type: create_case + version: WzM1ODg4LDFd + - action: create + comment_id: 578608d0-03b1-11ed-920c-974bfa104448 + created_at: '2023-10-14T20:12:53.354Z' + created_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + id: 57af14a0-03b1-11ed-920c-974bfa104448 + owner: cases + payload: + comment: A new comment + owner: cases + type: user + type: comment + version: WzM1ODg4LDFa + - action: add + comment_id: null + created_at: '2023-10-20T01:10:28.238Z' + created_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + id: 573c6980-6123-11ed-aa41-81a0a61fe447 + owner: cases + payload: + assignees: + uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + type: assignees + version: WzM1ODg4LDFb + Cases_find_case_response: + summary: >- + Retrieve the first five cases with the `tag-1` tag, in ascending order + by last update time. + value: + cases: + - assignees: [] + category: null + closed_at: null + closed_by: null + comments: [] + connector: + fields: null + id: none + name: none + type: .none + created_at: '2023-10-12T00:16:36.371Z' + created_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + customFields: + - key: d312efda-ec2b-42ec-9e2c-84981795c581 + type: text + value: My field value + - key: fcc6840d-eb14-42df-8aaf-232201a705ec + type: toggle + value: null + description: Case description + duration: null + external_service: null + id: abed3a70-71bd-11ea-a0b2-c51ea50a58e2 + owner: cases + settings: + syncAlerts: true + severity: low + status: open + tags: + - tag-1 + title: Case title + totalAlerts: 0 + totalComment: 1 + updated_at: '2023-10-12T00:27:58.162Z' + updated_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + version: WzExMCwxXQ== + count_closed_cases: 0 + count_in_progress_cases: 0 + count_open_cases: 1 + page: 1 + per_page: 5 + total: 1 + Cases_find_connector_response: + summary: Retrieve information about the connectors and their settings. + value: + - actionTypeId: .jira + config: + apiUrl: https://elastic.atlassian.net/ + projectKey: ES + id: 61787f53-4eee-4741-8df6-8fe84fa616f7 + isDeprecated: false + isMissingSecrets: false + isPreconfigured: false + name: my-Jira + referencedByCount: 0 + Cases_get_case_alerts_response: + summary: Retrieves all alerts attached to a case + value: + - attached_at: '2022-07-25T20:09:40.963Z' + id: f6a7d0c3-d52d-432c-b2e6-447cd7fce04d + index: .alerts-observability.logs.alerts-default + Cases_get_case_configuration_response: + summary: Get the case configuration. + value: + - closure_type: close-by-user + connector: + fields: null + id: none + name: none + type: .none + created_at: '2024-07-01T17:07:17.767Z' + created_by: + email: null + full_name: null + username: elastic + customFields: + - defaultValue: Custom text field value. + key: d312efda-ec2b-42ec-9e2c-84981795c581 + label: my-text-field + type: text + required: false + error: null + id: 856ee650-6c82-11ee-a20a-6164169afa58 + mappings: [] + owner: cases + templates: + - caseFields: + assignees: + - uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + category: Default-category + connector: + fields: null + id: none + name: none + type: .none + customFields: + - key: d312efda-ec2b-42ec-9e2c-84981795c581 + type: text + value: Default text field value. + description: A default description for cases. + settings: + syncAlerts: false + tags: + - Default case tag + title: Default case title + description: A description of the template. + key: 505932fe-ee3a-4960-a661-c781b5acdb05 + name: template-1 + tags: + - Template tag 1 + updated_at: null + updated_by: null + version: WzEyLDNd + Cases_get_case_observability_response: + summary: >- + Retrieves information about an Observability case including its alerts + and comments. + value: + assignees: + - uid: u_0wpfV1MqYDaXzLtRVY-gLMrddKDEmfz51Fszhj7hWC8_0 + category: null + closed_at: null + closed_by: null + comments: + - alertId: + - a6e12ac4-7bce-457b-84f6-d7ce8deb8446 + created_at: '2023-11-06T19:29:38.424Z' + created_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + id: 59d438d0-79a9-4864-8d4b-e63adacebf6e + index: + - .internal.alerts-observability.logs.alerts-default-000001 + owner: observability + pushed_at: null + pushed_by: null + rule: + id: 03e4eb87-62ca-4e5d-9570-3d7625e9669d + name: Observability rule + type: alert + updated_at: null + updated_by: null + version: WzY3LDJd + - comment: The first comment. + created_at: '2023-11-06T19:29:57.812Z' + created_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + id: d99342d3-3aa3-4b80-90ec-a702607604f5 + owner: observability + pushed_at: null + pushed_by: null + type: user + updated_at: null + updated_by: null + version: WzcyLDJd + connector: + fields: null + id: none + name: none + type: .none + created_at: '2023-11-06T19:29:04.086Z' + created_by: + email: null + full_name: null + username: elastic + customFields: [] + description: An Observability case description. + duration: null + external_service: null + id: c3ff7550-def1-4e90-b6bc-c9969a4a09b1 + owner: observability + settings: + syncAlerts: false + severity: low + status: in-progress + tags: + - observability + - tag 1 + title: Observability case title 1 + totalAlerts: 1 + totalComment: 1 + updated_at: '2023-11-06T19:47:55.662Z' + updated_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + version: WzI0NywyXQ== + Cases_get_case_response: + summary: Retrieves information about a case including its comments. + value: assignees: - $ref: '#/components/schemas/Cases_assignees' - category: - description: The case category. - nullable: true - type: string - closed_at: - format: date-time - nullable: true - type: string - closed_by: - $ref: '#/components/schemas/Cases_case_response_closed_by_properties' + - uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + category: null + closed_at: null + closed_by: null comments: - description: An array of comment objects for the case. - items: - discriminator: - mapping: - alert: '#/components/schemas/Cases_alert_comment_response_properties' - user: '#/components/schemas/Cases_user_comment_response_properties' - propertyName: type - oneOf: - - $ref: '#/components/schemas/Cases_alert_comment_response_properties' - - $ref: '#/components/schemas/Cases_user_comment_response_properties' - maxItems: 10000 - title: Case response properties for comments - type: array + - comment: A new comment + created_at: '2023-10-13T15:40:32.335Z' + created_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + id: 2134c1d0-02c2-11ed-85f2-4f7c222ca2fa + owner: cases + pushed_at: null + pushed_by: null + type: user + updated_at: null + updated_by: null + version: WzM3LDFd connector: - discriminator: - mapping: - .cases-webhook: '#/components/schemas/Cases_connector_properties_cases_webhook' - .jira: '#/components/schemas/Cases_connector_properties_jira' - .none: '#/components/schemas/Cases_connector_properties_none' - .resilient: '#/components/schemas/Cases_connector_properties_resilient' - .servicenow: '#/components/schemas/Cases_connector_properties_servicenow' - .servicenow-sir: '#/components/schemas/Cases_connector_properties_servicenow_sir' - .swimlane: '#/components/schemas/Cases_connector_properties_swimlane' - propertyName: type - oneOf: - - $ref: '#/components/schemas/Cases_connector_properties_none' - - $ref: '#/components/schemas/Cases_connector_properties_cases_webhook' - - $ref: '#/components/schemas/Cases_connector_properties_jira' - - $ref: '#/components/schemas/Cases_connector_properties_resilient' - - $ref: '#/components/schemas/Cases_connector_properties_servicenow' - - $ref: '#/components/schemas/Cases_connector_properties_servicenow_sir' - - $ref: '#/components/schemas/Cases_connector_properties_swimlane' - title: Case response properties for connectors - created_at: - example: '2022-05-13T09:16:17.416Z' - format: date-time - type: string + fields: null + id: none + name: none + type: .none + created_at: '2023-10-13T15:33:50.604Z' created_by: - $ref: '#/components/schemas/Cases_case_response_created_by_properties' + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic customFields: - description: Custom field values for the case. - items: - type: object - properties: - key: - description: > - The unique identifier for the custom field. The key value must - exist in the case configuration settings. - type: string - type: - description: > - The custom field type. It must match the type specified in the - case configuration settings. - enum: - - text - - toggle - type: string - value: - description: > - The custom field value. If the custom field is required, it - cannot be explicitly set to null. However, for cases that - existed when the required custom field was added, the default - value stored in Elasticsearch is `undefined`. The value - returned in the API and user interface in this case is `null`. - oneOf: - - maxLength: 160 - minLength: 1 - nullable: true - type: string - - type: boolean - type: array - description: - example: A case description. - type: string - duration: - description: > - The elapsed time from the creation of the case to its closure (in - seconds). If the case has not been closed, the duration is set to - null. If the case was closed after less than half a second, the - duration is rounded down to zero. - example: 120 - nullable: true - type: integer + - key: d312efda-ec2b-42ec-9e2c-84981795c581 + type: text + value: My field value + - key: fcc6840d-eb14-42df-8aaf-232201a705ec + type: toggle + value: null + description: A case description + duration: null + external_service: null + id: 31cdada0-02c1-11ed-85f2-4f7c222ca2fa + owner: cases + settings: + syncAlerts: true + severity: low + status: open + tags: + - tag 1 + title: Case title 1 + totalAlerts: 0 + totalComment: 1 + updated_at: '2023-10-13T15:40:32.335Z' + updated_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + version: WzM2LDFd + Cases_get_comment_response: + summary: A single user comment retrieved from a case + value: + comment: A new comment + created_at: '2023-10-07T19:32:13.104Z' + created_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + id: 8048b460-fe2b-11ec-b15d-779a7c8bbcc3 + owner: cases + pushed_at: null + pushed_by: null + type: user + updated_at: null + updated_by: null + version: WzIzLDFd + Cases_get_reporters_response: + summary: A list of two users that opened cases + value: + - email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + - email: jdoe@example.com + full_name: Jane Doe + profile_uid: u_0wpfV1MqYDaXzLtRVY-gLMrddKDEmfz51Fszhj7hWC8_0 + username: jdoe + Cases_get_tags_response: + summary: A list of tags that are used in cases + value: + - observability + - security + - tag 1 + - tag 2 + Cases_push_case_response: + summary: >- + The push case API returns a JSON object with details about the case and + the external service. + value: + closed_at: null + closed_by: null + comments: [] + connector: + fields: + issueType: '10006' + parent: null + priority: Low + id: 09f8c0b0-0eda-11ed-bd18-65557fe66949 + name: My connector + type: .jira + created_at: '2022-07-29T00:59:39.444Z' + created_by: + email: null + full_name: null + username: elastic + description: A case description. + duration: null external_service: - $ref: '#/components/schemas/Cases_external_service' - id: - example: 66b9aa00-94fa-11ea-9f74-e7e108796192 - type: string - owner: - $ref: '#/components/schemas/Cases_owners' + connector_id: 09f8c0b0-0eda-11ed-bd18-65557fe66949 + connector_name: My connector + external_id: '71926' + external_title: ES-554 + external_url: https://cases.jira.com + pushed_at: '2022-07-29T01:20:58.436Z' + pushed_by: + email: null + full_name: null + username: elastic + id: b917f300-0ed9-11ed-bd18-65557fe66949 + owner: cases settings: - $ref: '#/components/schemas/Cases_settings' - severity: - $ref: '#/components/schemas/Cases_case_severity' - status: - $ref: '#/components/schemas/Cases_case_status' + syncAlerts: true + severity: low + status: open tags: - example: + - tag 1 + title: Case title 1 + totalAlerts: 0 + totalComment: 0 + updated_at: '2022-07-29T01:20:58.436Z' + updated_by: + email: null + full_name: null + username: elastic + version: WzE3NjgsM10= + Cases_set_case_configuration_request: + summary: >- + Set the closure type, custom fields, and default connector for Stack + Management cases. + value: + closure_type: close-by-user + connector: + fields: null + id: 5e656730-e1ca-11ec-be9b-9b1838238ee6 + name: my-jira-connector + type: .jira + customFields: + - defaultValue: My custom field default value. + key: d312efda-ec2b-42ec-9e2c-84981795c581 + label: my-text-field + type: text + required: false + owner: cases + templates: + - caseFields: + assignees: + - uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + category: Default-category + customFields: + - key: d312efda-ec2b-42ec-9e2c-84981795c581 + type: text + value: A text field value for the template. + description: A default description for cases. + tags: + - Default case tag + title: Default case title + description: A description of the template. + key: 505932fe-ee3a-4960-a661-c781b5acdb05 + name: template-1 + tags: + - Template tag 1 + Cases_set_case_configuration_response: + summary: This is an example response for case settings. + value: + closure_type: close-by-user + connector: + fields: null + id: 5e656730-e1ca-11ec-be9b-9b1838238ee6 + name: my-jira-connector + type: .jira + created_at: '2024-07-01T17:07:17.767Z' + created_by: + email: null, + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + customFields: + - defaultValue: My custom field default value. + key: d312efda-ec2b-42ec-9e2c-84981795c581 + label: my-text-field + type: text + required: false + error: null + id: 4a97a440-e1cd-11ec-be9b-9b1838238ee6 + mappings: + - action_type: overwrite + source: title + target: summary + - action_type: overwrite + source: description + target: description + - action_type: append + source: comments + target: comments + - action_type: overwrite + source: tags + target: labels + owner: cases + templates: + - caseFields: + assignees: + - uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + category: Default-category + customFields: + - key: d312efda-ec2b-42ec-9e2c-84981795c581 + type: text + value: A text field value for the template. + description: A default description for cases. + tags: + - Default case tag + title: Default case title + description: A description of the template. + key: 505932fe-ee3a-4960-a661-c781b5acdb05 + name: template-1 + tags: + - Template tag 1 + updated_at: null + updated_by: null + version: WzIwNzMsMV0= + Cases_update_case_configuration_request: + summary: Update the case settings. + value: + closure_type: close-by-user + connector: + fields: null + id: 5e656730-e1ca-11ec-be9b-9b1838238ee6 + name: my-jira-connector + type: .jira + customFields: + - defaultValue: A new default value. + key: d312efda-ec2b-42ec-9e2c-84981795c581 + label: my-text-field + type: text + required: true + - key: fcc6840d-eb14-42df-8aaf-232201a705ec + label: my-toggle + type: toggle + required: false + version: WzExOSw0XQ== + Cases_update_case_configuration_response: + summary: This is an example response when the case configuration was updated. + value: + closure_type: close-by-user + connector: + fields: null + id: 5e656730-e1ca-11ec-be9b-9b1838238ee6 + name: my-jira-connector + type: .jira + created_at: '2024-07-01T17:07:17.767Z' + created_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + customFields: + - defaultValue: A new default value. + key: d312efda-ec2b-42ec-9e2c-84981795c581 + label: my-text-field + type: text + required: true + - key: fcc6840d-eb14-42df-8aaf-232201a705ec + label: my-toggle + type: toggle + required: false + error: null + id: 4a97a440-e1cd-11ec-be9b-9b1838238ee6 + mappings: + - action_type: overwrite + source: title + target: summary + - action_type: overwrite + source: description + target: description + - action_type: overwrite + source: tags + target: labels + - action_type: append + source: comments + target: comments + owner: cases + templates: [] + updated_at: '2024-07-19T00:52:42.401Z' + updated_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + version: WzI2LDNd + Cases_update_case_request: + summary: Update the case description, tags, and connector. + value: + cases: + - connector: + fields: + issueType: '10006' + parent: null + priority: null + id: 131d4448-abe0-4789-939d-8ef60680b498 + name: My connector + type: .jira + customFields: + - key: fcc6840d-eb14-42df-8aaf-232201a705ec + type: toggle + value: false + - key: d312efda-ec2b-42ec-9e2c-84981795c581 + type: text + value: My new field value + description: A case description. + id: a18b38a0-71b0-11ea-a0b2-c51ea50a58e2 + settings: + syncAlerts: true + tags: + - tag-1 + version: WzIzLDFd + Cases_update_case_response: + summary: >- + This is an example response when the case description, tags, and + connector were updated. + value: + - assignees: [] + category: null + closed_at: null + closed_by: null + comments: [] + connector: + fields: + issueType: '10006' + parent: null + priority: null + id: 131d4448-abe0-4789-939d-8ef60680b498 + name: My connector + type: .jira + created_at: '2023-10-13T09:16:17.416Z' + created_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + customFields: + - key: d312efda-ec2b-42ec-9e2c-84981795c581 + type: text + value: My new field value + - key: fcc6840d-eb14-42df-8aaf-232201a705ec + type: toggle + value: false + description: A case description. + duration: null + external_service: + connector_id: 05da469f-1fde-4058-99a3-91e4807e2de8 + connector_name: Jira + external_id: '10003' + external_title: IS-4 + external_url: https://hms.atlassian.net/browse/IS-4 + pushed_at: '2023-10-13T09:20:40.672Z' + pushed_by: + email: null + full_name: null + username: elastic + id: 66b9aa00-94fa-11ea-9f74-e7e108796192 + owner: cases + settings: + syncAlerts: true + severity: low + status: open + tags: - tag-1 - items: - type: string - type: array - title: - example: Case title 1 - type: string - totalAlerts: - example: 0 - type: integer - totalComment: - example: 0 - type: integer - updated_at: - format: date-time - nullable: true - type: string - updated_by: - $ref: '#/components/schemas/Cases_case_response_updated_by_properties' - version: - example: WzUzMiwxXQ== - type: string - required: - - closed_at - - closed_by - - comments - - connector - - created_at - - created_by - - description - - duration - - external_service - - id - - owner - - settings - - severity - - status - - tags - - title - - totalAlerts - - totalComment - - updated_at - - updated_by - - version - Cases_case_response_pushed_by_properties: - nullable: true - properties: - email: - example: null - nullable: true - type: string - full_name: - example: null - nullable: true - type: string - profile_uid: - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - type: string - username: - example: elastic - nullable: true - type: string - required: - - email - - full_name - - username - title: Case response properties for pushed_by - type: object - Cases_case_response_updated_by_properties: - nullable: true - properties: - email: - example: null - nullable: true - type: string - full_name: - example: null - nullable: true - type: string - profile_uid: - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - type: string - username: - example: elastic - nullable: true - type: string - required: - - email - - full_name - - username - title: Case response properties for updated_by - type: object - Cases_case_severity: - default: low - description: The severity of the case. - enum: - - critical - - high - - low - - medium - type: string - Cases_case_status: - description: The status of the case. - enum: - - closed - - in-progress - - open - type: string - Cases_case_tags: - description: > - The words and phrases that help categorize cases. It can be an empty - array. - items: - maxLength: 256 - type: string - maxItems: 200 - type: array - Cases_case_title: - description: A title for the case. - maxLength: 160 - type: string - Cases_closure_types: - description: >- - Indicates whether a case is automatically closed when it is pushed to - external systems (`close-by-pushing`) or not automatically closed - (`close-by-user`). - enum: - - close-by-pushing - - close-by-user - example: close-by-user - type: string - Cases_connector_properties_cases_webhook: - description: Defines properties for connectors when type is `.cases-webhook`. - type: object - properties: - fields: - example: null - nullable: true - type: string - id: - description: >- - The identifier for the connector. To retrieve connector IDs, use the - find connectors API. - type: string - name: - description: The name of the connector. - type: string - type: - description: The type of connector. - enum: - - .cases-webhook - example: .cases-webhook - type: string - required: - - fields - - id - - name - - type - title: Create or upate case request properties for Cases Webhook connector - Cases_connector_properties_jira: - description: Defines properties for connectors when type is `.jira`. - type: object - properties: - fields: - description: >- - An object containing the connector fields. If you want to omit any - individual field, specify null as its value. - type: object - properties: - issueType: - description: The type of issue. - nullable: true - type: string - parent: - description: The key of the parent issue, when the issue type is sub-task. - nullable: true - type: string - priority: - description: The priority of the issue. - nullable: true + title: Case title 1 + totalAlerts: 0 + totalComment: 0 + updated_at: '2023-10-13T09:48:33.043Z' + updated_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + version: WzU0OCwxXQ== + Cases_update_comment_request: + summary: Updates a comment of a case. + value: + comment: An updated comment. + id: 8af6ac20-74f6-11ea-b83a-553aecdb28b6 + owner: cases + type: user + version: Wzk1LDFd + Cases_update_comment_response: + summary: >- + The add comment to case API returns a JSON object that contains details + about the case and its comments. + value: + assignees: [] + category: null + closed_at: null + closed_by: null + comments: + - comment: An updated comment. + created_at: '2023-10-24T00:37:10.832Z' + created_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + id: 8af6ac20-74f6-11ea-b83a-553aecdb28b6 + owner: cases + pushed_at: null + pushed_by: null + type: user + updated_at: '2023-10-24T01:27:06.210Z' + updated_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + version: WzIwNjM3LDFd + connector: + fields: null + id: none + name: none + type: .none + created_at: '2023-10-24T00:37:03.906Z' + created_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + customFields: + - key: d312efda-ec2b-42ec-9e2c-84981795c581 + type: text + value: My new field value + - key: fcc6840d-eb14-42df-8aaf-232201a705ec + type: toggle + value: false + description: A case description. + duration: null + external_service: null + id: 293f1bc0-74f6-11ea-b83a-553aecdb28b6 + owner: cases + settings: + syncAlerts: false + severity: low + status: open + tags: + - tag 1 + title: Case title 1 + totalAlerts: 0 + totalComment: 1 + updated_at: '2023-10-24T01:27:06.210Z' + updated_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + version: WzIwNjM2LDFd + Data_views_create_data_view_request: + summary: Create a data view with runtime fields. + value: + data_view: + name: My Logstash data view + runtimeFieldMap: + runtime_shape_name: + script: + source: emit(doc['shape_name'].value) + type: keyword + title: logstash-* + Data_views_create_runtime_field_request: + summary: Create a runtime field. + value: + name: runtimeFoo + runtimeField: + script: + source: emit(doc["foo"].value) + type: long + Data_views_get_data_view_response: + summary: >- + The get data view API returns a JSON object that contains information + about the data view. + value: + data_view: + allowNoIndex: false + fieldAttrs: + products.manufacturer: + count: 1 + products.price: + count: 1 + products.product_name: + count: 1 + total_quantity: + count: 1 + fieldFormats: + products.base_price: + id: number + params: + pattern: $0,0.00 + products.base_unit_price: + id: number + params: + pattern: $0,0.00 + products.min_price: + id: number + params: + pattern: $0,0.00 + products.price: + id: number + params: + pattern: $0,0.00 + products.taxful_price: + id: number + params: + pattern: $0,0.00 + products.taxless_price: + id: number + params: + pattern: $0,0.00 + taxful_total_price: + id: number + params: + pattern: $0,0.[00] + taxless_total_price: + id: number + params: + pattern: $0,0.00 + fields: + _id: + aggregatable: false + count: 0 + esTypes: + - _id + format: + id: string + isMapped: true + name: _id + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false type: string - required: - - issueType - - parent - - priority - id: - description: >- - The identifier for the connector. To retrieve connector IDs, use the - find connectors API. - type: string - name: - description: The name of the connector. - type: string - type: - description: The type of connector. - enum: - - .jira - example: .jira - type: string - required: - - fields - - id - - name - - type - title: Create or update case request properties for a Jira connector - Cases_connector_properties_none: - description: Defines properties for connectors when type is `.none`. - type: object - properties: - fields: - description: >- - An object containing the connector fields. To create a case without - a connector, specify null. To update a case to remove the connector, - specify null. - example: null - nullable: true - type: string - id: - description: >- - The identifier for the connector. To create a case without a - connector, use `none`. To update a case to remove the connector, - specify `none`. - example: none - type: string - name: - description: >- - The name of the connector. To create a case without a connector, use - `none`. To update a case to remove the connector, specify `none`. - example: none - type: string - type: - description: >- - The type of connector. To create a case without a connector, use - `.none`. To update a case to remove the connector, specify `.none`. - enum: - - .none - example: .none - type: string - required: - - fields - - id - - name - - type - title: Create or update case request properties for no connector - Cases_connector_properties_resilient: - description: Defines properties for connectors when type is `.resilient`. - type: object - properties: - fields: - description: >- - An object containing the connector fields. If you want to omit any - individual field, specify null as its value. - nullable: true - type: object - properties: - issueTypes: - description: The type of incident. - items: - type: string - type: array - severityCode: - description: The severity code of the incident. + _index: + aggregatable: true + count: 0 + esTypes: + - _index + format: + id: string + isMapped: true + name: _index + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false type: string - required: - - issueTypes - - severityCode - id: - description: The identifier for the connector. - type: string - name: - description: The name of the connector. - type: string - type: - description: The type of connector. - enum: - - .resilient - example: .resilient - type: string - required: - - fields - - id - - name - - type - title: Create case request properties for a IBM Resilient connector - Cases_connector_properties_servicenow: - description: Defines properties for connectors when type is `.servicenow`. - type: object - properties: - fields: - description: >- - An object containing the connector fields. If you want to omit any - individual field, specify null as its value. - type: object - properties: + _score: + aggregatable: false + count: 0 + format: + id: number + isMapped: true + name: _score + readFromDocValues: false + scripted: false + searchable: false + shortDotsEnable: false + type: number + _source: + aggregatable: false + count: 0 + esTypes: + - _source + format: + id: _source + isMapped: true + name: _source + readFromDocValues: false + scripted: false + searchable: false + shortDotsEnable: false + type: _source category: - description: The category of the incident. - nullable: true + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: category + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false type: string - impact: - description: The effect an incident had on business. - nullable: true + category.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: category.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: category type: string - severity: - description: The severity of the incident. - nullable: true + currency: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: currency + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: string - subcategory: - description: The subcategory of the incident. - nullable: true + customer_birth_date: + aggregatable: true + count: 0 + esTypes: + - date + format: + id: date + isMapped: true + name: customer_birth_date + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: date + customer_first_name: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: customer_first_name + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false type: string - urgency: - description: The extent to which the incident resolution can be delayed. - nullable: true + customer_first_name.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_first_name.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: customer_first_name type: string - required: - - category - - impact - - severity - - subcategory - - urgency - id: - description: >- - The identifier for the connector. To retrieve connector IDs, use the - find connectors API. - type: string - name: - description: The name of the connector. - type: string - type: - description: The type of connector. - enum: - - .servicenow - example: .servicenow - type: string - required: - - fields - - id - - name - - type - title: Create case request properties for a ServiceNow ITSM connector - Cases_connector_properties_servicenow_sir: - description: Defines properties for connectors when type is `.servicenow-sir`. - type: object - properties: - fields: - description: >- - An object containing the connector fields. If you want to omit any - individual field, specify null as its value. - type: object - properties: - category: - description: The category of the incident. - nullable: true + customer_full_name: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: customer_full_name + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false type: string - destIp: - description: >- - Indicates whether cases will send a comma-separated list of - destination IPs. - nullable: true - type: boolean - malwareHash: - description: >- - Indicates whether cases will send a comma-separated list of - malware hashes. - nullable: true - type: boolean - malwareUrl: - description: >- - Indicates whether cases will send a comma-separated list of - malware URLs. - nullable: true - type: boolean - priority: - description: The priority of the issue. - nullable: true + customer_full_name.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_full_name.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: customer_full_name + type: string + customer_gender: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_gender + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_id: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_id + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_last_name: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: customer_last_name + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_last_name.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_last_name.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: customer_last_name type: string - sourceIp: - description: >- - Indicates whether cases will send a comma-separated list of - source IPs. - nullable: true - type: boolean - subcategory: - description: The subcategory of the incident. - nullable: true + customer_phone: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_phone + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: string - required: - - category - - destIp - - malwareHash - - malwareUrl - - priority - - sourceIp - - subcategory - id: - description: >- - The identifier for the connector. To retrieve connector IDs, use the - find connectors API. - type: string - name: - description: The name of the connector. - type: string - type: - description: The type of connector. - enum: - - .servicenow-sir - example: .servicenow-sir - type: string - required: - - fields - - id - - name - - type - title: Create case request properties for a ServiceNow SecOps connector - Cases_connector_properties_swimlane: - description: Defines properties for connectors when type is `.swimlane`. - type: object - properties: - fields: - description: >- - An object containing the connector fields. If you want to omit any - individual field, specify null as its value. - type: object - properties: - caseId: - description: The case identifier for Swimlane connectors. - nullable: true + day_of_week: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: day_of_week + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: string - required: - - caseId - id: - description: >- - The identifier for the connector. To retrieve connector IDs, use the - find connectors API. - type: string - name: - description: The name of the connector. - type: string - type: - description: The type of connector. - enum: - - .swimlane - example: .swimlane - type: string - required: - - fields - - id - - name - - type - title: Create case request properties for a Swimlane connector - Cases_connector_types: - description: The type of connector. - enum: - - .cases-webhook - - .jira - - .none - - .resilient - - .servicenow - - .servicenow-sir - - .swimlane - example: .none - type: string - Cases_create_case_request: - description: >- - The create case API request body varies depending on the type of - connector. - properties: - assignees: - $ref: '#/components/schemas/Cases_assignees' - category: - $ref: '#/components/schemas/Cases_case_category' - connector: - oneOf: - - $ref: '#/components/schemas/Cases_connector_properties_none' - - $ref: '#/components/schemas/Cases_connector_properties_cases_webhook' - - $ref: '#/components/schemas/Cases_connector_properties_jira' - - $ref: '#/components/schemas/Cases_connector_properties_resilient' - - $ref: '#/components/schemas/Cases_connector_properties_servicenow' - - $ref: '#/components/schemas/Cases_connector_properties_servicenow_sir' - - $ref: '#/components/schemas/Cases_connector_properties_swimlane' - customFields: - description: > - Custom field values for a case. Any optional custom fields that are - not specified in the request are set to null. - items: - type: object - properties: - key: - description: > - The unique identifier for the custom field. The key value must - exist in the case configuration settings. - type: string - type: - description: > - The custom field type. It must match the type specified in the - case configuration settings. - enum: - - text - - toggle - type: string - value: - description: > - The custom field value. If the custom field is required, it - cannot be explicitly set to null. However, for cases that - existed when the required custom field was added, the default - value stored in Elasticsearch is `undefined`. The value - returned in the API and user interface in this case is `null`. - oneOf: - - maxLength: 160 - minLength: 1 - nullable: true - type: string - - type: boolean - required: - - key - - type - - value - maxItems: 10 - minItems: 0 - type: array - description: - $ref: '#/components/schemas/Cases_case_description' - owner: - $ref: '#/components/schemas/Cases_owners' - settings: - $ref: '#/components/schemas/Cases_settings' - severity: - $ref: '#/components/schemas/Cases_case_severity' - tags: - $ref: '#/components/schemas/Cases_case_tags' - title: - $ref: '#/components/schemas/Cases_case_title' - required: - - connector - - description - - owner - - settings - - tags - - title - title: Create case request - type: object - Cases_external_service: - nullable: true - type: object - properties: - connector_id: - type: string - connector_name: - type: string - external_id: - type: string - external_title: - type: string - external_url: - type: string - pushed_at: - format: date-time - type: string - pushed_by: - nullable: true - type: object - properties: + day_of_week_i: + aggregatable: true + count: 0 + esTypes: + - integer + format: + id: number + isMapped: true + name: day_of_week_i + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number email: - example: null - nullable: true + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: email + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + event.dataset: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: event.dataset + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: string - full_name: - example: null - nullable: true + geoip.city_name: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: geoip.city_name + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: string - profile_uid: - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + geoip.continent_name: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: geoip.continent_name + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: string - username: - example: elastic - nullable: true + geoip.country_iso_code: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: geoip.country_iso_code + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: string - Cases_owners: - description: > - The application that owns the cases: Stack Management, Observability, or - Elastic Security. - enum: - - cases - - observability - - securitySolution - example: cases - type: string - Cases_payload_alert_comment: - type: object - properties: - comment: - type: object - properties: - alertId: - oneOf: - - example: 1c0b056b-cc9f-4b61-b5c9-cb801abd5e1d - type: string - - items: - type: string - type: array - index: - oneOf: - - example: .alerts-observability.logs.alerts-default - type: string - - items: - type: string - type: array - owner: - $ref: '#/components/schemas/Cases_owners' - rule: - type: object - properties: - id: - description: The rule identifier. - example: 94d80550-aaf4-11ec-985f-97e55adae8b9 - type: string - name: - description: The rule name. - example: security_rule - type: string - type: - enum: - - alert + geoip.location: + aggregatable: true + count: 0 + esTypes: + - geo_point + format: + id: geo_point + params: + transform: wkt + isMapped: true + name: geoip.location + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: geo_point + geoip.region_name: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: geoip.region_name + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: string - Cases_payload_assignees: - type: object - properties: - assignees: - $ref: '#/components/schemas/Cases_assignees' - Cases_payload_connector: - type: object - properties: - connector: - type: object - properties: - fields: - description: >- - An object containing the connector fields. To create a case - without a connector, specify null. If you want to omit any - individual field, specify null as its value. - example: null - nullable: true - type: object - properties: - caseId: - description: The case identifier for Swimlane connectors. - type: string - category: - description: >- - The category of the incident for ServiceNow ITSM and - ServiceNow SecOps connectors. - type: string - destIp: - description: >- - Indicates whether cases will send a comma-separated list of - destination IPs for ServiceNow SecOps connectors. - nullable: true - type: boolean - impact: - description: >- - The effect an incident had on business for ServiceNow ITSM - connectors. - type: string - issueType: - description: The type of issue for Jira connectors. - type: string - issueTypes: - description: The type of incident for IBM Resilient connectors. - items: - type: string - type: array - malwareHash: - description: >- - Indicates whether cases will send a comma-separated list of - malware hashes for ServiceNow SecOps connectors. - nullable: true - type: boolean - malwareUrl: - description: >- - Indicates whether cases will send a comma-separated list of - malware URLs for ServiceNow SecOps connectors. - nullable: true - type: boolean - parent: - description: >- - The key of the parent issue, when the issue type is sub-task - for Jira connectors. - type: string - priority: - description: >- - The priority of the issue for Jira and ServiceNow SecOps - connectors. - type: string - severity: - description: The severity of the incident for ServiceNow ITSM connectors. - type: string - severityCode: - description: >- - The severity code of the incident for IBM Resilient - connectors. - type: string - sourceIp: - description: >- - Indicates whether cases will send a comma-separated list of - source IPs for ServiceNow SecOps connectors. - nullable: true - type: boolean - subcategory: - description: >- - The subcategory of the incident for ServiceNow ITSM - connectors. - type: string - urgency: - description: >- - The extent to which the incident resolution can be delayed - for ServiceNow ITSM connectors. - type: string - id: - description: >- - The identifier for the connector. To create a case without a - connector, use `none`. - example: none + manufacturer: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: manufacturer + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + manufacturer.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: manufacturer.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: manufacturer + type: string + order_date: + aggregatable: true + count: 0 + esTypes: + - date + format: + id: date + isMapped: true + name: order_date + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: date + order_id: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: order_id + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: string - name: - description: >- - The name of the connector. To create a case without a connector, - use `none`. - example: none + products._id: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: products._id + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false type: string - type: - $ref: '#/components/schemas/Cases_connector_types' - Cases_payload_create_case: - type: object - properties: - assignees: - $ref: '#/components/schemas/Cases_assignees' - connector: - type: object - properties: - fields: - description: >- - An object containing the connector fields. To create a case - without a connector, specify null. If you want to omit any - individual field, specify null as its value. - example: null - nullable: true - type: object - properties: - caseId: - description: The case identifier for Swimlane connectors. - type: string - category: - description: >- - The category of the incident for ServiceNow ITSM and - ServiceNow SecOps connectors. - type: string - destIp: - description: >- - Indicates whether cases will send a comma-separated list of - destination IPs for ServiceNow SecOps connectors. - nullable: true - type: boolean - impact: - description: >- - The effect an incident had on business for ServiceNow ITSM - connectors. - type: string - issueType: - description: The type of issue for Jira connectors. - type: string - issueTypes: - description: The type of incident for IBM Resilient connectors. - items: - type: string - type: array - malwareHash: - description: >- - Indicates whether cases will send a comma-separated list of - malware hashes for ServiceNow SecOps connectors. - nullable: true - type: boolean - malwareUrl: - description: >- - Indicates whether cases will send a comma-separated list of - malware URLs for ServiceNow SecOps connectors. - nullable: true - type: boolean - parent: - description: >- - The key of the parent issue, when the issue type is sub-task - for Jira connectors. - type: string - priority: - description: >- - The priority of the issue for Jira and ServiceNow SecOps - connectors. - type: string - severity: - description: The severity of the incident for ServiceNow ITSM connectors. - type: string - severityCode: - description: >- - The severity code of the incident for IBM Resilient - connectors. - type: string - sourceIp: - description: >- - Indicates whether cases will send a comma-separated list of - source IPs for ServiceNow SecOps connectors. - nullable: true - type: boolean - subcategory: - description: >- - The subcategory of the incident for ServiceNow ITSM - connectors. - type: string - urgency: - description: >- - The extent to which the incident resolution can be delayed - for ServiceNow ITSM connectors. - type: string - id: - description: >- - The identifier for the connector. To create a case without a - connector, use `none`. - example: none + products._id.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: products._id.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: products._id + type: string + products.base_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: products.base_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.base_unit_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: products.base_unit_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.category: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: products.category + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + products.category.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: products.category.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: products.category + type: string + products.created_on: + aggregatable: true + count: 0 + esTypes: + - date + format: + id: date + isMapped: true + name: products.created_on + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: date + products.discount_amount: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + isMapped: true + name: products.discount_amount + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.discount_percentage: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + isMapped: true + name: products.discount_percentage + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.manufacturer: + aggregatable: false + count: 1 + esTypes: + - text + format: + id: string + isMapped: true + name: products.manufacturer + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false type: string - name: - description: >- - The name of the connector. To create a case without a connector, - use `none`. - example: none + products.manufacturer.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: products.manufacturer.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: products.manufacturer type: string - type: - $ref: '#/components/schemas/Cases_connector_types' - description: - type: string - owner: - $ref: '#/components/schemas/Cases_owners' - settings: - $ref: '#/components/schemas/Cases_settings' - severity: - $ref: '#/components/schemas/Cases_case_severity' - status: - $ref: '#/components/schemas/Cases_case_status' - tags: - items: - example: - - tag-1 - type: string - type: array - title: - type: string - Cases_payload_delete: - description: >- - If the `action` is `delete` and the `type` is `delete_case`, the payload - is nullable. - nullable: true - type: object - Cases_payload_description: - type: object - properties: - description: - type: string - Cases_payload_pushed: - type: object - properties: - externalService: - $ref: '#/components/schemas/Cases_external_service' - Cases_payload_settings: - type: object - properties: - settings: - $ref: '#/components/schemas/Cases_settings' - Cases_payload_severity: - type: object - properties: - severity: - $ref: '#/components/schemas/Cases_case_severity' - Cases_payload_status: - type: object - properties: - status: - $ref: '#/components/schemas/Cases_case_status' - Cases_payload_tags: - type: object - properties: - tags: - example: - - tag-1 - items: - type: string - type: array - Cases_payload_title: - type: object - properties: - title: - type: string - Cases_payload_user_comment: - type: object - properties: - comment: - type: object - properties: - comment: + products.min_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: products.min_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.price: + aggregatable: true + count: 1 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: products.price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.product_id: + aggregatable: true + count: 0 + esTypes: + - long + format: + id: number + isMapped: true + name: products.product_id + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.product_name: + aggregatable: false + count: 1 + esTypes: + - text + format: + id: string + isMapped: true + name: products.product_name + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + products.product_name.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: products.product_name.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: products.product_name + type: string + products.quantity: + aggregatable: true + count: 0 + esTypes: + - integer + format: + id: number + isMapped: true + name: products.quantity + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.sku: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: products.sku + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + products.tax_amount: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + isMapped: true + name: products.tax_amount + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.taxful_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: products.taxful_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.taxless_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: products.taxless_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.unit_discount_amount: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + isMapped: true + name: products.unit_discount_amount + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + sku: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: sku + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: string - owner: - $ref: '#/components/schemas/Cases_owners' + taxful_total_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.[00] + isMapped: true + name: taxful_total_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + taxless_total_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: taxless_total_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + total_quantity: + aggregatable: true + count: 1 + esTypes: + - integer + format: + id: number + isMapped: true + name: total_quantity + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + total_unique_products: + aggregatable: true + count: 0 + esTypes: + - integer + format: + id: number + isMapped: true + name: total_unique_products + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number type: - enum: - - user + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: type + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: string - Cases_rule: - description: > - The rule that is associated with the alerts. It is required only when - `type` is `alert`. This functionality is in technical preview and may be - changed or removed in a future release. Elastic will work to fix any - issues, but features in technical preview are not subject to the support - SLA of official GA features. - title: Alerting rule - type: object - properties: - id: - description: The rule identifier. - example: 94d80550-aaf4-11ec-985f-97e55adae8b9 - type: string - name: - description: The rule name. - example: security_rule - type: string - x-technical-preview: true - Cases_searchFieldsType: - description: The fields to perform the `simple_query_string` parsed query against. - enum: - - description - - title - type: string - Cases_set_case_configuration_request: - description: >- - External connection details, such as the closure type and default - connector for cases. - properties: - closure_type: - $ref: '#/components/schemas/Cases_closure_types' - connector: - description: An object that contains the connector configuration. - type: object - properties: - fields: - description: >- - The fields specified in the case configuration are not used and - are not propagated to individual cases, therefore it is - recommended to set it to `null`. - nullable: true - type: object - id: - description: >- - The identifier for the connector. If you do not want a default - connector, use `none`. To retrieve connector IDs, use the find - connectors API. - example: none + user: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: user + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: string - name: - description: >- - The name of the connector. If you do not want a default - connector, use `none`. To retrieve connector names, use the find - connectors API. - example: none + id: ff959d40-b880-11e8-a6d9-e546fe2bba5f + name: Kibana Sample Data eCommerce + namespaces: + - default + runtimeFieldMap: {} + sourceFilters: [] + timeFieldName: order_date + title: kibana_sample_data_ecommerce + typeMeta: {} + version: WzUsMV0= + Data_views_get_data_views_response: + summary: The get all data views API returns a list of data views. + value: + data_view: + - id: ff959d40-b880-11e8-a6d9-e546fe2bba5f + name: Kibana Sample Data eCommerce + namespaces: + - default + title: kibana_sample_data_ecommerce + typeMeta: {} + - id: d3d7af60-4c81-11e8-b3d7-01146121b73d + name: Kibana Sample Data Flights + namespaces: + - default + title: kibana_sample_data_flights + - id: 90943e30-9a47-11e8-b64d-95841ca0b247 + name: Kibana Sample Data Logs + namespaces: + - default + title: kibana_sample_data_logs + Data_views_get_default_data_view_response: + summary: The get default data view API returns the default data view identifier. + value: + data_view_id: ff959d40-b880-11e8-a6d9-e546fe2bba5f + Data_views_get_runtime_field_response: + summary: >- + The get runtime field API returns a JSON object that contains + information about the runtime field (`hour_of_day`) and the data view + (`d3d7af60-4c81-11e8-b3d7-01146121b73d`). + value: + data_view: + allowNoIndex: false + fieldAttrs: {} + fieldFormats: + AvgTicketPrice: + id: number + params: + pattern: $0,0.[00] + hour_of_day: + id: number + params: + pattern: '00' + fields: + _id: + aggregatable: false + count: 0 + esTypes: + - _id + format: + id: string + isMapped: true + name: _id + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + _index: + aggregatable: true + count: 0 + esTypes: + - _index + format: + id: string + isMapped: true + name: _index + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false type: string - type: - $ref: '#/components/schemas/Cases_connector_types' - required: - - fields - - id - - name - - type - customFields: - description: Custom fields case configuration. - items: - type: object - properties: - defaultValue: - description: > - A default value for the custom field. If the `type` is `text`, - the default value must be a string. If the `type` is `toggle`, - the default value must be boolean. - oneOf: - - type: string - - type: boolean - key: - description: > - A unique key for the custom field. Must be lower case and - composed only of a-z, 0-9, '_', and '-' characters. It is used - in API calls to refer to a specific custom field. - maxLength: 36 - minLength: 1 - type: string - label: - description: The custom field label that is displayed in the case. - maxLength: 50 - minLength: 1 - type: string - type: - description: The type of the custom field. - enum: - - text - - toggle - type: string - required: - description: > - Indicates whether the field is required. If `false`, the - custom field can be set to null or omitted when a case is - created or updated. - type: boolean - required: - - key - - label - - required - - type - maxItems: 10 - minItems: 0 - type: array - owner: - $ref: '#/components/schemas/Cases_owners' - templates: - $ref: '#/components/schemas/Cases_templates' - required: - - closure_type - - connector - - owner - title: Set case configuration request - type: object - Cases_settings: - description: An object that contains the case settings. - type: object - properties: - syncAlerts: - description: Turns alert syncing on or off. - example: true - type: boolean - required: - - syncAlerts - Cases_template_tags: - description: > - The words and phrases that help categorize templates. It can be an empty - array. - items: - maxLength: 256 - type: string - maxItems: 200 - type: array - Cases_templates: - items: - type: object - properties: - caseFields: - type: object - properties: - assignees: - $ref: '#/components/schemas/Cases_assignees' - category: - $ref: '#/components/schemas/Cases_case_category' - connector: - type: object - properties: - fields: - description: >- - The fields specified in the case configuration are not - used and are not propagated to individual cases, therefore - it is recommended to set it to `null`. - nullable: true - type: object - id: - description: >- - The identifier for the connector. If you do not want a - default connector, use `none`. To retrieve connector IDs, - use the find connectors API. - example: none - type: string - name: - description: >- - The name of the connector. If you do not want a default - connector, use `none`. To retrieve connector names, use - the find connectors API. - example: none - type: string - type: - $ref: '#/components/schemas/Cases_connector_types' - customFields: - description: Custom field values in the template. - items: - type: object - properties: - key: - description: The unique key for the custom field. - type: string - type: - description: The type of the custom field. - enum: - - text - - toggle - type: string - value: - description: > - The default value for the custom field when a case uses - the template. If the `type` is `text`, the default value - must be a string. If the `type` is `toggle`, the default - value must be boolean. - oneOf: - - type: string - - type: boolean - type: array - x-technical-preview: true - description: - $ref: '#/components/schemas/Cases_case_description' - settings: - $ref: '#/components/schemas/Cases_settings' - severity: - $ref: '#/components/schemas/Cases_case_severity' - tags: - $ref: '#/components/schemas/Cases_case_tags' - title: - $ref: '#/components/schemas/Cases_case_title' - description: - description: A description for the template. - type: string - key: - description: > - A unique key for the template. Must be lower case and composed - only of a-z, 0-9, '_', and '-' characters. It is used in API calls - to refer to a specific template. - type: string - name: - description: The name of the template. - type: string - tags: - $ref: '#/components/schemas/Cases_template_tags' - type: array - x-technical-preview: true - Cases_update_alert_comment_request_properties: - description: Defines properties for case comment requests when type is alert. - type: object - properties: - alertId: - $ref: '#/components/schemas/Cases_alert_identifiers' - id: - description: > - The identifier for the comment. To retrieve comment IDs, use the get - comments API. - example: 8af6ac20-74f6-11ea-b83a-553aecdb28b6 - type: string - index: - $ref: '#/components/schemas/Cases_alert_indices' - owner: - $ref: '#/components/schemas/Cases_owners' - rule: - $ref: '#/components/schemas/Cases_rule' - type: - description: The type of comment. - enum: - - alert - example: alert - type: string - version: - description: > - The current comment version. To retrieve version values, use the get - comments API. - example: Wzk1LDFd - type: string - required: - - alertId - - id - - index - - owner - - rule - - type - - version - title: Update case comment request properties for alerts - Cases_update_case_comment_request: - description: >- - The update case comment API request body varies depending on whether you - are updating an alert or a comment. - discriminator: - mapping: - alert: '#/components/schemas/Cases_update_alert_comment_request_properties' - user: '#/components/schemas/Cases_update_user_comment_request_properties' - propertyName: type - oneOf: - - $ref: '#/components/schemas/Cases_update_alert_comment_request_properties' - - $ref: '#/components/schemas/Cases_update_user_comment_request_properties' - title: Update case comment request - Cases_update_case_configuration_request: - description: > - You can update settings such as the closure type, custom fields, - templates, and the default connector for cases. - properties: - closure_type: - $ref: '#/components/schemas/Cases_closure_types' - connector: - description: An object that contains the connector configuration. - type: object - properties: - fields: - description: >- - The fields specified in the case configuration are not used and - are not propagated to individual cases, therefore it is - recommended to set it to `null`. - nullable: true - type: object - id: - description: >- - The identifier for the connector. If you do not want a default - connector, use `none`. To retrieve connector IDs, use the find - connectors API. - example: none + _score: + aggregatable: false + count: 0 + format: + id: number + isMapped: true + name: _score + readFromDocValues: false + scripted: false + searchable: false + shortDotsEnable: false + type: number + _source: + aggregatable: false + count: 0 + esTypes: + - _source + format: + id: _source + isMapped: true + name: _source + readFromDocValues: false + scripted: false + searchable: false + shortDotsEnable: false + type: _source + AvgTicketPrice: + aggregatable: true + count: 0 + esTypes: + - float + format: + id: number + params: + pattern: $0,0.[00] + isMapped: true + name: AvgTicketPrice + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + Cancelled: + aggregatable: true + count: 0 + esTypes: + - boolean + format: + id: boolean + isMapped: true + name: Cancelled + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: boolean + Carrier: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: Carrier + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + dayOfWeek: + aggregatable: true + count: 0 + esTypes: + - integer + format: + id: number + isMapped: true + name: dayOfWeek + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + Dest: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: Dest + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DestAirportID: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: DestAirportID + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DestCityName: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: DestCityName + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DestCountry: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: DestCountry + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DestLocation: + aggregatable: true + count: 0 + esTypes: + - geo_point + format: + id: geo_point + params: + transform: wkt + isMapped: true + name: DestLocation + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: geo_point + DestRegion: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: DestRegion + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DestWeather: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: DestWeather + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DistanceKilometers: + aggregatable: true + count: 0 + esTypes: + - float + format: + id: number + isMapped: true + name: DistanceKilometers + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + DistanceMiles: + aggregatable: true + count: 0 + esTypes: + - float + format: + id: number + isMapped: true + name: DistanceMiles + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + FlightDelay: + aggregatable: true + count: 0 + esTypes: + - boolean + format: + id: boolean + isMapped: true + name: FlightDelay + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: boolean + FlightDelayMin: + aggregatable: true + count: 0 + esTypes: + - integer + format: + id: number + isMapped: true + name: FlightDelayMin + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + FlightDelayType: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: FlightDelayType + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + FlightNum: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: FlightNum + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: string - name: - description: >- - The name of the connector. If you do not want a default - connector, use `none`. To retrieve connector names, use the find - connectors API. - example: none + FlightTimeHour: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: FlightTimeHour + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false type: string - type: - $ref: '#/components/schemas/Cases_connector_types' - required: - - fields - - id - - name - - type - customFields: - description: Custom fields case configuration. - items: - type: object - properties: - defaultValue: - description: > - A default value for the custom field. If the `type` is `text`, - the default value must be a string. If the `type` is `toggle`, - the default value must be boolean. - oneOf: - - type: string - - type: boolean - key: - description: > - A unique key for the custom field. Must be lower case and - composed only of a-z, 0-9, '_', and '-' characters. It is used - in API calls to refer to a specific custom field. - maxLength: 36 - minLength: 1 - type: string - label: - description: The custom field label that is displayed in the case. - maxLength: 50 - minLength: 1 - type: string - type: - description: The type of the custom field. - enum: - - text - - toggle - type: string - required: - description: > - Indicates whether the field is required. If `false`, the - custom field can be set to null or omitted when a case is - created or updated. - type: boolean - required: - - key - - label - - required - - type - type: array - templates: - $ref: '#/components/schemas/Cases_templates' - version: - description: > - The version of the connector. To retrieve the version value, use the - get configuration API. - example: WzIwMiwxXQ== - type: string - required: - - version - title: Update case configuration request - type: object - Cases_update_case_request: - description: >- - The update case API request body varies depending on the type of - connector. - properties: - cases: - description: An array containing one or more case objects. - items: - type: object - properties: - assignees: - $ref: '#/components/schemas/Cases_assignees' - category: - $ref: '#/components/schemas/Cases_case_category' - connector: - oneOf: - - $ref: '#/components/schemas/Cases_connector_properties_none' - - $ref: >- - #/components/schemas/Cases_connector_properties_cases_webhook - - $ref: '#/components/schemas/Cases_connector_properties_jira' - - $ref: '#/components/schemas/Cases_connector_properties_resilient' - - $ref: '#/components/schemas/Cases_connector_properties_servicenow' - - $ref: >- - #/components/schemas/Cases_connector_properties_servicenow_sir - - $ref: '#/components/schemas/Cases_connector_properties_swimlane' - customFields: - description: > - Custom field values for a case. Any optional custom fields - that are not specified in the request are set to null. - items: - type: object - properties: - key: - description: > - The unique identifier for the custom field. The key - value must exist in the case configuration settings. - type: string - type: - description: > - The custom field type. It must match the type specified - in the case configuration settings. - enum: - - text - - toggle - type: string - value: - description: > - The custom field value. If the custom field is required, - it cannot be explicitly set to null. However, for cases - that existed when the required custom field was added, - the default value stored in Elasticsearch is - `undefined`. The value returned in the API and user - interface in this case is `null`. - oneOf: - - maxLength: 160 - minLength: 1 - nullable: true - type: string - - type: boolean - required: - - key - - type - - value - maxItems: 10 - minItems: 0 - type: array - description: - $ref: '#/components/schemas/Cases_case_description' - id: - description: The identifier for the case. - maxLength: 30000 - type: string - settings: - $ref: '#/components/schemas/Cases_settings' - severity: - $ref: '#/components/schemas/Cases_case_severity' - status: - $ref: '#/components/schemas/Cases_case_status' - tags: - $ref: '#/components/schemas/Cases_case_tags' - title: - $ref: '#/components/schemas/Cases_case_title' - version: - description: >- - The current version of the case. To determine this value, use - the get case or find cases APIs. - type: string - required: - - id - - version + FlightTimeMin: + aggregatable: true + count: 0 + esTypes: + - float + format: + id: number + isMapped: true + name: FlightTimeMin + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + hour_of_day: + aggregatable: true + count: 0 + esTypes: + - long + format: + id: number + params: + pattern: '00' + name: hour_of_day + readFromDocValues: false + runtimeField: + script: + source: emit(doc['timestamp'].value.getHour()); + type: long + scripted: false + searchable: true + shortDotsEnable: false + type: number + Origin: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: Origin + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + OriginAirportID: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: OriginAirportID + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + OriginCityName: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: OriginCityName + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + OriginCountry: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: OriginCountry + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + OriginLocation: + aggregatable: true + count: 0 + esTypes: + - geo_point + format: + id: geo_point + params: + transform: wkt + isMapped: true + name: OriginLocation + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: geo_point + OriginRegion: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: OriginRegion + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + OriginWeather: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: OriginWeather + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + timestamp: + aggregatable: true + count: 0 + esTypes: + - date + format: + id: date + isMapped: true + name: timestamp + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: date + id: d3d7af60-4c81-11e8-b3d7-01146121b73d + name: Kibana Sample Data Flights + runtimeFieldMap: + hour_of_day: + script: + source: emit(doc['timestamp'].value.getHour()); + type: long + sourceFilters: [] + timeFieldName: timestamp + title: kibana_sample_data_flights + version: WzM2LDJd + fields: + - aggregatable: true + count: 0 + esTypes: + - long + name: hour_of_day + readFromDocValues: false + runtimeField: + script: + source: emit(doc['timestamp'].value.getHour()); + type: long + scripted: false + searchable: true + shortDotsEnable: false + type: number + Data_views_preview_swap_data_view_request: + summary: Preview swapping references from data view ID "abcd-efg" to "xyz-123". + value: + fromId: abcd-efg + toId: xyz-123 + Data_views_set_default_data_view_request: + summary: Set the default data view identifier. + value: + data_view_id: ff959d40-b880-11e8-a6d9-e546fe2bba5f + force: true + Data_views_swap_data_view_request: + summary: >- + Swap references from data view ID "abcd-efg" to "xyz-123" and remove the + data view that is no longer referenced. + value: + delete: true + fromId: abcd-efg + toId: xyz-123 + Data_views_update_data_view_request: + summary: Update some properties for a data view. + value: + data_view: + allowNoIndex: false + name: Kibana Sample Data eCommerce + timeFieldName: order_date + title: kibana_sample_data_ecommerce + refresh_fields: true + Data_views_update_field_metadata_request: + summary: Update metadata for multiple fields. + value: + fields: + field1: + count: 123 + customLabel: Field 1 label + field2: + customDescription: Field 2 description + customLabel: Field 2 label + Data_views_update_runtime_field_request: + summary: Update an existing runtime field on a data view. + value: + runtimeField: + script: + source: emit(doc["bar"].value) + Machine_learning_APIs_mlSyncExample: + summary: Two anomaly detection jobs required synchronization in this example. + value: + datafeedsAdded: {} + datafeedsRemoved: {} + savedObjectsCreated: + anomaly-detector: + myjob1: + success: true + myjob2: + success: true + savedObjectsDeleted: {} + Saved_objects_export_objects_request: + summary: Export a specific saved object. + value: + excludeExportDetails: true + includeReferencesDeep: false + objects: + - id: de71f4f0-1902-11e9-919b-ffe5949a18d2 + type: map + Saved_objects_export_objects_response: + summary: >- + The export objects API response contains a JSON record for each exported + object. + value: + attributes: + description: '' + layerListJSON: >- + [{"id":"0hmz5","alpha":1,"sourceDescriptor":{"type":"EMS_TMS","isAutoSelect":true,"lightModeDefault":"road_map_desaturated"},"visible":true,"style":{},"type":"EMS_VECTOR_TILE","minZoom":0,"maxZoom":24},{"id":"edh66","label":"Total + Requests by + Destination","minZoom":0,"maxZoom":24,"alpha":0.5,"sourceDescriptor":{"type":"EMS_FILE","id":"world_countries","tooltipProperties":["name","iso2"]},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"DYNAMIC","options":{"field":{"name":"__kbnjoin__count__673ff994-fc75-4c67-909b-69fcb0e1060e","origin":"join"},"color":"Greys","fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"lineColor":{"type":"STATIC","options":{"color":"#FFFFFF"}},"lineWidth":{"type":"STATIC","options":{"size":1}},"iconSize":{"type":"STATIC","options":{"size":10}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR","joins":[{"leftField":"iso2","right":{"type":"ES_TERM_SOURCE","id":"673ff994-fc75-4c67-909b-69fcb0e1060e","indexPatternTitle":"kibana_sample_data_logs","term":"geo.dest","indexPatternRefName":"layer_1_join_0_index_pattern","metrics":[{"type":"count","label":"web + logs + count"}],"applyGlobalQuery":true}}]},{"id":"gaxya","label":"Actual + Requests","minZoom":9,"maxZoom":24,"alpha":1,"sourceDescriptor":{"id":"b7486535-171b-4d3b-bb2e-33c1a0a2854c","type":"ES_SEARCH","geoField":"geo.coordinates","limit":2048,"filterByMapBounds":true,"tooltipProperties":["clientip","timestamp","host","request","response","machine.os","agent","bytes"],"indexPatternRefName":"layer_2_source_index_pattern","applyGlobalQuery":true,"scalingType":"LIMIT"},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"STATIC","options":{"color":"#2200ff"}},"lineColor":{"type":"STATIC","options":{"color":"#FFFFFF"}},"lineWidth":{"type":"STATIC","options":{"size":2}},"iconSize":{"type":"DYNAMIC","options":{"field":{"name":"bytes","origin":"source"},"minSize":1,"maxSize":23,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR"},{"id":"tfi3f","label":"Total + Requests and + Bytes","minZoom":0,"maxZoom":9,"alpha":1,"sourceDescriptor":{"type":"ES_GEO_GRID","resolution":"COARSE","id":"8aaa65b5-a4e9-448b-9560-c98cb1c5ac5b","geoField":"geo.coordinates","requestType":"point","metrics":[{"type":"count","label":"web + logs + count"},{"type":"sum","field":"bytes"}],"indexPatternRefName":"layer_3_source_index_pattern","applyGlobalQuery":true},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"color":"Blues","fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"lineColor":{"type":"STATIC","options":{"color":"#cccccc"}},"lineWidth":{"type":"STATIC","options":{"size":1}},"iconSize":{"type":"DYNAMIC","options":{"field":{"name":"sum_of_bytes","origin":"source"},"minSize":7,"maxSize":25,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"labelText":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"labelSize":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"minSize":12,"maxSize":24,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR"}] + mapStateJSON: >- + {"zoom":3.64,"center":{"lon":-88.92107,"lat":42.16337},"timeFilters":{"from":"now-7d","to":"now"},"refreshConfig":{"isPaused":true,"interval":0},"query":{"language":"kuery","query":""},"settings":{"autoFitToDataBounds":false}} + title: '[Logs] Total Requests and Bytes' + uiStateJSON: '{"isDarkMode":false}' + coreMigrationVersion: 8.8.0 + created_at: '2023-08-23T20:03:32.204Z' + id: de71f4f0-1902-11e9-919b-ffe5949a18d2 + managed: false + references: + - id: 90943e30-9a47-11e8-b64d-95841ca0b247 + name: layer_1_join_0_index_pattern + type: index-pattern + - id: 90943e30-9a47-11e8-b64d-95841ca0b247 + name: layer_2_source_index_pattern + type: index-pattern + - id: 90943e30-9a47-11e8-b64d-95841ca0b247 + name: layer_3_source_index_pattern + type: index-pattern + type: map + typeMigrationVersion: 8.4.0 + updated_at: '2023-08-23T20:03:32.204Z' + version: WzEzLDFd + Saved_objects_import_objects_request: + value: + file: file.ndjson + Saved_objects_import_objects_response: + summary: >- + The import objects API response indicates a successful import and the + objects are created. Since these objects are created as new copies, each + entry in the successResults array includes a destinationId attribute. + value: + success: true + successCount: 1 + successResults: + - destinationId: 82d2760c-468f-49cf-83aa-b9a35b6a8943 + id: 90943e30-9a47-11e8-b64d-95841ca0b247 + managed: false + meta: + icon: indexPatternApp + title: Kibana Sample Data Logs + type: index-pattern + Saved_objects_key_rotation_response: + summary: Encryption key rotation using default parameters. + value: + failed: 0 + successful: 300 + total: 1000 + Saved_objects_resolve_missing_reference_request: + value: + file: file.ndjson + retries: + - id: my-pattern + overwrite: true + type: index-pattern + - destinationId: another-vis + id: my-vis + overwrite: true + type: visualization + - destinationId: yet-another-canvas + id: my-canvas + overwrite: true + type: canvas + - id: my-dashboard + type: dashboard + Saved_objects_resolve_missing_reference_response: + summary: Resolve missing reference errors. + value: + success: true + successCount: 3 + successResults: + - id: my-vis + meta: + icon: visualizeApp + title: Look at my visualization + type: visualization + - id: my-search + meta: + icon: searchApp + title: Look at my search + type: search + - id: my-dashboard + meta: + icon: dashboardApp + title: Look at my dashboard + type: dashboard + parameters: + Alerting_kbn_xsrf: + description: Cross-site request forgery protection + in: header + name: kbn-xsrf + required: true + schema: + type: string + Cases_alert_id: + description: An identifier for the alert. + in: path + name: alertId + required: true + schema: + example: 09f0c261e39e36351d75995b78bb83673774d1bc2cca9df2d15f0e5c0a99a540 + type: string + Cases_assignees_filter: + description: > + Filters the returned cases by assignees. Valid values are `none` or + unique identifiers for the user profiles. These identifiers can be found + by using the suggest user profile API. + in: query + name: assignees + schema: + oneOf: + - type: string + - items: + type: string + maxItems: 100 + type: array + Cases_case_id: + description: >- + The identifier for the case. To retrieve case IDs, use the find cases + API. All non-ASCII characters must be URL encoded. + in: path + name: caseId + required: true + schema: + example: 9c235210-6834-11ea-a78c-6ffb38a34414 + type: string + Cases_category: + description: Filters the returned cases by category. + in: query + name: category + schema: + oneOf: + - example: my-category + type: string + - items: + type: string + maxItems: 100 + type: array + Cases_comment_id: + description: > + The identifier for the comment. To retrieve comment IDs, use the get + case or find cases APIs. + in: path + name: commentId + required: true + schema: + example: 71ec1870-725b-11ea-a0b2-c51ea50a58e2 + type: string + Cases_configuration_id: + description: An identifier for the configuration. + in: path + name: configurationId + required: true + schema: + example: 3297a0f0-b5ec-11ec-b141-0fdb20a7f9a9 + type: string + Cases_connector_id: + description: >- + An identifier for the connector. To retrieve connector IDs, use the find + connectors API. + in: path + name: connectorId + required: true + schema: + example: abed3a70-71bd-11ea-a0b2-c51ea50a58e2 + type: string + Cases_defaultSearchOperator: + description: he default operator to use for the simple_query_string. + example: OR + in: query + name: defaultSearchOperator + schema: + default: OR + type: string + Cases_from: + description: > + Returns only cases that were created after a specific date. The date + must be specified as a KQL data range or date match expression. + in: query + name: from + schema: + example: now-1d + type: string + Cases_ids: + description: > + The cases that you want to removed. All non-ASCII characters must be URL + encoded. + example: d4e7abb0-b462-11ec-9a8d-698504725a43 + in: query + name: ids + required: true + schema: + items: maxItems: 100 minItems: 1 - type: array - required: - - cases - title: Update case request - type: object - Cases_update_user_comment_request_properties: - description: Defines properties for case comment requests when type is user. - properties: - comment: - description: The new comment. It is required only when `type` is `user`. - example: A new comment. - maxLength: 30000 - type: string - id: - description: > - The identifier for the comment. To retrieve comment IDs, use the get - comments API. - example: 8af6ac20-74f6-11ea-b83a-553aecdb28b6 - type: string - owner: - $ref: '#/components/schemas/Cases_owners' - type: - description: The type of comment. - enum: - - user - example: user - type: string - version: - description: > - The current comment version. To retrieve version values, use the get - comments API. - example: Wzk1LDFd - type: string - required: - - comment - - id - - owner - - type - - version - title: Update case comment request properties for user comments - type: object - Cases_user_actions_find_response_properties: - type: object - properties: - action: - $ref: '#/components/schemas/Cases_actions' - comment_id: - example: 578608d0-03b1-11ed-920c-974bfa104448 - nullable: true - type: string - created_at: - example: '2022-05-13T09:16:17.416Z' - format: date-time type: string - created_by: - type: object - properties: - email: - example: null - nullable: true - type: string - full_name: - example: null - nullable: true - type: string - profile_uid: - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: array + Cases_includeComments: + deprecated: true + description: >- + Deprecated in 8.1.0. This parameter is deprecated and will be removed in + a future release. It determines whether case comments are returned. + in: query + name: includeComments + schema: + default: true + type: boolean + Cases_kbn_xsrf: + description: Cross-site request forgery protection + in: header + name: kbn-xsrf + required: true + schema: + type: string + Cases_owner: + description: > + A filter to limit the response to a specific set of applications. If + this parameter is omitted, the response contains information about all + the cases that the user has access to read. + example: cases + in: query + name: owner + schema: + oneOf: + - $ref: '#/components/schemas/Cases_owners' + - items: + $ref: '#/components/schemas/Cases_owners' + type: array + Cases_page_index: + description: The page number to return. + in: query + name: page + required: false + schema: + default: 1 + type: integer + Cases_page_size: + description: The number of items to return. Limited to 100 items. + in: query + name: perPage + required: false + schema: + default: 20 + maximum: 100 + type: integer + Cases_reporters: + description: Filters the returned cases by the user name of the reporter. + example: elastic + in: query + name: reporters + schema: + oneOf: + - type: string + - items: type: string - username: - example: elastic - nullable: true + maxItems: 100 + type: array + Cases_search: + description: >- + An Elasticsearch simple_query_string query that filters the objects in + the response. + in: query + name: search + schema: + type: string + Cases_searchFields: + description: The fields to perform the simple_query_string parsed query against. + in: query + name: searchFields + schema: + oneOf: + - $ref: '#/components/schemas/Cases_searchFieldsType' + - items: + $ref: '#/components/schemas/Cases_searchFieldsType' + type: array + Cases_severity: + description: The severity of the case. + in: query + name: severity + schema: + enum: + - critical + - high + - low + - medium + type: string + Cases_sort_order: + description: Determines the sort order. + in: query + name: sortOrder + required: false + schema: + default: desc + enum: + - asc + - desc + type: string + Cases_sortField: + description: Determines which field is used to sort the results. + example: updatedAt + in: query + name: sortField + schema: + default: createdAt + enum: + - createdAt + - updatedAt + - closedAt + - title + - category + - status + - severity + type: string + Cases_status: + description: Filters the returned cases by state. + example: open + in: query + name: status + schema: + enum: + - closed + - in-progress + - open + type: string + Cases_tags: + description: Filters the returned cases by tags. + example: tag-1 + in: query + name: tags + schema: + oneOf: + - type: string + - items: type: string - required: - - email - - full_name - - username - id: - example: 22fd3e30-03b1-11ed-920c-974bfa104448 - type: string - owner: - $ref: '#/components/schemas/Cases_owners' - payload: - oneOf: - - $ref: '#/components/schemas/Cases_payload_alert_comment' - - $ref: '#/components/schemas/Cases_payload_assignees' - - $ref: '#/components/schemas/Cases_payload_connector' - - $ref: '#/components/schemas/Cases_payload_create_case' - - $ref: '#/components/schemas/Cases_payload_delete' - - $ref: '#/components/schemas/Cases_payload_description' - - $ref: '#/components/schemas/Cases_payload_pushed' - - $ref: '#/components/schemas/Cases_payload_settings' - - $ref: '#/components/schemas/Cases_payload_severity' - - $ref: '#/components/schemas/Cases_payload_status' - - $ref: '#/components/schemas/Cases_payload_tags' - - $ref: '#/components/schemas/Cases_payload_title' - - $ref: '#/components/schemas/Cases_payload_user_comment' - type: - description: The type of action. + maxItems: 100 + type: array + Cases_to: + description: > + Returns only cases that were created before a specific date. The date + must be specified as a KQL data range or date match expression. + example: now+1d + in: query + name: to + schema: + type: string + Cases_user_action_types: + description: Determines the types of user actions to return. + example: create_case + in: query + name: types + schema: + items: enum: + - action + - alert - assignees - - create_case + - attachment - comment - connector + - create_case - description - pushed - - tags - - title - - status - settings - severity - example: create_case - type: string - version: - example: WzM1ODg4LDFd - type: string - required: - - action - - comment_id - - created_at - - created_by - - id - - owner - - payload - - type - - version - Cases_user_actions_response_properties: - type: object - properties: - action: - $ref: '#/components/schemas/Cases_actions' - action_id: - example: 22fd3e30-03b1-11ed-920c-974bfa104448 - type: string - case_id: - example: 22df07d0-03b1-11ed-920c-974bfa104448 - type: string - comment_id: - example: 578608d0-03b1-11ed-920c-974bfa104448 - nullable: true - type: string - created_at: - example: '2022-05-13T09:16:17.416Z' - format: date-time - type: string - created_by: - type: object - properties: - email: - example: null - nullable: true - type: string - full_name: - example: null - nullable: true - type: string - profile_uid: - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - type: string - username: - example: elastic - nullable: true - type: string - required: - - email - - full_name - - username - owner: - $ref: '#/components/schemas/Cases_owners' - payload: - oneOf: - - $ref: '#/components/schemas/Cases_payload_alert_comment' - - $ref: '#/components/schemas/Cases_payload_assignees' - - $ref: '#/components/schemas/Cases_payload_connector' - - $ref: '#/components/schemas/Cases_payload_create_case' - - $ref: '#/components/schemas/Cases_payload_delete' - - $ref: '#/components/schemas/Cases_payload_description' - - $ref: '#/components/schemas/Cases_payload_pushed' - - $ref: '#/components/schemas/Cases_payload_settings' - - $ref: '#/components/schemas/Cases_payload_severity' - - $ref: '#/components/schemas/Cases_payload_status' - - $ref: '#/components/schemas/Cases_payload_tags' - - $ref: '#/components/schemas/Cases_payload_title' - - $ref: '#/components/schemas/Cases_payload_user_comment' - type: - $ref: '#/components/schemas/Cases_action_types' - required: - - action - - action_id - - case_id - - comment_id - - created_at - - created_by - - owner - - payload - - type - Cases_user_comment_response_properties: - title: Case response properties for user comments - type: object - properties: - comment: - example: A new comment. - type: string - created_at: - example: '2022-05-13T09:16:17.416Z' - format: date-time - type: string - created_by: - $ref: '#/components/schemas/Cases_case_response_created_by_properties' - id: - example: 8af6ac20-74f6-11ea-b83a-553aecdb28b6 - type: string - owner: - $ref: '#/components/schemas/Cases_owners' - pushed_at: - example: null - format: date-time - nullable: true - type: string - pushed_by: - $ref: '#/components/schemas/Cases_case_response_pushed_by_properties' - type: - enum: + - status + - tags + - title - user - example: user type: string - updated_at: - example: null - format: date-time - nullable: true - type: string - updated_by: - $ref: '#/components/schemas/Cases_case_response_updated_by_properties' - version: - example: WzIwNDMxLDFd - type: string - required: - - type - Data_views_400_response: - title: Bad request - type: object - properties: - error: - example: Bad Request - type: string - message: - type: string - statusCode: - example: 400 - type: number - required: - - statusCode - - error - - message - Data_views_404_response: - type: object + type: array + Data_views_field_name: + description: The name of the runtime field. + in: path + name: fieldName + required: true + schema: + example: hour_of_day + type: string + Data_views_kbn_xsrf: + description: Cross-site request forgery protection + in: header + name: kbn-xsrf + required: true + schema: + type: string + Data_views_view_id: + description: An identifier for the data view. + in: path + name: viewId + required: true + schema: + example: ff959d40-b880-11e8-a6d9-e546fe2bba5f + type: string + Machine_learning_APIs_simulateParam: + description: >- + When true, simulates the synchronization by returning only the list of + actions that would be performed. + example: 'true' + in: query + name: simulate + required: false + schema: + type: boolean + Saved_objects_kbn_xsrf: + description: Cross-site request forgery protection + in: header + name: kbn-xsrf + required: true + schema: + type: string + Saved_objects_saved_object_id: + description: An identifier for the saved object. + in: path + name: id + required: true + schema: + type: string + Saved_objects_saved_object_type: + description: >- + Valid options include `visualization`, `dashboard`, `search`, + `index-pattern`, `config`. + in: path + name: type + required: true + schema: + type: string + SLOs_kbn_xsrf: + description: Cross-site request forgery protection + in: header + name: kbn-xsrf + required: true + schema: + type: string + SLOs_slo_id: + description: An identifier for the slo. + in: path + name: sloId + required: true + schema: + example: 9c235211-6834-11ea-a78c-6feb38a34414 + type: string + SLOs_space_id: + description: >- + An identifier for the space. If `/s/` and the identifier are omitted + from the path, the default space is used. + in: path + name: spaceId + required: true + schema: + example: default + type: string + schemas: + Alerting_401_response: properties: error: enum: - - Not Found - example: Not Found + - Unauthorized + example: Unauthorized type: string message: - example: >- - Saved object [index-pattern/caaad6d0-920c-11ed-b36a-874bd1548a00] - not found type: string statusCode: enum: - - 404 - example: 404 + - 401 + example: 401 type: integer - Data_views_allownoindex: - description: Allows the data view saved object to exist before the data is available. - type: boolean - Data_views_create_data_view_request_object: - title: Create data view request + title: Unsuccessful rule API response type: object - properties: - data_view: - description: The data view object. - type: object - properties: - allowNoIndex: - $ref: '#/components/schemas/Data_views_allownoindex' - fieldAttrs: - additionalProperties: - $ref: '#/components/schemas/Data_views_fieldattrs' - type: object - fieldFormats: - $ref: '#/components/schemas/Data_views_fieldformats' - fields: - type: object - id: - type: string - name: - description: The data view name. - type: string - namespaces: - $ref: '#/components/schemas/Data_views_namespaces' - runtimeFieldMap: - additionalProperties: - $ref: '#/components/schemas/Data_views_runtimefieldmap' - type: object - sourceFilters: - $ref: '#/components/schemas/Data_views_sourcefilters' - timeFieldName: - $ref: '#/components/schemas/Data_views_timefieldname' - title: - $ref: '#/components/schemas/Data_views_title' - type: - $ref: '#/components/schemas/Data_views_type' - typeMeta: - $ref: '#/components/schemas/Data_views_typemeta' - version: - type: string - required: - - title - override: - default: false - description: >- - Override an existing data view if a data view with the provided - title already exists. - type: boolean - required: - - data_view - Data_views_data_view_response_object: - title: Data view response properties + Alerting_alert_response_properties: + title: Legacy alert response properties type: object properties: - data_view: + actions: + items: + type: object + type: array + alertTypeId: + example: .index-threshold + type: string + apiKeyOwner: + example: elastic + nullable: true + type: string + createdAt: + description: The date and time that the alert was created. + example: '2022-12-05T23:36:58.284Z' + format: date-time + type: string + createdBy: + description: The identifier for the user that created the alert. + example: elastic + type: string + enabled: + description: Indicates whether the alert is currently enabled. + example: true + type: boolean + executionStatus: type: object properties: - allowNoIndex: - $ref: '#/components/schemas/Data_views_allownoindex' - fieldAttrs: - additionalProperties: - $ref: '#/components/schemas/Data_views_fieldattrs' - type: object - fieldFormats: - $ref: '#/components/schemas/Data_views_fieldformats' - fields: - type: object - id: - example: ff959d40-b880-11e8-a6d9-e546fe2bba5f - type: string - name: - description: The data view name. + lastExecutionDate: + example: '2022-12-06T00:13:43.890Z' + format: date-time type: string - namespaces: - $ref: '#/components/schemas/Data_views_namespaces' - runtimeFieldMap: - additionalProperties: - $ref: '#/components/schemas/Data_views_runtimefieldmap' - type: object - sourceFilters: - $ref: '#/components/schemas/Data_views_sourcefilters' - timeFieldName: - $ref: '#/components/schemas/Data_views_timefieldname' - title: - $ref: '#/components/schemas/Data_views_title' - typeMeta: - $ref: '#/components/schemas/Data_views_typemeta_response' - version: - example: WzQ2LDJd + status: + example: ok type: string - Data_views_fieldattrs: - description: A map of field attributes by field name. - type: object - properties: - count: - description: Popularity count for the field. - type: integer - customDescription: - description: Custom description for the field. - maxLength: 300 - type: string - customLabel: - description: Custom label for the field. + id: + description: The identifier for the alert. + example: b530fed0-74f5-11ed-9801-35303b735aef type: string - Data_views_fieldformats: - description: A map of field formats by field name. - type: object - Data_views_namespaces: - description: >- - An array of space identifiers for sharing the data view between multiple - spaces. - items: - default: default - type: string - type: array - Data_views_runtimefieldmap: - description: A map of runtime field definitions by field name. - type: object - properties: - script: + muteAll: + example: false + type: boolean + mutedInstanceIds: + items: + type: string + nullable: true + type: array + name: + description: The name of the alert. + example: my alert + type: string + notifyWhen: + example: onActionGroupChange + type: string + params: + additionalProperties: true + type: object + schedule: type: object properties: - source: - description: Script for the runtime field. + interval: type: string - type: - description: Mapping type of the runtime field. + scheduledTaskId: + example: b530fed0-74f5-11ed-9801-35303b735aef type: string - required: - - script - - type - Data_views_sourcefilters: - description: The array of field names you want to filter out in Discover. - items: - type: object - properties: - value: + tags: + items: type: string - required: - - value - type: array - Data_views_swap_data_view_request_object: - title: Data view reference swap request + type: array + throttle: + nullable: true + type: string + updatedAt: + example: '2022-12-05T23:36:58.284Z' + type: string + updatedBy: + description: The identifier for the user that updated this alert most recently. + example: elastic + nullable: true + type: string + Alerting_fieldmap_properties: + title: Field map objects in the get rule types response type: object properties: - delete: - description: Deletes referenced saved object if all references are removed. + array: + description: Indicates whether the field is an array. type: boolean - forId: - description: Limit the affected saved objects to one or more by identifier. - oneOf: - - type: string - - items: - type: string - type: array - forType: - description: Limit the affected saved objects by type. + dynamic: + description: Indicates whether it is a dynamic field mapping. + type: boolean + format: + description: > + Indicates the format of the field. For example, if the `type` is + `date_range`, the `format` can be + `epoch_millis||strict_date_optional_time`. type: string - fromId: - description: The saved object reference to change. + ignore_above: + description: >- + Specifies the maximum length of a string field. Longer strings are + not indexed or stored. + type: integer + index: + description: Indicates whether field values are indexed. + type: boolean + path: + description: TBD type: string - fromType: + properties: + additionalProperties: + type: object + properties: + type: + description: The data type for each object property. + type: string description: > - Specify the type of the saved object reference to alter. The default - value is `index-pattern` for data views. + Details about the object properties. This property is applicable + when `type` is `object`. + type: object + required: + description: Indicates whether the field is required. + type: boolean + scaling_factor: + description: > + The scaling factor to use when encoding values. This property is + applicable when `type` is `scaled_float`. Values will be multiplied + by this factor at index time and rounded to the closest long value. + type: integer + type: + description: Specifies the data type for the field. + example: scaled_float type: string - toId: - description: New saved object reference value to replace the old value. + Cases_4xx_response: + properties: + error: + example: Unauthorized type: string - required: - - fromId - - toId - Data_views_timefieldname: - description: The timestamp field name, which you use for time-based data views. - type: string - Data_views_title: - description: >- - Comma-separated list of data streams, indices, and aliases that you want - to search. Supports wildcards (`*`). + message: + type: string + statusCode: + example: 401 + type: integer + title: Unsuccessful cases API response + type: object + Cases_action_types: + description: The type of action. + enum: + - assignees + - create_case + - comment + - connector + - delete_case + - description + - pushed + - tags + - title + - status + - settings + - severity + example: create_case type: string - Data_views_type: - description: When set to `rollup`, identifies the rollup data views. + Cases_actions: + enum: + - add + - create + - delete + - push_to_service + - update + example: create type: string - Data_views_typemeta: - description: >- - When you use rollup indices, contains the field list for the rollup data - view API endpoints. + Cases_add_alert_comment_request_properties: + description: Defines properties for case comment requests when type is alert. type: object properties: - aggs: - description: A map of rollup restrictions by aggregation type and field name. - type: object - params: - description: Properties for retrieving rollup fields. - type: object + alertId: + $ref: '#/components/schemas/Cases_alert_identifiers' + index: + $ref: '#/components/schemas/Cases_alert_indices' + owner: + $ref: '#/components/schemas/Cases_owners' + rule: + $ref: '#/components/schemas/Cases_rule' + type: + description: The type of comment. + enum: + - alert + example: alert + type: string required: - - aggs - - params - Data_views_typemeta_response: + - alertId + - index + - owner + - rule + - type + title: Add case comment request properties for alerts + Cases_add_case_comment_request: description: >- - When you use rollup indices, contains the field list for the rollup data - view API endpoints. - nullable: true - type: object - properties: - aggs: - description: A map of rollup restrictions by aggregation type and field name. - type: object - params: - description: Properties for retrieving rollup fields. - type: object - Data_views_update_data_view_request_object: - title: Update data view request - type: object + The add comment to case API request body varies depending on whether you + are adding an alert or a comment. + discriminator: + mapping: + alert: '#/components/schemas/Cases_add_alert_comment_request_properties' + user: '#/components/schemas/Cases_add_user_comment_request_properties' + propertyName: type + oneOf: + - $ref: '#/components/schemas/Cases_add_alert_comment_request_properties' + - $ref: '#/components/schemas/Cases_add_user_comment_request_properties' + title: Add case comment request + Cases_add_user_comment_request_properties: + description: Defines properties for case comment requests when type is user. properties: - data_view: - description: > - The data view properties you want to update. Only the specified - properties are updated in the data view. Unspecified fields stay as - they are persisted. - type: object - properties: - allowNoIndex: - $ref: '#/components/schemas/Data_views_allownoindex' - fieldFormats: - $ref: '#/components/schemas/Data_views_fieldformats' - fields: - type: object - name: - type: string - runtimeFieldMap: - additionalProperties: - $ref: '#/components/schemas/Data_views_runtimefieldmap' - type: object - sourceFilters: - $ref: '#/components/schemas/Data_views_sourcefilters' - timeFieldName: - $ref: '#/components/schemas/Data_views_timefieldname' - title: - $ref: '#/components/schemas/Data_views_title' - type: - $ref: '#/components/schemas/Data_views_type' - typeMeta: - $ref: '#/components/schemas/Data_views_typemeta' - refresh_fields: - default: false - description: Reloads the data view fields after the data view is updated. - type: boolean + comment: + description: The new comment. It is required only when `type` is `user`. + example: A new comment. + maxLength: 30000 + type: string + owner: + $ref: '#/components/schemas/Cases_owners' + type: + description: The type of comment. + enum: + - user + example: user + type: string required: - - data_view - Fleet_agent: - title: Agent + - comment + - owner + - type + title: Add case comment request properties for user comments + type: object + Cases_alert_comment_response_properties: + title: Add case comment response properties for alerts type: object properties: - access_api_key: - type: string - access_api_key_id: - type: string - active: - type: boolean - components: + alertId: items: - $ref: '#/components/schemas/Fleet_agent_component' + example: a6e12ac4-7bce-457b-84f6-d7ce8deb8446 + type: string type: array - default_api_key: - type: string - default_api_key_id: - type: string - enrolled_at: + created_at: + example: '2023-11-06T19:29:38.424Z' + format: date-time type: string + created_by: + type: object + properties: + email: + example: null + nullable: true + type: string + full_name: + example: null + nullable: true + type: string + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true + type: string + required: + - email + - full_name + - username id: + example: 73362370-ab1a-11ec-985f-97e55adae8b9 type: string - last_checkin: + index: + items: + example: .internal.alerts-security.alerts-default-000001 + type: string + type: array + owner: + $ref: '#/components/schemas/Cases_owners' + pushed_at: + example: null + format: date-time + nullable: true type: string - local_metadata: - $ref: '#/components/schemas/Fleet_agent_metadata' - metrics: + pushed_by: + nullable: true type: object properties: - cpu_avg: - description: >- - Average agent CPU usage during the last 5 minutes, number - between 0-1 - type: number - memory_size_byte_avg: - description: Average agent memory consumption during the last 5 minutes - type: number - policy_id: - type: string - policy_revision: - type: number - status: - $ref: '#/components/schemas/Fleet_agent_status' + email: + example: null + nullable: true + type: string + full_name: + example: null + nullable: true + type: string + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true + type: string + required: + - email + - full_name + - username + rule: + type: object + properties: + id: + description: The rule identifier. + example: 94d80550-aaf4-11ec-985f-97e55adae8b9 + type: string + name: + description: The rule name. + example: security_rule + type: string type: - $ref: '#/components/schemas/Fleet_agent_type' - unenrolled_at: + enum: + - alert + example: alert type: string - unenrollment_started_at: + updated_at: + format: date-time + nullable: true type: string - user_provided_metadata: - $ref: '#/components/schemas/Fleet_agent_metadata' - required: - - type - - active - - enrolled_at - - id - - status - Fleet_agent_action: - oneOf: - - properties: - ack_data: + updated_by: + nullable: true + type: object + properties: + email: + example: null + nullable: true type: string - data: + full_name: + example: null + nullable: true type: string - type: - enum: - - UNENROLL - - UPGRADE - - POLICY_REASSIGN + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 type: string - - properties: - data: - type: object - properties: - log_level: - enum: - - debug - - info - - warning - - error - nullable: true - type: string - type: + username: + example: elastic + nullable: true type: string - title: Agent action - Fleet_agent_component: - title: Agent component - type: object - properties: - id: - type: string - message: - type: string - status: - $ref: '#/components/schemas/Fleet_agent_component_status' - type: + required: + - email + - full_name + - username + version: + example: WzMwNDgsMV0= type: string - units: - items: - $ref: '#/components/schemas/Fleet_agent_component_unit' + required: + - type + Cases_alert_identifiers: + description: > + The alert identifiers. It is required only when `type` is `alert`. You + can use an array of strings to add multiple alerts to a case, provided + that they all relate to the same rule; `index` must also be an array + with the same length or number of elements. Adding multiple alerts in + this manner is recommended rather than calling the API multiple times. + This functionality is in technical preview and may be changed or removed + in a future release. Elastic will work to fix any issues, but features + in technical preview are not subject to the support SLA of official GA + features. + example: 6b24c4dc44bc720cfc92797f3d61fff952f2b2627db1fb4f8cc49f4530c4ff42 + oneOf: + - type: string + - items: + type: string + maxItems: 1000 type: array - Fleet_agent_component_status: - enum: - - starting - - configuring - - healthy - - degraded - - failed - - stopping - - stopped - title: Agent component status - type: string - Fleet_agent_component_unit: - title: Agent component unit + title: Alert identifiers + x-technical-preview: true + Cases_alert_indices: + description: > + The alert indices. It is required only when `type` is `alert`. If you + are adding multiple alerts to a case, use an array of strings; the + position of each index name in the array must match the position of the + corresponding alert identifier in the `alertId` array. This + functionality is in technical preview and may be changed or removed in a + future release. Elastic will work to fix any issues, but features in + technical preview are not subject to the support SLA of official GA + features. + oneOf: + - type: string + - items: + type: string + maxItems: 1000 + type: array + title: Alert indices + x-technical-preview: true + Cases_alert_response_properties: type: object properties: + attached_at: + format: date-time + type: string id: + description: The alert identifier. type: string - message: + index: + description: The alert index. type: string - payload: - type: object - status: - $ref: '#/components/schemas/Fleet_agent_component_status' - type: - $ref: '#/components/schemas/Fleet_agent_component_unit_type' - Fleet_agent_component_unit_type: - enum: - - input - - output - title: Agent component unit type + Cases_assignees: + description: An array containing users that are assigned to the case. + items: + type: object + properties: + uid: + description: >- + A unique identifier for the user profile. These identifiers can be + found by using the suggest user profile API. + example: u_0wpfV1MqYDaXzLtRVY-gLMrddKDEmfz51Fszhj7hWC8_0 + type: string + required: + - uid + maxItems: 10 + nullable: true + type: array + Cases_case_category: + description: A word or phrase that categorizes the case. + maxLength: 50 type: string - Fleet_agent_diagnostics: - title: Agent diagnostics - type: object + Cases_case_description: + description: The description for the case. + maxLength: 30000 + type: string + Cases_case_response_closed_by_properties: + nullable: true properties: - actionId: - type: string - createTime: + email: + example: null + nullable: true type: string - filePath: + full_name: + example: null + nullable: true type: string - id: + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 type: string - name: + username: + example: elastic + nullable: true type: string - status: - enum: - - READY - - AWAITING_UPLOAD - - DELETED - - IN_PROGRESS required: - - id - - name - - createTime - - filePath - - actionId - - status - Fleet_agent_get_by_actions: - items: - items: - type: string - type: array - title: Agents get by action ids - type: array - Fleet_agent_metadata: - title: Agent metadata + - email + - full_name + - username + title: Case response properties for closed_by type: object - Fleet_agent_policy: - title: Agent Policy + Cases_case_response_created_by_properties: + title: Case response properties for created_by type: object properties: - advanced_settings: - description: >- - Advanced settings stored in the agent policy, e.g. - agent_limits_go_max_procs + email: + example: null nullable: true - type: object - agent_features: - items: - type: object - properties: - enabled: - type: boolean - name: - type: string - required: - - name - - enabled - type: array - agents: - type: number - data_output_id: + type: string + full_name: + example: null nullable: true type: string - description: + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 type: string - download_source_id: + username: + example: elastic nullable: true type: string - fleet_server_host_id: + required: + - email + - full_name + - username + Cases_case_response_properties: + title: Case response properties + type: object + properties: + assignees: + $ref: '#/components/schemas/Cases_assignees' + category: + description: The case category. nullable: true type: string - global_data_tags: - items: - additionalProperties: - oneOf: - - type: string - - type: number - description: >- - User defined data tags that are added to all of the inputs. The - values can be strings or numbers. - type: object - type: array - id: - type: string - inactivity_timeout: - type: integer - is_protected: - description: >- - Indicates whether the agent policy has tamper protection enabled. - Default false. - type: boolean - keep_monitoring_alive: - description: >- - When set to true, monitoring will be enabled but logs/metrics - collection will be disabled - nullable: true - type: boolean - monitoring_diagnostics: - type: object - properties: - limit: - type: object - properties: - burst: - type: number - interval: - type: string - uploader: - type: object - properties: - init_dur: - type: string - max_dur: - type: string - max_retries: - type: number - monitoring_enabled: - items: - enum: - - metrics - - logs - type: string - type: array - monitoring_http: - type: object - properties: - enabled: - type: boolean - host: - type: string - port: - type: number - required: - - enabled - monitoring_output_id: + closed_at: + format: date-time nullable: true type: string - monitoring_pprof_enabled: - type: boolean - name: - type: string - namespace: - type: string - overrides: - description: >- - Override settings that are defined in the agent policy. Input - settings cannot be overridden. The override option should be used - only in unusual circumstances and not as a routine procedure. - nullable: true - type: object - package_policies: - description: >- - This field is present only when retrieving a single agent policy, or - when retrieving a list of agent policies with the ?full=true - parameter + closed_by: + $ref: '#/components/schemas/Cases_case_response_closed_by_properties' + comments: + description: An array of comment objects for the case. items: - $ref: '#/components/schemas/Fleet_package_policy' + discriminator: + mapping: + alert: '#/components/schemas/Cases_alert_comment_response_properties' + user: '#/components/schemas/Cases_user_comment_response_properties' + propertyName: type + oneOf: + - $ref: '#/components/schemas/Cases_alert_comment_response_properties' + - $ref: '#/components/schemas/Cases_user_comment_response_properties' + maxItems: 10000 + title: Case response properties for comments type: array - revision: - type: number - supports_agentless: - description: >- - Indicates whether the agent policy supports agentless integrations. - Only allowed in a serverless environment. - type: boolean - unenroll_timeout: - type: integer - unprivileged_agents: - type: number - updated_by: - type: string - updated_on: + connector: + discriminator: + mapping: + .cases-webhook: '#/components/schemas/Cases_connector_properties_cases_webhook' + .jira: '#/components/schemas/Cases_connector_properties_jira' + .none: '#/components/schemas/Cases_connector_properties_none' + .resilient: '#/components/schemas/Cases_connector_properties_resilient' + .servicenow: '#/components/schemas/Cases_connector_properties_servicenow' + .servicenow-sir: '#/components/schemas/Cases_connector_properties_servicenow_sir' + .swimlane: '#/components/schemas/Cases_connector_properties_swimlane' + propertyName: type + oneOf: + - $ref: '#/components/schemas/Cases_connector_properties_none' + - $ref: '#/components/schemas/Cases_connector_properties_cases_webhook' + - $ref: '#/components/schemas/Cases_connector_properties_jira' + - $ref: '#/components/schemas/Cases_connector_properties_resilient' + - $ref: '#/components/schemas/Cases_connector_properties_servicenow' + - $ref: '#/components/schemas/Cases_connector_properties_servicenow_sir' + - $ref: '#/components/schemas/Cases_connector_properties_swimlane' + title: Case response properties for connectors + created_at: + example: '2022-05-13T09:16:17.416Z' format: date-time type: string - required: - - id - - status - - name - - namespace - Fleet_agent_policy_create_request: - title: Create agent policy request - type: object - properties: - agent_features: + created_by: + $ref: '#/components/schemas/Cases_case_response_created_by_properties' + customFields: + description: Custom field values for the case. items: type: object properties: - enabled: - type: boolean - name: + key: + description: > + The unique identifier for the custom field. The key value must + exist in the case configuration settings. type: string - required: - - name - - enabled + type: + description: > + The custom field type. It must match the type specified in the + case configuration settings. + enum: + - text + - toggle + type: string + value: + description: > + The custom field value. If the custom field is required, it + cannot be explicitly set to null. However, for cases that + existed when the required custom field was added, the default + value stored in Elasticsearch is `undefined`. The value + returned in the API and user interface in this case is `null`. + oneOf: + - maxLength: 160 + minLength: 1 + nullable: true + type: string + - type: boolean type: array - data_output_id: - nullable: true - type: string description: + example: A case description. type: string - download_source_id: - nullable: true - type: string - fleet_server_host_id: + duration: + description: > + The elapsed time from the creation of the case to its closure (in + seconds). If the case has not been closed, the duration is set to + null. If the case was closed after less than half a second, the + duration is rounded down to zero. + example: 120 nullable: true - type: string - force: - description: Force agent policy creation even if packages are not verified. - type: boolean - global_data_tags: - items: - additionalProperties: - oneOf: - - type: string - - type: number - description: >- - User defined data tags that are added to all of the inputs. The - values can be strings or numbers. - type: object - type: array + type: integer + external_service: + $ref: '#/components/schemas/Cases_external_service' id: + example: 66b9aa00-94fa-11ea-9f74-e7e108796192 type: string - inactivity_timeout: - type: integer - is_protected: - type: boolean - monitoring_enabled: + owner: + $ref: '#/components/schemas/Cases_owners' + settings: + $ref: '#/components/schemas/Cases_settings' + severity: + $ref: '#/components/schemas/Cases_case_severity' + status: + $ref: '#/components/schemas/Cases_case_status' + tags: + example: + - tag-1 items: - enum: - - metrics - - logs type: string type: array - monitoring_output_id: + title: + example: Case title 1 + type: string + totalAlerts: + example: 0 + type: integer + totalComment: + example: 0 + type: integer + updated_at: + format: date-time + nullable: true + type: string + updated_by: + $ref: '#/components/schemas/Cases_case_response_updated_by_properties' + version: + example: WzUzMiwxXQ== + type: string + required: + - closed_at + - closed_by + - comments + - connector + - created_at + - created_by + - description + - duration + - external_service + - id + - owner + - settings + - severity + - status + - tags + - title + - totalAlerts + - totalComment + - updated_at + - updated_by + - version + Cases_case_response_pushed_by_properties: + nullable: true + properties: + email: + example: null nullable: true type: string - name: + full_name: + example: null + nullable: true type: string - namespace: + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true type: string - unenroll_timeout: - type: integer required: - - name - - namespace - Fleet_agent_policy_full: - oneOf: - - type: object - properties: - item: - type: string - - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_full_agent_policy' - title: Agent policy full response - type: object - Fleet_agent_policy_update_request: - title: Update agent policy request + - email + - full_name + - username + title: Case response properties for pushed_by type: object + Cases_case_response_updated_by_properties: + nullable: true properties: - agent_features: - items: - type: object - properties: - enabled: - type: boolean - name: - type: string - required: - - name - - enabled - type: array - data_output_id: + email: + example: null nullable: true type: string - description: - type: string - download_source_id: + full_name: + example: null nullable: true type: string - fleet_server_host_id: - nullable: true + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 type: string - force: - description: Force agent policy creation even if packages are not verified. - type: boolean - global_data_tags: - items: - additionalProperties: - oneOf: - - type: string - - type: number - description: >- - User defined data tags that are added to all of the inputs. The - values can be strings or numbers. - type: object - type: array - inactivity_timeout: - type: integer - is_protected: - type: boolean - monitoring_enabled: - items: - enum: - - metrics - - logs - type: string - type: array - monitoring_output_id: + username: + example: elastic nullable: true type: string - name: - type: string - namespace: - type: string - unenroll_timeout: - type: integer required: - - name - - namespace - Fleet_agent_status: + - email + - full_name + - username + title: Case response properties for updated_by + type: object + Cases_case_severity: + default: low + description: The severity of the case. enum: - - offline - - error - - online - - inactive - - warning - title: Elastic Agent status + - critical + - high + - low + - medium + type: string + Cases_case_status: + description: The status of the case. + enum: + - closed + - in-progress + - open + type: string + Cases_case_tags: + description: > + The words and phrases that help categorize cases. It can be an empty + array. + items: + maxLength: 256 + type: string + maxItems: 200 + type: array + Cases_case_title: + description: A title for the case. + maxLength: 160 type: string - Fleet_agent_type: + Cases_closure_types: + description: >- + Indicates whether a case is automatically closed when it is pushed to + external systems (`close-by-pushing`) or not automatically closed + (`close-by-user`). enum: - - PERMANENT - - EPHEMERAL - - TEMPORARY - title: Agent type + - close-by-pushing + - close-by-user + example: close-by-user type: string - Fleet_bulk_install_packages_response: - title: Bulk install packages response + Cases_connector_properties_cases_webhook: + description: Defines properties for connectors when type is `.cases-webhook`. type: object properties: - items: - items: - type: object - properties: - name: - type: string - version: - type: string - type: array - response: - deprecated: true - items: - type: object - properties: - name: - type: string - version: - type: string - type: array + fields: + example: null + nullable: true + type: string + id: + description: >- + The identifier for the connector. To retrieve connector IDs, use the + find connectors API. + type: string + name: + description: The name of the connector. + type: string + type: + description: The type of connector. + enum: + - .cases-webhook + example: .cases-webhook + type: string required: - - items - Fleet_bulk_upgrade_agents: - title: Bulk upgrade agents + - fields + - id + - name + - type + title: Create or upate case request properties for Cases Webhook connector + Cases_connector_properties_jira: + description: Defines properties for connectors when type is `.jira`. type: object properties: - agents: - oneOf: - - description: KQL query string, leave empty to action all agents + fields: + description: >- + An object containing the connector fields. If you want to omit any + individual field, specify null as its value. + type: object + properties: + issueType: + description: The type of issue. + nullable: true type: string - - description: list of agent IDs - items: - type: string - type: array - force: - description: Force upgrade, skipping validation (should be used with caution) - type: boolean - rollout_duration_seconds: - description: rolling upgrade window duration in seconds - type: number - skipRateLimitCheck: - description: Skip rate limit check for upgrade - type: boolean - source_uri: - description: alternative upgrade binary download url + parent: + description: The key of the parent issue, when the issue type is sub-task. + nullable: true + type: string + priority: + description: The priority of the issue. + nullable: true + type: string + required: + - issueType + - parent + - priority + id: + description: >- + The identifier for the connector. To retrieve connector IDs, use the + find connectors API. type: string - start_time: - description: start time of upgrade in ISO 8601 format + name: + description: The name of the connector. type: string - version: - description: version to upgrade to + type: + description: The type of connector. + enum: + - .jira + example: .jira type: string required: - - agents - - version - Fleet_data_stream: - title: Data stream + - fields + - id + - name + - type + title: Create or update case request properties for a Jira connector + Cases_connector_properties_none: + description: Defines properties for connectors when type is `.none`. type: object properties: - dashboard: - items: - type: object - properties: - id: - type: string - title: + fields: + description: >- + An object containing the connector fields. To create a case without + a connector, specify null. To update a case to remove the connector, + specify null. + example: null + nullable: true + type: string + id: + description: >- + The identifier for the connector. To create a case without a + connector, use `none`. To update a case to remove the connector, + specify `none`. + example: none + type: string + name: + description: >- + The name of the connector. To create a case without a connector, use + `none`. To update a case to remove the connector, specify `none`. + example: none + type: string + type: + description: >- + The type of connector. To create a case without a connector, use + `.none`. To update a case to remove the connector, specify `.none`. + enum: + - .none + example: .none + type: string + required: + - fields + - id + - name + - type + title: Create or update case request properties for no connector + Cases_connector_properties_resilient: + description: Defines properties for connectors when type is `.resilient`. + type: object + properties: + fields: + description: >- + An object containing the connector fields. If you want to omit any + individual field, specify null as its value. + nullable: true + type: object + properties: + issueTypes: + description: The type of incident. + items: type: string - type: array - dataset: - type: string - index: - type: string - last_activity_ms: - type: number - namespace: - type: string - package: - type: string - package_version: + type: array + severityCode: + description: The severity code of the incident. + type: string + required: + - issueTypes + - severityCode + id: + description: The identifier for the connector. type: string - size_in_bytes: - type: number - size_in_bytes_formatted: + name: + description: The name of the connector. type: string type: + description: The type of connector. + enum: + - .resilient + example: .resilient type: string - Fleet_download_sources: - title: Download Source + required: + - fields + - id + - name + - type + title: Create case request properties for a IBM Resilient connector + Cases_connector_properties_servicenow: + description: Defines properties for connectors when type is `.servicenow`. type: object properties: - host: - type: string + fields: + description: >- + An object containing the connector fields. If you want to omit any + individual field, specify null as its value. + type: object + properties: + category: + description: The category of the incident. + nullable: true + type: string + impact: + description: The effect an incident had on business. + nullable: true + type: string + severity: + description: The severity of the incident. + nullable: true + type: string + subcategory: + description: The subcategory of the incident. + nullable: true + type: string + urgency: + description: The extent to which the incident resolution can be delayed. + nullable: true + type: string + required: + - category + - impact + - severity + - subcategory + - urgency id: + description: >- + The identifier for the connector. To retrieve connector IDs, use the + find connectors API. type: string - is_default: - type: boolean name: + description: The name of the connector. type: string - proxy_id: - description: >- - The ID of the proxy to use for this download source. See the proxies - API for more information. - nullable: true + type: + description: The type of connector. + enum: + - .servicenow + example: .servicenow type: string required: - - is_default + - fields + - id - name - - host - Fleet_elasticsearch_asset_type: - enum: - - component_template - - ingest_pipeline - - index_template - - ilm_policy - - transform - - data_stream_ilm_policy - title: Elasticsearch asset type - type: string - Fleet_enrollment_api_key: - title: Enrollment API key + - type + title: Create case request properties for a ServiceNow ITSM connector + Cases_connector_properties_servicenow_sir: + description: Defines properties for connectors when type is `.servicenow-sir`. type: object properties: - active: + fields: description: >- - When false, the enrollment API key is revoked and cannot be used for - enrolling Elastic Agents. - type: boolean - api_key: - description: The enrollment API key (token) used for enrolling Elastic Agents. - type: string - api_key_id: - description: The ID of the API key in the Security API. - type: string - created_at: - type: string + An object containing the connector fields. If you want to omit any + individual field, specify null as its value. + type: object + properties: + category: + description: The category of the incident. + nullable: true + type: string + destIp: + description: >- + Indicates whether cases will send a comma-separated list of + destination IPs. + nullable: true + type: boolean + malwareHash: + description: >- + Indicates whether cases will send a comma-separated list of + malware hashes. + nullable: true + type: boolean + malwareUrl: + description: >- + Indicates whether cases will send a comma-separated list of + malware URLs. + nullable: true + type: boolean + priority: + description: The priority of the issue. + nullable: true + type: string + sourceIp: + description: >- + Indicates whether cases will send a comma-separated list of + source IPs. + nullable: true + type: boolean + subcategory: + description: The subcategory of the incident. + nullable: true + type: string + required: + - category + - destIp + - malwareHash + - malwareUrl + - priority + - sourceIp + - subcategory id: + description: >- + The identifier for the connector. To retrieve connector IDs, use the + find connectors API. type: string name: - description: The name of the enrollment API key. + description: The name of the connector. type: string - policy_id: - description: The ID of the agent policy the Elastic Agent will be enrolled in. + type: + description: The type of connector. + enum: + - .servicenow-sir + example: .servicenow-sir type: string required: + - fields - id - - api_key_id - - api_key - - active - - created_at - Fleet_fleet_server_host: - title: Fleet Server Host + - name + - type + title: Create case request properties for a ServiceNow SecOps connector + Cases_connector_properties_swimlane: + description: Defines properties for connectors when type is `.swimlane`. type: object properties: - host_urls: - items: - type: string - type: array + fields: + description: >- + An object containing the connector fields. If you want to omit any + individual field, specify null as its value. + type: object + properties: + caseId: + description: The case identifier for Swimlane connectors. + nullable: true + type: string + required: + - caseId id: + description: >- + The identifier for the connector. To retrieve connector IDs, use the + find connectors API. type: string - is_default: - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean name: + description: The name of the connector. type: string - proxy_id: + type: + description: The type of connector. + enum: + - .swimlane + example: .swimlane type: string required: - - fleet_server_hosts + - fields - id - - is_default - - is_preconfigured - - host_urls - Fleet_fleet_settings_response: - title: Fleet settings response - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_settings' - required: - - item - Fleet_fleet_setup_response: - title: Fleet Setup response - type: object + - name + - type + title: Create case request properties for a Swimlane connector + Cases_connector_types: + description: The type of connector. + enum: + - .cases-webhook + - .jira + - .none + - .resilient + - .servicenow + - .servicenow-sir + - .swimlane + example: .none + type: string + Cases_create_case_request: + description: >- + The create case API request body varies depending on the type of + connector. properties: - isInitialized: - type: boolean - nonFatalErrors: + assignees: + $ref: '#/components/schemas/Cases_assignees' + category: + $ref: '#/components/schemas/Cases_case_category' + connector: + oneOf: + - $ref: '#/components/schemas/Cases_connector_properties_none' + - $ref: '#/components/schemas/Cases_connector_properties_cases_webhook' + - $ref: '#/components/schemas/Cases_connector_properties_jira' + - $ref: '#/components/schemas/Cases_connector_properties_resilient' + - $ref: '#/components/schemas/Cases_connector_properties_servicenow' + - $ref: '#/components/schemas/Cases_connector_properties_servicenow_sir' + - $ref: '#/components/schemas/Cases_connector_properties_swimlane' + customFields: + description: > + Custom field values for a case. Any optional custom fields that are + not specified in the request are set to null. items: type: object properties: - message: + key: + description: > + The unique identifier for the custom field. The key value must + exist in the case configuration settings. type: string - name: + type: + description: > + The custom field type. It must match the type specified in the + case configuration settings. + enum: + - text + - toggle type: string + value: + description: > + The custom field value. If the custom field is required, it + cannot be explicitly set to null. However, for cases that + existed when the required custom field was added, the default + value stored in Elasticsearch is `undefined`. The value + returned in the API and user interface in this case is `null`. + oneOf: + - maxLength: 160 + minLength: 1 + nullable: true + type: string + - type: boolean required: - - name - - message + - key + - type + - value + maxItems: 10 + minItems: 0 type: array + description: + $ref: '#/components/schemas/Cases_case_description' + owner: + $ref: '#/components/schemas/Cases_owners' + settings: + $ref: '#/components/schemas/Cases_settings' + severity: + $ref: '#/components/schemas/Cases_case_severity' + tags: + $ref: '#/components/schemas/Cases_case_tags' + title: + $ref: '#/components/schemas/Cases_case_title' required: - - isInitialized - - nonFatalErrors - Fleet_fleet_status_response: - title: Fleet status response + - connector + - description + - owner + - settings + - tags + - title + title: Create case request type: object - properties: - isReady: - type: boolean - missing_optional_features: - items: - enum: - - encrypted_saved_object_encryption_key_required - type: string - type: array - missing_requirements: - items: - enum: - - tls_required - - api_keys - - fleet_admin_user - - fleet_server - type: string - type: array - package_verification_key_id: - type: string - required: - - isReady - - missing_requirements - - missing_optional_features - Fleet_full_agent_policy: - title: Full agent policy + Cases_external_service: + nullable: true type: object properties: - agent: - nullable: true + connector_id: type: string - fleet: - oneOf: - - type: object - properties: - hosts: - items: - type: string - type: array - proxy_headers: {} - proxy_url: - type: string - ssl: - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - renegotiation: - type: string - verification_mode: - type: string - - type: object - properties: - kibana: - type: object - properties: - hosts: - items: - type: string - type: array - path: - type: string - protocol: - type: string - id: + connector_name: type: string - inputs: + external_id: + type: string + external_title: + type: string + external_url: + type: string + pushed_at: + format: date-time type: string - monitoring: + pushed_by: + nullable: true type: object properties: - diagnostics: - type: object - properties: - limit: - type: object - properties: - burst: - type: number - interval: - type: string - uploader: - type: object - properties: - init_dur: - type: string - max_dur: - type: string - max_retries: - type: number - enabled: - type: boolean - http: - type: object - properties: - enabled: - type: boolean - host: - type: string - port: - type: number - required: - - enabled - logs: - type: boolean - metrics: - type: boolean - namespace: + email: + example: null + nullable: true + type: string + full_name: + example: null + nullable: true + type: string + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true type: string - pprof: + Cases_owners: + description: > + The application that owns the cases: Stack Management, Observability, or + Elastic Security. + enum: + - cases + - observability + - securitySolution + example: cases + type: string + Cases_payload_alert_comment: + type: object + properties: + comment: + type: object + properties: + alertId: + oneOf: + - example: 1c0b056b-cc9f-4b61-b5c9-cb801abd5e1d + type: string + - items: + type: string + type: array + index: + oneOf: + - example: .alerts-observability.logs.alerts-default + type: string + - items: + type: string + type: array + owner: + $ref: '#/components/schemas/Cases_owners' + rule: type: object properties: - enabled: - type: boolean - required: - - enabled - traces: - type: boolean - use_output: + id: + description: The rule identifier. + example: 94d80550-aaf4-11ec-985f-97e55adae8b9 + type: string + name: + description: The rule name. + example: security_rule + type: string + type: + enum: + - alert type: string - required: - - enabled - - metrics - - logs - - traces - output_permissions: - additionalProperties: - type: object - properties: - data: - $ref: >- - #/components/schemas/Fleet_full_agent_policy_output_permissions - output: - type: integer - type: object - outputs: - additionalProperties: - $ref: '#/components/schemas/Fleet_full_agent_policy_output' - type: object - revision: - type: number - secret_references: - items: - type: object - properties: - id: - type: string - type: array - required: - - id - - outputs - - inputs - Fleet_full_agent_policy_input: - allOf: - - additionalProperties: true + Cases_payload_assignees: + type: object + properties: + assignees: + $ref: '#/components/schemas/Cases_assignees' + Cases_payload_connector: + type: object + properties: + connector: type: object properties: - data_stream: + fields: + description: >- + An object containing the connector fields. To create a case + without a connector, specify null. If you want to omit any + individual field, specify null as its value. + example: null + nullable: true type: object properties: - namespace: + caseId: + description: The case identifier for Swimlane connectors. + type: string + category: + description: >- + The category of the incident for ServiceNow ITSM and + ServiceNow SecOps connectors. + type: string + destIp: + description: >- + Indicates whether cases will send a comma-separated list of + destination IPs for ServiceNow SecOps connectors. + nullable: true + type: boolean + impact: + description: >- + The effect an incident had on business for ServiceNow ITSM + connectors. + type: string + issueType: + description: The type of issue for Jira connectors. + type: string + issueTypes: + description: The type of incident for IBM Resilient connectors. + items: + type: string + type: array + malwareHash: + description: >- + Indicates whether cases will send a comma-separated list of + malware hashes for ServiceNow SecOps connectors. + nullable: true + type: boolean + malwareUrl: + description: >- + Indicates whether cases will send a comma-separated list of + malware URLs for ServiceNow SecOps connectors. + nullable: true + type: boolean + parent: + description: >- + The key of the parent issue, when the issue type is sub-task + for Jira connectors. + type: string + priority: + description: >- + The priority of the issue for Jira and ServiceNow SecOps + connectors. + type: string + severity: + description: The severity of the incident for ServiceNow ITSM connectors. + type: string + severityCode: + description: >- + The severity code of the incident for IBM Resilient + connectors. + type: string + sourceIp: + description: >- + Indicates whether cases will send a comma-separated list of + source IPs for ServiceNow SecOps connectors. + nullable: true + type: boolean + subcategory: + description: >- + The subcategory of the incident for ServiceNow ITSM + connectors. + type: string + urgency: + description: >- + The extent to which the incident resolution can be delayed + for ServiceNow ITSM connectors. type: string - required: - - namespace id: + description: >- + The identifier for the connector. To create a case without a + connector, use `none`. + example: none type: string - meta: - additionalProperties: true - type: object - properties: - package: - type: object - properties: - name: - type: string - version: - type: string - required: - - name - - version name: + description: >- + The name of the connector. To create a case without a connector, + use `none`. + example: none type: string - revision: - type: number - streams: - $ref: '#/components/schemas/Fleet_full_agent_policy_input_stream' type: - type: string - use_output: - type: string - required: - - id - - name - - revision - - type - - data_stream - - use_output - title: Full agent policy input - Fleet_full_agent_policy_input_stream: - allOf: - - additionalProperties: true + $ref: '#/components/schemas/Cases_connector_types' + Cases_payload_create_case: + type: object + properties: + assignees: + $ref: '#/components/schemas/Cases_assignees' + connector: type: object properties: - data_stream: + fields: + description: >- + An object containing the connector fields. To create a case + without a connector, specify null. If you want to omit any + individual field, specify null as its value. + example: null + nullable: true type: object properties: - dataset: + caseId: + description: The case identifier for Swimlane connectors. type: string - type: + category: + description: >- + The category of the incident for ServiceNow ITSM and + ServiceNow SecOps connectors. + type: string + destIp: + description: >- + Indicates whether cases will send a comma-separated list of + destination IPs for ServiceNow SecOps connectors. + nullable: true + type: boolean + impact: + description: >- + The effect an incident had on business for ServiceNow ITSM + connectors. + type: string + issueType: + description: The type of issue for Jira connectors. + type: string + issueTypes: + description: The type of incident for IBM Resilient connectors. + items: + type: string + type: array + malwareHash: + description: >- + Indicates whether cases will send a comma-separated list of + malware hashes for ServiceNow SecOps connectors. + nullable: true + type: boolean + malwareUrl: + description: >- + Indicates whether cases will send a comma-separated list of + malware URLs for ServiceNow SecOps connectors. + nullable: true + type: boolean + parent: + description: >- + The key of the parent issue, when the issue type is sub-task + for Jira connectors. + type: string + priority: + description: >- + The priority of the issue for Jira and ServiceNow SecOps + connectors. + type: string + severity: + description: The severity of the incident for ServiceNow ITSM connectors. + type: string + severityCode: + description: >- + The severity code of the incident for IBM Resilient + connectors. + type: string + sourceIp: + description: >- + Indicates whether cases will send a comma-separated list of + source IPs for ServiceNow SecOps connectors. + nullable: true + type: boolean + subcategory: + description: >- + The subcategory of the incident for ServiceNow ITSM + connectors. + type: string + urgency: + description: >- + The extent to which the incident resolution can be delayed + for ServiceNow ITSM connectors. type: string - required: - - dataset - - type id: + description: >- + The identifier for the connector. To create a case without a + connector, use `none`. + example: none type: string - required: - - id - - data_stream - title: Full agent policy input stream - Fleet_full_agent_policy_output: - title: Full agent policy - type: object - properties: - additionalProperties: - type: object - properties: - text: {} - ca_sha256: - nullable: true + name: + description: >- + The name of the connector. To create a case without a connector, + use `none`. + example: none + type: string + type: + $ref: '#/components/schemas/Cases_connector_types' + description: type: string - hosts: + owner: + $ref: '#/components/schemas/Cases_owners' + settings: + $ref: '#/components/schemas/Cases_settings' + severity: + $ref: '#/components/schemas/Cases_case_severity' + status: + $ref: '#/components/schemas/Cases_case_status' + tags: items: + example: + - tag-1 type: string type: array - proxy_headers: {} - proxy_url: + title: type: string - type: {} - required: - - type - - hosts - - ca_sha256 - Fleet_full_agent_policy_output_permissions: - additionalProperties: - type: object - properties: - data: - type: object - properties: - cluster: - items: - type: string - type: array - indices: - items: - type: object - properties: - names: - items: - type: string - type: array - privileges: - items: - type: string - type: array - type: array - packagePolicyName: - type: string - title: Full agent policy output permissions - Fleet_get_agent_tags_response: - title: Get Agent Tags response + Cases_payload_delete: + description: >- + If the `action` is `delete` and the `type` is `delete_case`, the payload + is nullable. + nullable: true + type: object + Cases_payload_description: type: object properties: - items: - items: - type: string - type: array - Fleet_get_agents_response: - title: Get Agent response + description: + type: string + Cases_payload_pushed: type: object properties: - items: - items: - $ref: '#/components/schemas/Fleet_agent' - type: array - list: - deprecated: true - items: - $ref: '#/components/schemas/Fleet_agent' - type: array - page: - type: number - perPage: - type: number - statusSummary: - type: object - properties: - degraded': - type: number - enrolling: - type: number - error: - type: number - inactive: - type: number - offline: - type: number - online: - type: number - unenrolled: - type: number - unenrolling: - type: number - updating: - type: number - total: - type: number - required: - - items - - total - - page - - perPage - Fleet_get_bulk_assets_response: - deprecated: true + externalService: + $ref: '#/components/schemas/Cases_external_service' + Cases_payload_settings: + type: object properties: - items: - items: - type: object - properties: - appLink: - type: string - attributes: - type: object - properties: - description: - type: string - title: - type: string - id: - type: string - type: - $ref: '#/components/schemas/Fleet_saved_object_type' - updatedAt: - type: string - type: array - required: - - items - title: Bulk get assets response + settings: + $ref: '#/components/schemas/Cases_settings' + Cases_payload_severity: type: object - Fleet_get_categories_response: - title: Get categories response + properties: + severity: + $ref: '#/components/schemas/Cases_case_severity' + Cases_payload_status: type: object properties: - items: - items: - type: object - properties: - count: - type: number - id: - type: string - title: - type: string - required: - - id - - title - - count - type: array - response: - items: - deprecated: true - type: object - properties: - count: - type: number - id: - type: string - title: - type: string - required: - - id - - title - - count - type: array - required: - - items - Fleet_get_packages_response: - title: Get Packages response + status: + $ref: '#/components/schemas/Cases_case_status' + Cases_payload_tags: type: object properties: - items: - items: - $ref: '#/components/schemas/Fleet_search_result' - type: array - response: - deprecated: true + tags: + example: + - tag-1 items: - $ref: '#/components/schemas/Fleet_search_result' + type: string type: array - required: - - items - Fleet_installation_info: - title: Installation info object + Cases_payload_title: type: object properties: - created_at: - type: string - experimental_data_stream_features: - type: array - properties: - data_stream: - type: string - features: - type: object - properties: - doc_value_only_numeric: - nullable: true - type: boolean - doc_value_only_other: - nullable: true - type: boolean - synthetic_source: - nullable: true - type: boolean - tsdb: - nullable: true - type: boolean - install_format_schema_version: - type: string - install_kibana_space_id: - type: string - install_source: - enum: - - registry - - upload - - bundled - type: string - install_status: - enum: - - installed - - installing - - install_failed + title: type: string - installed_es: + Cases_payload_user_comment: + type: object + properties: + comment: type: object properties: - deferred: - type: boolean - id: + comment: type: string + owner: + $ref: '#/components/schemas/Cases_owners' type: - $ref: '#/components/schemas/Fleet_elasticsearch_asset_type' - installed_kibana: - type: object - properties: - id: + enum: + - user type: string - type: - $ref: '#/components/schemas/Fleet_kibana_saved_object_type' - latest_executed_state: - description: Latest successfully executed state in package install state machine + Cases_rule: + description: > + The rule that is associated with the alerts. It is required only when + `type` is `alert`. This functionality is in technical preview and may be + changed or removed in a future release. Elastic will work to fix any + issues, but features in technical preview are not subject to the support + SLA of official GA features. + title: Alerting rule + type: object + properties: + id: + description: The rule identifier. + example: 94d80550-aaf4-11ec-985f-97e55adae8b9 + type: string + name: + description: The rule name. + example: security_rule + type: string + x-technical-preview: true + Cases_searchFieldsType: + description: The fields to perform the `simple_query_string` parsed query against. + enum: + - description + - title + type: string + Cases_set_case_configuration_request: + description: >- + External connection details, such as the closure type and default + connector for cases. + properties: + closure_type: + $ref: '#/components/schemas/Cases_closure_types' + connector: + description: An object that contains the connector configuration. type: object properties: - error: + fields: + description: >- + The fields specified in the case configuration are not used and + are not propagated to individual cases, therefore it is + recommended to set it to `null`. + nullable: true + type: object + id: + description: >- + The identifier for the connector. If you do not want a default + connector, use `none`. To retrieve connector IDs, use the find + connectors API. + example: none type: string name: - enum: - - create_restart_installation - - install_kibana_assets - - install_ilm_policies - - install_ml_model - - install_index_template_pipelines - - remove_legacy_templates - - update_current_write_indices - - install_transforms - - delete_previous_pipelines - - save_archive_entries_from_assets_map - - update_so - type: string - started_at: + description: >- + The name of the connector. If you do not want a default + connector, use `none`. To retrieve connector names, use the find + connectors API. + example: none type: string - latest_install_failed_attempts: - description: Latest failed install errors + type: + $ref: '#/components/schemas/Cases_connector_types' + required: + - fields + - id + - name + - type + customFields: + description: Custom fields case configuration. items: type: object properties: - created_at: + defaultValue: + description: > + A default value for the custom field. If the `type` is `text`, + the default value must be a string. If the `type` is `toggle`, + the default value must be boolean. + oneOf: + - type: string + - type: boolean + key: + description: > + A unique key for the custom field. Must be lower case and + composed only of a-z, 0-9, '_', and '-' characters. It is used + in API calls to refer to a specific custom field. + maxLength: 36 + minLength: 1 type: string - error: + label: + description: The custom field label that is displayed in the case. + maxLength: 50 + minLength: 1 + type: string + type: + description: The type of the custom field. + enum: + - text + - toggle + type: string + required: + description: > + Indicates whether the field is required. If `false`, the + custom field can be set to null or omitted when a case is + created or updated. + type: boolean + required: + - key + - label + - required + - type + maxItems: 10 + minItems: 0 + type: array + owner: + $ref: '#/components/schemas/Cases_owners' + templates: + $ref: '#/components/schemas/Cases_templates' + required: + - closure_type + - connector + - owner + title: Set case configuration request + type: object + Cases_settings: + description: An object that contains the case settings. + type: object + properties: + syncAlerts: + description: Turns alert syncing on or off. + example: true + type: boolean + required: + - syncAlerts + Cases_template_tags: + description: > + The words and phrases that help categorize templates. It can be an empty + array. + items: + maxLength: 256 + type: string + maxItems: 200 + type: array + Cases_templates: + items: + type: object + properties: + caseFields: + type: object + properties: + assignees: + $ref: '#/components/schemas/Cases_assignees' + category: + $ref: '#/components/schemas/Cases_case_category' + connector: type: object properties: - message: + fields: + description: >- + The fields specified in the case configuration are not + used and are not propagated to individual cases, therefore + it is recommended to set it to `null`. + nullable: true + type: object + id: + description: >- + The identifier for the connector. If you do not want a + default connector, use `none`. To retrieve connector IDs, + use the find connectors API. + example: none type: string name: + description: >- + The name of the connector. If you do not want a default + connector, use `none`. To retrieve connector names, use + the find connectors API. + example: none type: string - stack: - type: string - target_version: - type: string - type: array - name: - type: string - namespaces: - items: + type: + $ref: '#/components/schemas/Cases_connector_types' + customFields: + description: Custom field values in the template. + items: + type: object + properties: + key: + description: The unique key for the custom field. + type: string + type: + description: The type of the custom field. + enum: + - text + - toggle + type: string + value: + description: > + The default value for the custom field when a case uses + the template. If the `type` is `text`, the default value + must be a string. If the `type` is `toggle`, the default + value must be boolean. + oneOf: + - type: string + - type: boolean + type: array + x-technical-preview: true + description: + $ref: '#/components/schemas/Cases_case_description' + settings: + $ref: '#/components/schemas/Cases_settings' + severity: + $ref: '#/components/schemas/Cases_case_severity' + tags: + $ref: '#/components/schemas/Cases_case_tags' + title: + $ref: '#/components/schemas/Cases_case_title' + description: + description: A description for the template. type: string - type: array - type: - type: string - updated_at: - type: string - verification_key_id: - nullable: true + key: + description: > + A unique key for the template. Must be lower case and composed + only of a-z, 0-9, '_', and '-' characters. It is used in API calls + to refer to a specific template. + type: string + name: + description: The name of the template. + type: string + tags: + $ref: '#/components/schemas/Cases_template_tags' + type: array + x-technical-preview: true + Cases_update_alert_comment_request_properties: + description: Defines properties for case comment requests when type is alert. + type: object + properties: + alertId: + $ref: '#/components/schemas/Cases_alert_identifiers' + id: + description: > + The identifier for the comment. To retrieve comment IDs, use the get + comments API. + example: 8af6ac20-74f6-11ea-b83a-553aecdb28b6 type: string - verification_status: + index: + $ref: '#/components/schemas/Cases_alert_indices' + owner: + $ref: '#/components/schemas/Cases_owners' + rule: + $ref: '#/components/schemas/Cases_rule' + type: + description: The type of comment. enum: - - verified - - unverified - - unknown + - alert + example: alert type: string version: + description: > + The current comment version. To retrieve version values, use the get + comments API. + example: Wzk1LDFd type: string required: - - installed_kibana - - installed_es - - name + - alertId + - id + - index + - owner + - rule + - type - version - - install_status - - install_version - - install_started_at - - install_source - - verification_status - - latest_install_failed_attempts - Fleet_kibana_saved_object_type: - enum: - - dashboard - - visualization - - search - - index-pattern - - map - - lens - - ml-module - - security-rule - - csp_rule_template - title: Kibana saved object asset type - type: string - Fleet_new_package_policy: - description: '' - properties: - description: - type: string - enabled: - type: boolean - inputs: - items: - type: object - properties: - config: - type: object - enabled: - type: boolean - processors: - items: - type: string - type: array - streams: - items: {} - type: array - type: - type: string - vars: - type: object - required: - - type - - enabled - type: array - name: - type: string - namespace: - type: string - output_id: - type: string - overrides: - type: object - package: - type: object - properties: - name: - type: string - requires_root: - type: boolean - title: - type: string - version: - type: string - required: - - name - - version - policy_id: - deprecated: true - nullable: true - type: string - policy_ids: - items: - type: string - type: array - required: - - inputs - - name - title: New package policy - type: object - Fleet_output_create_request: + title: Update case comment request properties for alerts + Cases_update_case_comment_request: + description: >- + The update case comment API request body varies depending on whether you + are updating an alert or a comment. discriminator: mapping: - elasticsearch: '#/components/schemas/Fleet_output_create_request_elasticsearch' - kafka: '#/components/schemas/Fleet_output_create_request_kafka' - logstash: '#/components/schemas/Fleet_output_create_request_logstash' - remote_elasticsearch: >- - #/components/schemas/Fleet_output_create_request_remote_elasticsearch + alert: '#/components/schemas/Cases_update_alert_comment_request_properties' + user: '#/components/schemas/Cases_update_user_comment_request_properties' propertyName: type oneOf: - - $ref: '#/components/schemas/Fleet_output_create_request_elasticsearch' - - $ref: '#/components/schemas/Fleet_output_create_request_kafka' - - $ref: '#/components/schemas/Fleet_output_create_request_logstash' - - $ref: >- - #/components/schemas/Fleet_output_create_request_remote_elasticsearch - title: Output - Fleet_output_create_request_elasticsearch: - title: elasticsearch - type: object - properties: - ca_sha256: - type: string - ca_trusted_fingerprint: - type: string - config: - type: object - config_yaml: - type: string - hosts: - items: - type: string - type: array - id: - type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: - type: boolean - name: - type: string - preset: - enum: - - balanced - - custom - - throughput - - scale - - latency - type: string - proxy_id: - type: string - shipper: - type: object - properties: - compression_level: - type: number - disk_queue_compression_enabled: - type: boolean - disk_queue_enabled: - type: boolean - disk_queue_encryption_enabled: - type: boolean - disk_queue_max_size: - type: number - disk_queue_path: - type: string - loadbalance: - type: boolean - ssl: - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - type: - enum: - - elasticsearch - type: string - required: - - name - Fleet_output_create_request_kafka: - title: kafka - type: object + - $ref: '#/components/schemas/Cases_update_alert_comment_request_properties' + - $ref: '#/components/schemas/Cases_update_user_comment_request_properties' + title: Update case comment request + Cases_update_case_configuration_request: + description: > + You can update settings such as the closure type, custom fields, + templates, and the default connector for cases. properties: - auth_type: - type: string - broker_timeout: - type: number - ca_sha256: - type: string - ca_trusted_fingerprint: - type: string - client_id: - type: string - compression: - type: string - compression_level: - type: number - config: - type: object - config_yaml: - type: string - connection_type: - enum: - - plaintext - - encryption - type: string - headers: - items: - type: object - properties: - key: - type: string - value: - type: string - type: array - hosts: - items: - type: string - type: array - id: - type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: - type: boolean - key: - type: string - name: - type: string - partition: - type: string - password: - type: string - proxy_id: - type: string - random: - type: object - properties: - group_events: - type: number - required_acks: - type: number - round_robin: - type: object - properties: - group_events: - type: number - sasl: - type: object - properties: - mechanism: - type: string - secrets: - type: object - properties: - password: - type: string - ssl: - type: object - properties: - key: - type: string - shipper: - type: object - properties: - compression_level: - type: number - disk_queue_compression_enabled: - type: boolean - disk_queue_enabled: - type: boolean - disk_queue_encryption_enabled: - type: boolean - disk_queue_max_size: - type: number - disk_queue_path: - type: string - loadbalance: - type: boolean - ssl: + closure_type: + $ref: '#/components/schemas/Cases_closure_types' + connector: + description: An object that contains the connector configuration. type: object properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: + fields: + description: >- + The fields specified in the case configuration are not used and + are not propagated to individual cases, therefore it is + recommended to set it to `null`. + nullable: true + type: object + id: + description: >- + The identifier for the connector. If you do not want a default + connector, use `none`. To retrieve connector IDs, use the find + connectors API. + example: none type: string - verification_mode: - enum: - - none - - full - - certificate - - strict + name: + description: >- + The name of the connector. If you do not want a default + connector, use `none`. To retrieve connector names, use the find + connectors API. + example: none type: string - timeout: - type: number - topic: - type: string - topics: - deprecated: true - description: Use topic instead. + type: + $ref: '#/components/schemas/Cases_connector_types' + required: + - fields + - id + - name + - type + customFields: + description: Custom fields case configuration. items: type: object properties: - topic: + defaultValue: + description: > + A default value for the custom field. If the `type` is `text`, + the default value must be a string. If the `type` is `toggle`, + the default value must be boolean. + oneOf: + - type: string + - type: boolean + key: + description: > + A unique key for the custom field. Must be lower case and + composed only of a-z, 0-9, '_', and '-' characters. It is used + in API calls to refer to a specific custom field. + maxLength: 36 + minLength: 1 type: string - when: - deprecated: true - description: >- - Deprecated, kafka output do not support conditionnal topics - anymore. - type: object - properties: - condition: - type: string - type: - type: string + label: + description: The custom field label that is displayed in the case. + maxLength: 50 + minLength: 1 + type: string + type: + description: The type of the custom field. + enum: + - text + - toggle + type: string + required: + description: > + Indicates whether the field is required. If `false`, the + custom field can be set to null or omitted when a case is + created or updated. + type: boolean + required: + - key + - label + - required + - type type: array - type: - enum: - - kafka - type: string - username: - type: string + templates: + $ref: '#/components/schemas/Cases_templates' version: + description: > + The version of the connector. To retrieve the version value, use the + get configuration API. + example: WzIwMiwxXQ== type: string required: - - name - - type - - topics - - auth_type - - hosts - Fleet_output_create_request_logstash: - title: logstash + - version + title: Update case configuration request type: object + Cases_update_case_request: + description: >- + The update case API request body varies depending on the type of + connector. properties: - ca_sha256: - type: string - ca_trusted_fingerprint: - type: string - config: - type: object - config_yaml: - type: string - hosts: + cases: + description: An array containing one or more case objects. items: - type: string + type: object + properties: + assignees: + $ref: '#/components/schemas/Cases_assignees' + category: + $ref: '#/components/schemas/Cases_case_category' + connector: + oneOf: + - $ref: '#/components/schemas/Cases_connector_properties_none' + - $ref: >- + #/components/schemas/Cases_connector_properties_cases_webhook + - $ref: '#/components/schemas/Cases_connector_properties_jira' + - $ref: '#/components/schemas/Cases_connector_properties_resilient' + - $ref: '#/components/schemas/Cases_connector_properties_servicenow' + - $ref: >- + #/components/schemas/Cases_connector_properties_servicenow_sir + - $ref: '#/components/schemas/Cases_connector_properties_swimlane' + customFields: + description: > + Custom field values for a case. Any optional custom fields + that are not specified in the request are set to null. + items: + type: object + properties: + key: + description: > + The unique identifier for the custom field. The key + value must exist in the case configuration settings. + type: string + type: + description: > + The custom field type. It must match the type specified + in the case configuration settings. + enum: + - text + - toggle + type: string + value: + description: > + The custom field value. If the custom field is required, + it cannot be explicitly set to null. However, for cases + that existed when the required custom field was added, + the default value stored in Elasticsearch is + `undefined`. The value returned in the API and user + interface in this case is `null`. + oneOf: + - maxLength: 160 + minLength: 1 + nullable: true + type: string + - type: boolean + required: + - key + - type + - value + maxItems: 10 + minItems: 0 + type: array + description: + $ref: '#/components/schemas/Cases_case_description' + id: + description: The identifier for the case. + maxLength: 30000 + type: string + settings: + $ref: '#/components/schemas/Cases_settings' + severity: + $ref: '#/components/schemas/Cases_case_severity' + status: + $ref: '#/components/schemas/Cases_case_status' + tags: + $ref: '#/components/schemas/Cases_case_tags' + title: + $ref: '#/components/schemas/Cases_case_title' + version: + description: >- + The current version of the case. To determine this value, use + the get case or find cases APIs. + type: string + required: + - id + - version + maxItems: 100 + minItems: 1 type: array - id: - type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: - type: boolean - name: + required: + - cases + title: Update case request + type: object + Cases_update_user_comment_request_properties: + description: Defines properties for case comment requests when type is user. + properties: + comment: + description: The new comment. It is required only when `type` is `user`. + example: A new comment. + maxLength: 30000 type: string - proxy_id: + id: + description: > + The identifier for the comment. To retrieve comment IDs, use the get + comments API. + example: 8af6ac20-74f6-11ea-b83a-553aecdb28b6 type: string - secrets: - type: object - properties: - ssl: - type: object - properties: - key: - type: string - shipper: - type: object - properties: - compression_level: - type: number - disk_queue_compression_enabled: - type: boolean - disk_queue_enabled: - type: boolean - disk_queue_encryption_enabled: - type: boolean - disk_queue_max_size: - type: number - disk_queue_path: - type: string - loadbalance: - type: boolean - ssl: - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string + owner: + $ref: '#/components/schemas/Cases_owners' type: + description: The type of comment. enum: - - logstash + - user + example: user + type: string + version: + description: > + The current comment version. To retrieve version values, use the get + comments API. + example: Wzk1LDFd type: string required: - - name - - hosts + - comment + - id + - owner - type - Fleet_output_create_request_remote_elasticsearch: - title: remote_elasticsearch + - version + title: Update case comment request properties for user comments + type: object + Cases_user_actions_find_response_properties: type: object properties: - hosts: - items: - type: string - type: array - id: + action: + $ref: '#/components/schemas/Cases_actions' + comment_id: + example: 578608d0-03b1-11ed-920c-974bfa104448 + nullable: true type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: - type: boolean - name: + created_at: + example: '2022-05-13T09:16:17.416Z' + format: date-time type: string - secrets: + created_by: type: object properties: - service_token: + email: + example: null + nullable: true + type: string + full_name: + example: null + nullable: true + type: string + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true type: string - service_token: + required: + - email + - full_name + - username + id: + example: 22fd3e30-03b1-11ed-920c-974bfa104448 type: string + owner: + $ref: '#/components/schemas/Cases_owners' + payload: + oneOf: + - $ref: '#/components/schemas/Cases_payload_alert_comment' + - $ref: '#/components/schemas/Cases_payload_assignees' + - $ref: '#/components/schemas/Cases_payload_connector' + - $ref: '#/components/schemas/Cases_payload_create_case' + - $ref: '#/components/schemas/Cases_payload_delete' + - $ref: '#/components/schemas/Cases_payload_description' + - $ref: '#/components/schemas/Cases_payload_pushed' + - $ref: '#/components/schemas/Cases_payload_settings' + - $ref: '#/components/schemas/Cases_payload_severity' + - $ref: '#/components/schemas/Cases_payload_status' + - $ref: '#/components/schemas/Cases_payload_tags' + - $ref: '#/components/schemas/Cases_payload_title' + - $ref: '#/components/schemas/Cases_payload_user_comment' type: + description: The type of action. enum: - - remote_elasticsearch + - assignees + - create_case + - comment + - connector + - description + - pushed + - tags + - title + - status + - settings + - severity + example: create_case + type: string + version: + example: WzM1ODg4LDFd type: string required: - - name - Fleet_output_update_request: - discriminator: - mapping: - elasticsearch: '#/components/schemas/Fleet_output_update_request_elasticsearch' - kafka: '#/components/schemas/Fleet_output_update_request_kafka' - logstash: '#/components/schemas/Fleet_output_update_request_logstash' - propertyName: type - oneOf: - - $ref: '#/components/schemas/Fleet_output_update_request_elasticsearch' - - $ref: '#/components/schemas/Fleet_output_update_request_kafka' - - $ref: '#/components/schemas/Fleet_output_update_request_logstash' - title: Output - Fleet_output_update_request_elasticsearch: - title: elasticsearch + - action + - comment_id + - created_at + - created_by + - id + - owner + - payload + - type + - version + Cases_user_actions_response_properties: type: object properties: - ca_sha256: - type: string - ca_trusted_fingerprint: - type: string - config: - type: object - config_yaml: - type: string - hosts: - items: - type: string - type: array - id: + action: + $ref: '#/components/schemas/Cases_actions' + action_id: + example: 22fd3e30-03b1-11ed-920c-974bfa104448 type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: - type: boolean - name: + case_id: + example: 22df07d0-03b1-11ed-920c-974bfa104448 type: string - preset: - enum: - - balanced - - custom - - throughput - - scale - - latency + comment_id: + example: 578608d0-03b1-11ed-920c-974bfa104448 + nullable: true type: string - proxy_id: + created_at: + example: '2022-05-13T09:16:17.416Z' + format: date-time type: string - shipper: + created_by: type: object properties: - compression_level: - type: number - disk_queue_compression_enabled: - type: boolean - disk_queue_enabled: - type: boolean - disk_queue_encryption_enabled: - type: boolean - disk_queue_max_size: - type: number - disk_queue_path: + email: + example: null + nullable: true type: string - loadbalance: - type: boolean - ssl: - type: object - properties: - certificate: + full_name: + example: null + nullable: true type: string - certificate_authorities: - items: - type: string - type: array - key: + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true type: string + required: + - email + - full_name + - username + owner: + $ref: '#/components/schemas/Cases_owners' + payload: + oneOf: + - $ref: '#/components/schemas/Cases_payload_alert_comment' + - $ref: '#/components/schemas/Cases_payload_assignees' + - $ref: '#/components/schemas/Cases_payload_connector' + - $ref: '#/components/schemas/Cases_payload_create_case' + - $ref: '#/components/schemas/Cases_payload_delete' + - $ref: '#/components/schemas/Cases_payload_description' + - $ref: '#/components/schemas/Cases_payload_pushed' + - $ref: '#/components/schemas/Cases_payload_settings' + - $ref: '#/components/schemas/Cases_payload_severity' + - $ref: '#/components/schemas/Cases_payload_status' + - $ref: '#/components/schemas/Cases_payload_tags' + - $ref: '#/components/schemas/Cases_payload_title' + - $ref: '#/components/schemas/Cases_payload_user_comment' type: - enum: - - elasticsearch - type: string + $ref: '#/components/schemas/Cases_action_types' required: - - name - - hosts + - action + - action_id + - case_id + - comment_id + - created_at + - created_by + - owner + - payload - type - Fleet_output_update_request_kafka: - title: kafka + Cases_user_comment_response_properties: + title: Case response properties for user comments type: object properties: - auth_type: - type: string - broker_timeout: - type: number - ca_sha256: - type: string - ca_trusted_fingerprint: - type: string - client_id: - type: string - compression: - type: string - compression_level: - type: number - config: - type: object - config_yaml: + comment: + example: A new comment. type: string - connection_type: - enum: - - plaintext - - encryption + created_at: + example: '2022-05-13T09:16:17.416Z' + format: date-time type: string - headers: - items: - type: object - properties: - key: - type: string - value: - type: string - type: array - hosts: - items: - type: string - type: array + created_by: + $ref: '#/components/schemas/Cases_case_response_created_by_properties' id: - type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: - type: boolean - key: - type: string - name: - type: string - partition: - type: string - password: - type: string - proxy_id: - type: string - random: - type: object - properties: - group_events: - type: number - required_acks: - type: number - round_robin: - type: object - properties: - group_events: - type: number - sasl: - type: object - properties: - mechanism: - type: string - shipper: - type: object - properties: - compression_level: - type: number - disk_queue_compression_enabled: - type: boolean - disk_queue_enabled: - type: boolean - disk_queue_encryption_enabled: - type: boolean - disk_queue_max_size: - type: number - disk_queue_path: - type: string - loadbalance: - type: boolean - ssl: - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - none - - full - - certificate - - strict - type: string - timeout: - type: number - topic: - type: string - topics: - deprecated: true - description: Use topic instead. - items: - type: object - properties: - topic: - type: string - when: - deprecated: true - description: >- - Deprecated, kafka output do not support conditionnal topics - anymore. - type: object - properties: - condition: - type: string - type: - type: string - type: array + example: 8af6ac20-74f6-11ea-b83a-553aecdb28b6 + type: string + owner: + $ref: '#/components/schemas/Cases_owners' + pushed_at: + example: null + format: date-time + nullable: true + type: string + pushed_by: + $ref: '#/components/schemas/Cases_case_response_pushed_by_properties' type: enum: - - kafka + - user + example: user type: string - username: + updated_at: + example: null + format: date-time + nullable: true type: string + updated_by: + $ref: '#/components/schemas/Cases_case_response_updated_by_properties' version: + example: WzIwNDMxLDFd type: string required: - - name - Fleet_output_update_request_logstash: - title: logstash + - type + Data_views_400_response: + title: Bad request type: object properties: - ca_sha256: - type: string - ca_trusted_fingerprint: - type: string - config: - type: object - config_yaml: + error: + example: Bad Request type: string - hosts: - items: - type: string - type: array - id: + message: type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: - type: boolean - name: + statusCode: + example: 400 + type: number + required: + - statusCode + - error + - message + Data_views_404_response: + type: object + properties: + error: + enum: + - Not Found + example: Not Found type: string - proxy_id: + message: + example: >- + Saved object [index-pattern/caaad6d0-920c-11ed-b36a-874bd1548a00] + not found type: string - shipper: - type: object - properties: - compression_level: - type: number - disk_queue_compression_enabled: - type: boolean - disk_queue_enabled: - type: boolean - disk_queue_encryption_enabled: - type: boolean - disk_queue_max_size: - type: number - disk_queue_path: - type: string - loadbalance: - type: boolean - ssl: - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - type: + statusCode: enum: - - logstash - type: string - required: - - name - Fleet_package_info: - title: Package information + - 404 + example: 404 + type: integer + Data_views_allownoindex: + description: Allows the data view saved object to exist before the data is available. + type: boolean + Data_views_create_data_view_request_object: + title: Create data view request type: object properties: - assets: - items: - type: string - type: array - categories: - items: - type: string - type: array - conditions: + data_view: + description: The data view object. type: object properties: - elasticsearch: - type: object - properties: - subscription: - enum: - - basic - - gold - - platinum - - enterprise - type: string - kibana: + allowNoIndex: + $ref: '#/components/schemas/Data_views_allownoindex' + fieldAttrs: + additionalProperties: + $ref: '#/components/schemas/Data_views_fieldattrs' type: object - properties: - versions: - type: string - data_streams: - items: - type: object - properties: - ingeset_pipeline: - type: string - name: - type: string - package: - type: string - release: - type: string - title: - type: string - type: - type: string - vars: - items: - type: object - properties: - default: - type: string - name: - type: string - required: - - name - - default - type: array - required: - - title - - name - - release - - ingeset_pipeline - - type - - package - type: array - description: - type: string - download: - type: string - elasticsearch: - type: object - properties: - privileges: + fieldFormats: + $ref: '#/components/schemas/Data_views_fieldformats' + fields: type: object - properties: - cluster: - items: - type: string - type: array - format_version: - type: string - icons: - items: - type: string - type: array - internal: - type: boolean - name: - type: string - path: - type: string - readme: - type: string - release: - deprecated: true - description: >- - release label is deprecated, derive from the version instead - (packages follow semver) - enum: - - experimental - - beta - - ga - type: string - screenshots: - items: - type: object - properties: - path: - type: string - size: - type: string - src: - type: string - title: - type: string - type: - type: string - required: - - src - - path - type: array - source: - type: object - properties: - license: - enum: - - Apache-2.0 - - Elastic-2.0 - type: string - title: - type: string - type: - type: string - version: - type: string - required: - - name - - title - - version - - description - - type - - categories - - conditions - - assets - - format_version - - download - - path - Fleet_package_policy: - allOf: - - type: object - properties: id: type: string - inputs: - oneOf: - - items: {} - type: array - - type: object - revision: - type: number + name: + description: The data view name. + type: string + namespaces: + $ref: '#/components/schemas/Data_views_namespaces' + runtimeFieldMap: + additionalProperties: + $ref: '#/components/schemas/Data_views_runtimefieldmap' + type: object + sourceFilters: + $ref: '#/components/schemas/Data_views_sourcefilters' + timeFieldName: + $ref: '#/components/schemas/Data_views_timefieldname' + title: + $ref: '#/components/schemas/Data_views_title' + type: + $ref: '#/components/schemas/Data_views_type' + typeMeta: + $ref: '#/components/schemas/Data_views_typemeta' + version: + type: string required: - - id - - revision - - $ref: '#/components/schemas/Fleet_new_package_policy' - title: Package policy - Fleet_package_policy_request: - title: Package Policy Request - type: object - properties: - description: - description: Package policy description - example: my description - type: string - force: + - title + override: + default: false description: >- - Force package policy creation even if package is not verified, or if - the agent policy is managed. + Override an existing data view if a data view with the provided + title already exists. type: boolean - id: - description: Package policy unique identifier - type: string - inputs: - additionalProperties: - type: object - properties: - enabled: - description: enable or disable that input, (default to true) - type: boolean - streams: - additionalProperties: - type: object - properties: - enabled: - description: enable or disable that stream, (default to true) - type: boolean - vars: - description: >- - Stream level variable (see integration documentation for - more information) - type: object - description: >- - Input streams (see integration documentation to know what - streams are available) - type: object - vars: - description: >- - Input level variable (see integration documentation for more - information) - type: object - description: >- - Package policy inputs (see integration documentation to know what - inputs are available) - example: - nginx-logfile: - enabled: true - streams: - nginx.access: - enabled: true - vars: - ignore_older: 72h - paths: - - /var/log/nginx/access.log* - preserve_original_event: false - tags: - - nginx-access - type: object - name: - description: Package policy name (should be unique) - example: nginx-123 - type: string - namespace: - description: >- - The package policy namespace. Leave blank to inherit the agent - policy's namespace. - example: customnamespace - type: string - output_id: - description: Output ID to send package data to - example: output-id - nullable: true - type: string - overrides: - description: >- - Override settings that are defined in the package policy. The - override option should be used only in unusual circumstances and not - as a routine procedure. - nullable: true + required: + - data_view + Data_views_data_view_response_object: + title: Data view response properties + type: object + properties: + data_view: type: object properties: - inputs: + allowNoIndex: + $ref: '#/components/schemas/Data_views_allownoindex' + fieldAttrs: + additionalProperties: + $ref: '#/components/schemas/Data_views_fieldattrs' type: object - package: - type: object - properties: + fieldFormats: + $ref: '#/components/schemas/Data_views_fieldformats' + fields: + type: object + id: + example: ff959d40-b880-11e8-a6d9-e546fe2bba5f + type: string name: - description: Package name - example: nginx + description: The data view name. type: string + namespaces: + $ref: '#/components/schemas/Data_views_namespaces' + runtimeFieldMap: + additionalProperties: + $ref: '#/components/schemas/Data_views_runtimefieldmap' + type: object + sourceFilters: + $ref: '#/components/schemas/Data_views_sourcefilters' + timeFieldName: + $ref: '#/components/schemas/Data_views_timefieldname' + title: + $ref: '#/components/schemas/Data_views_title' + typeMeta: + $ref: '#/components/schemas/Data_views_typemeta_response' version: - description: Package version - example: 1.6.0 + example: WzQ2LDJd type: string - required: - - name - - version - policy_id: - deprecated: true - description: Agent policy ID where that package policy will be added - example: agent-policy-id - nullable: true - type: string - policy_ids: - description: Agent policy IDs where that package policy will be added - example: - - agent-policy-id - items: - type: string - type: array - vars: - description: >- - Package root level variable (see integration documentation for more - information) - type: object - required: - - name - - package - Fleet_package_usage_stats: - title: Package usage stats + Data_views_fieldattrs: + description: A map of field attributes by field name. type: object properties: - agent_policy_count: + count: + description: Popularity count for the field. type: integer - required: - - agent_policy_count - Fleet_proxies: - title: Fleet Proxy - type: object - properties: - certificate: - type: string - certificate_authorities: - type: string - certificate_key: - type: string - id: + customDescription: + description: Custom description for the field. + maxLength: 300 type: string - name: + customLabel: + description: Custom label for the field. type: string - proxy_headers: + Data_views_fieldformats: + description: A map of field formats by field name. + type: object + Data_views_namespaces: + description: >- + An array of space identifiers for sharing the data view between multiple + spaces. + items: + default: default + type: string + type: array + Data_views_runtimefieldmap: + description: A map of runtime field definitions by field name. + type: object + properties: + script: type: object - url: + properties: + source: + description: Script for the runtime field. + type: string + type: + description: Mapping type of the runtime field. type: string required: - - name - - url - Fleet_saved_object_type: - oneOf: - - enum: - - dashboard - - visualization - - search - - index_pattern - - map - - lens - - security_rule - - csp_rule_template - - ml_module - - tag - - osquery_pack_asset - - osquery_saved_query - type: string - - enum: - - index - - component_template - - ingest_pipeline - - index_template - - ilm_policy - - transform - - data_stream_ilm_policy - - ml_model - type: string - title: Saved Object type - Fleet_search_result: - title: Search result + - script + - type + Data_views_sourcefilters: + description: The array of field names you want to filter out in Discover. + items: + type: object + properties: + value: + type: string + required: + - value + type: array + Data_views_swap_data_view_request_object: + title: Data view reference swap request type: object properties: - description: - type: string - download: - type: string - icons: - type: string - installationInfo: - $ref: '#/components/schemas/Fleet_installation_info' - name: - type: string - path: - type: string - savedObject: - deprecated: true - type: object - status: + delete: + description: Deletes referenced saved object if all references are removed. + type: boolean + forId: + description: Limit the affected saved objects to one or more by identifier. + oneOf: + - type: string + - items: + type: string + type: array + forType: + description: Limit the affected saved objects by type. type: string - title: + fromId: + description: The saved object reference to change. type: string - type: + fromType: + description: > + Specify the type of the saved object reference to alter. The default + value is `index-pattern` for data views. type: string - version: + toId: + description: New saved object reference value to replace the old value. type: string required: - - description - - download - - icons - - name - - path - - title - - type - - version - - status - Fleet_settings: - title: Settings + - fromId + - toId + Data_views_timefieldname: + description: The timestamp field name, which you use for time-based data views. + type: string + Data_views_title: + description: >- + Comma-separated list of data streams, indices, and aliases that you want + to search. Supports wildcards (`*`). + type: string + Data_views_type: + description: When set to `rollup`, identifies the rollup data views. + type: string + Data_views_typemeta: + description: >- + When you use rollup indices, contains the field list for the rollup data + view API endpoints. type: object properties: - fleet_server_hosts: - deprecated: true - items: - type: string - type: array - has_seen_add_data_notice: - type: boolean - id: - type: string - prerelease_integrations_enabled: - type: boolean + aggs: + description: A map of rollup restrictions by aggregation type and field name. + type: object + params: + description: Properties for retrieving rollup fields. + type: object required: - - fleet_server_hosts - - id - Fleet_upgrade_agent: - title: Upgrade agent + - aggs + - params + Data_views_typemeta_response: + description: >- + When you use rollup indices, contains the field list for the rollup data + view API endpoints. + nullable: true type: object properties: - force: - description: Force upgrade, skipping validation (should be used with caution) - type: boolean - skipRateLimitCheck: - description: Skip rate limit check for upgrade + aggs: + description: A map of rollup restrictions by aggregation type and field name. + type: object + params: + description: Properties for retrieving rollup fields. + type: object + Data_views_update_data_view_request_object: + title: Update data view request + type: object + properties: + data_view: + description: > + The data view properties you want to update. Only the specified + properties are updated in the data view. Unspecified fields stay as + they are persisted. + type: object + properties: + allowNoIndex: + $ref: '#/components/schemas/Data_views_allownoindex' + fieldFormats: + $ref: '#/components/schemas/Data_views_fieldformats' + fields: + type: object + name: + type: string + runtimeFieldMap: + additionalProperties: + $ref: '#/components/schemas/Data_views_runtimefieldmap' + type: object + sourceFilters: + $ref: '#/components/schemas/Data_views_sourcefilters' + timeFieldName: + $ref: '#/components/schemas/Data_views_timefieldname' + title: + $ref: '#/components/schemas/Data_views_title' + type: + $ref: '#/components/schemas/Data_views_type' + typeMeta: + $ref: '#/components/schemas/Data_views_typemeta' + refresh_fields: + default: false + description: Reloads the data view fields after the data view is updated. type: boolean - source_uri: - type: string - version: - type: string required: - - version - Fleet_upgrade_agent_diff: - items: - items: - $ref: '#/components/schemas/Fleet_full_agent_policy_input' - type: array - title: Package policy Upgrade dryrun - type: array - Fleet_upgrade_diff: - items: - allOf: - - $ref: '#/components/schemas/Fleet_package_policy' - - allOf: - - $ref: '#/components/schemas/Fleet_new_package_policy' - - type: object - properties: - errors: - items: - type: object - properties: - key: - type: string - message: - type: string - type: array - missingVars: - items: - type: string - type: array - type: object - title: Package policy Upgrade dryrun - type: array + - data_view Kibana_HTTP_APIs_core_status_redactedResponse: additionalProperties: false description: A minimal representation of Kibana's operational status. @@ -35392,6 +52949,7 @@ components: - id - rule_id - immutable + - rule_source - updated_at - updated_by - created_at @@ -42204,13 +59762,13 @@ tags: - name: Elastic Package Manager (EPM) - name: Fleet enrollment API keys - name: Fleet internals - - name: Fleet Kubernetes - name: Fleet outputs - name: Fleet package policies - name: Fleet proxies - name: Fleet Server hosts - name: Fleet service tokens - name: Fleet uninstall tokens + - name: Message Signing Service - description: Machine learning name: ml - name: roles @@ -42240,33 +59798,42 @@ tags: x-displayName: Saved objects - description: Manage and interact with Security Assistant resources. name: Security AI Assistant API + x-displayName: Security AI assistant - description: >- You can create rules that automatically turn events and external alerts sent to Elastic Security into detection alerts. These alerts are displayed on the Detections page. name: Security Detections API + x-displayName: Security detections - description: >- Endpoint Exceptions API allows you to manage detection rule endpoint exceptions to prevent a rule from generating an alert from incoming events even when the rule's other criteria are met. name: Security Endpoint Exceptions API + x-displayName: Security endpoint exceptions - description: Interact with and manage endpoints running the Elastic Defend integration. name: Security Endpoint Management API + x-displayName: Security endpoint management - description: '' name: Security Entity Analytics API + x-displayName: Security entity analytics - description: >- Exceptions API allows you to manage detection rule exceptions to prevent a rule from generating an alert from incoming events even when the rule's other criteria are met. name: Security Exceptions API + x-displayName: Security exceptions - description: Lists API allows you to manage lists of keywords, IPs or IP ranges items. name: Security Lists API + x-displayName: Security lists - description: Run live queries, manage packs and saved queries. name: Security Osquery API + x-displayName: Security Osquery - description: >- You can create Timelines and Timeline templates via the API, as well as import new Timelines from an ndjson file. name: Security Timeline API + x-displayName: Security timeline - description: SLO APIs enable you to define, manage and track service-level objectives name: slo - name: spaces diff --git a/oas_docs/output/kibana.yaml b/oas_docs/output/kibana.yaml index da28a9a3ade65..aba85f8c82ca9 100644 --- a/oas_docs/output/kibana.yaml +++ b/oas_docs/output/kibana.yaml @@ -6578,6 +6578,270 @@ paths: summary: Search for annotations tags: - APM annotations + /api/asset_criticality: + delete: + description: Delete the asset criticality record for a specific entity. + operationId: DeleteAssetCriticalityRecord + parameters: + - description: The ID value of the asset. + in: query + name: id_value + required: true + schema: + type: string + - description: The field representing the ID. + example: host.name + in: query + name: id_field + required: true + schema: + $ref: '#/components/schemas/Security_Entity_Analytics_API_IdField' + - description: If 'wait_for' the request will wait for the index refresh. + in: query + name: refresh + required: false + schema: + enum: + - wait_for + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + deleted: + description: >- + True if the record was deleted or false if the record did + not exist. + type: boolean + record: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityRecord + description: The deleted record if it existed. + required: + - deleted + description: Successful response + '400': + description: Invalid request + summary: Delete an asset criticality record + tags: + - Security Entity Analytics API + get: + description: Get the asset criticality record for a specific entity. + operationId: GetAssetCriticalityRecord + parameters: + - description: The ID value of the asset. + in: query + name: id_value + required: true + schema: + type: string + - description: The field representing the ID. + example: host.name + in: query + name: id_field + required: true + schema: + $ref: '#/components/schemas/Security_Entity_Analytics_API_IdField' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityRecord + description: Successful response + '400': + description: Invalid request + '404': + description: Criticality record not found + summary: Get an asset criticality record + tags: + - Security Entity Analytics API + post: + description: > + Create or update an asset criticality record for a specific entity. + + + If a record already exists for the specified entity, that record is + overwritten with the specified value. If a record doesn't exist for the + specified entity, a new record is created. + operationId: CreateAssetCriticalityRecord + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + allOf: + - $ref: >- + #/components/schemas/Security_Entity_Analytics_API_CreateAssetCriticalityRecord + - type: object + properties: + refresh: + description: >- + If 'wait_for' the request will wait for the index + refresh. + enum: + - wait_for + type: string + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityRecord + description: Successful response + '400': + description: Invalid request + summary: Upsert an asset criticality record + tags: + - Security Entity Analytics API + /api/asset_criticality/bulk: + post: + description: > + Bulk upsert up to 1000 asset criticality records. + + + If asset criticality records already exist for the specified entities, + those records are overwritten with the specified values. If asset + criticality records don't exist for the specified entities, new records + are created. + operationId: BulkUpsertAssetCriticalityRecords + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + example: + records: + - criticality_level: low_impact + id_field: host.name + id_value: host-1 + - criticality_level: medium_impact + id_field: host.name + id_value: host-2 + type: object + properties: + records: + items: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_CreateAssetCriticalityRecord + maxItems: 1000 + minItems: 1 + type: array + required: + - records + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + example: + errors: + - index: 0 + message: Invalid ID field + stats: + failed: 1 + successful: 1 + total: 2 + type: object + properties: + errors: + items: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityBulkUploadErrorItem + type: array + stats: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityBulkUploadStats + required: + - errors + - stats + description: Bulk upload successful + '413': + description: File too large + summary: Bulk upsert asset criticality records + tags: + - Security Entity Analytics API + /api/asset_criticality/list: + get: + description: List asset criticality records, paging, sorting and filtering as needed. + operationId: FindAssetCriticalityRecords + parameters: + - description: The field to sort by. + in: query + name: sort_field + required: false + schema: + enum: + - id_value + - id_field + - criticality_level + - \@timestamp + type: string + - description: The order to sort by. + in: query + name: sort_direction + required: false + schema: + enum: + - asc + - desc + type: string + - description: The page number to return. + in: query + name: page + required: false + schema: + minimum: 1 + type: integer + - description: The number of records to return per page. + in: query + name: per_page + required: false + schema: + maximum: 1000 + minimum: 1 + type: integer + - description: The kuery to filter by. + in: query + name: kuery + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + page: + minimum: 1 + type: integer + per_page: + maximum: 1000 + minimum: 1 + type: integer + records: + items: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityRecord + type: array + total: + minimum: 0 + type: integer + required: + - records + - page + - per_page + - total + description: Bulk upload successful + summary: List asset criticality records + tags: + - Security Entity Analytics API /api/cases: delete: description: > @@ -8444,102 +8708,52 @@ paths: summary: Preview a saved object reference swap tags: - data views - /api/encrypted_saved_objects/_rotate_key: - post: - description: > - Superuser role required. - - - If a saved object cannot be decrypted using the primary encryption key, - then Kibana will attempt to decrypt it using the specified - decryption-only keys. In most of the cases this overhead is negligible, - but if you're dealing with a large number of saved objects and - experiencing performance issues, you may want to rotate the encryption - key. - - - This functionality is in technical preview and may be changed or removed - in a future release. Elastic will work to fix any issues, but features - in technical preview are not subject to the support SLA of official GA - features. - operationId: rotateEncryptionKey - parameters: - - description: > - Specifies a maximum number of saved objects that Kibana can process - in a single batch. Bulk key rotation is an iterative process since - Kibana may not be able to fetch and process all required saved - objects in one go and splits processing into consequent batches. By - default, the batch size is 10000, which is also a maximum allowed - value. - in: query - name: batch_size - required: false - schema: - default: 10000 - type: number - - description: > - Limits encryption key rotation only to the saved objects with the - specified type. By default, Kibana tries to rotate the encryption - key for all saved object types that may contain encrypted - attributes. - in: query - name: type - required: false - schema: - type: string + /api/detection_engine/index: + delete: + operationId: DeleteAlertsIndex responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: - examples: - rotateEncryptionKeyResponse: - $ref: '#/components/examples/Saved_objects_key_rotation_response' schema: type: object properties: - failed: - description: > - Indicates the number of the saved objects that were still - encrypted with one of the old encryption keys that Kibana - failed to re-encrypt with the primary key. - type: number - successful: - description: > - Indicates the total number of all encrypted saved objects - (optionally filtered by the requested `type`), regardless - of the key Kibana used for encryption. - - - NOTE: In most cases, `total` will be greater than - `successful` even if `failed` is zero. The reason is that - Kibana may not need or may not be able to rotate - encryption keys for all encrypted saved objects. - type: number - total: - description: > - Indicates the total number of all encrypted saved objects - (optionally filtered by the requested `type`), regardless - of the key Kibana used for encryption. - type: number - description: Indicates a successful call. - '400': + acknowledged: + type: boolean + required: + - acknowledged + description: Successful response + '401': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Saved_objects_400_response' - description: Bad request - '429': + $ref: >- + #/components/schemas/Security_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - description: Already in progress. - summary: Rotate a key for encrypted saved objects + $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' + description: Not enough permissions response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: string + description: Index does not exist response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' + description: Internal server error response + summary: Delete an alerts index tags: - - saved objects - /api/fleet/agent_download_sources: + - Security Detections API + - Alert index API get: - operationId: get-download-sources + operationId: ReadAlertsIndex responses: '200': content: @@ -8547,62 +8761,46 @@ paths: schema: type: object properties: - items: - items: - $ref: '#/components/schemas/Fleet_download_sources' - type: array - page: - type: integer - perPage: - type: integer - total: - type: integer - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: List agent binary download sources - tags: - - Elastic Agent binary download sources - post: - operationId: post-download-sources - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - host: - type: string - id: - type: string - is_default: - type: boolean - name: - type: string - required: - - name - - host - - is_default - responses: - '200': + index_mapping_outdated: + nullable: true + type: boolean + name: + type: string + required: + - name + - index_mapping_outdated + description: Successful response + '401': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_download_sources' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Create agent binary download source + $ref: >- + #/components/schemas/Security_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' + description: Not enough permissions response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' + description: Not found + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' + description: Internal server error response + summary: Reads the alert index name if it exists tags: - - Elastic Agent binary download sources - /api/fleet/agent_download_sources/{sourceId}: - delete: - operationId: delete-download-source - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - Security Detections API + - Alert index API + post: + operationId: CreateAlertsIndex responses: '200': content: @@ -8610,18 +8808,52 @@ paths: schema: type: object properties: - id: - type: string + acknowledged: + type: boolean required: - - id - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete agent binary download source by ID + - acknowledged + description: Successful response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' + description: Not enough permissions response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' + description: Not found + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' + description: Internal server error response + summary: Create an alerts index tags: - - Elastic Agent binary download sources + - Security Detections API + - Alert index API + /api/detection_engine/privileges: get: - operationId: get-one-download-source + description: > + Retrieves whether or not the user is authenticated, and the user's + Kibana + + space and index privileges, which determine if the user can create an + + index for the Elastic Security alerts generated by + + detection engine rules. + operationId: ReadPrivileges responses: '200': content: @@ -8629,411 +8861,511 @@ paths: schema: type: object properties: - item: - $ref: '#/components/schemas/Fleet_download_sources' + has_encryption_key: + type: boolean + is_authenticated: + type: boolean required: - - item - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get agent binary download source by ID + - is_authenticated + - has_encryption_key + description: Successful response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' + description: Internal server error response + summary: Returns user privileges for the Kibana space tags: - - Elastic Agent binary download sources - parameters: - - in: path - name: sourceId - required: true - schema: - type: string - put: - operationId: update-download-source + - Security Detections API + - Privileges API + /api/detection_engine/rules: + delete: + description: Delete a detection rule using the `rule_id` or `id` field. + operationId: DeleteRule parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - host: - type: string - is_default: - type: boolean - name: - type: string - required: - - name - - is_default - - host + - description: The rule's `id` value. + in: query + name: id + required: false + schema: + $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' + - description: The rule's `rule_id` value. + in: query + name: rule_id + required: false + schema: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_download_sources' - required: - - item - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Update agent binary download source by ID + $ref: '#/components/schemas/Security_Detections_API_RuleResponse' + description: Indicates a successful call. + summary: Delete a detection rule tags: - - Elastic Agent binary download sources - /api/fleet/agent_policies: + - Security Detections API + - Rules API get: - description: '' - operationId: agent-policy-list + description: Retrieve a detection rule using the `rule_id` or `id` field. + operationId: ReadRule parameters: - - $ref: '#/components/parameters/Fleet_page_size' - - $ref: '#/components/parameters/Fleet_page_index' - - $ref: '#/components/parameters/Fleet_kuery' - - $ref: '#/components/parameters/Fleet_format' - - description: >- - When set to true, retrieve the related package policies for each - agent policy. + - description: The rule's `id` value. in: query - name: full + name: id + required: false schema: - type: boolean - - description: >- - When set to true, do not count how many agents are in the agent - policy, this can improve performance if you are searching over a - large number of agent policies. The "agents" property will always be - 0 if set to true. + $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' + - description: The rule's `rule_id` value. in: query - name: noAgentCount + name: rule_id + required: false schema: - type: boolean + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - items: - items: - $ref: '#/components/schemas/Fleet_agent_policy' - type: array - page: - type: number - perPage: - type: number - total: - type: number - required: - - items - - total - - page - - perPage - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: List agent policies + $ref: '#/components/schemas/Security_Detections_API_RuleResponse' + description: Indicates a successful call. + summary: Retrieve a detection rule tags: - - Elastic Agent policies - post: - operationId: create-agent-policy - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - Security Detections API + - Rules API + patch: + description: >- + Update specific fields of an existing detection rule using the `rule_id` + or `id` field. + operationId: PatchRule requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Fleet_agent_policy_create_request' + $ref: '#/components/schemas/Security_Detections_API_RulePatchProps' + required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_agent_policy' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Create agent policy + $ref: '#/components/schemas/Security_Detections_API_RuleResponse' + description: Indicates a successful call. + summary: Patch a detection rule tags: - - Elastic Agent policies - /api/fleet/agent_policies/_bulk_get: + - Security Detections API + - Rules API post: - operationId: bulk-get-agent-policies - parameters: - - $ref: '#/components/parameters/Fleet_format' + description: Create a new detection rule. + operationId: CreateRule requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - full: - description: get full policies with package policies populated - type: boolean - ids: - description: list of agent policy ids - items: - type: string - type: array - ignoreMissing: - type: boolean - required: - - ids + $ref: '#/components/schemas/Security_Detections_API_RuleCreateProps' + required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - items: - items: - $ref: '#/components/schemas/Fleet_agent_policy' - type: array - required: - - items - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Bulk get agent policies + $ref: '#/components/schemas/Security_Detections_API_RuleResponse' + description: Indicates a successful call. + summary: Create a detection rule tags: - - Elastic Agent policies - /api/fleet/agent_policies/{agentPolicyId}: - get: - description: Get one agent policy - operationId: agent-policy-info - parameters: [] + - Security Detections API + - Rules API + put: + description: > + Update a detection rule using the `rule_id` or `id` field. The original + rule is replaced, and all unspecified fields are deleted. + + > info + + > You cannot modify the `id` or `rule_id` values. + operationId: UpdateRule + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Detections_API_RuleUpdateProps' + required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_agent_policy' - required: - - item - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get agent policy by ID + $ref: '#/components/schemas/Security_Detections_API_RuleResponse' + description: Indicates a successful call. + summary: Update a detection rule tags: - - Elastic Agent policies - parameters: - - in: path - name: agentPolicyId - required: true - schema: - type: string - - $ref: '#/components/parameters/Fleet_format' - put: - operationId: update-agent-policy + - Security Detections API + - Rules API + /api/detection_engine/rules/_bulk_action: + post: + description: >- + Apply a bulk action, such as bulk edit, duplicate, or delete, to + multiple detection rules. The bulk action is applied to all rules that + match the query or to the rules listed by their IDs. + operationId: PerformRulesBulkAction parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: Enables dry run mode for the request call. + in: query + name: dry_run + required: false + schema: + type: boolean requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Fleet_agent_policy_update_request' + oneOf: + - $ref: '#/components/schemas/Security_Detections_API_BulkDeleteRules' + - $ref: >- + #/components/schemas/Security_Detections_API_BulkDisableRules + - $ref: '#/components/schemas/Security_Detections_API_BulkEnableRules' + - $ref: '#/components/schemas/Security_Detections_API_BulkExportRules' + - $ref: >- + #/components/schemas/Security_Detections_API_BulkDuplicateRules + - $ref: >- + #/components/schemas/Security_Detections_API_BulkManualRuleRun + - $ref: '#/components/schemas/Security_Detections_API_BulkEditRules' responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_agent_policy' - required: - - item + oneOf: + - $ref: >- + #/components/schemas/Security_Detections_API_BulkEditActionResponse + - $ref: >- + #/components/schemas/Security_Detections_API_BulkExportActionResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Update agent policy by ID + summary: Apply a bulk action to detection rules tags: - - Elastic Agent policies - /api/fleet/agent_policies/{agentPolicyId}/copy: - parameters: - - in: path - name: agentPolicyId - required: true - schema: - type: string - - $ref: '#/components/parameters/Fleet_format' + - Security Detections API + - Bulk API + /api/detection_engine/rules/_bulk_create: post: - operationId: agent-policy-copy - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + deprecated: true + description: Create new detection rules in bulk. + operationId: BulkCreateRules requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - description: - type: string - name: - type: string - required: - - name - description: '' + items: + $ref: '#/components/schemas/Security_Detections_API_RuleCreateProps' + type: array + description: A JSON array of rules, where each rule contains the required fields. + required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + $ref: >- + #/components/schemas/Security_Detections_API_BulkCrudRulesResponse + description: Indicates a successful call. + summary: Create multiple detection rules + tags: + - Security Detections API + - Bulk API + /api/detection_engine/rules/_bulk_delete: + delete: + deprecated: true + description: Delete detection rules in bulk. + operationId: BulkDeleteRules + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: type: object properties: - item: - $ref: '#/components/schemas/Fleet_agent_policy' - required: - - item - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Copy agent policy by ID - tags: - - Elastic Agent policies - /api/fleet/agent_policies/{agentPolicyId}/download: - get: - operationId: agent-policy-download + id: + $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' + rule_id: + $ref: >- + #/components/schemas/Security_Detections_API_RuleSignatureId + type: array + description: >- + A JSON array of `id` or `rule_id` fields of the rules you want to + delete. + required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + $ref: >- + #/components/schemas/Security_Detections_API_BulkCrudRulesResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' + description: Internal server error response + summary: Delete multiple detection rules + tags: + - Security Detections API + - Bulk API + post: + deprecated: true + description: Deletes multiple rules. + operationId: BulkDeleteRulesPost + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: type: object properties: - item: - type: string - description: OK + id: + $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' + rule_id: + $ref: >- + #/components/schemas/Security_Detections_API_RuleSignatureId + type: array + description: >- + A JSON array of `id` or `rule_id` fields of the rules you want to + delete. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Detections_API_BulkCrudRulesResponse + description: Indicates a successful call. '400': - $ref: '#/components/responses/Fleet_error' - summary: Download agent policy by ID + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' + description: Internal server error response + summary: Delete multiple detection rules tags: - - Elastic Agent policies - parameters: - - in: path - name: agentPolicyId + - Security Detections API + - Bulk API + /api/detection_engine/rules/_bulk_update: + patch: + deprecated: true + description: >- + Update specific fields of existing detection rules using the `rule_id` + or `id` field. + operationId: BulkPatchRules + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + $ref: '#/components/schemas/Security_Detections_API_RulePatchProps' + type: array + description: A JSON array of rules, where each rule contains the required fields. required: true - schema: - type: string - - in: query - name: download - required: false - schema: - type: string - - in: query - name: standalone - required: false - schema: - type: string - - in: query - name: kubernetes - required: false - schema: - type: string - /api/fleet/agent_policies/{agentPolicyId}/full: - get: - operationId: agent-policy-full responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - item: - oneOf: - - type: string - - $ref: '#/components/schemas/Fleet_agent_policy_full' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get full agent policy by ID + $ref: >- + #/components/schemas/Security_Detections_API_BulkCrudRulesResponse + description: Indicates a successful call. + summary: Patch multiple detection rules tags: - - Elastic Agent policies - parameters: - - in: path - name: agentPolicyId + - Security Detections API + - Bulk API + put: + deprecated: true + description: > + Update multiple detection rules using the `rule_id` or `id` field. The + original rules are replaced, and all unspecified fields are deleted. + + > info + + > You cannot modify the `id` or `rule_id` values. + operationId: BulkUpdateRules + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleUpdateProps' + type: array + description: >- + A JSON array where each element includes the `id` or `rule_id` field + of the rule you want to update and the fields you want to modify. required: true - schema: - type: string - - in: query - name: download - required: false - schema: - type: string - - in: query - name: standalone - required: false - schema: - type: string - - in: query - name: kubernetes - required: false - schema: - type: string - /api/fleet/agent_policies/delete: - parameters: [] + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Detections_API_BulkCrudRulesResponse + description: Indicates a successful call. + summary: Update multiple detection rules + tags: + - Security Detections API + - Bulk API + /api/detection_engine/rules/_export: post: - operationId: delete-agent-policy + description: > + Export detection rules to an `.ndjson` file. The following configuration + items are also included in the `.ndjson` file: + + - Actions + + - Exception lists + + > info + + > You cannot export prebuilt rules. + operationId: ExportRules parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: Determines whether a summary of the exported rules is returned. + in: query + name: exclude_export_details + required: false + schema: + default: false + type: boolean + - description: File name for saving the exported rules. + in: query + name: file_name + required: false + schema: + default: export.ndjson + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: + nullable: true type: object properties: - agentPolicyId: - type: string - force: + objects: description: >- - bypass validation checks that can prevent agent policy - deletion - type: boolean + Array of `rule_id` fields. Exports all rules when + unspecified. + items: + type: object + properties: + rule_id: + $ref: >- + #/components/schemas/Security_Detections_API_RuleSignatureId + required: + - rule_id + type: array required: - - agentPolicyId + - objects + required: false responses: '200': content: - application/json; Elastic-Api-Version=2023-10-31: + application/ndjson; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - id: - type: string - success: - type: boolean - required: - - id - - success - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete agent policy by ID + description: An `.ndjson` file containing the returned rules. + format: binary + type: string + description: Indicates a successful call. + summary: Export detection rules tags: - - Elastic Agent policies - /api/fleet/agent_status: + - Security Detections API + - Import/Export API + /api/detection_engine/rules/_find: get: - operationId: get-agent-status + description: >- + Retrieve a paginated list of detection rules. By default, the first page + is returned, with 20 results per page. + operationId: FindRules parameters: - in: query - name: policyId + name: fields required: false schema: - type: string - - deprecated: true + items: + type: string + type: array + - description: Search query in: query - name: kuery + name: filter required: false schema: type: string + - description: Field to sort by + in: query + name: sort_field + required: false + schema: + $ref: '#/components/schemas/Security_Detections_API_FindRulesSortField' + - description: Sort order + in: query + name: sort_order + required: false + schema: + $ref: '#/components/schemas/Security_Detections_API_SortOrder' + - description: Page number + in: query + name: page + required: false + schema: + default: 1 + minimum: 1 + type: integer + - description: Rules per page + in: query + name: per_page + required: false + schema: + default: 20 + minimum: 0 + type: integer responses: '200': content: @@ -9041,252 +9373,371 @@ paths: schema: type: object properties: - active: - type: integer - all: - type: integer - error: - type: integer - events: - type: integer - inactive: - type: integer - offline: - type: integer - online: + data: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RuleResponse + type: array + page: type: integer - other: + perPage: type: integer total: - deprecated: true - type: integer - unenrolled: - type: integer - updating: type: integer required: - - active - - all - - error - - events - - inactive - - offline - - online - - other + - page + - perPage - total - - updating - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get agent status summary + - data + description: Successful response + summary: List all detection rules tags: - - Elastic Agent status - /api/fleet/agent_status/data: - get: - operationId: get-agent-data + - Security Detections API + - Rules API + /api/detection_engine/rules/_import: + post: + description: > + Import detection rules from an `.ndjson` file, including actions and + exception lists. The request must include: + + - The `Content-Type: multipart/form-data` HTTP header. + + - A link to the `.ndjson` file containing the rules. + operationId: ImportRules parameters: - - in: query - name: agentsIds - required: true + - description: >- + Determines whether existing rules with the same `rule_id` are + overwritten. + in: query + name: overwrite + required: false schema: - items: - type: string - type: array - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - items: - items: - additionalProperties: - type: object - properties: - data: - type: boolean - type: object - type: array - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get incoming agent data - tags: - - Elastic Agent status - /api/fleet/agent-status: - get: - deprecated: true - operationId: get-agent-status-deprecated - parameters: - - in: query - name: policyId + default: false + type: boolean + - description: >- + Determines whether existing exception lists with the same `list_id` + are overwritten. + in: query + name: overwrite_exceptions required: false schema: - type: string + default: false + type: boolean + - description: >- + Determines whether existing actions with the same + `kibana.alert.rule.actions.id` are overwritten. + in: query + name: overwrite_action_connectors + required: false + schema: + default: false + type: boolean + - description: Generates a new list ID for each imported exception list. + in: query + name: as_new_list + required: false + schema: + default: false + type: boolean + requestBody: + content: + multipart/form-data; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + file: + description: The `.ndjson` file containing the rules. + format: binary + type: string + required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - error: - type: integer - events: - type: integer - inactive: - type: integer - offline: - type: integer - online: + action_connectors_errors: + items: + $ref: '#/components/schemas/Security_Detections_API_ErrorSchema' + type: array + action_connectors_success: + type: boolean + action_connectors_success_count: + minimum: 0 type: integer - other: + action_connectors_warnings: + items: + $ref: >- + #/components/schemas/Security_Detections_API_WarningSchema + type: array + errors: + items: + $ref: '#/components/schemas/Security_Detections_API_ErrorSchema' + type: array + exceptions_errors: + items: + $ref: '#/components/schemas/Security_Detections_API_ErrorSchema' + type: array + exceptions_success: + type: boolean + exceptions_success_count: + minimum: 0 type: integer - total: + rules_count: + minimum: 0 type: integer - updating: + success: + type: boolean + success_count: + minimum: 0 type: integer required: - - error - - events - - inactive - - offline - - online - - other - - total - - updating - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get agent status summary - tags: - - Elastic Agent status - /api/fleet/agents: - get: - operationId: get-agents - parameters: - - $ref: '#/components/parameters/Fleet_page_size' - - $ref: '#/components/parameters/Fleet_page_index' - - $ref: '#/components/parameters/Fleet_kuery' - - $ref: '#/components/parameters/Fleet_show_inactive' - - $ref: '#/components/parameters/Fleet_show_upgradeable' - - $ref: '#/components/parameters/Fleet_sort_field' - - $ref: '#/components/parameters/Fleet_sort_order' - - $ref: '#/components/parameters/Fleet_with_metrics' - - in: query - name: getStatusSummary - required: false - schema: - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Fleet_get_agents_response' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: List agents + - exceptions_success + - exceptions_success_count + - exceptions_errors + - rules_count + - success + - success_count + - errors + - action_connectors_errors + - action_connectors_warnings + - action_connectors_success + - action_connectors_success_count + description: Indicates a successful call. + summary: Import detection rules tags: - - Elastic Agents + - Security Detections API + - Import/Export API + /api/detection_engine/rules/{id}/exceptions: post: - operationId: get-agents-by-actions + description: Create exception items that apply to a single detection rule. + operationId: CreateRuleExceptionListItems parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: Detection rule's identifier + in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Exceptions_API_RuleId' requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: type: object properties: - actionIds: + items: items: - type: string + $ref: >- + #/components/schemas/Security_Exceptions_API_CreateRuleExceptionListItemProps type: array required: - - policy_id + - items + description: Rule exception list items required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Fleet_agent_get_by_actions' - description: OK + items: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItem + type: array + description: Successful response '400': - $ref: '#/components/responses/Fleet_error' - summary: List agents by action ids + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Internal server error response + summary: Create rule exception list items tags: - - Elastic Agents - /api/fleet/agents/{agentId}: - delete: - operationId: delete-agent - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - Security Exceptions API + /api/detection_engine/rules/prepackaged: + put: + description: Install and update all Elastic prebuilt detection rules and Timelines. + operationId: InstallPrebuiltRulesAndTimelines responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - action: - enum: - - deleted - type: string + rules_installed: + description: The number of rules installed + minimum: 0 + type: integer + rules_updated: + description: The number of rules updated + minimum: 0 + type: integer + timelines_installed: + description: The number of timelines installed + minimum: 0 + type: integer + timelines_updated: + description: The number of timelines updated + minimum: 0 + type: integer required: - - action - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete agent by ID + - rules_installed + - rules_updated + - timelines_installed + - timelines_updated + description: Indicates a successful call + summary: Install prebuilt detection rules and Timelines tags: - - Elastic Agents + - Security Detections API + - Prebuilt Rules API + /api/detection_engine/rules/prepackaged/_status: get: - operationId: get-agent - parameters: - - $ref: '#/components/parameters/Fleet_with_metrics' + description: >- + Retrieve the status of all Elastic prebuilt detection rules and + Timelines. + operationId: ReadPrebuiltRulesAndTimelinesStatus responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object properties: - item: - $ref: '#/components/schemas/Fleet_agent' + rules_custom_installed: + description: The total number of custom rules + minimum: 0 + type: integer + rules_installed: + description: The total number of installed prebuilt rules + minimum: 0 + type: integer + rules_not_installed: + description: >- + The total number of available prebuilt rules that are not + installed + minimum: 0 + type: integer + rules_not_updated: + description: The total number of outdated prebuilt rules + minimum: 0 + type: integer + timelines_installed: + description: The total number of installed prebuilt timelines + minimum: 0 + type: integer + timelines_not_installed: + description: >- + The total number of available prebuilt timelines that are + not installed + minimum: 0 + type: integer + timelines_not_updated: + description: The total number of outdated prebuilt timelines + minimum: 0 + type: integer required: - - item - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get agent by ID + - rules_custom_installed + - rules_installed + - rules_not_installed + - rules_not_updated + - timelines_installed + - timelines_not_installed + - timelines_not_updated + description: Indicates a successful call + summary: Retrieve the status of prebuilt detection rules and Timelines tags: - - Elastic Agents - parameters: - - in: path - name: agentId - required: true - schema: - type: string - put: - operationId: update-agent + - Security Detections API + - Prebuilt Rules API + /api/detection_engine/rules/preview: + post: + operationId: RulePreview parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: >- + Enables logging and returning in response ES queries, performed + during rule execution + in: query + name: enable_logged_requests + required: false + schema: + type: boolean requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - tags: - items: - type: string - type: array - user_provided_metadata: - type: object + anyOf: + - allOf: + - $ref: >- + #/components/schemas/Security_Detections_API_EqlRuleCreateProps + - $ref: >- + #/components/schemas/Security_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Detections_API_QueryRuleCreateProps + - $ref: >- + #/components/schemas/Security_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Detections_API_SavedQueryRuleCreateProps + - $ref: >- + #/components/schemas/Security_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Detections_API_ThresholdRuleCreateProps + - $ref: >- + #/components/schemas/Security_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Detections_API_ThreatMatchRuleCreateProps + - $ref: >- + #/components/schemas/Security_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Detections_API_MachineLearningRuleCreateProps + - $ref: >- + #/components/schemas/Security_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Detections_API_NewTermsRuleCreateProps + - $ref: >- + #/components/schemas/Security_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Detections_API_EsqlRuleCreateProps + - $ref: >- + #/components/schemas/Security_Detections_API_RulePreviewParams + discriminator: + propertyName: type + description: >- + An object containing tags to add or remove and alert ids the changes + will be applied required: true responses: '200': @@ -9295,143 +9746,240 @@ paths: schema: type: object properties: - item: - $ref: '#/components/schemas/Fleet_agent' + isAborted: + type: boolean + logs: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RulePreviewLogs + type: array + previewId: + $ref: >- + #/components/schemas/Security_Detections_API_NonEmptyString required: - - item - description: OK + - logs + description: Successful response '400': - $ref: '#/components/responses/Fleet_error' - summary: Update agent by ID + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' + description: Internal server error response + summary: Preview rule alerts generated on specified time range tags: - - Elastic Agents - /api/fleet/agents/{agentId}/actions: - parameters: - - in: path - name: agentId - required: true - schema: - type: string + - Security Detections API + - Rule preview API + /api/detection_engine/signals/assignees: post: - operationId: new-agent-action - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + description: | + Assign users to detection alerts, and unassign them from alerts. + > info + > You cannot add and remove the same assignee in the same request. + operationId: SetAlertAssignees requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: type: object properties: - action: - $ref: '#/components/schemas/Fleet_agent_action' + assignees: + $ref: '#/components/schemas/Security_Detections_API_AlertAssignees' + description: Details about the assignees to assign and unassign. + ids: + $ref: '#/components/schemas/Security_Detections_API_AlertIds' + description: List of alerts ids to assign and unassign passed assignees. + required: + - assignees + - ids required: true responses: '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - body: - items: - type: number - type: array - headers: - type: string - statusCode: - type: number - description: OK + description: Indicates a successful call. '400': - $ref: '#/components/responses/Fleet_error' - summary: Create agent action + description: Invalid request. + summary: Assign and unassign users from detection alerts tags: - - Elastic Agent actions - /api/fleet/agents/{agentId}/reassign: - parameters: - - in: path - name: agentId - required: true - schema: - type: string + - Security Detections API + /api/detection_engine/signals/finalize_migration: post: - operationId: reassign-agent - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + description: > + Finalize successful migrations of detection alerts. This replaces the + original index's alias with the successfully migrated index's alias. + + The endpoint is idempotent; therefore, it can safely be used to poll a + given migration and, upon completion, + + finalize it. + operationId: FinalizeAlertsMigration requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: type: object properties: - policy_id: - type: string + migration_ids: + items: + type: string + minItems: 1 + type: array required: - - policy_id + - migration_ids + description: Array of `migration_id`s to finalize required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - description: OK + items: + $ref: >- + #/components/schemas/Security_Detections_API_MigrationFinalizationResult + type: array + description: Successful response '400': - $ref: '#/components/responses/Fleet_error' - summary: Reassign agent + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' + description: Internal server error response + summary: Finalize detection alert migrations tags: - - Elastic Agents - put: - deprecated: true - operationId: reassign-agent-deprecated - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - Security Detections API + - Alerts migration API + /api/detection_engine/signals/migration: + delete: + description: > + Migrations favor data integrity over shard size. Consequently, unused or + orphaned indices are artifacts of + + the migration process. A successful migration will result in both the + old and new indices being present. + + As such, the old, orphaned index can (and likely should) be deleted. + + + While you can delete these indices manually, + + the endpoint accomplishes this task by applying a deletion policy to the + relevant index, causing it to be deleted + + after 30 days. It also deletes other artifacts specific to the migration + implementation. + operationId: AlertsMigrationCleanup requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: type: object properties: - policy_id: - type: string + migration_ids: + items: + type: string + minItems: 1 + type: array required: - - policy_id + - migration_ids + description: Array of `migration_id`s to cleanup required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - description: OK + items: + $ref: >- + #/components/schemas/Security_Detections_API_MigrationCleanupResult + type: array + description: Successful response '400': - $ref: '#/components/responses/Fleet_error' - summary: Reassign agent + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' + description: Internal server error response + summary: Clean up detection alert migrations tags: - - Elastic Agents - /api/fleet/agents/{agentId}/request_diagnostics: - parameters: - - in: path - name: agentId - required: true - schema: - type: string + - Security Detections API + - Alerts migration API post: - operationId: request-diagnostics-agent - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + description: > + Initiate a migration of detection alerts. + + Migrations are initiated per index. While the process is neither + destructive nor interferes with existing data, it may be + resource-intensive. As such, it is recommended that you plan your + migrations accordingly. + operationId: CreateAlertsMigration requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - additional_metrics: - items: - oneOf: - - enum: - - CPU - type: string - type: array + allOf: + - type: object + properties: + index: + items: + $ref: >- + #/components/schemas/Security_Detections_API_NonEmptyString + minItems: 1 + type: array + required: + - index + - $ref: >- + #/components/schemas/Security_Detections_API_AlertsReindexOptions + description: Alerts migration parameters + required: true responses: '200': content: @@ -9439,767 +9987,841 @@ paths: schema: type: object properties: - actionId: - type: string - description: OK + indices: + items: + oneOf: + - $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexMigrationSuccess + - $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexMigrationError + - $ref: >- + #/components/schemas/Security_Detections_API_SkippedAlertsIndexMigration + type: array + required: + - indices + description: Successful response '400': - $ref: '#/components/responses/Fleet_error' - summary: Request agent diagnostics + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' + description: Internal server error response + summary: Initiate a detection alert migration tags: - - Elastic Agents - /api/fleet/agents/{agentId}/unenroll: - parameters: - - in: path - name: agentId - required: true - schema: - type: string + - Security Detections API + - Alerts migration API + /api/detection_engine/signals/migration_status: post: - operationId: unenroll-agent + description: >- + Retrieve indices that contain detection alerts of a particular age, + along with migration information for each of those indices. + operationId: ReadAlertsMigrationStatus parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: Maximum age of qualifying detection alerts + in: query + name: from + required: true + schema: + description: > + Time from which data is analyzed. For example, now-4200s means the + rule analyzes data from 70 minutes + + before its start time. Defaults to now-6m (analyzes data from 6 + minutes before the start time). + format: date-math + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + indices: + items: + $ref: >- + #/components/schemas/Security_Detections_API_IndexMigrationStatus + type: array + required: + - indices + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' + description: Internal server error response + summary: Retrieve the status of detection alert migrations + tags: + - Security Detections API + - Alerts migration API + /api/detection_engine/signals/search: + post: + description: Find and/or aggregate detection alerts that match the given query. + operationId: SearchAlerts requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: + description: Elasticsearch query and aggregation request type: object properties: - force: - type: boolean - revoke: + _source: + oneOf: + - type: boolean + - type: string + - items: + type: string + type: array + aggs: + additionalProperties: true + type: object + fields: + items: + type: string + type: array + query: + additionalProperties: true + type: object + runtime_mappings: + additionalProperties: true + type: object + size: + minimum: 0 + type: integer + sort: + $ref: '#/components/schemas/Security_Detections_API_AlertsSort' + track_total_hits: type: boolean + description: Search and/or aggregation query + required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: true + description: Elasticsearch search response type: object - description: OK + description: Successful response '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - enum: - - 400 - type: number - description: BAD REQUEST - summary: Unenroll agent + oneOf: + - $ref: >- + #/components/schemas/Security_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' + description: Internal server error response + summary: Find and/or aggregate detection alerts tags: - - Elastic Agents - /api/fleet/agents/{agentId}/upgrade: - parameters: - - in: path - name: agentId - required: true - schema: - type: string + - Security Detections API + - Alerts API + /api/detection_engine/signals/status: post: - operationId: upgrade-agent - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + description: Set the status of one or more detection alerts. + operationId: SetAlertsStatus requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Fleet_upgrade_agent' + oneOf: + - $ref: >- + #/components/schemas/Security_Detections_API_SetAlertsStatusByIds + - $ref: >- + #/components/schemas/Security_Detections_API_SetAlertsStatusByQuery + description: >- + An object containing desired status and explicit alert ids or a query + to select alerts required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Fleet_upgrade_agent' - description: OK + additionalProperties: true + description: Elasticsearch update by query response + type: object + description: Successful response '400': - $ref: '#/components/responses/Fleet_error' - summary: Upgrade agent + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' + description: Internal server error response + summary: Set a detection alert status tags: - - Elastic Agents - /api/fleet/agents/{agentId}/uploads: - get: - operationId: list-agent-uploads + - Security Detections API + - Alerts API + /api/detection_engine/signals/tags: + post: + description: | + And tags to detection alerts, and remove them from alerts. + > info + > You cannot add and remove the same alert tag in the same request. + operationId: SetAlertTags + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + ids: + $ref: '#/components/schemas/Security_Detections_API_AlertIds' + tags: + $ref: '#/components/schemas/Security_Detections_API_SetAlertTags' + required: + - ids + - tags + description: >- + An object containing tags to add or remove and alert ids the changes + will be applied + required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: true + description: Elasticsearch update by query response type: object - properties: - body: - type: object - properties: - item: - items: - $ref: '#/components/schemas/Fleet_agent_diagnostics' - type: array - description: OK + description: Successful response '400': - $ref: '#/components/responses/Fleet_error' - summary: List agent uploads + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' + description: Internal server error response + summary: Add and remove detection alert tags tags: - - Elastic Agents - parameters: - - in: path - name: agentId - required: true - schema: - type: string - /api/fleet/agents/action_status: + - Security Detections API + - Alerts API + /api/detection_engine/tags: get: - operationId: agents-action-status - parameters: - - $ref: '#/components/parameters/Fleet_page_size' - - $ref: '#/components/parameters/Fleet_page_index' - - in: query - name: errorSize - schema: - default: 5 - type: integer + description: List all unique tags from all detection rules. + operationId: ReadTags responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - items: - items: - type: object - properties: - actionId: - type: string - cancellationTime: - type: string - completionTime: - type: string - creationTime: - description: creation time of action - type: string - expiration: - type: string - latestErrors: - description: >- - latest errors that happened when the agents executed - the action - items: - type: object - properties: - agentId: - type: string - error: - type: string - timestamp: - type: string - type: array - nbAgentsAck: - description: number of agents that acknowledged the action - type: number - nbAgentsActionCreated: - description: number of agents included in action from kibana - type: number - nbAgentsActioned: - description: number of agents actioned - type: number - nbAgentsFailed: - description: number of agents that failed to execute the action - type: number - newPolicyId: - description: new policy id (POLICY_REASSIGN action) - type: string - policyId: - description: policy id (POLICY_CHANGE action) - type: string - revision: - description: new policy revision (POLICY_CHANGE action) - type: string - startTime: - description: start time of action (scheduled actions) - type: string - status: - enum: - - COMPLETE - - EXPIRED - - CANCELLED - - FAILED - - IN_PROGRESS - - ROLLOUT_PASSED - type: string - type: - enum: - - POLICY_REASSIGN - - UPGRADE - - UNENROLL - - FORCE_UNENROLL - - UPDATE_TAGS - - CANCEL - - REQUEST_DIAGNOSTICS - - SETTINGS - - POLICY_CHANGE - - INPUT_ACTION - type: string - version: - description: agent version number (UPGRADE action) - type: string - required: - - actionId - - complete - - nbAgentsActioned - - nbAgentsActionCreated - - nbAgentsAck - - nbAgentsFailed - - status - - creationTime - - type - type: array - required: - - items - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get agent action status + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + description: Indicates a successful call + summary: List all detection rule tags tags: - - Elastic Agent actions - /api/fleet/agents/actions/{actionId}/cancel: - parameters: - - in: path - name: actionId - required: true - schema: - type: string + - Security Detections API + - Tags API + /api/encrypted_saved_objects/_rotate_key: post: - operationId: agent-action-cancel + description: > + Superuser role required. + + + If a saved object cannot be decrypted using the primary encryption key, + then Kibana will attempt to decrypt it using the specified + decryption-only keys. In most of the cases this overhead is negligible, + but if you're dealing with a large number of saved objects and + experiencing performance issues, you may want to rotate the encryption + key. + + + This functionality is in technical preview and may be changed or removed + in a future release. Elastic will work to fix any issues, but features + in technical preview are not subject to the support SLA of official GA + features. + operationId: rotateEncryptionKey parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: > + Specifies a maximum number of saved objects that Kibana can process + in a single batch. Bulk key rotation is an iterative process since + Kibana may not be able to fetch and process all required saved + objects in one go and splits processing into consequent batches. By + default, the batch size is 10000, which is also a maximum allowed + value. + in: query + name: batch_size + required: false + schema: + default: 10000 + type: number + - description: > + Limits encryption key rotation only to the saved objects with the + specified type. By default, Kibana tries to rotate the encryption + key for all saved object types that may contain encrypted + attributes. + in: query + name: type + required: false + schema: + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: + examples: + rotateEncryptionKeyResponse: + $ref: '#/components/examples/Saved_objects_key_rotation_response' schema: type: object properties: - item: - $ref: '#/components/schemas/Fleet_agent_action' - description: OK + failed: + description: > + Indicates the number of the saved objects that were still + encrypted with one of the old encryption keys that Kibana + failed to re-encrypt with the primary key. + type: number + successful: + description: > + Indicates the total number of all encrypted saved objects + (optionally filtered by the requested `type`), regardless + of the key Kibana used for encryption. + + + NOTE: In most cases, `total` will be greater than + `successful` even if `failed` is zero. The reason is that + Kibana may not need or may not be able to rotate + encryption keys for all encrypted saved objects. + type: number + total: + description: > + Indicates the total number of all encrypted saved objects + (optionally filtered by the requested `type`), regardless + of the key Kibana used for encryption. + type: number + description: Indicates a successful call. '400': - $ref: '#/components/responses/Fleet_error' - summary: Cancel agent action - tags: - - Elastic Agent actions - /api/fleet/agents/bulk_reassign: - post: - operationId: bulk-reassign-agents - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - example: - agents: 'fleet-agents.policy_id : ("policy1" or "policy2")' - policy_id: policy_id - schema: - type: object - properties: - agents: - oneOf: - - description: KQL query string, leave empty to action all agents - type: string - - description: list of agent IDs - items: - type: string - type: array - policy_id: - description: new agent policy id - type: string - required: - - policy_id - - agents - responses: - '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request + '429': content: application/json; Elastic-Api-Version=2023-10-31: schema: type: object - properties: - actionId: - type: string - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Bulk reassign agents + description: Already in progress. + summary: Rotate a key for encrypted saved objects tags: - - Elastic Agents - /api/fleet/agents/bulk_request_diagnostics: + - saved objects + /api/endpoint_list: post: - operationId: bulk-request-diagnostics - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - example: - agents: 'fleet-agents.policy_id : ("policy1" or "policy2")' - schema: - type: object - properties: - additional_metrics: - items: - oneOf: - - enum: - - CPU - type: string - type: array - agents: - oneOf: - - description: KQL query string, leave empty to action all agents - type: string - - description: list of agent IDs - items: - type: string - type: array - batchSize: - type: number - required: - - agents + description: >- + Create an endpoint exception list, which groups endpoint exception list + items. If an endpoint exception list already exists, an empty response + is returned. + operationId: CreateEndpointList responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - actionId: - type: string - description: OK + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_EndpointList + description: Successful response '400': - $ref: '#/components/responses/Fleet_error' - summary: Bulk request diagnostics from agents - tags: - - Elastic Agents - /api/fleet/agents/bulk_unenroll: - post: - operationId: bulk-unenroll-agents - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - example: - agents: - - agent1 - - agent2 - force: false - revoke: true - schema: - type: object - properties: - agents: - oneOf: - - description: KQL query string, leave empty to action all agents - type: string - - description: list of agent IDs - items: - type: string - type: array - force: - description: Unenrolls hosted agents too - type: boolean - includeInactive: - description: >- - When passing agents by KQL query, unenrolls inactive agents - too - type: boolean - revoke: - description: Revokes API keys of agents - type: boolean - required: - - agents - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - actionId: - type: string - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Bulk unenroll agents - tags: - - Elastic Agents - /api/fleet/agents/bulk_update_agent_tags: - post: - operationId: bulk-update-agent-tags - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - example: - agents: - - agent1 - - agent2 - tagsToAdd: - - newTag - tagsToRemove: - - existingTag - schema: - type: object - properties: - agents: - oneOf: - - description: KQL query string, leave empty to action all agents - type: string - - description: list of agent IDs - items: - type: string - type: array - batchSize: - type: number - tagsToAdd: - items: - type: string - type: array - tagsToRemove: - items: - type: string - type: array - required: - - agents - responses: - '200': + oneOf: + - $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - actionId: - type: string - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Bulk update agent tags - tags: - - Elastic Agents - /api/fleet/agents/bulk_upgrade: - post: - operationId: bulk-upgrade-agents - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - example: - agents: - - agent1 - - agent2 - rollout_duration_seconds: 3600 - source_uri: https://artifacts.elastic.co/downloads/beats/elastic-agent - start_time: '2022-08-03T14:00:00.000Z' - version: 8.4.0 - schema: - $ref: '#/components/schemas/Fleet_bulk_upgrade_agents' - required: true - responses: - '200': + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - actionId: - type: string - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Bulk upgrade agents + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Create an endpoint exception list tags: - - Elastic Agents - /api/fleet/agents/files/{fileId}: + - Security Endpoint Exceptions API + /api/endpoint_list/items: delete: - operationId: delete-agent-upload-file + description: >- + Delete an endpoint exception list item using the `id` or `item_id` + field. + operationId: DeleteEndpointListItem + parameters: + - description: Either `id` or `item_id` must be specified + in: query + name: id + required: false + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemId + - description: Either `id` or `item_id` must be specified + in: query + name: item_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemHumanId responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - body: - type: object - properties: - deleted: - type: boolean - id: - type: string - description: OK + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_EndpointListItem + description: Successful response '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete file uploaded by agent - tags: - - Elastic Agents - parameters: - - in: path - name: fileId - required: true - schema: - type: string - /api/fleet/agents/files/{fileId}/{fileName}: - get: - operationId: get-agent-upload-file - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - body: - type: object - properties: - items: - type: object - properties: - body: {} - headers: {} - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get file uploaded by agent + oneOf: + - $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse + description: Endpoint list item not found + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Delete an endpoint exception list item tags: - - Elastic Agents - parameters: - - in: path - name: fileId - required: true - schema: - type: string - - in: path - name: fileName - required: true - schema: - type: string - /api/fleet/agents/setup: + - Security Endpoint Exceptions API get: - operationId: get-agents-setup-status + description: >- + Get the details of an endpoint exception list item using the `id` or + `item_id` field. + operationId: ReadEndpointListItem + parameters: + - description: Either `id` or `item_id` must be specified + in: query + name: id + required: false + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemId + - description: Either `id` or `item_id` must be specified + in: query + name: item_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemHumanId responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Fleet_fleet_status_response' - description: OK + items: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_EndpointListItem + type: array + description: Successful response '400': - $ref: '#/components/responses/Fleet_error' - summary: Get agent setup info + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse + description: Endpoint list item not found + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Get an endpoint exception list item tags: - - Elastic Agents + - Security Endpoint Exceptions API post: - operationId: setup-agents - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + description: >- + Create an endpoint exception list item, and associate it with the + endpoint exception list. + operationId: CreateEndpointListItem requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: type: object properties: - admin_password: - type: string - admin_username: - type: string + comments: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemCommentArray + default: [] + description: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryArray + item_id: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemHumanId + meta: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemName + os_types: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemTags + default: [] + type: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemType required: - - admin_username - - admin_password + - type + - name + - description + - entries + description: Exception list item's properties + required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Fleet_fleet_setup_response' - description: OK + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_EndpointListItem + description: Successful response '400': - $ref: '#/components/responses/Fleet_error' - summary: Initiate agent setup - tags: - - Elastic Agents - /api/fleet/agents/tags: - get: - operationId: get-agent-tags - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Fleet_get_agent_tags_response' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: List agent tags - tags: - - Elastic Agents - /api/fleet/data_streams: - get: - operationId: data-streams-list - responses: - '200': + oneOf: + - $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - data_streams: - items: - $ref: '#/components/schemas/Fleet_data_stream' - type: array - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: List data streams - tags: - - Data streams - parameters: [] - /api/fleet/enrollment_api_keys: - get: - operationId: get-enrollment-api-keys - parameters: - - $ref: '#/components/parameters/Fleet_page_size' - - $ref: '#/components/parameters/Fleet_page_index' - - $ref: '#/components/parameters/Fleet_kuery' - responses: - '200': + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - items: - items: - $ref: '#/components/schemas/Fleet_enrollment_api_key' - type: array - list: - deprecated: true - items: - $ref: '#/components/schemas/Fleet_enrollment_api_key' - type: array - page: - type: number - perPage: - type: number - total: - type: number - required: - - items - - page - - perPage - - total - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: List enrollment API keys + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse + description: Endpoint list item already exists + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Create an endpoint exception list item tags: - - Fleet enrollment API keys - post: - operationId: create-enrollment-api-keys - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - Security Endpoint Exceptions API + put: + description: >- + Update an endpoint exception list item using the `id` or `item_id` + field. + operationId: UpdateEndpointListItem requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: type: object properties: - name: - description: The name of the enrollment API key. Must be unique. - type: string - policy_id: - description: >- - The ID of the agent policy the Elastic Agent will be - enrolled in. + _version: type: string + comments: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemCommentArray + default: [] + description: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryArray + id: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemId + description: Either `id` or `item_id` must be specified + item_id: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemHumanId + description: Either `id` or `item_id` must be specified + meta: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemName + os_types: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemTags + type: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemType required: - - policy_id + - type + - name + - description + - entries + description: Exception list item's properties + required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - action: - enum: - - created - type: string - item: - $ref: '#/components/schemas/Fleet_enrollment_api_key' - description: OK + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_EndpointListItem + description: Successful response '400': - $ref: '#/components/responses/Fleet_error' - summary: Create enrollment API key - tags: - - Fleet enrollment API keys - /api/fleet/enrollment_api_keys/{keyId}: - delete: - operationId: delete-enrollment-api-key - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - action: - enum: - - deleted - type: string - required: - - action - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Revoke enrollment API key by ID by marking it as inactive - tags: - - Fleet enrollment API keys - get: - operationId: get-enrollment-api-key - responses: - '200': + oneOf: + - $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_enrollment_api_key' - required: - - item - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get enrollment API key by ID + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse + description: Endpoint list item not found + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Update an endpoint exception list item tags: - - Fleet enrollment API keys - parameters: - - in: path - name: keyId - required: true - schema: - type: string - /api/fleet/enrollment-api-keys: + - Security Endpoint Exceptions API + /api/endpoint_list/items/_find: get: - deprecated: true - operationId: get-enrollment-api-keys-deprecated - parameters: [] + description: Get a list of all endpoint exception list items. + operationId: FindEndpointListItems + parameters: + - description: > + Filters the returned results according to the value of the specified + field, + + using the `:` syntax. + in: query + name: filter + required: false + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_FindEndpointListItemsFilter + - description: The page number to return + in: query + name: page + required: false + schema: + minimum: 0 + type: integer + - description: The number of exception list items to return per page + in: query + name: per_page + required: false + schema: + minimum: 0 + type: integer + - description: Determines which field is used to sort the results + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString + - description: Determines the sort order, which can be `desc` or `asc` + in: query + name: sort_order + required: false + schema: + enum: + - desc + - asc + type: string responses: '200': content: @@ -10207,206 +10829,203 @@ paths: schema: type: object properties: - items: - items: - $ref: '#/components/schemas/Fleet_enrollment_api_key' - type: array - list: - deprecated: true + data: items: - $ref: '#/components/schemas/Fleet_enrollment_api_key' + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_EndpointListItem type: array page: - type: number - perPage: - type: number + minimum: 0 + type: integer + per_page: + minimum: 0 + type: integer + pit: + type: string total: - type: number + minimum: 0 + type: integer required: - - items + - data - page - - perPage + - per_page - total - description: OK + description: Successful response '400': - $ref: '#/components/responses/Fleet_error' - summary: List enrollment API keys + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse + description: Endpoint list not found + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Get endpoint exception list items tags: - - Fleet enrollment API keys - post: - deprecated: true - operationId: create-enrollment-api-keys-deprecated + - Security Endpoint Exceptions API + /api/endpoint/action: + get: + description: Get a list of all response actions. + operationId: EndpointGetActionsList parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_GetEndpointActionListRouteQuery responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - action: - enum: - - created - type: string - item: - $ref: '#/components/schemas/Fleet_enrollment_api_key' + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_SuccessResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Create enrollment API key + summary: Get response actions tags: - - Fleet enrollment API keys - /api/fleet/enrollment-api-keys/{keyId}: - delete: + - Security Endpoint Management API + /api/endpoint/action_log/{agent_id}: + get: deprecated: true - operationId: delete-enrollment-api-key-deprecated + description: Get an action request log for the specified agent ID. + operationId: EndpointGetActionLog parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - in: path + name: agent_id + required: true + schema: + $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentId' + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_ActionLogRequestQuery responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - action: - enum: - - deleted - type: string - required: - - action + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_SuccessResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete enrollment API key by ID + summary: Get an action request log tags: - - Fleet enrollment API keys + - Security Endpoint Management API + /api/endpoint/action_status: get: - deprecated: true - operationId: get-enrollment-api-key-deprecated + description: Get the status of response actions for the specified agent IDs. + operationId: EndpointGetActionsStatus + parameters: + - in: query + name: query + required: true + schema: + type: object + properties: + agent_ids: + $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentIds' responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_enrollment_api_key' - required: - - item + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_ActionStatusSuccessResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get enrollment API key by ID + summary: Get response actions status tags: - - Fleet enrollment API keys - parameters: - - in: path - name: keyId - required: true - schema: - type: string - /api/fleet/epm/bulk_assets: - post: - operationId: bulk-get-assets - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - assetIds: - description: list of items necessary to fetch assets - items: - type: object - properties: - id: - type: string - type: - type: string - type: array - required: - - assetIds + - Security Endpoint Management API + /api/endpoint/action/{action_id}: + get: + description: Get the details of a response action using the action ID. + operationId: EndpointGetActionsDetails + parameters: + - in: path + name: action_id + required: true + schema: + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Fleet_get_bulk_assets_response' + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_SuccessResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Bulk get assets + summary: Get action details tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/categories: + - Security Endpoint Management API + /api/endpoint/action/{action_id}/file/{file_id}: get: - operationId: get-package-categories + description: Get information for the specified file using the file ID. + operationId: EndpointFileInfo + parameters: + - in: path + name: action_id + required: true + schema: + type: string + - in: path + name: file_id + required: true + schema: + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Fleet_get_categories_response' + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_SuccessResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: List package categories + summary: Get file information tags: - - Elastic Package Manager (EPM) - parameters: - - description: >- - Whether to include prerelease packages in categories count (e.g. beta, - rc, preview) - in: query - name: prerelease - schema: - default: false - type: boolean - - deprecated: true - in: query - name: experimental - schema: - default: false - type: boolean - - in: query - name: include_policy_templates - schema: - default: false - type: boolean - /api/fleet/epm/packages: + - Security Endpoint Management API + /api/endpoint/action/{action_id}/file/{file_id}/download: get: - operationId: list-all-packages + description: Download a file from an endpoint. + operationId: EndpointFileDownload parameters: - - description: >- - Whether to exclude the install status of each package. Enabling this - option will opt in to caching for the response via `cache-control` - headers. If you don't need up-to-date installation info for a - package, and are querying for a list of available packages, - providing this flag can improve performance substantially. - in: query - name: excludeInstallStatus - schema: - default: false - type: boolean - - description: >- - Whether to return prerelease versions of packages (e.g. beta, rc, - preview) - in: query - name: prerelease - schema: - default: false - type: boolean - - deprecated: true - in: query - name: experimental + - in: path + name: action_id + required: true schema: - default: false - type: boolean - - in: query - name: category + type: string + - in: path + name: file_id + required: true schema: type: string responses: @@ -10414,966 +11033,536 @@ paths: content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Fleet_get_packages_response' + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_SuccessResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: List packages + summary: Download a file tags: - - Elastic Package Manager (EPM) + - Security Endpoint Management API + /api/endpoint/action/execute: post: - description: '' - operationId: install-package-by-upload - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - - description: avoid erroring out on unexpected mapping update errors - in: query - name: ignoreMappingUpdateErrors - schema: - default: false - type: boolean - - description: >- - Skip data stream rollover during index template mapping or settings - update - in: query - name: skipDataStreamRollover - schema: - default: false - type: boolean + description: Run a shell command on an endpoint. + operationId: EndpointExecuteAction requestBody: content: - application/gzip; Elastic-Api-Version=2023-10-31: - schema: - format: binary - type: string - application/zip; Elastic-Api-Version=2023-10-31: + application/json; Elastic-Api-Version=2023-10-31: schema: - format: binary - type: string + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_ExecuteRouteRequestBody + required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - _meta: - type: object - properties: - install_source: - enum: - - upload - - registry - - bundled - type: string - items: - items: - type: object - properties: - id: - type: string - type: - oneOf: - - $ref: >- - #/components/schemas/Fleet_kibana_saved_object_type - - $ref: >- - #/components/schemas/Fleet_elasticsearch_asset_type - required: - - id - - type - type: array - required: - - items + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_SuccessResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - '429': - $ref: '#/components/responses/Fleet_error' - summary: Install by package by direct upload + summary: Run a command tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/packages/_bulk: + - Security Endpoint Management API + /api/endpoint/action/get_file: post: - operationId: bulk-install-packages - parameters: - - description: >- - Whether to return prerelease versions of packages (e.g. beta, rc, - preview) - in: query - name: prerelease - schema: - default: false - type: boolean + description: Get a file from an endpoint. + operationId: EndpointGetFileAction requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - force: - description: force install to ignore package verification errors - type: boolean - packages: - description: list of packages to install - items: - oneOf: - - description: package name - type: string - - type: object - properties: - name: - description: package name - type: string - version: - description: package version - type: string - type: array - required: - - packages + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_GetFileRouteRequestBody + required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Fleet_bulk_install_packages_response' + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_SuccessResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Bulk install packages + summary: Get a file tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/packages/{pkgkey}: - delete: - deprecated: true - operationId: delete-package-deprecated - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - - in: path - name: pkgkey - required: true - schema: - type: string + - Security Endpoint Management API + /api/endpoint/action/isolate: + post: + description: >- + Isolate an endpoint from the network. The endpoint remains isolated + until it's released. + operationId: EndpointIsolateAction requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - force: - type: boolean + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_IsolateRouteRequestBody + required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - response: - items: - type: object - properties: - id: - type: string - type: - oneOf: - - $ref: >- - #/components/schemas/Fleet_kibana_saved_object_type - - $ref: >- - #/components/schemas/Fleet_elasticsearch_asset_type - required: - - id - - type - type: array - required: - - response + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_SuccessResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete ackage + summary: Isolate an endpoint tags: - - Elastic Package Manager (EPM) - get: - deprecated: true - operationId: get-package-deprecated - parameters: - - in: path - name: pkgkey - required: true - schema: - type: string - - description: >- - Whether to return prerelease versions of packages (e.g. beta, rc, - preview) - in: query - name: prerelease - schema: - default: false - type: boolean + - Security Endpoint Management API + /api/endpoint/action/kill_process: + post: + description: Terminate a running process on an endpoint. + operationId: EndpointKillProcessAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_KillProcessRouteRequestBody + required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - allOf: - - properties: - response: - $ref: '#/components/schemas/Fleet_package_info' - - properties: - savedObject: - type: string - status: - enum: - - installed - - installing - - install_failed - - not_installed - type: string - required: - - status - - savedObject - type: object + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_SuccessResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get package + summary: Terminate a process tags: - - Elastic Package Manager (EPM) + - Security Endpoint Management API + /api/endpoint/action/running_procs: post: - deprecated: true - description: '' - operationId: install-package-deprecated - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - - in: path - name: pkgkey - required: true - schema: - type: string - - description: avoid erroring out on unexpected mapping update errors - in: query - name: ignoreMappingUpdateErrors - schema: - default: false - type: boolean - - description: >- - Skip data stream rollover during index template mapping or settings - update - in: query - name: skipDataStreamRollover - schema: - default: false - type: boolean + description: Get a list of all processes running on an endpoint. + operationId: EndpointGetProcessesAction requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - force: - type: boolean + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_GetProcessesRouteRequestBody + required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - response: - items: - type: object - properties: - id: - type: string - type: - oneOf: - - $ref: >- - #/components/schemas/Fleet_kibana_saved_object_type - - $ref: >- - #/components/schemas/Fleet_elasticsearch_asset_type - required: - - id - - type - type: array - required: - - response + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_SuccessResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Install package + summary: Get running processes tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/packages/{pkgName}/{pkgVersion}: - delete: - operationId: delete-package - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - - description: delete package even if policies used by agents - in: query - name: force - schema: - type: boolean + - Security Endpoint Management API + /api/endpoint/action/scan: + post: + description: Scan a specific file or directory on an endpoint for malware. + operationId: EndpointScanAction requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: - deprecated: true - type: object - properties: - force: - type: boolean + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_ScanRouteRequestBody + required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - items: - items: - type: object - properties: - id: - type: string - type: - oneOf: - - $ref: >- - #/components/schemas/Fleet_kibana_saved_object_type - - $ref: >- - #/components/schemas/Fleet_elasticsearch_asset_type - required: - - id - - type - type: array - required: - - items + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_SuccessResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete package + summary: Scan a file or directory tags: - - Elastic Package Manager (EPM) + - Security Endpoint Management API + /api/endpoint/action/state: get: - operationId: get-package + description: >- + Get a response actions state, which reports whether encryption is + enabled. + operationId: EndpointGetActionsState responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - allOf: - - properties: - item: - $ref: '#/components/schemas/Fleet_package_info' - - properties: - keepPoliciesUpToDate: - type: boolean - latestVersion: - type: string - licensePath: - type: string - notice: - type: string - savedObject: - deprecated: true - type: object - status: - enum: - - installed - - installing - - install_failed - - not_installed - type: string - required: - - status - - savedObject - type: object + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_ActionStateSuccessResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get package + summary: Get actions state tags: - - Elastic Package Manager (EPM) - parameters: - - in: path - name: pkgName - required: true - schema: - type: string - - in: path - name: pkgVersion - required: true - schema: - type: string - - description: Ignore if the package is fails signature verification - in: query - name: ignoreUnverified - schema: - type: boolean - - description: >- - Return all fields from the package manifest, not just those supported - by the Elastic Package Registry - in: query - name: full - schema: - type: boolean - - description: >- - Whether to return prerelease versions of packages (e.g. beta, rc, - preview) - in: query - name: prerelease - schema: - default: false - type: boolean + - Security Endpoint Management API + /api/endpoint/action/suspend_process: post: - description: '' - operationId: install-package - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - - description: avoid erroring out on unexpected mapping update errors - in: query - name: ignoreMappingUpdateErrors - schema: - default: false - type: boolean - - description: >- - Skip data stream rollover during index template mapping or settings - update - in: query - name: skipDataStreamRollover - schema: - default: false - type: boolean + description: Suspend a running process on an endpoint. + operationId: EndpointSuspendProcessAction requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - force: - type: boolean - ignore_constraints: - type: boolean + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_SuspendProcessRouteRequestBody + required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - _meta: - type: object - properties: - install_source: - enum: - - registry - - upload - - bundled - type: string - items: - items: - type: object - properties: - id: - type: string - type: - oneOf: - - $ref: >- - #/components/schemas/Fleet_kibana_saved_object_type - - $ref: >- - #/components/schemas/Fleet_elasticsearch_asset_type - required: - - id - - type - type: array - required: - - items + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_SuccessResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Install package + summary: Suspend a process tags: - - Elastic Package Manager (EPM) - put: - description: '' - operationId: update-package + - Security Endpoint Management API + /api/endpoint/action/unisolate: + post: + description: Release an isolated endpoint, allowing it to rejoin a network. + operationId: EndpointUnisolateAction requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - keepPoliciesUpToDate: - type: boolean + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_UnisolateRouteRequestBody + required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - items: - items: - type: object - properties: - id: - type: string - type: - oneOf: - - $ref: >- - #/components/schemas/Fleet_kibana_saved_object_type - - $ref: >- - #/components/schemas/Fleet_elasticsearch_asset_type - required: - - id - - type - type: array - required: - - items + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_SuccessResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Update package settings + summary: Release an isolated endpoint tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/packages/{pkgName}/{pkgVersion}/{filePath}: - get: - operationId: packages-get-file + - Security Endpoint Management API + /api/endpoint/action/upload: + post: + description: Upload a file to an endpoint. + operationId: EndpointUploadAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_UploadRouteRequestBody + required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - body: - type: object - headers: - type: object - statusCode: - type: number + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_SuccessResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get package file + summary: Upload a file tags: - - Elastic Package Manager (EPM) - parameters: - - in: path - name: pkgName - required: true - schema: - type: string - - in: path - name: pkgVersion - required: true - schema: - type: string - - in: path - name: filePath - required: true - schema: - type: string - /api/fleet/epm/packages/{pkgName}/{pkgVersion}/transforms/authorize: + - Security Endpoint Management API + /api/endpoint/isolate: post: - description: '' - operationId: reauthorize-transforms - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - - in: path - name: pkgName - required: true - schema: - type: string - - in: path - name: pkgVersion - required: true - schema: - type: string - - description: >- - Whether to include prerelease packages in categories count (e.g. - beta, rc, preview) - in: query - name: prerelease - schema: - default: false - type: boolean + deprecated: true + description: > + Isolate an endpoint from the network. + + > info + + > This URL will return a 308 permanent redirect to `POST :/api/endpoint/action/isolate`. + operationId: EndpointIsolateRedirect requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: type: object properties: - transforms: - items: - type: object - properties: - transformId: - type: string - type: array + agent_type: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_Parameters + required: + - endpoint_ids + required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - items: - items: - type: object - properties: - error: - type: string - success: - type: boolean - transformId: - type: string - required: - - transformId - - error - type: array - required: - - items + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_SuccessResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Authorize transforms + '308': + description: Permanent Redirect + headers: + Location: + description: Permanently redirects to "/api/endpoint/action/isolate" + schema: + example: /api/endpoint/action/isolate + type: string + summary: Isolate an endpoint tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/packages/{pkgName}/stats: + - Security Endpoint Management API + /api/endpoint/metadata: get: - operationId: get-package-stats + operationId: GetEndpointMetadataList + parameters: + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_ListRequestQuery responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - response: - $ref: '#/components/schemas/Fleet_package_usage_stats' - required: - - response + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_SuccessResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get package stats + summary: Get a metadata list tags: - - Elastic Package Manager (EPM) - parameters: - - in: path - name: pkgName - required: true - schema: - type: string - /api/fleet/epm/packages/limited: + - Security Endpoint Management API + /api/endpoint/metadata/{id}: get: - operationId: list-limited-packages + operationId: GetEndpointMetadata + parameters: + - in: path + name: id + required: true + schema: + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - items: - items: - type: string - type: array - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get limited package list - tags: - - Elastic Package Manager (EPM) - parameters: [] - /api/fleet/epm/templates/{pkgName}/{pkgVersion}/inputs: - get: - operationId: get-inputs-template - responses: - '200': + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_SuccessResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get inputs template + summary: Get metadata tags: - - Elastic Package Manager (EPM) - parameters: - - in: path - name: pkgName - required: true - schema: - type: string - - in: path - name: pkgVersion - required: true - schema: - type: string - - description: Format of response - json or yaml - in: query - name: format - schema: - enum: - - json - - yaml - - yml - type: string - - description: Specify if version is prerelease - in: query - name: prerelease - schema: - type: boolean - - description: Ignore if the package is fails signature verification - in: query - name: ignoreUnverified - schema: - type: boolean - /api/fleet/epm/verification_key_id: + - Security Endpoint Management API + /api/endpoint/metadata/transforms: get: - operationId: packages-get-verification-key-id + operationId: GetEndpointMetadataTransform responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - body: - type: object - properties: - id: - description: >- - the key ID of the GPG key used to verify package - signatures - nullable: true - type: string - headers: - type: object - statusCode: - type: number + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_SuccessResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get package signature verification key ID + summary: Get metadata transforms tags: - - Elastic Package Manager (EPM) - parameters: [] - /api/fleet/fleet_server_hosts: + - Security Endpoint Management API + /api/endpoint/policy_response: get: - operationId: get-fleet-server-hosts + operationId: GetPolicyResponse + parameters: + - in: query + name: query + required: true + schema: + type: object + properties: + agentId: + $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentId' responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - items: - items: - $ref: '#/components/schemas/Fleet_fleet_server_host' - type: array - page: - type: integer - perPage: - type: integer - total: - type: integer + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_SuccessResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: List Fleet Server hosts + summary: Get a policy response tags: - - Fleet Server hosts - post: - operationId: post-fleet-server-hosts - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - host_urls: - items: - type: string - type: array - id: - type: string - is_default: - type: boolean - is_internal: - type: boolean - name: - type: string - proxy_id: - description: >- - The ID of the proxy to use for this fleet server host. See - the proxies API for more information. - type: string - required: - - name - - host_urls + - Security Endpoint Management API + /api/endpoint/policy/summaries: + get: + deprecated: true + operationId: GetAgentPolicySummary + parameters: + - in: query + name: query + required: true + schema: + type: object + properties: + package_name: + type: string + policy_id: + nullable: true + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_fleet_server_host' + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_SuccessResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Create Fleet Server host + summary: Get an agent policy summary tags: - - Fleet Server hosts - /api/fleet/fleet_server_hosts/{itemId}: - delete: - operationId: delete-fleet-server-hosts + - Security Endpoint Management API + /api/endpoint/protection_updates_note/{package_policy_id}: + get: + operationId: GetProtectionUpdatesNote parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - in: path + name: package_policy_id + required: true + schema: + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - id: - type: string - required: - - id + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_ProtectionUpdatesNoteResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete Fleet Server host by ID + summary: Get a protection updates note tags: - - Fleet Server hosts - get: - operationId: get-one-fleet-server-hosts + - Security Endpoint Management API + post: + operationId: CreateUpdateProtectionUpdatesNote + parameters: + - in: path + name: package_policy_id + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + note: + type: string + required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_fleet_server_host' - required: - - item + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_ProtectionUpdatesNoteResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get Fleet Server host by ID + summary: Create or update a protection updates note tags: - - Fleet Server hosts - parameters: - - in: path - name: itemId - required: true - schema: - type: string - put: - operationId: update-fleet-server-hosts + - Security Endpoint Management API + /api/endpoint/suggestions/{suggestion_type}: + post: + operationId: GetEndpointSuggestions parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - in: path + name: suggestion_type + required: true + schema: + enum: + - eventFilters + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: type: object properties: - host_urls: - items: - type: string - type: array - is_default: - type: boolean - is_internal: - type: boolean - name: + field: type: string - proxy_id: - description: >- - The ID of the proxy to use for this fleet server host. See - the proxies API for more information. - nullable: true + fieldMeta: {} + filters: {} + query: type: string + required: + - parameters + required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_fleet_server_host' - required: - - item + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_SuccessResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Update Fleet Server host by ID + summary: Get suggestions tags: - - Fleet Server hosts - /api/fleet/health_check: + - Security Endpoint Management API + /api/endpoint/unisolate: post: - operationId: fleet-server-health-check - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + deprecated: true + description: > + Release an isolated endpoint, allowing it to rejoin a network. + + > info + + > This URL will return a 308 permanent redirect to `POST :/api/endpoint/action/unisolate`. + operationId: EndpointUnisolateRedirect requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: type: object properties: - host: - deprecated: true - type: string - id: - type: string + agent_type: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_Parameters required: - - id + - endpoint_ids required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - host: - deprecated: true - type: string - id: - description: Fleet Server host id - type: string - status: - type: string + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_SuccessResponse description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Fleet Server health check + '308': + description: Permanent Redirect + headers: + Location: + description: Permanently redirects to "/api/endpoint/action/unisolate" + schema: + example: /api/endpoint/action/unisolate + type: string + summary: Release an isolated endpoint tags: - - Fleet internals - /api/fleet/kubernetes: + - Security Endpoint Management API + /api/entity_store/engines: get: - operationId: get-full-k8s-manifest - parameters: - - in: query - name: download - required: false - schema: - type: boolean - - in: query - name: fleetServer - required: false - schema: - type: string - - in: query - name: enrolToken - required: false - schema: - type: string + operationId: ListEntityEngines responses: '200': content: @@ -11381,19 +11570,33 @@ paths: schema: type: object properties: - item: - type: string - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get full K8s agent manifest + count: + type: integer + engines: + items: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_EngineDescriptor + type: array + description: Successful response + summary: List the Entity Engines tags: - - Fleet Kubernetes - /api/fleet/logstash_api_keys: - post: - operationId: generate-logstash-api-key + - Security Entity Analytics API + /api/entity_store/engines/{entityType}: + delete: + operationId: DeleteEntityEngine parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: The entity type of the engine (either 'user' or 'host'). + in: path + name: entityType + required: true + schema: + $ref: '#/components/schemas/Security_Entity_Analytics_API_EntityType' + - description: Control flag to also delete the entity data. + in: query + name: data + required: false + schema: + type: boolean responses: '200': content: @@ -11401,87 +11604,76 @@ paths: schema: type: object properties: - api_key: - type: string - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Generate Logstash API key + deleted: + type: boolean + description: Successful response + summary: Delete the Entity Engine tags: - - Fleet outputs - /api/fleet/outputs: + - Security Entity Analytics API get: - operationId: get-outputs + operationId: GetEntityEngine + parameters: + - description: The entity type of the engine (either 'user' or 'host'). + in: path + name: entityType + required: true + schema: + $ref: '#/components/schemas/Security_Entity_Analytics_API_EntityType' responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - items: - items: - $ref: '#/components/schemas/Fleet_output_create_request' - type: array - page: - type: integer - perPage: - type: integer - total: - type: integer - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: List outputs + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_EngineDescriptor + description: Successful response + summary: Get an Entity Engine tags: - - Fleet outputs + - Security Entity Analytics API + /api/entity_store/engines/{entityType}/init: post: - operationId: post-outputs + operationId: InitEntityEngine + parameters: + - description: The entity type of the engine (either 'user' or 'host'). + in: path + name: entityType + required: true + schema: + $ref: '#/components/schemas/Security_Entity_Analytics_API_EntityType' requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Fleet_output_create_request' + type: object + properties: + filter: + type: string + indexPattern: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_IndexPattern + description: Schema for the engine initialization required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_output_create_request' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Create output + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_EngineDescriptor + description: Successful response + summary: Initialize an Entity Engine tags: - - Fleet outputs - /api/fleet/outputs/{outputId}: - delete: - operationId: delete-output + - Security Entity Analytics API + /api/entity_store/engines/{entityType}/start: + post: + operationId: StartEntityEngine parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - id: - type: string - required: - - id - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete output by ID - tags: - - Fleet outputs - get: - operationId: get-output + - description: The entity type of the engine (either 'user' or 'host'). + in: path + name: entityType + required: true + schema: + $ref: '#/components/schemas/Security_Entity_Analytics_API_EntityType' responses: '200': content: @@ -11489,29 +11681,22 @@ paths: schema: type: object properties: - item: - $ref: '#/components/schemas/Fleet_output_create_request' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get output by ID + started: + type: boolean + description: Successful response + summary: Start an Entity Engine tags: - - Fleet outputs - parameters: - - in: path - name: outputId - required: true - schema: - type: string - put: - operationId: update-output + - Security Entity Analytics API + /api/entity_store/engines/{entityType}/stats: + post: + operationId: GetEntityEngineStats parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Fleet_output_update_request' + - description: The entity type of the engine (either 'user' or 'host'). + in: path + name: entityType + required: true + schema: + $ref: '#/components/schemas/Security_Entity_Analytics_API_EntityType' responses: '200': content: @@ -11519,17 +11704,37 @@ paths: schema: type: object properties: - item: - $ref: '#/components/schemas/Fleet_output_update_request' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Update output by ID + indexPattern: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_IndexPattern + indices: + items: + type: object + type: array + status: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_EngineStatus + transforms: + items: + type: object + type: array + type: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_EntityType + description: Successful response + summary: Get Entity Engine stats tags: - - Fleet outputs - /api/fleet/outputs/{outputId}/health: - get: - operationId: get-output-health + - Security Entity Analytics API + /api/entity_store/engines/{entityType}/stop: + post: + operationId: StopEntityEngine + parameters: + - description: The entity type of the engine (either 'user' or 'host'). + in: path + name: entityType + required: true + schema: + $ref: '#/components/schemas/Security_Entity_Analytics_API_EntityType' responses: '200': content: @@ -11537,35 +11742,56 @@ paths: schema: type: object properties: - message: - description: long message if unhealthy - type: string - state: - description: state of output, HEALTHY or DEGRADED - type: string - timestamp: - description: timestamp of reported state - type: string - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get latest output health + stopped: + type: boolean + description: Successful response + summary: Stop an Entity Engine tags: - - Fleet outputs - parameters: - - in: path - name: outputId - required: true - schema: - type: string - /api/fleet/package_policies: + - Security Entity Analytics API + /api/entity_store/entities/list: get: - operationId: get-package-policies + description: List entities records, paging, sorting and filtering as needed. + operationId: ListEntities parameters: - - $ref: '#/components/parameters/Fleet_page_size' - - $ref: '#/components/parameters/Fleet_page_index' - - $ref: '#/components/parameters/Fleet_kuery' - - $ref: '#/components/parameters/Fleet_format' + - in: query + name: sort_field + required: false + schema: + type: string + - in: query + name: sort_order + required: false + schema: + enum: + - asc + - desc + type: string + - in: query + name: page + required: false + schema: + minimum: 1 + type: integer + - in: query + name: per_page + required: false + schema: + maximum: 10000 + minimum: 1 + type: integer + - description: An ES query to filter by. + in: query + name: filterQuery + required: false + schema: + type: string + - in: query + name: entities_types + required: true + schema: + items: + $ref: '#/components/schemas/Security_Entity_Analytics_API_EntityType' + type: array responses: '200': content: @@ -11573,584 +11799,596 @@ paths: schema: type: object properties: - items: + inspect: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_InspectQuery + page: + minimum: 1 + type: integer + per_page: + maximum: 1000 + minimum: 1 + type: integer + records: items: - $ref: '#/components/schemas/Fleet_package_policy' + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_Entity type: array - page: - type: number - perPage: - type: number total: - type: number + minimum: 0 + type: integer required: - - items - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: List package policies + - records + - page + - per_page + - total + description: Entities returned successfully + summary: List Entity Store Entities tags: - - Fleet package policies - parameters: [] - post: - operationId: create-package-policy + - Security Entity Analytics API + /api/exception_lists: + delete: + description: Delete an exception list using the `id` or `list_id` field. + operationId: DeleteExceptionList parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - - $ref: '#/components/parameters/Fleet_format' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Fleet_package_policy_request' - description: >- - You should use inputs as an object and not use the deprecated inputs - array. + - description: Either `id` or `list_id` must be specified + in: query + name: id + required: false + schema: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListId' + - description: Either `id` or `list_id` must be specified + in: query + name: list_id + required: false + schema: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListHumanId' + - in: query + name: namespace_type + required: false + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType + default: single responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_package_policy' - required: - - item - description: OK + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionList' + description: Successful response '400': - $ref: '#/components/responses/Fleet_error' - '409': - $ref: '#/components/responses/Fleet_error' - summary: Create package policy - tags: - - Fleet package policies - /api/fleet/package_policies/_bulk_get: - post: - operationId: bulk-get-package-policies - parameters: - - $ref: '#/components/parameters/Fleet_format' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - ids: - description: list of package policy ids - items: - type: string - type: array - ignoreMissing: - type: boolean - required: - - ids - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - items: - items: - $ref: '#/components/schemas/Fleet_package_policy' - type: array - required: - - items - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Bulk get package policies + oneOf: + - $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Exception list not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Internal server error response + summary: Delete an exception list tags: - - Fleet package policies - /api/fleet/package_policies/{packagePolicyId}: - delete: - operationId: delete-package-policy + - Security Exceptions API + get: + description: Get the details of an exception list using the `id` or `list_id` field. + operationId: ReadExceptionList parameters: + - description: Either `id` or `list_id` must be specified + in: query + name: id + required: false + schema: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListId' + - description: Either `id` or `list_id` must be specified + in: query + name: list_id + required: false + schema: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListHumanId' - in: query - name: force + name: namespace_type + required: false schema: - type: boolean + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType + default: single responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - id: - type: string - required: - - id - description: OK + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionList' + description: Successful response '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete package policy by ID - tags: - - Fleet package policies - get: - operationId: get-package-policy - parameters: - - $ref: '#/components/parameters/Fleet_format' - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_package_policy' - required: - - item - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get package policy by ID - tags: - - Fleet package policies - parameters: - - in: path - name: packagePolicyId - required: true - schema: - type: string - put: - operationId: update-package-policy - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - - $ref: '#/components/parameters/Fleet_format' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Fleet_package_policy_request' - responses: - '200': + oneOf: + - $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_package_policy' - required: - - item - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Update package policy by ID - tags: - - Fleet package policies - /api/fleet/package_policies/delete: - post: - operationId: post-delete-package-policy - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - force: - type: boolean - packagePolicyIds: - items: - type: string - type: array - required: - - packagePolicyIds - responses: - '200': + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': content: application/json; Elastic-Api-Version=2023-10-31: schema: - items: - type: object - properties: - id: - type: string - name: - type: string - success: - type: boolean - required: - - id - - success - type: array - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete package policy + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Exception list item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Internal server error response + summary: Get exception list details tags: - - Fleet package policies - /api/fleet/package_policies/upgrade: + - Security Exceptions API post: - operationId: upgrade-package-policy + description: > + An exception list groups exception items and can be associated with + detection rules. You can assign detection rules with multiple exception + lists. + + > info + + > All exception items added to the same list are evaluated using `OR` + logic. That is, if any of the items in a list evaluate to `true`, the + exception prevents the rule from generating an alert. Likewise, `OR` + logic is used for evaluating exceptions when more than one exception + list is assigned to a rule. To use the `AND` operator, you can define + multiple clauses (`entries`) in a single exception item. + operationId: CreateExceptionList requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: type: object properties: - packagePolicyIds: - items: - type: string - type: array + description: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListDescription + list_id: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListMeta + name: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListName + namespace_type: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType + default: single + os_types: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListOsTypeArray + tags: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListTags + default: [] + type: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListType + version: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListVersion + default: 1 required: - - packagePolicyIds + - name + - description + - type + description: Exception list's properties + required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - items: - type: object - properties: - id: - type: string - name: - type: string - success: - type: boolean - required: - - id - - success - type: array - description: OK + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionList' + description: Successful response '400': - $ref: '#/components/responses/Fleet_error' + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response '409': - $ref: '#/components/responses/Fleet_error' - summary: Upgrade package policy to a newer package version - tags: - - Fleet package policies - /api/fleet/package_policies/upgrade/dryrun: - post: - operationId: upgrade-package-policy-dry-run - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - packagePolicyIds: - items: - type: string - type: array - packageVersion: - type: string - required: - - packagePolicyIds - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - items: - type: object - properties: - agent_diff: - $ref: '#/components/schemas/Fleet_upgrade_agent_diff' - diff: - $ref: '#/components/schemas/Fleet_upgrade_diff' - hasErrors: - type: boolean - required: - - hasErrors - type: array - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Dry run package policy upgrade - tags: - - Fleet package policies - /api/fleet/proxies: - get: - operationId: get-fleet-proxies - responses: - '200': + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Exception list already exists response + '500': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - items: - items: - $ref: '#/components/schemas/Fleet_proxies' - type: array - page: - type: integer - perPage: - type: integer - total: - type: integer - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: List proxies + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Internal server error response + summary: Create an exception list tags: - - Fleet proxies - post: - operationId: post-fleet-proxies + - Security Exceptions API + put: + description: Update an exception list using the `id` or `list_id` field. + operationId: UpdateExceptionList requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: type: object properties: - certificate: - type: string - certificate_authorities: - type: string - certificate_key: + _version: type: string + description: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListDescription id: - type: string + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListId' + list_id: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListMeta name: - type: string - proxy_headers: - type: object - url: - type: string + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListName + namespace_type: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType + default: single + os_types: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListTags + type: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListType + version: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListVersion required: - name - - url + - description + - type + description: Exception list's properties + required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_proxies' - description: OK + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionList' + description: Successful response '400': - $ref: '#/components/responses/Fleet_error' - summary: Create proxy - tags: - - Fleet proxies - /api/fleet/proxies/{itemId}: - delete: - operationId: delete-fleet-proxies - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - id: - type: string - required: - - id - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Delete proxy by ID - tags: - - Fleet proxies - get: - operationId: get-one-fleet-proxies - responses: - '200': + oneOf: + - $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_proxies' - required: - - item - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get proxy by ID - tags: - - Fleet proxies - parameters: - - in: path - name: itemId - required: true - schema: - type: string - put: - operationId: update-fleet-proxies - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - certificate: - type: string - certificate_authorities: - type: string - certificate_key: - type: string - name: - type: string - proxy_headers: - type: object - url: - type: string - responses: - '200': + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_proxies' - required: - - item - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Update proxy by ID - tags: - - Fleet proxies - /api/fleet/service_tokens: - post: - operationId: generate-service-token - parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' - responses: - '200': + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - name: - type: string - value: - type: string - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Create service token + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Exception list not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Internal server error response + summary: Update an exception list tags: - - Fleet service tokens - /api/fleet/service-tokens: + - Security Exceptions API + /api/exception_lists/_duplicate: post: - deprecated: true - operationId: generate-service-token-deprecated + description: Duplicate an existing exception list. + operationId: DuplicateExceptionList parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: Exception list's human identifier + in: query + name: list_id + required: true + schema: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListHumanId' + - in: query + name: namespace_type + required: true + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType + - description: >- + Determines whether to include expired exceptions in the exported + list + in: query + name: include_expired_exceptions + required: true + schema: + default: 'true' + enum: + - 'true' + - 'false' + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - name: - type: string - value: - type: string - description: OK + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionList' + description: Successful response '400': - $ref: '#/components/responses/Fleet_error' - summary: Create service token - tags: - - Fleet service tokens - /api/fleet/settings: - get: - operationId: get-settings - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Fleet_fleet_settings_response' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get settings - tags: - - Fleet internals - put: - operationId: update-settings - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - additional_yaml_config: - type: string - fleet_server_hosts: - description: Protocol and path must be the same for each URL - items: - type: string - type: array - has_seen_add_data_notice: - type: boolean - responses: - '200': + oneOf: + - $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Fleet_fleet_settings_response' - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Update settings + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '405': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Exception list to duplicate not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Internal server error response + summary: Duplicate an exception list tags: - - Fleet internals - /api/fleet/setup: + - Security Exceptions API + /api/exception_lists/_export: post: - operationId: setup + description: Export an exception list and its associated items to an NDJSON file. + operationId: ExportExceptionList parameters: - - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: Exception list's identifier + in: query + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListId' + - description: Exception list's human identifier + in: query + name: list_id + required: true + schema: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListHumanId' + - in: query + name: namespace_type + required: true + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType + - description: >- + Determines whether to include expired exceptions in the exported + list + in: query + name: include_expired_exceptions + required: true + schema: + default: 'true' + enum: + - 'true' + - 'false' + type: string responses: '200': content: - application/json; Elastic-Api-Version=2023-10-31: + application/ndjson; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Fleet_fleet_setup_response' - description: OK + description: >- + A `.ndjson` file containing specified exception list and its + items + format: binary + type: string + description: Successful response '400': - $ref: '#/components/responses/Fleet_error' + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Exception list not found response '500': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - message: - type: string - description: Internal Server Error - summary: Initiate Fleet setup + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Internal server error response + summary: Export an exception list tags: - - Fleet internals - /api/fleet/uninstall_tokens: + - Security Exceptions API + /api/exception_lists/_find: get: - operationId: get-uninstall-tokens + description: Get a list of all exception lists. + operationId: FindExceptionLists parameters: - - description: The number of items to return + - description: > + Filters the returned results according to the value of the specified + field. + + + Uses the `so type.field name:field` value syntax, where `so type` + can be: + + + - `exception-list`: Specify a space-aware exception list. + + - `exception-list-agnostic`: Specify an exception list that is + shared across spaces. in: query - name: perPage + name: filter required: false schema: - default: 20 - minimum: 5 + $ref: >- + #/components/schemas/Security_Exceptions_API_FindExceptionListsFilter + - description: > + Determines whether the returned containers are Kibana associated + with a Kibana space + + or available in all spaces (`agnostic` or `single`) + in: query + name: namespace_type + required: false + schema: + default: + - single + items: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType + type: array + - description: The page number to return + in: query + name: page + required: false + schema: + minimum: 1 type: integer - - $ref: '#/components/parameters/Fleet_page_index' - - description: Partial match filtering for policy IDs + - description: The number of exception lists to return per page in: query - name: policyId + name: per_page + required: false + schema: + minimum: 1 + type: integer + - description: Determines which field is used to sort the results + in: query + name: sort_field + required: false + schema: + type: string + - description: Determines the sort order, which can be `desc` or `asc` + in: query + name: sort_order required: false schema: + enum: + - desc + - asc type: string responses: '200': @@ -12159,126 +12397,112 @@ paths: schema: type: object properties: - items: + data: items: - type: object - properties: - created_at: - type: string - id: - type: string - policy_id: - type: string - required: - - id - - policy_id - - created_at + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionList type: array page: - type: number - perPage: - type: number + minimum: 1 + type: integer + per_page: + minimum: 1 + type: integer total: - type: number + minimum: 0 + type: integer required: - - items - - total + - data - page - - perPage - description: OK + - per_page + - total + description: Successful response '400': - $ref: '#/components/responses/Fleet_error' - summary: List metadata for latest uninstall tokens per agent policy - tags: - - Fleet uninstall tokens - /api/fleet/uninstall_tokens/{uninstallTokenId}: - get: - operationId: get-uninstall-token - parameters: - - in: path - name: uninstallTokenId - required: true - schema: - type: string - responses: - '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - item: - type: object - properties: - created_at: - type: string - id: - type: string - policy_id: - type: string - token: - type: string - required: - - id - - token - - policy_id - - created_at - required: - - item - description: OK - '400': - $ref: '#/components/responses/Fleet_error' - summary: Get one decrypted uninstall token by its ID - tags: - - Fleet uninstall tokens - /api/ml/saved_objects/sync: - get: - description: > - Synchronizes Kibana saved objects for machine learning jobs and trained - models in the default space. You must have `all` privileges for the - **Machine Learning** feature in the **Analytics** section of the Kibana - feature privileges. This API runs automatically when you start Kibana - and periodically thereafter. - operationId: mlSync - parameters: - - $ref: '#/components/parameters/Machine_learning_APIs_simulateParam' - responses: - '200': + oneOf: + - $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': content: application/json; Elastic-Api-Version=2023-10-31: - examples: - syncExample: - $ref: '#/components/examples/Machine_learning_APIs_mlSyncExample' schema: - $ref: '#/components/schemas/Machine_learning_APIs_mlSync200Response' - description: Indicates a successful call - '401': + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Machine_learning_APIs_mlSync4xxResponse' - description: Authorization information is missing or invalid. - summary: Sync saved objects in the default space + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Internal server error response + summary: Get exception lists tags: - - ml - /api/saved_objects/_bulk_create: + - Security Exceptions API + /api/exception_lists/_import: post: - deprecated: true - operationId: bulkCreateSavedObjects + description: Import an exception list and its associated items from an NDJSON file. + operationId: ImportExceptionList parameters: - - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - - description: When true, overwrites the document with the same identifier. + - description: > + Determines whether existing exception lists with the same `list_id` + are overwritten. + + If any exception items have the same `item_id`, those are also + overwritten. in: query name: overwrite + required: false + schema: + default: false + type: boolean + - in: query + name: overwrite_exceptions + required: false + schema: + default: false + type: boolean + - in: query + name: overwrite_action_connectors + required: false schema: + default: false + type: boolean + - description: > + Determines whether the list being imported will have a new `list_id` + generated. + + Additional `item_id`'s are generated for each exception item. Both + the exception + + list and its items are overwritten. + in: query + name: as_new_list + required: false + schema: + default: false type: boolean requestBody: content: - application/json; Elastic-Api-Version=2023-10-31: + multipart/form-data; Elastic-Api-Version=2023-10-31: schema: - items: - type: object - type: array + type: object + properties: + file: + description: A `.ndjson` file containing the exception list + format: binary + type: string required: true responses: '200': @@ -12286,863 +12510,918 @@ paths: application/json; Elastic-Api-Version=2023-10-31: schema: type: object - description: Indicates a successful call. + properties: + errors: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListsImportBulkErrorArray + success: + type: boolean + success_count: + minimum: 0 + type: integer + success_count_exception_list_items: + minimum: 0 + type: integer + success_count_exception_lists: + minimum: 0 + type: integer + success_exception_list_items: + type: boolean + success_exception_lists: + type: boolean + required: + - errors + - success + - success_count + - success_exception_lists + - success_count_exception_lists + - success_exception_list_items + - success_count_exception_list_items + description: Successful response '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Saved_objects_400_response' - description: Bad request - summary: Create saved objects + oneOf: + - $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Internal server error response + summary: Import an exception list tags: - - saved objects - /api/saved_objects/_bulk_delete: - post: - deprecated: true - description: | - WARNING: When you delete a saved object, it cannot be recovered. - operationId: bulkDeleteSavedObjects + - Security Exceptions API + /api/exception_lists/items: + delete: + description: Delete an exception list item using the `id` or `item_id` field. + operationId: DeleteExceptionListItem parameters: - - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - - description: > - When true, force delete objects that exist in multiple namespaces. - Note that the option applies to the whole request. Use the delete - object API to specify per-object deletion behavior. TIP: Use this if - you attempted to delete objects and received an HTTP 400 error with - the following message: "Unable to delete saved object that exists in - multiple namespaces, use the force option to delete it anyway". - WARNING: When you bulk delete objects that exist in multiple - namespaces, the API also deletes legacy url aliases that reference - the object. These requests are batched to minimise the impact but - they can place a heavy load on Kibana. Make sure you limit the - number of objects that exist in multiple namespaces in a single bulk - delete operation. + - description: Either `id` or `item_id` must be specified in: query - name: force + name: id + required: false schema: - type: boolean - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - items: - type: object - type: array - required: true + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemId' + - description: Either `id` or `item_id` must be specified + in: query + name: item_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemHumanId + - in: query + name: namespace_type + required: false + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType + default: single responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - description: > - Indicates a successful call. NOTE: This HTTP response code indicates - that the bulk operation succeeded. Errors pertaining to individual - objects will be returned in the response body. + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItem' + description: Successful response '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Saved_objects_400_response' - description: Bad request - summary: Delete saved objects - tags: - - saved objects - /api/saved_objects/_bulk_get: - post: - deprecated: true - operationId: bulkGetSavedObjects - parameters: - - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - items: - type: object - type: array - required: true - responses: - '200': + oneOf: + - $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - description: Indicates a successful call. - '400': + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Saved_objects_400_response' - description: Bad request - summary: Get saved objects - tags: - - saved objects - /api/saved_objects/_bulk_resolve: - post: - deprecated: true - description: > - Retrieve multiple Kibana saved objects by identifier using any legacy - URL aliases if they exist. Under certain circumstances when Kibana is - upgraded, saved object migrations may necessitate regenerating some - object IDs to enable new features. When an object's ID is regenerated, a - legacy URL alias is created for that object, preserving its old ID. In - such a scenario, that object can be retrieved by the bulk resolve API - using either its new ID or its old ID. - operationId: bulkResolveSavedObjects - parameters: - - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - items: - type: object - type: array - required: true - responses: - '200': + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - description: > - Indicates a successful call. NOTE: This HTTP response code indicates - that the bulk operation succeeded. Errors pertaining to individual - objects will be returned in the response body. - '400': + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Exception list item not found response + '500': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Saved_objects_400_response' - description: Bad request - summary: Resolve saved objects + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Internal server error response + summary: Delete an exception list item tags: - - saved objects - /api/saved_objects/_bulk_update: - post: - deprecated: true - description: Update the attributes for multiple Kibana saved objects. - operationId: bulkUpdateSavedObjects + - Security Exceptions API + get: + description: >- + Get the details of an exception list item using the `id` or `item_id` + field. + operationId: ReadExceptionListItem parameters: - - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + - description: Either `id` or `item_id` must be specified + in: query + name: id + required: false + schema: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemId' + - description: Either `id` or `item_id` must be specified + in: query + name: item_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemHumanId + - in: query + name: namespace_type + required: false + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType + default: single + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItem' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Exception list item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Internal server error response + summary: Get an exception list item + tags: + - Security Exceptions API + post: + description: > + Create an exception item and associate it with the specified exception + list. + + > info + + > Before creating exception items, you must create an exception list. + operationId: CreateExceptionListItem requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: - items: - type: object - type: array + type: object + properties: + comments: + $ref: >- + #/components/schemas/Security_Exceptions_API_CreateExceptionListItemCommentArray + default: [] + description: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryArray + expire_time: + format: date-time + type: string + item_id: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemHumanId + list_id: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemName + namespace_type: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType + default: single + os_types: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemTags + default: [] + type: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemType + required: + - list_id + - type + - name + - description + - entries + description: Exception list item's properties required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - description: > - Indicates a successful call. NOTE: This HTTP response code indicates - that the bulk operation succeeded. Errors pertaining to individual - objects will be returned in the response body. + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItem' + description: Successful response '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Saved_objects_400_response' - description: Bad request - summary: Update saved objects + oneOf: + - $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Exception list item already exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Internal server error response + summary: Create an exception list item tags: - - saved objects - /api/saved_objects/_export: - post: - description: > - Retrieve sets of saved objects that you want to import into Kibana. - - You must include `type` or `objects` in the request body. - - - Exported saved objects are not backwards compatible and cannot be - imported into an older version of Kibana. - - - NOTE: The `savedObjects.maxImportExportSize` configuration setting - limits the number of saved objects which may be exported. - - - This functionality is in technical preview and may be changed or removed - in a future release. Elastic will work to fix any issues, but features - in technical preview are not subject to the support SLA of official GA - features. - operationId: exportSavedObjectsDefault - parameters: - - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + - Security Exceptions API + put: + description: Update an exception list item using the `id` or `item_id` field. + operationId: UpdateExceptionListItem requestBody: content: application/json; Elastic-Api-Version=2023-10-31: - examples: - exportSavedObjectsRequest: - $ref: '#/components/examples/Saved_objects_export_objects_request' schema: type: object properties: - excludeExportDetails: - default: false - description: Do not add export details entry at the end of the stream. - type: boolean - includeReferencesDeep: - description: >- - Includes all of the referenced objects in the exported - objects. - type: boolean - objects: - description: A list of objects to export. - items: - type: object - type: array + _version: + type: string + comments: + $ref: >- + #/components/schemas/Security_Exceptions_API_UpdateExceptionListItemCommentArray + default: [] + description: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryArray + expire_time: + format: date-time + type: string + id: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemId + description: Either `id` or `item_id` must be specified + item_id: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemHumanId + description: Either `id` or `item_id` must be specified + list_id: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemName + namespace_type: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType + default: single + os_types: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemTags type: - description: >- - The saved object types to include in the export. Use `*` to - export all the types. - oneOf: - - type: string - - items: - type: string - type: array + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemType + required: + - type + - name + - description + - entries + description: Exception list item's properties required: true responses: '200': content: - application/x-ndjson; Elastic-Api-Version=2023-10-31: - examples: - exportSavedObjectsResponse: - $ref: '#/components/examples/Saved_objects_export_objects_response' + application/json; Elastic-Api-Version=2023-10-31: schema: - additionalProperties: true - type: object - description: Indicates a successful call. + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItem' + description: Successful response '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Saved_objects_400_response' - description: Bad request. - summary: Export saved objects + oneOf: + - $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Exception list item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Internal server error response + summary: Update an exception list item tags: - - saved objects - /api/saved_objects/_find: + - Security Exceptions API + /api/exception_lists/items/_find: get: - deprecated: true - description: Retrieve a paginated set of Kibana saved objects. - operationId: findSavedObjects + description: Get a list of all exception list items in the specified list. + operationId: FindExceptionListItems parameters: + - description: List's id + in: query + name: list_id + required: true + schema: + items: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListHumanId + type: array - description: > - An aggregation structure, serialized as a string. The field format - is similar to filter, meaning that to use a saved object type - attribute in the aggregation, the `savedObjectType.attributes.title: - "myTitle"` format must be used. For root fields, the syntax is - `savedObjectType.rootField`. NOTE: As objects change in Kibana, the - results on each page of the response also change. Use the find API - for traditional paginated results, but avoid using it to export - large amounts of data. + Filters the returned results according to the value of the specified + field, + + using the `:` syntax. in: query - name: aggs + name: filter + required: false schema: - type: string - - description: The default operator to use for the `simple_query_string`. + default: [] + items: + $ref: >- + #/components/schemas/Security_Exceptions_API_FindExceptionListItemsFilter + type: array + - description: > + Determines whether the returned containers are Kibana associated + with a Kibana space + + or available in all spaces (`agnostic` or `single`) in: query - name: default_search_operator + name: namespace_type + required: false + schema: + default: + - single + items: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType + type: array + - in: query + name: search + required: false schema: type: string - - description: The fields to return in the attributes key of the response. - in: query - name: fields - schema: - oneOf: - - type: string - - type: array - - description: > - The filter is a KQL string with the caveat that if you filter with - an attribute from your saved object type, it should look like that: - `savedObjectType.attributes.title: "myTitle"`. However, if you use a - root attribute of a saved object such as `updated_at`, you will have - to define your filter like that: `savedObjectType.updated_at > - 2018-12-22`. - in: query - name: filter - schema: - type: string - - description: >- - Filters to objects that do not have a relationship with the type and - identifier combination. - in: query - name: has_no_reference - schema: - type: object - - description: >- - The operator to use for the `has_no_reference` parameter. Either - `OR` or `AND`. Defaults to `OR`. - in: query - name: has_no_reference_operator - schema: - type: string - - description: >- - Filters to objects that have a relationship with the type and ID - combination. - in: query - name: has_reference - schema: - type: object - - description: >- - The operator to use for the `has_reference` parameter. Either `OR` - or `AND`. Defaults to `OR`. - in: query - name: has_reference_operator - schema: - type: string - - description: The page of objects to return. + - description: The page number to return in: query name: page + required: false schema: + minimum: 0 type: integer - - description: The number of objects to return per page. + - description: The number of exception list items to return per page in: query name: per_page + required: false schema: + minimum: 0 type: integer - - description: >- - An Elasticsearch `simple_query_string` query that filters the - objects in the response. - in: query - name: search - schema: - type: string - - description: >- - The fields to perform the `simple_query_string` parsed query - against. - in: query - name: search_fields - schema: - oneOf: - - type: string - - type: array - - description: > - Sorts the response. Includes "root" and "type" fields. "root" fields - exist for all saved objects, such as "updated_at". "type" fields are - specific to an object type, such as fields returned in the - attributes key of the response. When a single type is defined in the - type parameter, the "root" and "type" fields are allowed, and - validity checks are made in that order. When multiple types are - defined in the type parameter, only "root" fields are allowed. + - description: Determines which field is used to sort the results in: query name: sort_field + required: false schema: - type: string - - description: The saved object types to include. + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' + - description: Determines the sort order, which can be `desc` or `asc` in: query - name: type - required: true + name: sort_order + required: false schema: - oneOf: - - type: string - - type: array + enum: + - desc + - asc + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: type: object - description: Indicates a successful call. + properties: + data: + items: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItem + type: array + page: + minimum: 1 + type: integer + per_page: + minimum: 1 + type: integer + pit: + type: string + total: + minimum: 0 + type: integer + required: + - data + - page + - per_page + - total + description: Successful response '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Saved_objects_400_response' - description: Bad request - summary: Search for saved objects + oneOf: + - $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Exception list not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Internal server error response + summary: Get exception list items tags: - - saved objects - /api/saved_objects/_import: - post: - description: > - Create sets of Kibana saved objects from a file created by the export - API. - - Saved objects can be imported only into the same version, a newer minor - on the same major, or the next major. Exported saved objects are not - backwards compatible and cannot be imported into an older version of - Kibana. - - - This functionality is in technical preview and may be changed or removed - in a future release. Elastic will work to fix any issues, but features - in technical preview are not subject to the support SLA of official GA - features. - operationId: importSavedObjectsDefault + - Security Exceptions API + /api/exception_lists/summary: + get: + description: Get a summary of the specified exception list. + operationId: ReadExceptionListSummary parameters: - - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - - description: > - Creates copies of saved objects, regenerates each object ID, and - resets the origin. When used, potential conflict errors are avoided. - NOTE: This option cannot be used with the `overwrite` and - `compatibilityMode` options. + - description: Exception list's identifier generated upon creation in: query - name: createNewCopies + name: id required: false schema: - type: boolean - - description: > - Overwrites saved objects when they already exist. When used, - potential conflict errors are automatically resolved by overwriting - the destination object. NOTE: This option cannot be used with the - `createNewCopies` option. + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListId' + - description: Exception list's human readable identifier in: query - name: overwrite + name: list_id required: false schema: - type: boolean - - description: > - Applies various adjustments to the saved objects that are being - imported to maintain compatibility between different Kibana - versions. Use this option only if you encounter issues with imported - saved objects. NOTE: This option cannot be used with the - `createNewCopies` option. + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListHumanId' + - in: query + name: namespace_type + required: false + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType + default: single + - description: Search filter clause in: query - name: compatibilityMode + name: filter required: false schema: - type: boolean - requestBody: - content: - multipart/form-data; Elastic-Api-Version=2023-10-31: - examples: - importObjectsRequest: - $ref: '#/components/examples/Saved_objects_import_objects_request' - schema: - type: object - properties: - file: - description: > - A file exported using the export API. NOTE: The - `savedObjects.maxImportExportSize` configuration setting - limits the number of saved objects which may be included in - this file. Similarly, the - `savedObjects.maxImportPayloadBytes` setting limits the - overall size of the file that can be imported. - required: true + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: - examples: - importObjectsResponse: - $ref: '#/components/examples/Saved_objects_import_objects_response' schema: type: object properties: - errors: - description: > - Indicates the import was unsuccessful and specifies the - objects that failed to import. - - - NOTE: One object may result in multiple errors, which - requires separate steps to resolve. For instance, a - `missing_references` error and conflict error. - items: - type: object - type: array - success: - description: > - Indicates when the import was successfully completed. When - set to false, some objects may not have been created. For - additional information, refer to the `errors` and - `successResults` properties. - type: boolean - successCount: - description: Indicates the number of successfully imported records. + linux: + minimum: 0 type: integer - successResults: - description: > - Indicates the objects that are successfully imported, with - any metadata if applicable. - - - NOTE: Objects are created only when all resolvable errors - are addressed, including conflicts and missing references. - If objects are created as new copies, each entry in the - `successResults` array includes a `destinationId` - attribute. - items: - type: object - type: array - description: Indicates a successful call. + macos: + minimum: 0 + type: integer + total: + minimum: 0 + type: integer + windows: + minimum: 0 + type: integer + description: Successful response '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Saved_objects_400_response' - description: Bad request. - summary: Import saved objects - tags: - - saved objects - x-codeSamples: - - label: Import with createNewCopies - lang: cURL - source: | - curl \ - -X POST api/saved_objects/_import?createNewCopies=true - -H "kbn-xsrf: true" - --form file=@file.ndjson - /api/saved_objects/_resolve_import_errors: - post: - description: > - To resolve errors from the Import objects API, you can: - - - * Retry certain saved objects - - * Overwrite specific saved objects - - * Change references to different saved objects - - - This functionality is in technical preview and may be changed or removed - in a future release. Elastic will work to fix any issues, but features - in technical preview are not subject to the support SLA of official GA - features. - operationId: resolveImportErrors - parameters: - - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - - description: > - Applies various adjustments to the saved objects that are being - imported to maintain compatibility between different Kibana - versions. When enabled during the initial import, also enable when - resolving import errors. This option cannot be used with the - `createNewCopies` option. - in: query - name: compatibilityMode - required: false - schema: - type: boolean - - description: > - Creates copies of the saved objects, regenerates each object ID, and - resets the origin. When enabled during the initial import, also - enable when resolving import errors. - in: query - name: createNewCopies - required: false - schema: - type: boolean - requestBody: - content: - multipart/form-data; Elastic-Api-Version=2023-10-31: - examples: - resolveImportErrorsRequest: + oneOf: + - $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: $ref: >- - #/components/examples/Saved_objects_resolve_missing_reference_request - schema: - type: object - properties: - file: - description: The same file given to the import API. - format: binary - type: string - retries: - description: >- - The retry operations, which can specify how to resolve - different types of errors. - items: - type: object - properties: - destinationId: - description: >- - Specifies the destination ID that the imported object - should have, if different from the current ID. - type: string - id: - description: The saved object ID. - type: string - ignoreMissingReferences: - description: >- - When set to `true`, ignores missing reference errors. - When set to `false`, does nothing. - type: boolean - overwrite: - description: >- - When set to `true`, the source object overwrites the - conflicting destination object. When set to `false`, - does nothing. - type: boolean - replaceReferences: - description: >- - A list of `type`, `from`, and `to` used to change the - object references. - items: - type: object - properties: - from: - type: string - to: - type: string - type: - type: string - type: array - type: - description: The saved object type. - type: string - required: - - type - - id - type: array - required: - - retries - required: true - responses: - '200': + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': content: application/json; Elastic-Api-Version=2023-10-31: - examples: - resolveImportErrorsResponse: - $ref: >- - #/components/examples/Saved_objects_resolve_missing_reference_response schema: - type: object - properties: - errors: - description: > - Specifies the objects that failed to resolve. - - - NOTE: One object can result in multiple errors, which - requires separate steps to resolve. For instance, a - `missing_references` error and a `conflict` error. - items: - type: object - type: array - success: - description: > - Indicates a successful import. When set to `false`, some - objects may not have been created. For additional - information, refer to the `errors` and `successResults` - properties. - type: boolean - successCount: - description: | - Indicates the number of successfully resolved records. - type: number - successResults: - description: > - Indicates the objects that are successfully imported, with - any metadata if applicable. - - - NOTE: Objects are only created when all resolvable errors - are addressed, including conflict and missing references. - items: - type: object - type: array - description: Indicates a successful call. - '400': + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Saved_objects_400_response' - description: Bad request. - summary: Resolve import errors + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Exception list not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Internal server error response + summary: Get an exception list summary tags: - - saved objects - /api/saved_objects/{type}: + - Security Exceptions API + /api/exceptions/shared: post: - deprecated: true - description: Create a Kibana saved object with a randomly generated identifier. - operationId: createSavedObject - parameters: - - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - - $ref: '#/components/parameters/Saved_objects_saved_object_type' - - description: If true, overwrites the document with the same identifier. - in: query - name: overwrite - schema: - type: boolean + description: > + An exception list groups exception items and can be associated with + detection rules. A shared exception list can apply to multiple detection + rules. + + > info + + > All exception items added to the same list are evaluated using `OR` + logic. That is, if any of the items in a list evaluate to `true`, the + exception prevents the rule from generating an alert. Likewise, `OR` + logic is used for evaluating exceptions when more than one exception + list is assigned to a rule. To use the `AND` operator, you can define + multiple clauses (`entries`) in a single exception item. + operationId: CreateSharedExceptionList requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: type: object properties: - attributes: - $ref: '#/components/schemas/Saved_objects_attributes' - initialNamespaces: - $ref: '#/components/schemas/Saved_objects_initial_namespaces' - references: - $ref: '#/components/schemas/Saved_objects_references' + description: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListDescription + name: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListName required: - - attributes + - name + - description required: true responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - description: Indicates a successful call. + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionList' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response '409': content: application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - description: Indicates a conflict error. - summary: Create a saved object + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Exception list already exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' + description: Internal server error response + summary: Create a shared exception list tags: - - saved objects - /api/saved_objects/{type}/{id}: + - Security Exceptions API + /api/fleet/agent_download_sources: get: - deprecated: true - description: Retrieve a single Kibana saved object by identifier. - operationId: getSavedObject + description: List agent binary download sources + operationId: '%2Fapi%2Ffleet%2Fagent_download_sources#0' parameters: - - $ref: '#/components/parameters/Saved_objects_saved_object_id' - - $ref: '#/components/parameters/Saved_objects_saved_object_type' + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Saved_objects_400_response' - description: Bad request. - summary: Get a saved object - tags: - - saved objects - post: - deprecated: true - description: >- - Create a Kibana saved object and specify its identifier instead of using - a randomly generated ID. - operationId: createSavedObjectId - parameters: - - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - - $ref: '#/components/parameters/Saved_objects_saved_object_id' - - $ref: '#/components/parameters/Saved_objects_saved_object_type' - - description: If true, overwrites the document with the same identifier. - in: query - name: overwrite - schema: - type: boolean - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - attributes: - $ref: '#/components/schemas/Saved_objects_attributes' - initialNamespaces: - $ref: '#/components/schemas/Saved_objects_initial_namespaces' - references: - $ref: '#/components/schemas/Saved_objects_initial_namespaces' - required: - - attributes - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - description: Indicates a successful call. - '409': + properties: + items: + items: + additionalProperties: false + type: object + properties: + host: + format: uri + type: string + id: + type: string + is_default: + default: false + type: boolean + name: + type: string + proxy_id: + description: >- + The ID of the proxy to use for this download source. + See the proxies API for more information. + nullable: true + type: string + required: + - id + - name + - host + type: array + page: + type: number + perPage: + type: number + total: + type: number + required: + - items + - total + - page + - perPage + '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false + description: Generic Error type: object - description: Indicates a conflict error. - summary: Create a saved object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - saved objects - put: - deprecated: true - description: Update the attributes for Kibana saved objects. - operationId: updateSavedObject + - Elastic Agent binary download sources + post: + description: Create agent binary download source + operationId: '%2Fapi%2Ffleet%2Fagent_download_sources#1' parameters: - - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - - $ref: '#/components/parameters/Saved_objects_saved_object_id' - - $ref: '#/components/parameters/Saved_objects_saved_object_type' + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - description: Indicates a successful call. - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - description: Indicates the object was not found. - '409': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - description: Indicates a conflict error. - summary: Update a saved object - tags: - - saved objects - /api/saved_objects/resolve/{type}/{id}: - get: - deprecated: true - description: > - Retrieve a single Kibana saved object by identifier using any legacy URL - alias if it exists. Under certain circumstances, when Kibana is - upgraded, saved object migrations may necessitate regenerating some - object IDs to enable new features. When an object's ID is regenerated, a - legacy URL alias is created for that object, preserving its old ID. In - such a scenario, that object can be retrieved using either its new ID or - its old ID. - operationId: resolveSavedObject - parameters: - - $ref: '#/components/parameters/Saved_objects_saved_object_id' - - $ref: '#/components/parameters/Saved_objects_saved_object_type' + properties: + host: + format: uri + type: string + id: + type: string + is_default: + default: false + type: boolean + name: + type: string + proxy_id: + description: >- + The ID of the proxy to use for this download source. See the + proxies API for more information. + nullable: true + type: string + required: + - name + - host responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object - description: Indicates a successful call. + properties: + item: + additionalProperties: false + type: object + properties: + host: + format: uri + type: string + id: + type: string + is_default: + default: false + type: boolean + name: + type: string + proxy_id: + description: >- + The ID of the proxy to use for this download source. + See the proxies API for more information. + nullable: true + type: string + required: + - id + - name + - host + required: + - item '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Saved_objects_400_response' - description: Bad request. - summary: Resolve a saved object - tags: - - saved objects - /api/security/role: - get: - operationId: '%2Fapi%2Fsecurity%2Frole#0' - parameters: [] - responses: {} - summary: Get all roles + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - roles - /api/security/role/{name}: + - Elastic Agent binary download sources + /api/fleet/agent_download_sources/{sourceId}: delete: - operationId: '%2Fapi%2Fsecurity%2Frole%2F%7Bname%7D#1' + description: Delete agent binary download source by ID + operationId: '%2Fapi%2Ffleet%2Fagent_download_sources%2F%7BsourceId%7D#2' parameters: - description: The version of the API to use in: header @@ -13160,17 +13439,44 @@ paths: example: 'true' type: string - in: path - name: name + name: sourceId required: true schema: - minLength: 1 type: string - responses: {} - summary: Delete a role + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - roles + - Elastic Agent binary download sources get: - operationId: '%2Fapi%2Fsecurity%2Frole%2F%7Bname%7D#0' + description: Get agent binary download source by ID + operationId: '%2Fapi%2Ffleet%2Fagent_download_sources%2F%7BsourceId%7D#0' parameters: - description: The version of the API to use in: header @@ -13181,207 +13487,66 @@ paths: - '2023-10-31' type: string - in: path - name: name - required: true - schema: - minLength: 1 - type: string - responses: {} - summary: Get a role - tags: - - roles - put: - operationId: '%2Fapi%2Fsecurity%2Frole%2F%7Bname%7D#2' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf + name: sourceId required: true schema: - example: 'true' type: string - - in: path - name: name - required: true - schema: - maxLength: 1024 - minLength: 1 - type: string - - in: query - name: createOnly - required: false - schema: - default: false - type: boolean - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - description: - maxLength: 2048 - type: string - elasticsearch: - additionalProperties: false - type: object - properties: - cluster: - items: - type: string - type: array - indices: - items: - additionalProperties: false - type: object - properties: - allow_restricted_indices: - type: boolean - field_security: - additionalProperties: - items: - type: string - type: array - type: object - names: - items: - type: string - minItems: 1 - type: array - privileges: - items: - type: string - minItems: 1 - type: array - query: - type: string - required: - - names - - privileges - type: array - remote_cluster: - items: - additionalProperties: false - type: object - properties: - clusters: - items: - type: string - minItems: 1 - type: array - privileges: - items: - type: string - minItems: 1 - type: array - required: - - privileges - - clusters - type: array - remote_indices: - items: - additionalProperties: false - type: object - properties: - allow_restricted_indices: - type: boolean - clusters: - items: - type: string - minItems: 1 - type: array - field_security: - additionalProperties: - items: - type: string - type: array - type: object - names: - items: - type: string - minItems: 1 - type: array - privileges: - items: - type: string - minItems: 1 - type: array - query: - type: string - required: - - clusters - - names - - privileges - type: array - run_as: - items: - type: string - type: array - kibana: - items: + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: additionalProperties: false type: object properties: - base: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string + host: + format: uri + type: string + id: + type: string + is_default: + default: false + type: boolean + name: + type: string + proxy_id: + description: >- + The ID of the proxy to use for this download source. + See the proxies API for more information. nullable: true - oneOf: - - items: - type: string - type: array - - items: - type: string - type: array - feature: - additionalProperties: - items: - type: string - type: array - type: object - spaces: - anyOf: - - items: - enum: - - '*' - type: string - maxItems: 1 - minItems: 1 - type: array - - items: - type: string - type: array - default: - - '*' + type: string required: - - base - type: array - metadata: - additionalProperties: {} - type: object - required: - - elasticsearch - responses: {} - summary: Create or update a role + - id + - name + - host + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - roles - /api/security/roles: - post: - operationId: '%2Fapi%2Fsecurity%2Froles#0' + - Elastic Agent binary download sources + put: + description: Update agent binary download source by ID + operationId: '%2Fapi%2Ffleet%2Fagent_download_sources%2F%7BsourceId%7D#1' parameters: - description: The version of the API to use in: header @@ -13398,6 +13563,11 @@ paths: schema: example: 'true' type: string + - in: path + name: sourceId + required: true + schema: + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: @@ -13405,231 +13575,82 @@ paths: additionalProperties: false type: object properties: - roles: - additionalProperties: + host: + format: uri + type: string + id: + type: string + is_default: + default: false + type: boolean + name: + type: string + proxy_id: + description: >- + The ID of the proxy to use for this download source. See the + proxies API for more information. + nullable: true + type: string + required: + - name + - host + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: additionalProperties: false type: object properties: - description: - maxLength: 2048 + host: + format: uri type: string - elasticsearch: - additionalProperties: false - type: object - properties: - cluster: - items: - type: string - type: array - indices: - items: - additionalProperties: false - type: object - properties: - allow_restricted_indices: - type: boolean - field_security: - additionalProperties: - items: - type: string - type: array - type: object - names: - items: - type: string - minItems: 1 - type: array - privileges: - items: - type: string - minItems: 1 - type: array - query: - type: string - required: - - names - - privileges - type: array - remote_cluster: - items: - additionalProperties: false - type: object - properties: - clusters: - items: - type: string - minItems: 1 - type: array - privileges: - items: - type: string - minItems: 1 - type: array - required: - - privileges - - clusters - type: array - remote_indices: - items: - additionalProperties: false - type: object - properties: - allow_restricted_indices: - type: boolean - clusters: - items: - type: string - minItems: 1 - type: array - field_security: - additionalProperties: - items: - type: string - type: array - type: object - names: - items: - type: string - minItems: 1 - type: array - privileges: - items: - type: string - minItems: 1 - type: array - query: - type: string - required: - - clusters - - names - - privileges - type: array - run_as: - items: - type: string - type: array - kibana: - items: - additionalProperties: false - type: object - properties: - base: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - items: - type: string - type: array - - items: - type: string - type: array - feature: - additionalProperties: - items: - type: string - type: array - type: object - spaces: - anyOf: - - items: - enum: - - '*' - type: string - maxItems: 1 - minItems: 1 - type: array - - items: - type: string - type: array - default: - - '*' - required: - - base - type: array - metadata: - additionalProperties: {} - type: object - required: - - elasticsearch - type: object - required: - - roles - responses: {} - summary: Create or update roles - tags: - - roles - /api/spaces/_copy_saved_objects: - post: - description: Copy saved objects to spaces - operationId: '%2Fapi%2Fspaces%2F_copy_saved_objects#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - compatibilityMode: - default: false - type: boolean - createNewCopies: - default: true - type: boolean - includeReferences: - default: false - type: boolean - objects: - items: - additionalProperties: false - type: object - properties: id: type: string - type: + is_default: + default: false + type: boolean + name: + type: string + proxy_id: + description: >- + The ID of the proxy to use for this download source. + See the proxies API for more information. + nullable: true type: string required: - - type - id - type: array - overwrite: - default: false - type: boolean - spaces: - items: + - name + - host + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: type: string - type: array - required: - - spaces - - objects - responses: {} + message: + type: string + statusCode: + type: number + required: + - message summary: '' - tags: [] - /api/spaces/_disable_legacy_url_aliases: - post: - description: Disable legacy URL aliases - operationId: '%2Fapi%2Fspaces%2F_disable_legacy_url_aliases#0' + tags: + - Elastic Agent binary download sources + /api/fleet/agent_policies: + get: + description: List agent policies + operationId: '%2Fapi%2Ffleet%2Fagent_policies#0' parameters: - description: The version of the API to use in: header @@ -13639,268 +13660,602 @@ paths: enum: - '2023-10-31' type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true + - in: query + name: page + required: false + schema: + type: number + - in: query + name: perPage + required: false + schema: + type: number + - in: query + name: sortField + required: false schema: - example: 'true' type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - aliases: - items: - additionalProperties: false - type: object - properties: - sourceId: - type: string - targetSpace: - type: string - targetType: - type: string - required: - - targetSpace - - targetType - - sourceId - type: array - required: - - aliases - responses: {} - summary: '' - tags: [] - /api/spaces/_get_shareable_references: - post: - description: Get shareable references - operationId: '%2Fapi%2Fspaces%2F_get_shareable_references#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version + - in: query + name: sortOrder + required: false schema: - default: '2023-10-31' enum: - - '2023-10-31' + - desc + - asc type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true + - in: query + name: showUpgradeable + required: false schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - objects: - items: - additionalProperties: false - type: object - properties: - id: - type: string - type: - type: string - required: - - type - - id - type: array - required: - - objects - responses: {} - summary: '' - tags: [] - /api/spaces/_resolve_copy_saved_objects_errors: - post: - description: Resolve conflicts copying saved objects - operationId: '%2Fapi%2Fspaces%2F_resolve_copy_saved_objects_errors#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version + type: boolean + - in: query + name: kuery + required: false schema: - default: '2023-10-31' - enum: - - '2023-10-31' type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true + - in: query + name: noAgentCount + required: false schema: - example: 'true' + type: boolean + - in: query + name: full + required: false + schema: + type: boolean + - in: query + name: format + required: false + schema: + enum: + - simplified + - legacy type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - compatibilityMode: - default: false - type: boolean - createNewCopies: - default: true - type: boolean - includeReferences: - default: false - type: boolean - objects: + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: items: - additionalProperties: false - type: object - properties: - id: - type: string - type: - type: string - required: - - type - - id - type: array - retries: - additionalProperties: items: additionalProperties: false type: object properties: - createNewCopy: - type: boolean - destinationId: + advanced_settings: + additionalProperties: false + type: object + properties: + agent_download_target_directory: + nullable: true + agent_download_timeout: + default: 2h + nullable: true + agent_limits_go_max_procs: + nullable: true + agent_logging_level: + default: info + nullable: true + agent_logging_metrics_period: + default: 30s + nullable: true + agent_features: + items: + additionalProperties: false + type: object + properties: + enabled: + type: boolean + name: + type: string + required: + - name + - enabled + type: array + agents: + type: number + data_output_id: + nullable: true + type: string + description: + type: string + download_source_id: + nullable: true type: string + fleet_server_host_id: + nullable: true + type: string + global_data_tags: + description: >- + User defined data tags that are added to all of the + inputs. The values can be strings or numbers. + items: + additionalProperties: false + type: object + properties: + name: + type: string + value: + anyOf: + - type: string + - type: number + required: + - name + - value + type: array + has_fleet_server: + type: boolean id: type: string - ignoreMissingReferences: + inactivity_timeout: + default: 1209600 + minimum: 0 + type: number + is_default: type: boolean - overwrite: + is_default_fleet_server: + type: boolean + is_managed: + type: boolean + is_preconfigured: + type: boolean + is_protected: + description: >- + Indicates whether the agent policy has tamper + protection enabled. Default false. + type: boolean + keep_monitoring_alive: default: false + description: >- + When set to true, monitoring will be enabled but + logs/metrics collection will be disabled + nullable: true type: boolean - type: + monitoring_diagnostics: + additionalProperties: false + type: object + properties: + limit: + additionalProperties: false + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + additionalProperties: false + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number + monitoring_enabled: + items: + enum: + - logs + - metrics + - traces + type: string + type: array + monitoring_http: + additionalProperties: false + type: object + properties: + buffer: + additionalProperties: false + type: object + properties: + enabled: + default: false + type: boolean + enabled: + type: boolean + host: + type: string + port: + maximum: 65353 + minimum: 0 + type: number + required: + - enabled + monitoring_output_id: + nullable: true type: string - required: - - type - - id - type: array - type: object - required: - - retries - - objects - responses: {} - summary: '' - tags: [] - /api/spaces/_update_objects_spaces: - post: - description: Update saved objects in spaces - operationId: '%2Fapi%2Fspaces%2F_update_objects_spaces#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - objects: - items: - additionalProperties: false - type: object - properties: - id: - type: string - type: - type: string - required: - - type - - id - type: array - spacesToAdd: - items: + monitoring_pprof_enabled: + type: boolean + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + overrides: + additionalProperties: {} + description: >- + Override settings that are defined in the agent + policy. Input settings cannot be overridden. The + override option should be used only in unusual + circumstances and not as a routine procedure. + nullable: true + type: object + package_policies: + anyOf: + - items: + type: string + type: array + - description: >- + This field is present only when retrieving a + single agent policy, or when retrieving a list + of agent policies with the ?full=true parameter + items: + additionalProperties: false + type: object + properties: + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank + to inherit the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the + package policy. The override option should + be used only in unusual circumstances and + not as a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy + will be added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package + policy will be added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + updated_at: + type: string + updated_by: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + version: + type: string + required: + - name + - enabled + - inputs + - id + - revision + - updated_at + - updated_by + - created_at + - created_by + type: array + revision: + type: number + schema_version: + type: string + space_ids: + items: + type: string + type: array + status: + enum: + - active + - inactive + type: string + supports_agentless: + default: false + description: >- + Indicates whether the agent policy supports + agentless integrations. + nullable: true + type: boolean + unenroll_timeout: + minimum: 0 + type: number + unprivileged_agents: + type: number + updated_at: + type: string + updated_by: + type: string + version: + type: string + required: + - id + - name + - namespace + - is_managed + - is_protected + - status + - updated_at + - updated_by + - revision + type: array + page: + type: number + perPage: + type: number + total: + type: number + required: + - items + - total + - page + - perPage + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: type: string - type: array - spacesToRemove: - items: + message: type: string - type: array - required: - - objects - - spacesToAdd - - spacesToRemove - responses: {} - summary: '' - tags: [] - /api/spaces/space: - get: - description: Get all spaces - operationId: '%2Fapi%2Fspaces%2Fspace#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: query - name: purpose - required: false - schema: - enum: - - any - - copySavedObjectsIntoSpace - - shareSavedObjectsIntoSpace - type: string - - in: query - name: include_authorized_purposes - required: true - schema: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - enum: - - false - type: boolean - x-oas-optional: true - - type: boolean - x-oas-optional: true - responses: {} + statusCode: + type: number + required: + - message summary: '' tags: - - spaces + - Elastic Agent policies post: - description: Create a space - operationId: '%2Fapi%2Fspaces%2Fspace#1' + description: Create an agent policy + operationId: '%2Fapi%2Ffleet%2Fagent_policies#1' parameters: - description: The version of the API to use in: header @@ -13917,6 +14272,11 @@ paths: schema: example: 'true' type: string + - in: query + name: sys_monitoring + required: false + schema: + type: boolean requestBody: content: application/json; Elastic-Api-Version=2023-10-31: @@ -13924,787 +14284,28366 @@ paths: additionalProperties: false type: object properties: - _reserved: - type: boolean - color: - type: string - description: - type: string - disabledFeatures: - default: [] + advanced_settings: + additionalProperties: false + type: object + properties: + agent_download_target_directory: + nullable: true + agent_download_timeout: + default: 2h + nullable: true + agent_limits_go_max_procs: + nullable: true + agent_logging_level: + default: info + nullable: true + agent_logging_metrics_period: + default: 30s + nullable: true + agent_features: items: - type: string + additionalProperties: false + type: object + properties: + enabled: + type: boolean + name: + type: string + required: + - name + - enabled type: array - id: + data_output_id: + nullable: true type: string - imageUrl: + description: type: string - initials: - maxLength: 2 + download_source_id: + nullable: true type: string - name: - minLength: 1 + fleet_server_host_id: + nullable: true type: string - solution: - enum: - - security - - oblt - - es - - classic + force: + type: boolean + global_data_tags: + description: >- + User defined data tags that are added to all of the inputs. + The values can be strings or numbers. + items: + additionalProperties: false + type: object + properties: + name: + type: string + value: + anyOf: + - type: string + - type: number + required: + - name + - value + type: array + has_fleet_server: + type: boolean + id: type: string - required: - - id - - name - responses: {} - summary: '' - tags: - - spaces - /api/spaces/space/{id}: - delete: - description: Delete a space - operationId: '%2Fapi%2Fspaces%2Fspace%2F%7Bid%7D#2' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: id - required: true - schema: - type: string - responses: {} - summary: '' - tags: - - spaces - get: - description: Get a space - operationId: '%2Fapi%2Fspaces%2Fspace%2F%7Bid%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: id - required: true - schema: - type: string - responses: {} - summary: '' - tags: - - spaces - put: - description: Update a space - operationId: '%2Fapi%2Fspaces%2Fspace%2F%7Bid%7D#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: id - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - _reserved: + inactivity_timeout: + default: 1209600 + minimum: 0 + type: number + is_default: type: boolean - color: - type: string - description: - type: string - disabledFeatures: - default: [] + is_default_fleet_server: + type: boolean + is_managed: + type: boolean + is_protected: + type: boolean + keep_monitoring_alive: + default: false + description: >- + When set to true, monitoring will be enabled but + logs/metrics collection will be disabled + nullable: true + type: boolean + monitoring_diagnostics: + additionalProperties: false + type: object + properties: + limit: + additionalProperties: false + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + additionalProperties: false + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number + monitoring_enabled: items: + enum: + - logs + - metrics + - traces type: string type: array - id: - type: string - imageUrl: - type: string - initials: - maxLength: 2 + monitoring_http: + additionalProperties: false + type: object + properties: + buffer: + additionalProperties: false + type: object + properties: + enabled: + default: false + type: boolean + enabled: + type: boolean + host: + type: string + port: + maximum: 65353 + minimum: 0 + type: number + required: + - enabled + monitoring_output_id: + nullable: true type: string + monitoring_pprof_enabled: + type: boolean name: minLength: 1 type: string - solution: - enum: - - security - - oblt - - es - - classic + namespace: + minLength: 1 type: string + overrides: + additionalProperties: {} + description: >- + Override settings that are defined in the agent policy. + Input settings cannot be overridden. The override option + should be used only in unusual circumstances and not as a + routine procedure. + nullable: true + type: object + space_ids: + items: + type: string + type: array + supports_agentless: + default: false + description: >- + Indicates whether the agent policy supports agentless + integrations. + nullable: true + type: boolean + unenroll_timeout: + minimum: 0 + type: number required: - - id - name - responses: {} - summary: '' - tags: - - spaces - /api/status: - get: - operationId: '%2Fapi%2Fstatus#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: Set to "true" to get the response in v7 format. - in: query - name: v7format - required: false - schema: - type: boolean - - description: Set to "true" to get the response in v8 format. - in: query - name: v8format - required: false - schema: - type: boolean + - namespace responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - anyOf: - - $ref: '#/components/schemas/Kibana_HTTP_APIs_core_status_response' - - $ref: >- - #/components/schemas/Kibana_HTTP_APIs_core_status_redactedResponse - description: >- - Kibana's operational status. A minimal response is sent for - unauthorized users. - description: Overall status is OK and Kibana should be functioning normally. - '503': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - anyOf: - - $ref: '#/components/schemas/Kibana_HTTP_APIs_core_status_response' - - $ref: >- - #/components/schemas/Kibana_HTTP_APIs_core_status_redactedResponse - description: >- - Kibana's operational status. A minimal response is sent for - unauthorized users. - description: >- - Kibana or some of it's essential services are unavailable. Kibana - may be degraded or unavailable. - summary: Get Kibana's current status - tags: - - system - /s/{spaceId}/api/observability/slos: - get: - description: > - You must have the `read` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: findSlosOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - description: A valid kql query to filter the SLO with - example: 'slo.name:latency* and slo.tags : "prod"' - in: query - name: kqlQuery - schema: - type: string - - description: The page to use for pagination, must be greater or equal than 1 - example: 1 - in: query - name: page - schema: - default: 1 - type: integer - - description: Number of SLOs returned by page - example: 25 - in: query - name: perPage - schema: - default: 25 - maximum: 5000 - type: integer - - description: Sort by field - example: status - in: query - name: sortBy - schema: - default: status - enum: - - sli_value - - status - - error_budget_consumed - - error_budget_remaining - type: string - - description: Sort order - example: asc - in: query - name: sortDirection - schema: - default: asc - enum: - - asc - - desc - type: string - - description: >- - Hide stale SLOs from the list as defined by stale SLO threshold in - SLO settings - in: query - name: hideStale - schema: - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_find_slo_response' - description: Successful request + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + advanced_settings: + additionalProperties: false + type: object + properties: + agent_download_target_directory: + nullable: true + agent_download_timeout: + default: 2h + nullable: true + agent_limits_go_max_procs: + nullable: true + agent_logging_level: + default: info + nullable: true + agent_logging_metrics_period: + default: 30s + nullable: true + agent_features: + items: + additionalProperties: false + type: object + properties: + enabled: + type: boolean + name: + type: string + required: + - name + - enabled + type: array + agents: + type: number + data_output_id: + nullable: true + type: string + description: + type: string + download_source_id: + nullable: true + type: string + fleet_server_host_id: + nullable: true + type: string + global_data_tags: + description: >- + User defined data tags that are added to all of the + inputs. The values can be strings or numbers. + items: + additionalProperties: false + type: object + properties: + name: + type: string + value: + anyOf: + - type: string + - type: number + required: + - name + - value + type: array + has_fleet_server: + type: boolean + id: + type: string + inactivity_timeout: + default: 1209600 + minimum: 0 + type: number + is_default: + type: boolean + is_default_fleet_server: + type: boolean + is_managed: + type: boolean + is_preconfigured: + type: boolean + is_protected: + description: >- + Indicates whether the agent policy has tamper + protection enabled. Default false. + type: boolean + keep_monitoring_alive: + default: false + description: >- + When set to true, monitoring will be enabled but + logs/metrics collection will be disabled + nullable: true + type: boolean + monitoring_diagnostics: + additionalProperties: false + type: object + properties: + limit: + additionalProperties: false + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + additionalProperties: false + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number + monitoring_enabled: + items: + enum: + - logs + - metrics + - traces + type: string + type: array + monitoring_http: + additionalProperties: false + type: object + properties: + buffer: + additionalProperties: false + type: object + properties: + enabled: + default: false + type: boolean + enabled: + type: boolean + host: + type: string + port: + maximum: 65353 + minimum: 0 + type: number + required: + - enabled + monitoring_output_id: + nullable: true + type: string + monitoring_pprof_enabled: + type: boolean + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + overrides: + additionalProperties: {} + description: >- + Override settings that are defined in the agent + policy. Input settings cannot be overridden. The + override option should be used only in unusual + circumstances and not as a routine procedure. + nullable: true + type: object + package_policies: + anyOf: + - items: + type: string + type: array + - description: >- + This field is present only when retrieving a + single agent policy, or when retrieving a list of + agent policies with the ?full=true parameter + items: + additionalProperties: false + type: object + properties: + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to + inherit the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the + package policy. The override option should + be used only in unusual circumstances and + not as a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy + will be added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy + will be added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + updated_at: + type: string + updated_by: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + version: + type: string + required: + - name + - enabled + - inputs + - id + - revision + - updated_at + - updated_by + - created_at + - created_by + type: array + revision: + type: number + schema_version: + type: string + space_ids: + items: + type: string + type: array + status: + enum: + - active + - inactive + type: string + supports_agentless: + default: false + description: >- + Indicates whether the agent policy supports agentless + integrations. + nullable: true + type: boolean + unenroll_timeout: + minimum: 0 + type: number + unprivileged_agents: + type: number + updated_at: + type: string + updated_by: + type: string + version: + type: string + required: + - id + - name + - namespace + - is_managed + - is_protected + - status + - updated_at + - updated_by + - revision + required: + - item '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_404_response' - description: Not found response - summary: Get a paginated list of SLOs + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - slo + - Elastic Agent policies + /api/fleet/agent_policies/_bulk_get: post: - description: > - You must have `all` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: createSloOp + description: Bulk get agent policies + operationId: '%2Fapi%2Ffleet%2Fagent_policies%2F_bulk_get#0' parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: query + name: format + required: false + schema: + enum: + - simplified + - legacy + type: string requestBody: content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_create_slo_request' - required: true + additionalProperties: false + type: object + properties: + full: + description: get full policies with package policies populated + type: boolean + ids: + description: list of package policy ids + items: + type: string + type: array + ignoreMissing: + type: boolean + required: + - ids responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_create_slo_response' - description: Successful request + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + advanced_settings: + additionalProperties: false + type: object + properties: + agent_download_target_directory: + nullable: true + agent_download_timeout: + default: 2h + nullable: true + agent_limits_go_max_procs: + nullable: true + agent_logging_level: + default: info + nullable: true + agent_logging_metrics_period: + default: 30s + nullable: true + agent_features: + items: + additionalProperties: false + type: object + properties: + enabled: + type: boolean + name: + type: string + required: + - name + - enabled + type: array + agents: + type: number + data_output_id: + nullable: true + type: string + description: + type: string + download_source_id: + nullable: true + type: string + fleet_server_host_id: + nullable: true + type: string + global_data_tags: + description: >- + User defined data tags that are added to all of the + inputs. The values can be strings or numbers. + items: + additionalProperties: false + type: object + properties: + name: + type: string + value: + anyOf: + - type: string + - type: number + required: + - name + - value + type: array + has_fleet_server: + type: boolean + id: + type: string + inactivity_timeout: + default: 1209600 + minimum: 0 + type: number + is_default: + type: boolean + is_default_fleet_server: + type: boolean + is_managed: + type: boolean + is_preconfigured: + type: boolean + is_protected: + description: >- + Indicates whether the agent policy has tamper + protection enabled. Default false. + type: boolean + keep_monitoring_alive: + default: false + description: >- + When set to true, monitoring will be enabled but + logs/metrics collection will be disabled + nullable: true + type: boolean + monitoring_diagnostics: + additionalProperties: false + type: object + properties: + limit: + additionalProperties: false + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + additionalProperties: false + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number + monitoring_enabled: + items: + enum: + - logs + - metrics + - traces + type: string + type: array + monitoring_http: + additionalProperties: false + type: object + properties: + buffer: + additionalProperties: false + type: object + properties: + enabled: + default: false + type: boolean + enabled: + type: boolean + host: + type: string + port: + maximum: 65353 + minimum: 0 + type: number + required: + - enabled + monitoring_output_id: + nullable: true + type: string + monitoring_pprof_enabled: + type: boolean + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + overrides: + additionalProperties: {} + description: >- + Override settings that are defined in the agent + policy. Input settings cannot be overridden. The + override option should be used only in unusual + circumstances and not as a routine procedure. + nullable: true + type: object + package_policies: + anyOf: + - items: + type: string + type: array + - description: >- + This field is present only when retrieving a + single agent policy, or when retrieving a list + of agent policies with the ?full=true parameter + items: + additionalProperties: false + type: object + properties: + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank + to inherit the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the + package policy. The override option should + be used only in unusual circumstances and + not as a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy + will be added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package + policy will be added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + updated_at: + type: string + updated_by: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + version: + type: string + required: + - name + - enabled + - inputs + - id + - revision + - updated_at + - updated_by + - created_at + - created_by + type: array + revision: + type: number + schema_version: + type: string + space_ids: + items: + type: string + type: array + status: + enum: + - active + - inactive + type: string + supports_agentless: + default: false + description: >- + Indicates whether the agent policy supports + agentless integrations. + nullable: true + type: boolean + unenroll_timeout: + minimum: 0 + type: number + unprivileged_agents: + type: number + updated_at: + type: string + updated_by: + type: string + version: + type: string + required: + - id + - name + - namespace + - is_managed + - is_protected + - status + - updated_at + - updated_by + - revision + type: array + required: + - items '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '409': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_409_response' - description: Conflict - The SLO id already exists - summary: Create an SLO - tags: - - slo - /s/{spaceId}/api/observability/slos/_delete_instances: - post: - description: > - The deletion occurs for the specified list of `sloId` and `instanceId`. - You must have `all` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: deleteSloInstancesOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_delete_slo_instances_request' - required: true - responses: - '204': - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - summary: Batch delete rollup and summary data - tags: - - slo - /s/{spaceId}/api/observability/slos/{sloId}: - delete: - description: > - You must have the `write` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: deleteSloOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - $ref: '#/components/parameters/SLOs_slo_id' - responses: - '204': - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_404_response' - description: Not found response - summary: Delete an SLO + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - slo + - Elastic Agent policies + /api/fleet/agent_policies/{agentPolicyId}: get: - description: > - You must have the `read` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: getSloOp + description: Get an agent policy by ID + operationId: '%2Fapi%2Ffleet%2Fagent_policies%2F%7BagentPolicyId%7D#0' parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - $ref: '#/components/parameters/SLOs_slo_id' - - description: the specific instanceId used by the summary calculation - example: host-abcde - in: query - name: instanceId + - description: The version of the API to use + in: header + name: elastic-api-version schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: agentPolicyId + required: true + schema: + type: string + - in: query + name: format + required: false + schema: + enum: + - simplified + - legacy type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_slo_with_summary_response' - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_404_response' - description: Not found response - summary: Get an SLO - tags: - - slo - put: - description: > - You must have the `write` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: updateSloOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - $ref: '#/components/parameters/SLOs_slo_id' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_update_slo_request' - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_slo_definition_response' - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_404_response' - description: Not found response - summary: Update an SLO - tags: - - slo - /s/{spaceId}/api/observability/slos/{sloId}/_reset: - post: - description: > - You must have the `write` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: resetSloOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - $ref: '#/components/parameters/SLOs_slo_id' - responses: - '204': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_slo_definition_response' - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_404_response' - description: Not found response - summary: Reset an SLO - tags: - - slo - /s/{spaceId}/api/observability/slos/{sloId}/disable: - post: - description: > - You must have the `write` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: disableSloOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - $ref: '#/components/parameters/SLOs_slo_id' - responses: - '200': - description: Successful request + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + advanced_settings: + additionalProperties: false + type: object + properties: + agent_download_target_directory: + nullable: true + agent_download_timeout: + default: 2h + nullable: true + agent_limits_go_max_procs: + nullable: true + agent_logging_level: + default: info + nullable: true + agent_logging_metrics_period: + default: 30s + nullable: true + agent_features: + items: + additionalProperties: false + type: object + properties: + enabled: + type: boolean + name: + type: string + required: + - name + - enabled + type: array + agents: + type: number + data_output_id: + nullable: true + type: string + description: + type: string + download_source_id: + nullable: true + type: string + fleet_server_host_id: + nullable: true + type: string + global_data_tags: + description: >- + User defined data tags that are added to all of the + inputs. The values can be strings or numbers. + items: + additionalProperties: false + type: object + properties: + name: + type: string + value: + anyOf: + - type: string + - type: number + required: + - name + - value + type: array + has_fleet_server: + type: boolean + id: + type: string + inactivity_timeout: + default: 1209600 + minimum: 0 + type: number + is_default: + type: boolean + is_default_fleet_server: + type: boolean + is_managed: + type: boolean + is_preconfigured: + type: boolean + is_protected: + description: >- + Indicates whether the agent policy has tamper + protection enabled. Default false. + type: boolean + keep_monitoring_alive: + default: false + description: >- + When set to true, monitoring will be enabled but + logs/metrics collection will be disabled + nullable: true + type: boolean + monitoring_diagnostics: + additionalProperties: false + type: object + properties: + limit: + additionalProperties: false + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + additionalProperties: false + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number + monitoring_enabled: + items: + enum: + - logs + - metrics + - traces + type: string + type: array + monitoring_http: + additionalProperties: false + type: object + properties: + buffer: + additionalProperties: false + type: object + properties: + enabled: + default: false + type: boolean + enabled: + type: boolean + host: + type: string + port: + maximum: 65353 + minimum: 0 + type: number + required: + - enabled + monitoring_output_id: + nullable: true + type: string + monitoring_pprof_enabled: + type: boolean + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + overrides: + additionalProperties: {} + description: >- + Override settings that are defined in the agent + policy. Input settings cannot be overridden. The + override option should be used only in unusual + circumstances and not as a routine procedure. + nullable: true + type: object + package_policies: + anyOf: + - items: + type: string + type: array + - description: >- + This field is present only when retrieving a + single agent policy, or when retrieving a list of + agent policies with the ?full=true parameter + items: + additionalProperties: false + type: object + properties: + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to + inherit the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the + package policy. The override option should + be used only in unusual circumstances and + not as a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy + will be added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy + will be added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + updated_at: + type: string + updated_by: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + version: + type: string + required: + - name + - enabled + - inputs + - id + - revision + - updated_at + - updated_by + - created_at + - created_by + type: array + revision: + type: number + schema_version: + type: string + space_ids: + items: + type: string + type: array + status: + enum: + - active + - inactive + type: string + supports_agentless: + default: false + description: >- + Indicates whether the agent policy supports agentless + integrations. + nullable: true + type: boolean + unenroll_timeout: + minimum: 0 + type: number + unprivileged_agents: + type: number + updated_at: + type: string + updated_by: + type: string + version: + type: string + required: + - id + - name + - namespace + - is_managed + - is_protected + - status + - updated_at + - updated_by + - revision + required: + - item '400': content: application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_404_response' - description: Not found response - summary: Disable an SLO + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' tags: - - slo - /s/{spaceId}/api/observability/slos/{sloId}/enable: - post: - description: > - You must have the `write` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: enableSloOp + - Elastic Agent policies + put: + description: Update an agent policy by ID + operationId: '%2Fapi%2Ffleet%2Fagent_policies%2F%7BagentPolicyId%7D#1' parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - $ref: '#/components/parameters/SLOs_slo_id' - responses: - '204': - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_404_response' - description: Not found response - summary: Enable an SLO - tags: - - slo -components: - examples: - Alerting_get_health_response: - summary: Retrieve information about the health of the alerting framework. - value: - alerting_framework_health: - decryption_health: - status: ok - timestamp: '2023-01-13T01:28:00.280Z' - execution_health: - status: ok - timestamp: '2023-01-13T01:28:00.280Z' - read_health: - status: ok - timestamp: '2023-01-13T01:28:00.280Z' - has_permanent_encryption_key: true - is_sufficiently_secure: true - Alerting_get_rule_types_response: - summary: Retrieve rule types associated with Kibana machine learning features - value: - - action_groups: - - id: anomaly_score_match - name: Anomaly score matched the condition - - id: recovered - name: Recovered - action_variables: - context: - - description: The bucket timestamp of the anomaly - name: timestamp - - description: The bucket time of the anomaly in ISO8601 format - name: timestampIso8601 - - description: List of job IDs that triggered the alert - name: jobIds - - description: Alert info message - name: message - - description: Indicate if top hits contain interim results - name: isInterim - - description: Anomaly score at the time of the notification action - name: score - - description: Top records - name: topRecords - - description: Top influencers - name: topInfluencers - - description: URL to open in the Anomaly Explorer - name: anomalyExplorerUrl - useWithTripleBracesInTemplates: true - params: [] - state: [] - alerts: - context: ml.anomaly-detection - mappings: - fieldMap: - kibana.alert.anomaly_score: - array: false - type: double - required: false - kibana.alert.anomaly_timestamp: - array: false - type: date - required: false - kibana.alert.is_interim: - array: false + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: agentPolicyId + required: true + schema: + type: string + - in: query + name: format + required: false + schema: + enum: + - simplified + - legacy + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + advanced_settings: + additionalProperties: false + type: object + properties: + agent_download_target_directory: + nullable: true + agent_download_timeout: + default: 2h + nullable: true + agent_limits_go_max_procs: + nullable: true + agent_logging_level: + default: info + nullable: true + agent_logging_metrics_period: + default: 30s + nullable: true + agent_features: + items: + additionalProperties: false + type: object + properties: + enabled: + type: boolean + name: + type: string + required: + - name + - enabled + type: array + data_output_id: + nullable: true + type: string + description: + type: string + download_source_id: + nullable: true + type: string + fleet_server_host_id: + nullable: true + type: string + force: type: boolean - required: false - kibana.alert.job_id: - array: false - type: keyword - required: true - kibana.alert.top_influencers: - array: true - dynamic: false + global_data_tags: + description: >- + User defined data tags that are added to all of the inputs. + The values can be strings or numbers. + items: + additionalProperties: false + type: object + properties: + name: + type: string + value: + anyOf: + - type: string + - type: number + required: + - name + - value + type: array + has_fleet_server: + type: boolean + id: + type: string + inactivity_timeout: + default: 1209600 + minimum: 0 + type: number + is_default: + type: boolean + is_default_fleet_server: + type: boolean + is_managed: + type: boolean + is_protected: + type: boolean + keep_monitoring_alive: + default: false + description: >- + When set to true, monitoring will be enabled but + logs/metrics collection will be disabled + nullable: true + type: boolean + monitoring_diagnostics: + additionalProperties: false type: object properties: - influencer_field_name: - type: keyword - influencer_field_value: - type: keyword - influencer_score: - type: double - initial_influencer_score: - type: double - is_interim: - type: boolean - job_id: - type: keyword - timestamp: - type: date - required: false - kibana.alert.top_records: - array: true - dynamic: false + limit: + additionalProperties: false + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + additionalProperties: false + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number + monitoring_enabled: + items: + enum: + - logs + - metrics + - traces + type: string + type: array + monitoring_http: + additionalProperties: false type: object properties: - actual: - type: double - by_field_name: - type: keyword - by_field_value: - type: keyword - detector_index: - type: integer - field_name: - type: keyword - function: - type: keyword - initial_record_score: - type: double - is_interim: + buffer: + additionalProperties: false + type: object + properties: + enabled: + default: false + type: boolean + enabled: type: boolean - job_id: - type: keyword - over_field_name: - type: keyword - over_field_value: - type: keyword - partition_field_name: - type: keyword - partition_field_value: - type: keyword - record_score: - type: double - timestamp: - type: date - typical: - type: double - required: false - shouldWrite: true - authorized_consumers: - alerts: - all: true - read: true - apm: - all: true + host: + type: string + port: + maximum: 65353 + minimum: 0 + type: number + required: + - enabled + monitoring_output_id: + nullable: true + type: string + monitoring_pprof_enabled: + type: boolean + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + overrides: + additionalProperties: {} + description: >- + Override settings that are defined in the agent policy. + Input settings cannot be overridden. The override option + should be used only in unusual circumstances and not as a + routine procedure. + nullable: true + type: object + space_ids: + items: + type: string + type: array + supports_agentless: + default: false + description: >- + Indicates whether the agent policy supports agentless + integrations. + nullable: true + type: boolean + unenroll_timeout: + minimum: 0 + type: number + required: + - name + - namespace + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + advanced_settings: + additionalProperties: false + type: object + properties: + agent_download_target_directory: + nullable: true + agent_download_timeout: + default: 2h + nullable: true + agent_limits_go_max_procs: + nullable: true + agent_logging_level: + default: info + nullable: true + agent_logging_metrics_period: + default: 30s + nullable: true + agent_features: + items: + additionalProperties: false + type: object + properties: + enabled: + type: boolean + name: + type: string + required: + - name + - enabled + type: array + agents: + type: number + data_output_id: + nullable: true + type: string + description: + type: string + download_source_id: + nullable: true + type: string + fleet_server_host_id: + nullable: true + type: string + global_data_tags: + description: >- + User defined data tags that are added to all of the + inputs. The values can be strings or numbers. + items: + additionalProperties: false + type: object + properties: + name: + type: string + value: + anyOf: + - type: string + - type: number + required: + - name + - value + type: array + has_fleet_server: + type: boolean + id: + type: string + inactivity_timeout: + default: 1209600 + minimum: 0 + type: number + is_default: + type: boolean + is_default_fleet_server: + type: boolean + is_managed: + type: boolean + is_preconfigured: + type: boolean + is_protected: + description: >- + Indicates whether the agent policy has tamper + protection enabled. Default false. + type: boolean + keep_monitoring_alive: + default: false + description: >- + When set to true, monitoring will be enabled but + logs/metrics collection will be disabled + nullable: true + type: boolean + monitoring_diagnostics: + additionalProperties: false + type: object + properties: + limit: + additionalProperties: false + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + additionalProperties: false + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number + monitoring_enabled: + items: + enum: + - logs + - metrics + - traces + type: string + type: array + monitoring_http: + additionalProperties: false + type: object + properties: + buffer: + additionalProperties: false + type: object + properties: + enabled: + default: false + type: boolean + enabled: + type: boolean + host: + type: string + port: + maximum: 65353 + minimum: 0 + type: number + required: + - enabled + monitoring_output_id: + nullable: true + type: string + monitoring_pprof_enabled: + type: boolean + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + overrides: + additionalProperties: {} + description: >- + Override settings that are defined in the agent + policy. Input settings cannot be overridden. The + override option should be used only in unusual + circumstances and not as a routine procedure. + nullable: true + type: object + package_policies: + anyOf: + - items: + type: string + type: array + - description: >- + This field is present only when retrieving a + single agent policy, or when retrieving a list of + agent policies with the ?full=true parameter + items: + additionalProperties: false + type: object + properties: + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to + inherit the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the + package policy. The override option should + be used only in unusual circumstances and + not as a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy + will be added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy + will be added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + updated_at: + type: string + updated_by: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + version: + type: string + required: + - name + - enabled + - inputs + - id + - revision + - updated_at + - updated_by + - created_at + - created_by + type: array + revision: + type: number + schema_version: + type: string + space_ids: + items: + type: string + type: array + status: + enum: + - active + - inactive + type: string + supports_agentless: + default: false + description: >- + Indicates whether the agent policy supports agentless + integrations. + nullable: true + type: boolean + unenroll_timeout: + minimum: 0 + type: number + unprivileged_agents: + type: number + updated_at: + type: string + updated_by: + type: string + version: + type: string + required: + - id + - name + - namespace + - is_managed + - is_protected + - status + - updated_at + - updated_by + - revision + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agent policies + /api/fleet/agent_policies/{agentPolicyId}/copy: + post: + description: Copy an agent policy by ID + operationId: '%2Fapi%2Ffleet%2Fagent_policies%2F%7BagentPolicyId%7D%2Fcopy#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: agentPolicyId + required: true + schema: + type: string + - in: query + name: format + required: false + schema: + enum: + - simplified + - legacy + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + description: + type: string + name: + minLength: 1 + type: string + required: + - name + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + advanced_settings: + additionalProperties: false + type: object + properties: + agent_download_target_directory: + nullable: true + agent_download_timeout: + default: 2h + nullable: true + agent_limits_go_max_procs: + nullable: true + agent_logging_level: + default: info + nullable: true + agent_logging_metrics_period: + default: 30s + nullable: true + agent_features: + items: + additionalProperties: false + type: object + properties: + enabled: + type: boolean + name: + type: string + required: + - name + - enabled + type: array + agents: + type: number + data_output_id: + nullable: true + type: string + description: + type: string + download_source_id: + nullable: true + type: string + fleet_server_host_id: + nullable: true + type: string + global_data_tags: + description: >- + User defined data tags that are added to all of the + inputs. The values can be strings or numbers. + items: + additionalProperties: false + type: object + properties: + name: + type: string + value: + anyOf: + - type: string + - type: number + required: + - name + - value + type: array + has_fleet_server: + type: boolean + id: + type: string + inactivity_timeout: + default: 1209600 + minimum: 0 + type: number + is_default: + type: boolean + is_default_fleet_server: + type: boolean + is_managed: + type: boolean + is_preconfigured: + type: boolean + is_protected: + description: >- + Indicates whether the agent policy has tamper + protection enabled. Default false. + type: boolean + keep_monitoring_alive: + default: false + description: >- + When set to true, monitoring will be enabled but + logs/metrics collection will be disabled + nullable: true + type: boolean + monitoring_diagnostics: + additionalProperties: false + type: object + properties: + limit: + additionalProperties: false + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + additionalProperties: false + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number + monitoring_enabled: + items: + enum: + - logs + - metrics + - traces + type: string + type: array + monitoring_http: + additionalProperties: false + type: object + properties: + buffer: + additionalProperties: false + type: object + properties: + enabled: + default: false + type: boolean + enabled: + type: boolean + host: + type: string + port: + maximum: 65353 + minimum: 0 + type: number + required: + - enabled + monitoring_output_id: + nullable: true + type: string + monitoring_pprof_enabled: + type: boolean + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + overrides: + additionalProperties: {} + description: >- + Override settings that are defined in the agent + policy. Input settings cannot be overridden. The + override option should be used only in unusual + circumstances and not as a routine procedure. + nullable: true + type: object + package_policies: + anyOf: + - items: + type: string + type: array + - description: >- + This field is present only when retrieving a + single agent policy, or when retrieving a list of + agent policies with the ?full=true parameter + items: + additionalProperties: false + type: object + properties: + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to + inherit the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the + package policy. The override option should + be used only in unusual circumstances and + not as a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy + will be added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy + will be added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + updated_at: + type: string + updated_by: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + version: + type: string + required: + - name + - enabled + - inputs + - id + - revision + - updated_at + - updated_by + - created_at + - created_by + type: array + revision: + type: number + schema_version: + type: string + space_ids: + items: + type: string + type: array + status: + enum: + - active + - inactive + type: string + supports_agentless: + default: false + description: >- + Indicates whether the agent policy supports agentless + integrations. + nullable: true + type: boolean + unenroll_timeout: + minimum: 0 + type: number + unprivileged_agents: + type: number + updated_at: + type: string + updated_by: + type: string + version: + type: string + required: + - id + - name + - namespace + - is_managed + - is_protected + - status + - updated_at + - updated_by + - revision + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agent policies + /api/fleet/agent_policies/{agentPolicyId}/download: + get: + description: Download an agent policy by ID + operationId: '%2Fapi%2Ffleet%2Fagent_policies%2F%7BagentPolicyId%7D%2Fdownload#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: agentPolicyId + required: true + schema: + type: string + - in: query + name: download + required: false + schema: + type: boolean + - in: query + name: standalone + required: false + schema: + type: boolean + - in: query + name: kubernetes + required: false + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: string + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agent policies + /api/fleet/agent_policies/{agentPolicyId}/full: + get: + description: Get a full agent policy by ID + operationId: '%2Fapi%2Ffleet%2Fagent_policies%2F%7BagentPolicyId%7D%2Ffull#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: agentPolicyId + required: true + schema: + type: string + - in: query + name: download + required: false + schema: + type: boolean + - in: query + name: standalone + required: false + schema: + type: boolean + - in: query + name: kubernetes + required: false + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + anyOf: + - type: string + - additionalProperties: false + type: object + properties: + agent: + additionalProperties: false + type: object + properties: + download: + additionalProperties: false + type: object + properties: + sourceURI: + type: string + required: + - sourceURI + features: + additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + type: boolean + required: + - enabled + type: object + monitoring: + additionalProperties: false + type: object + properties: + enabled: + type: boolean + logs: + type: boolean + metrics: + type: boolean + namespace: + type: string + traces: + type: boolean + use_output: + type: string + required: + - enabled + - metrics + - logs + - traces + protection: + additionalProperties: false + type: object + properties: + enabled: + type: boolean + signing_key: + type: string + uninstall_token_hash: + type: string + required: + - enabled + - uninstall_token_hash + - signing_key + required: + - monitoring + - download + - features + fleet: + anyOf: + - additionalProperties: false + type: object + properties: + hosts: + items: + type: string + type: array + proxy_headers: {} + proxy_url: + type: string + ssl: + additionalProperties: false + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + renegotiation: + type: string + verification_mode: + type: string + required: + - hosts + - proxy_headers + - additionalProperties: false + type: object + properties: + kibana: + additionalProperties: false + type: object + properties: + hosts: + items: + type: string + type: array + path: + type: string + protocol: + type: string + required: + - hosts + - protocol + required: + - kibana + id: + type: string + inputs: + items: + additionalProperties: true + type: object + properties: + data_stream: + additionalProperties: true + type: object + properties: + namespace: + type: string + required: + - namespace + id: + type: string + meta: + additionalProperties: true + type: object + properties: + package: + additionalProperties: true + type: object + properties: + name: + type: string + version: + type: string + required: + - name + - version + name: + type: string + package_policy_id: + type: string + processors: + items: + additionalProperties: true + type: object + properties: + add_fields: + additionalProperties: true + type: object + properties: + fields: + additionalProperties: + anyOf: + - type: string + - type: number + type: object + target: + type: string + required: + - target + - fields + required: + - add_fields + type: array + revision: + type: number + streams: + items: + additionalProperties: true + type: object + properties: + data_stream: + additionalProperties: true + type: object + properties: + dataset: + type: string + type: + type: string + required: + - dataset + id: + type: string + required: + - id + - data_stream + type: array + type: + type: string + use_output: + type: string + required: + - id + - name + - revision + - type + - data_stream + - use_output + - package_policy_id + type: array + namespaces: + items: + type: string + type: array + output_permissions: + additionalProperties: + additionalProperties: {} + type: object + type: object + outputs: + additionalProperties: + additionalProperties: true + type: object + properties: + ca_sha256: + nullable: true + type: string + hosts: + items: + type: string + type: array + proxy_headers: {} + proxy_url: + type: string + type: + type: string + required: + - type + - proxy_headers + type: object + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + signed: + additionalProperties: false + type: object + properties: + data: + type: string + signature: + type: string + required: + - data + - signature + required: + - id + - outputs + - inputs + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agent policies + /api/fleet/agent_policies/delete: + post: + description: Delete agent policy by ID + operationId: '%2Fapi%2Ffleet%2Fagent_policies%2Fdelete#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + agentPolicyId: + type: string + force: + description: >- + bypass validation checks that can prevent agent policy + deletion + type: boolean + required: + - agentPolicyId + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + id: + type: string + name: + type: string + required: + - id + - name + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agent policies + /api/fleet/agent_status: + get: + description: Get agent status summary + operationId: '%2Fapi%2Ffleet%2Fagent_status#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: policyId + required: false + schema: + type: string + - in: query + name: policyIds + required: false + schema: + anyOf: + - items: + type: string + type: array + - type: string + - in: query + name: kuery + required: false + schema: + deprecated: true + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + results: + additionalProperties: false + type: object + properties: + active: + type: number + all: + type: number + error: + type: number + events: + type: number + inactive: + type: number + offline: + type: number + online: + type: number + other: + type: number + total: + deprecated: true + type: number + unenrolled: + type: number + updating: + type: number + required: + - events + - total + - online + - error + - offline + - other + - updating + - inactive + - unenrolled + - all + - active + required: + - results + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agent status + /api/fleet/agent_status/data: + get: + description: Get incoming agent data + operationId: '%2Fapi%2Ffleet%2Fagent_status%2Fdata#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: agentsIds + required: true + schema: + anyOf: + - items: + type: string + type: array + - type: string + - in: query + name: previewData + required: false + schema: + default: false + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + dataPreview: + items: {} + type: array + items: + items: + additionalProperties: + additionalProperties: false + type: object + properties: + data: + type: boolean + required: + - data + type: object + type: array + required: + - items + - dataPreview + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agents + /api/fleet/agent-status: + get: + deprecated: true + operationId: '%2Fapi%2Ffleet%2Fagent-status#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: policyId + required: false + schema: + type: string + - in: query + name: policyIds + required: false + schema: + anyOf: + - items: + type: string + type: array + - type: string + - in: query + name: kuery + required: false + schema: + deprecated: true + type: string + responses: {} + summary: '' + tags: [] + /api/fleet/agents: + get: + description: List agents + operationId: '%2Fapi%2Ffleet%2Fagents#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: page + required: false + schema: + default: 1 + type: number + - in: query + name: perPage + required: false + schema: + default: 20 + type: number + - in: query + name: kuery + required: false + schema: + type: string + - in: query + name: showInactive + required: false + schema: + default: false + type: boolean + - in: query + name: withMetrics + required: false + schema: + default: false + type: boolean + - in: query + name: showUpgradeable + required: false + schema: + default: false + type: boolean + - in: query + name: getStatusSummary + required: false + schema: + default: false + type: boolean + - in: query + name: sortField + required: false + schema: + type: string + - in: query + name: sortOrder + required: false + schema: + enum: + - asc + - desc + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + access_api_key: + type: string + access_api_key_id: + type: string + active: + type: boolean + agent: + additionalProperties: true + type: object + properties: + id: + type: string + version: + type: string + required: + - id + - version + components: + items: + additionalProperties: false + type: object + properties: + id: + type: string + message: + type: string + status: + enum: + - STARTING + - CONFIGURING + - HEALTHY + - DEGRADED + - FAILED + - STOPPING + - STOPPED + type: string + type: + type: string + units: + items: + additionalProperties: false + type: object + properties: + id: + type: string + message: + type: string + payload: + additionalProperties: {} + type: object + status: + enum: + - STARTING + - CONFIGURING + - HEALTHY + - DEGRADED + - FAILED + - STOPPING + - STOPPED + type: string + type: + enum: + - input + - output + type: string + required: + - id + - type + - status + - message + type: array + required: + - id + - type + - status + - message + type: array + default_api_key: + type: string + default_api_key_history: + items: + additionalProperties: false + deprecated: true + type: object + properties: + id: + type: string + retired_at: + type: string + required: + - id + - retired_at + type: array + default_api_key_id: + type: string + enrolled_at: + type: string + id: + type: string + last_checkin: + type: string + last_checkin_message: + type: string + last_checkin_status: + enum: + - error + - online + - degraded + - updating + - starting + type: string + local_metadata: + additionalProperties: {} + type: object + metrics: + additionalProperties: false + type: object + properties: + cpu_avg: + type: number + memory_size_byte_avg: + type: number + namespaces: + items: + type: string + type: array + outputs: + additionalProperties: + additionalProperties: false + type: object + properties: + api_key_id: + type: string + to_retire_api_key_ids: + items: + additionalProperties: false + type: object + properties: + id: + type: string + retired_at: + type: string + required: + - id + - retired_at + type: array + type: + type: string + required: + - api_key_id + - type + type: object + packages: + items: + type: string + type: array + policy_id: + type: string + policy_revision: + nullable: true + type: number + sort: + items: + anyOf: + - type: number + - type: string + - enum: [] + nullable: true + type: array + status: + enum: + - offline + - error + - online + - inactive + - enrolling + - unenrolling + - unenrolled + - updating + - degraded + type: string + tags: + items: + type: string + type: array + type: + enum: + - PERMANENT + - EPHEMERAL + - TEMPORARY + type: string + unenrolled_at: + type: string + unenrollment_started_at: + type: string + unhealthy_reason: + items: + enum: + - input + - output + - other + type: string + nullable: true + type: array + upgrade_details: + additionalProperties: false + type: object + properties: + action_id: + type: string + metadata: + additionalProperties: false + type: object + properties: + download_percent: + type: number + download_rate: + type: number + error_msg: + type: string + failed_state: + enum: + - UPG_REQUESTED + - UPG_SCHEDULED + - UPG_DOWNLOADING + - UPG_EXTRACTING + - UPG_REPLACING + - UPG_RESTARTING + - UPG_FAILED + - UPG_WATCHING + - UPG_ROLLBACK + type: string + retry_error_msg: + type: string + retry_until: + type: string + scheduled_at: + type: string + state: + enum: + - UPG_REQUESTED + - UPG_SCHEDULED + - UPG_DOWNLOADING + - UPG_EXTRACTING + - UPG_REPLACING + - UPG_RESTARTING + - UPG_FAILED + - UPG_WATCHING + - UPG_ROLLBACK + type: string + target_version: + type: string + required: + - target_version + - action_id + - state + upgrade_started_at: + nullable: true + type: string + upgraded_at: + nullable: true + type: string + user_provided_metadata: + additionalProperties: {} + type: object + required: + - id + - packages + - type + - active + - enrolled_at + - local_metadata + type: array + list: + deprecated: true + items: + additionalProperties: false + type: object + properties: + access_api_key: + type: string + access_api_key_id: + type: string + active: + type: boolean + agent: + additionalProperties: true + type: object + properties: + id: + type: string + version: + type: string + required: + - id + - version + components: + items: + additionalProperties: false + type: object + properties: + id: + type: string + message: + type: string + status: + enum: + - STARTING + - CONFIGURING + - HEALTHY + - DEGRADED + - FAILED + - STOPPING + - STOPPED + type: string + type: + type: string + units: + items: + additionalProperties: false + type: object + properties: + id: + type: string + message: + type: string + payload: + additionalProperties: {} + type: object + status: + enum: + - STARTING + - CONFIGURING + - HEALTHY + - DEGRADED + - FAILED + - STOPPING + - STOPPED + type: string + type: + enum: + - input + - output + type: string + required: + - id + - type + - status + - message + type: array + required: + - id + - type + - status + - message + type: array + default_api_key: + type: string + default_api_key_history: + items: + additionalProperties: false + deprecated: true + type: object + properties: + id: + type: string + retired_at: + type: string + required: + - id + - retired_at + type: array + default_api_key_id: + type: string + enrolled_at: + type: string + id: + type: string + last_checkin: + type: string + last_checkin_message: + type: string + last_checkin_status: + enum: + - error + - online + - degraded + - updating + - starting + type: string + local_metadata: + additionalProperties: {} + type: object + metrics: + additionalProperties: false + type: object + properties: + cpu_avg: + type: number + memory_size_byte_avg: + type: number + namespaces: + items: + type: string + type: array + outputs: + additionalProperties: + additionalProperties: false + type: object + properties: + api_key_id: + type: string + to_retire_api_key_ids: + items: + additionalProperties: false + type: object + properties: + id: + type: string + retired_at: + type: string + required: + - id + - retired_at + type: array + type: + type: string + required: + - api_key_id + - type + type: object + packages: + items: + type: string + type: array + policy_id: + type: string + policy_revision: + nullable: true + type: number + sort: + items: + anyOf: + - type: number + - type: string + - enum: [] + nullable: true + type: array + status: + enum: + - offline + - error + - online + - inactive + - enrolling + - unenrolling + - unenrolled + - updating + - degraded + type: string + tags: + items: + type: string + type: array + type: + enum: + - PERMANENT + - EPHEMERAL + - TEMPORARY + type: string + unenrolled_at: + type: string + unenrollment_started_at: + type: string + unhealthy_reason: + items: + enum: + - input + - output + - other + type: string + nullable: true + type: array + upgrade_details: + additionalProperties: false + type: object + properties: + action_id: + type: string + metadata: + additionalProperties: false + type: object + properties: + download_percent: + type: number + download_rate: + type: number + error_msg: + type: string + failed_state: + enum: + - UPG_REQUESTED + - UPG_SCHEDULED + - UPG_DOWNLOADING + - UPG_EXTRACTING + - UPG_REPLACING + - UPG_RESTARTING + - UPG_FAILED + - UPG_WATCHING + - UPG_ROLLBACK + type: string + retry_error_msg: + type: string + retry_until: + type: string + scheduled_at: + type: string + state: + enum: + - UPG_REQUESTED + - UPG_SCHEDULED + - UPG_DOWNLOADING + - UPG_EXTRACTING + - UPG_REPLACING + - UPG_RESTARTING + - UPG_FAILED + - UPG_WATCHING + - UPG_ROLLBACK + type: string + target_version: + type: string + required: + - target_version + - action_id + - state + upgrade_started_at: + nullable: true + type: string + upgraded_at: + nullable: true + type: string + user_provided_metadata: + additionalProperties: {} + type: object + required: + - id + - packages + - type + - active + - enrolled_at + - local_metadata + type: array + page: + type: number + perPage: + type: number + statusSummary: + additionalProperties: + type: number + type: object + total: + type: number + required: + - items + - total + - page + - perPage + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agents + post: + description: List agents by action ids + operationId: '%2Fapi%2Ffleet%2Fagents#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + actionIds: + items: + type: string + type: array + required: + - actionIds + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + type: string + type: array + required: + - items + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agents + /api/fleet/agents/{agentId}: + delete: + description: Delete agent by ID + operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D#2' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: agentId + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + action: + enum: + - deleted + type: string + required: + - action + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agents + get: + description: Get agent by ID + operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: agentId + required: true + schema: + type: string + - in: query + name: withMetrics + required: false + schema: + default: false + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + access_api_key: + type: string + access_api_key_id: + type: string + active: + type: boolean + agent: + additionalProperties: true + type: object + properties: + id: + type: string + version: + type: string + required: + - id + - version + components: + items: + additionalProperties: false + type: object + properties: + id: + type: string + message: + type: string + status: + enum: + - STARTING + - CONFIGURING + - HEALTHY + - DEGRADED + - FAILED + - STOPPING + - STOPPED + type: string + type: + type: string + units: + items: + additionalProperties: false + type: object + properties: + id: + type: string + message: + type: string + payload: + additionalProperties: {} + type: object + status: + enum: + - STARTING + - CONFIGURING + - HEALTHY + - DEGRADED + - FAILED + - STOPPING + - STOPPED + type: string + type: + enum: + - input + - output + type: string + required: + - id + - type + - status + - message + type: array + required: + - id + - type + - status + - message + type: array + default_api_key: + type: string + default_api_key_history: + items: + additionalProperties: false + deprecated: true + type: object + properties: + id: + type: string + retired_at: + type: string + required: + - id + - retired_at + type: array + default_api_key_id: + type: string + enrolled_at: + type: string + id: + type: string + last_checkin: + type: string + last_checkin_message: + type: string + last_checkin_status: + enum: + - error + - online + - degraded + - updating + - starting + type: string + local_metadata: + additionalProperties: {} + type: object + metrics: + additionalProperties: false + type: object + properties: + cpu_avg: + type: number + memory_size_byte_avg: + type: number + namespaces: + items: + type: string + type: array + outputs: + additionalProperties: + additionalProperties: false + type: object + properties: + api_key_id: + type: string + to_retire_api_key_ids: + items: + additionalProperties: false + type: object + properties: + id: + type: string + retired_at: + type: string + required: + - id + - retired_at + type: array + type: + type: string + required: + - api_key_id + - type + type: object + packages: + items: + type: string + type: array + policy_id: + type: string + policy_revision: + nullable: true + type: number + sort: + items: + anyOf: + - type: number + - type: string + - enum: [] + nullable: true + type: array + status: + enum: + - offline + - error + - online + - inactive + - enrolling + - unenrolling + - unenrolled + - updating + - degraded + type: string + tags: + items: + type: string + type: array + type: + enum: + - PERMANENT + - EPHEMERAL + - TEMPORARY + type: string + unenrolled_at: + type: string + unenrollment_started_at: + type: string + unhealthy_reason: + items: + enum: + - input + - output + - other + type: string + nullable: true + type: array + upgrade_details: + additionalProperties: false + type: object + properties: + action_id: + type: string + metadata: + additionalProperties: false + type: object + properties: + download_percent: + type: number + download_rate: + type: number + error_msg: + type: string + failed_state: + enum: + - UPG_REQUESTED + - UPG_SCHEDULED + - UPG_DOWNLOADING + - UPG_EXTRACTING + - UPG_REPLACING + - UPG_RESTARTING + - UPG_FAILED + - UPG_WATCHING + - UPG_ROLLBACK + type: string + retry_error_msg: + type: string + retry_until: + type: string + scheduled_at: + type: string + state: + enum: + - UPG_REQUESTED + - UPG_SCHEDULED + - UPG_DOWNLOADING + - UPG_EXTRACTING + - UPG_REPLACING + - UPG_RESTARTING + - UPG_FAILED + - UPG_WATCHING + - UPG_ROLLBACK + type: string + target_version: + type: string + required: + - target_version + - action_id + - state + upgrade_started_at: + nullable: true + type: string + upgraded_at: + nullable: true + type: string + user_provided_metadata: + additionalProperties: {} + type: object + required: + - id + - packages + - type + - active + - enrolled_at + - local_metadata + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agents + put: + description: Update agent by ID + operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: agentId + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + tags: + items: + type: string + type: array + user_provided_metadata: + additionalProperties: {} + type: object + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + access_api_key: + type: string + access_api_key_id: + type: string + active: + type: boolean + agent: + additionalProperties: true + type: object + properties: + id: + type: string + version: + type: string + required: + - id + - version + components: + items: + additionalProperties: false + type: object + properties: + id: + type: string + message: + type: string + status: + enum: + - STARTING + - CONFIGURING + - HEALTHY + - DEGRADED + - FAILED + - STOPPING + - STOPPED + type: string + type: + type: string + units: + items: + additionalProperties: false + type: object + properties: + id: + type: string + message: + type: string + payload: + additionalProperties: {} + type: object + status: + enum: + - STARTING + - CONFIGURING + - HEALTHY + - DEGRADED + - FAILED + - STOPPING + - STOPPED + type: string + type: + enum: + - input + - output + type: string + required: + - id + - type + - status + - message + type: array + required: + - id + - type + - status + - message + type: array + default_api_key: + type: string + default_api_key_history: + items: + additionalProperties: false + deprecated: true + type: object + properties: + id: + type: string + retired_at: + type: string + required: + - id + - retired_at + type: array + default_api_key_id: + type: string + enrolled_at: + type: string + id: + type: string + last_checkin: + type: string + last_checkin_message: + type: string + last_checkin_status: + enum: + - error + - online + - degraded + - updating + - starting + type: string + local_metadata: + additionalProperties: {} + type: object + metrics: + additionalProperties: false + type: object + properties: + cpu_avg: + type: number + memory_size_byte_avg: + type: number + namespaces: + items: + type: string + type: array + outputs: + additionalProperties: + additionalProperties: false + type: object + properties: + api_key_id: + type: string + to_retire_api_key_ids: + items: + additionalProperties: false + type: object + properties: + id: + type: string + retired_at: + type: string + required: + - id + - retired_at + type: array + type: + type: string + required: + - api_key_id + - type + type: object + packages: + items: + type: string + type: array + policy_id: + type: string + policy_revision: + nullable: true + type: number + sort: + items: + anyOf: + - type: number + - type: string + - enum: [] + nullable: true + type: array + status: + enum: + - offline + - error + - online + - inactive + - enrolling + - unenrolling + - unenrolled + - updating + - degraded + type: string + tags: + items: + type: string + type: array + type: + enum: + - PERMANENT + - EPHEMERAL + - TEMPORARY + type: string + unenrolled_at: + type: string + unenrollment_started_at: + type: string + unhealthy_reason: + items: + enum: + - input + - output + - other + type: string + nullable: true + type: array + upgrade_details: + additionalProperties: false + type: object + properties: + action_id: + type: string + metadata: + additionalProperties: false + type: object + properties: + download_percent: + type: number + download_rate: + type: number + error_msg: + type: string + failed_state: + enum: + - UPG_REQUESTED + - UPG_SCHEDULED + - UPG_DOWNLOADING + - UPG_EXTRACTING + - UPG_REPLACING + - UPG_RESTARTING + - UPG_FAILED + - UPG_WATCHING + - UPG_ROLLBACK + type: string + retry_error_msg: + type: string + retry_until: + type: string + scheduled_at: + type: string + state: + enum: + - UPG_REQUESTED + - UPG_SCHEDULED + - UPG_DOWNLOADING + - UPG_EXTRACTING + - UPG_REPLACING + - UPG_RESTARTING + - UPG_FAILED + - UPG_WATCHING + - UPG_ROLLBACK + type: string + target_version: + type: string + required: + - target_version + - action_id + - state + upgrade_started_at: + nullable: true + type: string + upgraded_at: + nullable: true + type: string + user_provided_metadata: + additionalProperties: {} + type: object + required: + - id + - packages + - type + - active + - enrolled_at + - local_metadata + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agents + /api/fleet/agents/{agentId}/actions: + post: + description: Create agent action + operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Factions#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: agentId + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + action: + anyOf: + - additionalProperties: false + type: object + properties: + ack_data: {} + data: {} + type: + enum: + - UNENROLL + - UPGRADE + - POLICY_REASSIGN + type: string + required: + - type + - data + - ack_data + - additionalProperties: false + type: object + properties: + data: + additionalProperties: false + type: object + properties: + log_level: + enum: + - debug + - info + - warning + - error + nullable: true + type: string + required: + - log_level + type: + enum: + - SETTINGS + type: string + required: + - type + - data + required: + - action + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + ack_data: {} + agents: + items: + type: string + type: array + created_at: + type: string + data: {} + expiration: + type: string + id: + type: string + minimum_execution_duration: + type: number + namespaces: + items: + type: string + type: array + rollout_duration_seconds: + type: number + sent_at: + type: string + source_uri: + type: string + start_time: + type: string + total: + type: number + type: + type: string + required: + - id + - type + - data + - created_at + - ack_data + - agents + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agent actions + /api/fleet/agents/{agentId}/reassign: + post: + description: Reassign agent + operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Freassign#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: agentId + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + policy_id: + type: string + required: + - policy_id + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: {} + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agent actions + put: + deprecated: true + operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Freassign#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: agentId + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + policy_id: + type: string + required: + - policy_id + responses: {} + summary: '' + tags: [] + /api/fleet/agents/{agentId}/request_diagnostics: + post: + description: Request agent diagnostics + operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Frequest_diagnostics#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: agentId + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + nullable: true + type: object + properties: + additional_metrics: + items: + enum: + - CPU + type: string + type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + actionId: + type: string + required: + - actionId + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agent actions + /api/fleet/agents/{agentId}/unenroll: + post: + description: Unenroll agent + operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Funenroll#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: agentId + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + nullable: true + type: object + properties: + force: + type: boolean + revoke: + type: boolean + responses: {} + summary: '' + tags: + - Elastic Agent actions + /api/fleet/agents/{agentId}/upgrade: + post: + description: Upgrade agent + operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Fupgrade#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: agentId + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + force: + type: boolean + skipRateLimitCheck: + type: boolean + source_uri: + type: string + version: + type: string + required: + - version + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: {} + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agent actions + /api/fleet/agents/{agentId}/uploads: + get: + description: List agent uploads + operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Fuploads#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: agentId + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + actionId: + type: string + createTime: + type: string + error: + type: string + filePath: + type: string + id: + type: string + name: + type: string + status: + enum: + - READY + - AWAITING_UPLOAD + - DELETED + - EXPIRED + - IN_PROGRESS + - FAILED + type: string + required: + - id + - name + - filePath + - createTime + - status + - actionId + type: array + required: + - items + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agents + /api/fleet/agents/action_status: + get: + description: Get agent action status + operationId: '%2Fapi%2Ffleet%2Fagents%2Faction_status#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: page + required: false + schema: + default: 0 + type: number + - in: query + name: perPage + required: false + schema: + default: 20 + type: number + - in: query + name: date + required: false + schema: + type: string + - in: query + name: latest + required: false + schema: + type: number + - in: query + name: errorSize + required: false + schema: + default: 5 + type: number + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + actionId: + type: string + cancellationTime: + type: string + completionTime: + type: string + creationTime: + description: creation time of action + type: string + expiration: + type: string + hasRolloutPeriod: + type: boolean + latestErrors: + items: + additionalProperties: false + description: >- + latest errors that happened when the agents + executed the action + type: object + properties: + agentId: + type: string + error: + type: string + hostname: + type: string + timestamp: + type: string + required: + - agentId + - error + - timestamp + type: array + nbAgentsAck: + description: number of agents that acknowledged the action + type: number + nbAgentsActionCreated: + description: number of agents included in action from kibana + type: number + nbAgentsActioned: + description: number of agents actioned + type: number + nbAgentsFailed: + description: number of agents that failed to execute the action + type: number + newPolicyId: + description: new policy id (POLICY_REASSIGN action) + type: string + policyId: + description: policy id (POLICY_CHANGE action) + type: string + revision: + description: new policy revision (POLICY_CHANGE action) + type: number + startTime: + description: start time of action (scheduled actions) + type: string + status: + enum: + - COMPLETE + - EXPIRED + - CANCELLED + - FAILED + - IN_PROGRESS + - ROLLOUT_PASSED + type: string + type: + enum: + - UPGRADE + - UNENROLL + - SETTINGS + - POLICY_REASSIGN + - CANCEL + - FORCE_UNENROLL + - REQUEST_DIAGNOSTICS + - UPDATE_TAGS + - POLICY_CHANGE + - INPUT_ACTION + type: string + version: + description: agent version number (UPGRADE action) + type: string + required: + - actionId + - nbAgentsActionCreated + - nbAgentsAck + - nbAgentsFailed + - type + - nbAgentsActioned + - status + - creationTime + type: array + required: + - items + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agent actions + /api/fleet/agents/actions/{actionId}/cancel: + post: + description: Cancel agent action + operationId: '%2Fapi%2Ffleet%2Fagents%2Factions%2F%7BactionId%7D%2Fcancel#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: actionId + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + ack_data: {} + agents: + items: + type: string + type: array + created_at: + type: string + data: {} + expiration: + type: string + id: + type: string + minimum_execution_duration: + type: number + namespaces: + items: + type: string + type: array + rollout_duration_seconds: + type: number + sent_at: + type: string + source_uri: + type: string + start_time: + type: string + total: + type: number + type: + type: string + required: + - id + - type + - data + - created_at + - ack_data + - agents + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agent actions + /api/fleet/agents/available_versions: + get: + description: Get available agent versions + operationId: '%2Fapi%2Ffleet%2Fagents%2Favailable_versions#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + type: string + type: array + required: + - items + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agents + /api/fleet/agents/bulk_reassign: + post: + description: Bulk reassign agents + operationId: '%2Fapi%2Ffleet%2Fagents%2Fbulk_reassign#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + agents: + anyOf: + - items: + type: string + type: array + - type: string + batchSize: + type: number + includeInactive: + default: false + type: boolean + policy_id: + type: string + required: + - policy_id + - agents + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + actionId: + type: string + required: + - actionId + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agent actions + /api/fleet/agents/bulk_request_diagnostics: + post: + description: Bulk request diagnostics from agents + operationId: '%2Fapi%2Ffleet%2Fagents%2Fbulk_request_diagnostics#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + additional_metrics: + items: + enum: + - CPU + type: string + type: array + agents: + anyOf: + - items: + type: string + type: array + - type: string + batchSize: + type: number + required: + - agents + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + actionId: + type: string + required: + - actionId + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agent actions + /api/fleet/agents/bulk_unenroll: + post: + description: Bulk unenroll agents + operationId: '%2Fapi%2Ffleet%2Fagents%2Fbulk_unenroll#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + agents: + anyOf: + - items: + description: KQL query string, leave empty to action all agents + type: string + type: array + - description: list of agent IDs + type: string + batchSize: + type: number + force: + description: Unenrolls hosted agents too + type: boolean + includeInactive: + description: >- + When passing agents by KQL query, unenrolls inactive agents + too + type: boolean + revoke: + description: Revokes API keys of agents + type: boolean + required: + - agents + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + actionId: + type: string + required: + - actionId + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agent actions + /api/fleet/agents/bulk_update_agent_tags: + post: + description: Bulk update agent tags + operationId: '%2Fapi%2Ffleet%2Fagents%2Fbulk_update_agent_tags#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + agents: + anyOf: + - items: + type: string + type: array + - type: string + batchSize: + type: number + includeInactive: + default: false + type: boolean + tagsToAdd: + items: + type: string + type: array + tagsToRemove: + items: + type: string + type: array + required: + - agents + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + actionId: + type: string + required: + - actionId + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agent actions + /api/fleet/agents/bulk_upgrade: + post: + description: Bulk upgrade agents + operationId: '%2Fapi%2Ffleet%2Fagents%2Fbulk_upgrade#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + agents: + anyOf: + - items: + type: string + type: array + - type: string + batchSize: + type: number + force: + type: boolean + includeInactive: + default: false + type: boolean + rollout_duration_seconds: + minimum: 600 + type: number + skipRateLimitCheck: + type: boolean + source_uri: + type: string + start_time: + type: string + version: + type: string + required: + - agents + - version + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + actionId: + type: string + required: + - actionId + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agent actions + /api/fleet/agents/files/{fileId}: + delete: + description: Delete file uploaded by agent + operationId: '%2Fapi%2Ffleet%2Fagents%2Ffiles%2F%7BfileId%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: fileId + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + deleted: + type: boolean + id: + type: string + required: + - id + - deleted + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agents + /api/fleet/agents/files/{fileId}/{fileName}: + get: + description: Get file uploaded by agent + operationId: '%2Fapi%2Ffleet%2Fagents%2Ffiles%2F%7BfileId%7D%2F%7BfileName%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: fileId + required: true + schema: + type: string + - in: path + name: fileName + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agents + /api/fleet/agents/setup: + get: + description: Get agent setup info + operationId: '%2Fapi%2Ffleet%2Fagents%2Fsetup#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: >- + A summary of the agent setup status. `isReady` indicates + whether the setup is ready. If the setup is not ready, + `missing_requirements` lists which requirements are missing. + type: object + properties: + is_secrets_storage_enabled: + type: boolean + is_space_awareness_enabled: + type: boolean + isReady: + type: boolean + missing_optional_features: + items: + enum: + - encrypted_saved_object_encryption_key_required + type: string + type: array + missing_requirements: + items: + enum: + - security_required + - tls_required + - api_keys + - fleet_admin_user + - fleet_server + type: string + type: array + package_verification_key_id: + type: string + required: + - isReady + - missing_requirements + - missing_optional_features + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agents + post: + description: Initiate agent setup + operationId: '%2Fapi%2Ffleet%2Fagents%2Fsetup#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: >- + A summary of the result of Fleet's `setup` lifecycle. If + `isInitialized` is true, Fleet is ready to accept agent + enrollment. `nonFatalErrors` may include useful insight into + non-blocking issues with Fleet setup. + type: object + properties: + isInitialized: + type: boolean + nonFatalErrors: + items: + additionalProperties: false + type: object + properties: + message: + type: string + name: + type: string + required: + - name + - message + type: array + required: + - isInitialized + - nonFatalErrors + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agents + /api/fleet/agents/tags: + get: + description: List agent tags + operationId: '%2Fapi%2Ffleet%2Fagents%2Ftags#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: kuery + required: false + schema: + type: string + - in: query + name: showInactive + required: false + schema: + default: false + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + type: string + type: array + required: + - items + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agents + /api/fleet/check-permissions: + get: + description: Check permissions + operationId: '%2Fapi%2Ffleet%2Fcheck-permissions#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: fleetServerSetup + required: false + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + error: + enum: + - MISSING_SECURITY + - MISSING_PRIVILEGES + - MISSING_FLEET_SERVER_SETUP_PRIVILEGES + type: string + success: + type: boolean + required: + - success + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet internals + /api/fleet/data_streams: + get: + description: List data streams + operationId: '%2Fapi%2Ffleet%2Fdata_streams#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + data_streams: + items: + additionalProperties: false + type: object + properties: + dashboards: + items: + additionalProperties: false + type: object + properties: + id: + type: string + title: + type: string + required: + - id + - title + type: array + dataset: + type: string + index: + type: string + last_activity_ms: + type: number + namespace: + type: string + package: + type: string + package_version: + type: string + serviceDetails: + additionalProperties: false + nullable: true + type: object + properties: + environment: + type: string + serviceName: + type: string + required: + - environment + - serviceName + size_in_bytes: + type: number + size_in_bytes_formatted: + anyOf: + - type: number + - type: string + type: + type: string + required: + - index + - dataset + - namespace + - type + - package + - package_version + - last_activity_ms + - size_in_bytes + - size_in_bytes_formatted + - dashboards + - serviceDetails + type: array + required: + - data_streams + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Data streams + /api/fleet/enrollment_api_keys: + get: + description: List enrollment API keys + operationId: '%2Fapi%2Ffleet%2Fenrollment_api_keys#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: page + required: false + schema: + default: 1 + type: number + - in: query + name: perPage + required: false + schema: + default: 20 + type: number + - in: query + name: kuery + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + active: + description: >- + When false, the enrollment API key is revoked and + cannot be used for enrolling Elastic Agents. + type: boolean + api_key: + description: >- + The enrollment API key (token) used for enrolling + Elastic Agents. + type: string + api_key_id: + description: The ID of the API key in the Security API. + type: string + created_at: + type: string + id: + type: string + name: + description: The name of the enrollment API key. + type: string + policy_id: + description: >- + The ID of the agent policy the Elastic Agent will be + enrolled in. + type: string + required: + - id + - api_key_id + - api_key + - active + - created_at + type: array + list: + deprecated: true + items: + additionalProperties: false + type: object + properties: + active: + description: >- + When false, the enrollment API key is revoked and + cannot be used for enrolling Elastic Agents. + type: boolean + api_key: + description: >- + The enrollment API key (token) used for enrolling + Elastic Agents. + type: string + api_key_id: + description: The ID of the API key in the Security API. + type: string + created_at: + type: string + id: + type: string + name: + description: The name of the enrollment API key. + type: string + policy_id: + description: >- + The ID of the agent policy the Elastic Agent will be + enrolled in. + type: string + required: + - id + - api_key_id + - api_key + - active + - created_at + type: array + page: + type: number + perPage: + type: number + total: + type: number + required: + - items + - total + - page + - perPage + - list + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet enrollment API keys + post: + description: Create enrollment API key + operationId: '%2Fapi%2Ffleet%2Fenrollment_api_keys#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + expiration: + type: string + name: + type: string + policy_id: + type: string + required: + - policy_id + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + action: + enum: + - created + type: string + item: + additionalProperties: false + type: object + properties: + active: + description: >- + When false, the enrollment API key is revoked and + cannot be used for enrolling Elastic Agents. + type: boolean + api_key: + description: >- + The enrollment API key (token) used for enrolling + Elastic Agents. + type: string + api_key_id: + description: The ID of the API key in the Security API. + type: string + created_at: + type: string + id: + type: string + name: + description: The name of the enrollment API key. + type: string + policy_id: + description: >- + The ID of the agent policy the Elastic Agent will be + enrolled in. + type: string + required: + - id + - api_key_id + - api_key + - active + - created_at + required: + - item + - action + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet enrollment API keys + /api/fleet/enrollment_api_keys/{keyId}: + delete: + description: Revoke enrollment API key by ID by marking it as inactive + operationId: '%2Fapi%2Ffleet%2Fenrollment_api_keys%2F%7BkeyId%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: keyId + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + action: + enum: + - deleted + type: string + required: + - action + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet enrollment API keys + get: + description: Get enrollment API key by ID + operationId: '%2Fapi%2Ffleet%2Fenrollment_api_keys%2F%7BkeyId%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: keyId + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + active: + description: >- + When false, the enrollment API key is revoked and + cannot be used for enrolling Elastic Agents. + type: boolean + api_key: + description: >- + The enrollment API key (token) used for enrolling + Elastic Agents. + type: string + api_key_id: + description: The ID of the API key in the Security API. + type: string + created_at: + type: string + id: + type: string + name: + description: The name of the enrollment API key. + type: string + policy_id: + description: >- + The ID of the agent policy the Elastic Agent will be + enrolled in. + type: string + required: + - id + - api_key_id + - api_key + - active + - created_at + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet enrollment API keys + /api/fleet/enrollment-api-keys: + get: + deprecated: true + operationId: '%2Fapi%2Ffleet%2Fenrollment-api-keys#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: page + required: false + schema: + default: 1 + type: number + - in: query + name: perPage + required: false + schema: + default: 20 + type: number + - in: query + name: kuery + required: false + schema: + type: string + responses: {} + summary: '' + tags: [] + post: + deprecated: true + operationId: '%2Fapi%2Ffleet%2Fenrollment-api-keys#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + expiration: + type: string + name: + type: string + policy_id: + type: string + required: + - policy_id + responses: {} + summary: '' + tags: [] + /api/fleet/enrollment-api-keys/{keyId}: + delete: + deprecated: true + operationId: '%2Fapi%2Ffleet%2Fenrollment-api-keys%2F%7BkeyId%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: keyId + required: true + schema: + type: string + responses: {} + summary: '' + tags: [] + get: + deprecated: true + operationId: '%2Fapi%2Ffleet%2Fenrollment-api-keys%2F%7BkeyId%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: keyId + required: true + schema: + type: string + responses: {} + summary: '' + tags: [] + /api/fleet/epm/bulk_assets: + post: + description: Bulk get assets + operationId: '%2Fapi%2Ffleet%2Fepm%2Fbulk_assets#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + assetIds: + items: + additionalProperties: false + type: object + properties: + id: + type: string + type: + type: string + required: + - id + - type + type: array + required: + - assetIds + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + appLink: + type: string + attributes: + additionalProperties: false + type: object + properties: + description: + type: string + service: + type: string + title: + type: string + id: + type: string + type: + type: string + updatedAt: + type: string + required: + - id + - type + - attributes + type: array + required: + - items + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/categories: + get: + description: List package categories + operationId: '%2Fapi%2Ffleet%2Fepm%2Fcategories#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: prerelease + required: false + schema: + type: boolean + - in: query + name: experimental + required: false + schema: + type: boolean + - in: query + name: include_policy_templates + required: false + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + count: + type: number + id: + type: string + parent_id: + type: string + parent_title: + type: string + title: + type: string + required: + - id + - title + - count + type: array + response: + items: + additionalProperties: false + deprecated: true + type: object + properties: + count: + type: number + id: + type: string + parent_id: + type: string + parent_title: + type: string + title: + type: string + required: + - id + - title + - count + type: array + required: + - items + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/custom_integrations: + post: + description: Create custom integration + operationId: '%2Fapi%2Ffleet%2Fepm%2Fcustom_integrations#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + datasets: + items: + additionalProperties: false + type: object + properties: + name: + type: string + type: + enum: + - logs + - metrics + - traces + - synthetics + - profiling + type: string + required: + - name + - type + type: array + force: + type: boolean + integrationName: + type: string + required: + - integrationName + - datasets + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + _meta: + additionalProperties: false + type: object + properties: + install_source: + type: string + required: + - install_source + items: + items: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + - additionalProperties: false + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + response: + deprecated: true + items: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + - additionalProperties: false + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + required: + - items + - _meta + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/data_streams: + get: + description: List data streams + operationId: '%2Fapi%2Ffleet%2Fepm%2Fdata_streams#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: type + required: false + schema: + enum: + - logs + - metrics + - traces + - synthetics + - profiling + type: string + - in: query + name: datasetQuery + required: false + schema: + type: string + - in: query + name: sortOrder + required: false + schema: + default: asc + enum: + - asc + - desc + type: string + - in: query + name: uncategorisedOnly + required: false + schema: + default: false + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + name: + type: string + required: + - name + type: array + required: + - items + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Data streams + /api/fleet/epm/packages: + get: + description: List packages + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: category + required: false + schema: + type: string + - in: query + name: prerelease + required: false + schema: + type: boolean + - in: query + name: experimental + required: false + schema: + type: boolean + - in: query + name: excludeInstallStatus + required: false + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: true + type: object + properties: + categories: + items: + type: string + type: array + conditions: + additionalProperties: true + type: object + properties: + elastic: + additionalProperties: true + type: object + properties: + capabilities: + items: + type: string + type: array + subscription: + type: string + kibana: + additionalProperties: true + type: object + properties: + version: + type: string + data_streams: + items: + additionalProperties: {} + type: object + type: array + description: + type: string + download: + type: string + format_version: + type: string + icons: + items: + additionalProperties: true + type: object + properties: + dark_mode: + type: boolean + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + type: array + id: + type: string + installationInfo: + additionalProperties: true + type: object + properties: + additional_spaces_installed_kibana: + additionalProperties: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + type: object + created_at: + type: string + experimental_data_stream_features: + items: + additionalProperties: true + type: object + properties: + data_stream: + type: string + features: + additionalProperties: true + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + install_format_schema_version: + type: string + install_source: + enum: + - registry + - upload + - bundled + - custom + type: string + install_status: + enum: + - installed + - installing + - install_failed + type: string + installed_es: + items: + additionalProperties: true + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + installed_kibana: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + installed_kibana_space_id: + type: string + latest_executed_state: + additionalProperties: true + type: object + properties: + error: + type: string + name: + type: string + started_at: + type: string + required: + - name + - started_at + latest_install_failed_attempts: + items: + additionalProperties: true + type: object + properties: + created_at: + type: string + error: + additionalProperties: true + type: object + properties: + message: + type: string + name: + type: string + stack: + type: string + required: + - name + - message + target_version: + type: string + required: + - created_at + - target_version + - error + type: array + name: + type: string + namespaces: + items: + type: string + type: array + type: + type: string + updated_at: + type: string + verification_key_id: + nullable: true + type: string + verification_status: + enum: + - unverified + - verified + - unknown + type: string + version: + type: string + required: + - type + - installed_kibana + - installed_es + - name + - version + - install_status + - install_source + - verification_status + integration: + type: string + internal: + type: boolean + latestVersion: + type: string + name: + type: string + owner: + additionalProperties: true + type: object + properties: + github: + type: string + type: + enum: + - elastic + - partner + - community + type: string + path: + type: string + policy_templates: + items: + additionalProperties: {} + type: object + type: array + readme: + type: string + release: + enum: + - ga + - beta + - experimental + type: string + savedObject: {} + signature_path: + type: string + source: + additionalProperties: true + type: object + properties: + license: + type: string + required: + - license + status: + type: string + title: + type: string + type: + enum: + - integration + - input + type: string + vars: + items: + additionalProperties: {} + type: object + type: array + version: + type: string + required: + - savedObject + - name + - version + - title + - id + type: array + response: + items: + additionalProperties: true + deprecated: true + type: object + properties: + categories: + items: + type: string + type: array + conditions: + additionalProperties: true + type: object + properties: + elastic: + additionalProperties: true + type: object + properties: + capabilities: + items: + type: string + type: array + subscription: + type: string + kibana: + additionalProperties: true + type: object + properties: + version: + type: string + data_streams: + items: + additionalProperties: {} + type: object + type: array + description: + type: string + download: + type: string + format_version: + type: string + icons: + items: + additionalProperties: true + type: object + properties: + dark_mode: + type: boolean + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + type: array + id: + type: string + installationInfo: + additionalProperties: true + type: object + properties: + additional_spaces_installed_kibana: + additionalProperties: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + type: object + created_at: + type: string + experimental_data_stream_features: + items: + additionalProperties: true + type: object + properties: + data_stream: + type: string + features: + additionalProperties: true + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + install_format_schema_version: + type: string + install_source: + enum: + - registry + - upload + - bundled + - custom + type: string + install_status: + enum: + - installed + - installing + - install_failed + type: string + installed_es: + items: + additionalProperties: true + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + installed_kibana: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + installed_kibana_space_id: + type: string + latest_executed_state: + additionalProperties: true + type: object + properties: + error: + type: string + name: + type: string + started_at: + type: string + required: + - name + - started_at + latest_install_failed_attempts: + items: + additionalProperties: true + type: object + properties: + created_at: + type: string + error: + additionalProperties: true + type: object + properties: + message: + type: string + name: + type: string + stack: + type: string + required: + - name + - message + target_version: + type: string + required: + - created_at + - target_version + - error + type: array + name: + type: string + namespaces: + items: + type: string + type: array + type: + type: string + updated_at: + type: string + verification_key_id: + nullable: true + type: string + verification_status: + enum: + - unverified + - verified + - unknown + type: string + version: + type: string + required: + - type + - installed_kibana + - installed_es + - name + - version + - install_status + - install_source + - verification_status + integration: + type: string + internal: + type: boolean + latestVersion: + type: string + name: + type: string + owner: + additionalProperties: true + type: object + properties: + github: + type: string + type: + enum: + - elastic + - partner + - community + type: string + path: + type: string + policy_templates: + items: + additionalProperties: {} + type: object + type: array + readme: + type: string + release: + enum: + - ga + - beta + - experimental + type: string + savedObject: {} + signature_path: + type: string + source: + additionalProperties: true + type: object + properties: + license: + type: string + required: + - license + status: + type: string + title: + type: string + type: + enum: + - integration + - input + type: string + vars: + items: + additionalProperties: {} + type: object + type: array + version: + type: string + required: + - savedObject + - name + - version + - title + - id + type: array + required: + - items + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + post: + description: Install package by upload + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: query + name: ignoreMappingUpdateErrors + required: false + schema: + default: false + type: boolean + - in: query + name: skipDataStreamRollover + required: false + schema: + default: false + type: boolean + requestBody: + content: + application/gzip; application/zip; Elastic-Api-Version=2023-10-31: + schema: + format: binary + type: string + responses: + '200': + content: + application/gzip; application/zip; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + _meta: + additionalProperties: false + type: object + properties: + install_source: + type: string + required: + - install_source + items: + items: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + - additionalProperties: false + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + response: + deprecated: true + items: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + - additionalProperties: false + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + required: + - items + - _meta + '400': + content: + application/gzip; application/zip; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/_bulk: + post: + description: Bulk install packages + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F_bulk#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: query + name: prerelease + required: false + schema: + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + force: + default: false + type: boolean + packages: + items: + anyOf: + - type: string + - additionalProperties: false + type: object + properties: + name: + type: string + prerelease: + type: boolean + version: + type: string + required: + - name + - version + minItems: 1 + type: array + required: + - packages + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + anyOf: + - additionalProperties: false + type: object + properties: + name: + type: string + result: + additionalProperties: false + type: object + properties: + assets: + items: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + - additionalProperties: false + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + error: {} + installSource: + type: string + installType: + type: string + status: + enum: + - installed + - already_installed + type: string + required: + - error + - installType + version: + type: string + required: + - name + - version + - result + - additionalProperties: false + type: object + properties: + error: + anyOf: + - type: string + - {} + name: + type: string + statusCode: + type: number + required: + - name + - statusCode + - error + type: array + response: + deprecated: true + items: + anyOf: + - additionalProperties: false + type: object + properties: + name: + type: string + result: + additionalProperties: false + type: object + properties: + assets: + items: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + - additionalProperties: false + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + error: {} + installSource: + type: string + installType: + type: string + status: + enum: + - installed + - already_installed + type: string + required: + - error + - installType + version: + type: string + required: + - name + - version + - result + - additionalProperties: false + type: object + properties: + error: + anyOf: + - type: string + - {} + name: + type: string + statusCode: + type: number + required: + - name + - statusCode + - error + type: array + required: + - items + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/{pkgkey}: + delete: + deprecated: true + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#3' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: pkgkey + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + nullable: true + type: object + properties: + force: + type: boolean + required: + - force + responses: {} + summary: '' + tags: [] + get: + deprecated: true + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: pkgkey + required: true + schema: + type: string + - in: query + name: ignoreUnverified + required: false + schema: + type: boolean + - in: query + name: prerelease + required: false + schema: + type: boolean + - in: query + name: full + required: false + schema: + type: boolean + - in: query + name: withMetadata + required: false + schema: + default: false + type: boolean + responses: {} + summary: '' + tags: [] + post: + deprecated: true + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#2' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: pkgkey + required: true + schema: + type: string + - in: query + name: prerelease + required: false + schema: + type: boolean + - in: query + name: ignoreMappingUpdateErrors + required: false + schema: + default: false + type: boolean + - in: query + name: skipDataStreamRollover + required: false + schema: + default: false + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + nullable: true + type: object + properties: + force: + type: boolean + required: + - force + responses: {} + summary: '' + tags: [] + put: + deprecated: true + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: pkgkey + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + keepPoliciesUpToDate: + type: boolean + required: + - keepPoliciesUpToDate + responses: {} + summary: '' + tags: [] + /api/fleet/epm/packages/{pkgName}/{pkgVersion}: + delete: + description: Delete package + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D#3' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: pkgName + required: true + schema: + type: string + - in: path + name: pkgVersion + required: true + schema: + type: string + - in: query + name: force + required: false + schema: + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + nullable: true + type: object + properties: + force: + type: boolean + required: + - force + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + - additionalProperties: false + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + response: + deprecated: true + items: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + - additionalProperties: false + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + required: + - items + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + get: + description: Get package + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: pkgName + required: true + schema: + type: string + - in: path + name: pkgVersion + required: true + schema: + type: string + - in: query + name: ignoreUnverified + required: false + schema: + type: boolean + - in: query + name: prerelease + required: false + schema: + type: boolean + - in: query + name: full + required: false + schema: + type: boolean + - in: query + name: withMetadata + required: false + schema: + default: false + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: true + type: object + properties: + agent: + additionalProperties: false + type: object + properties: + privileges: + additionalProperties: false + type: object + properties: + root: + type: boolean + asset_tags: + items: + additionalProperties: false + type: object + properties: + asset_ids: + items: + type: string + type: array + asset_types: + items: + type: string + type: array + text: + type: string + required: + - text + type: array + assets: + additionalProperties: {} + type: object + categories: + items: + type: string + type: array + conditions: + additionalProperties: true + type: object + properties: + elastic: + additionalProperties: true + type: object + properties: + capabilities: + items: + type: string + type: array + subscription: + type: string + kibana: + additionalProperties: true + type: object + properties: + version: + type: string + data_streams: + items: + additionalProperties: {} + type: object + type: array + description: + type: string + download: + type: string + elasticsearch: + additionalProperties: {} + type: object + format_version: + type: string + icons: + items: + additionalProperties: true + type: object + properties: + dark_mode: + type: boolean + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + type: array + installationInfo: + additionalProperties: true + type: object + properties: + additional_spaces_installed_kibana: + additionalProperties: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + type: object + created_at: + type: string + experimental_data_stream_features: + items: + additionalProperties: true + type: object + properties: + data_stream: + type: string + features: + additionalProperties: true + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + install_format_schema_version: + type: string + install_source: + enum: + - registry + - upload + - bundled + - custom + type: string + install_status: + enum: + - installed + - installing + - install_failed + type: string + installed_es: + items: + additionalProperties: true + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + installed_kibana: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + installed_kibana_space_id: + type: string + latest_executed_state: + additionalProperties: true + type: object + properties: + error: + type: string + name: + type: string + started_at: + type: string + required: + - name + - started_at + latest_install_failed_attempts: + items: + additionalProperties: true + type: object + properties: + created_at: + type: string + error: + additionalProperties: true + type: object + properties: + message: + type: string + name: + type: string + stack: + type: string + required: + - name + - message + target_version: + type: string + required: + - created_at + - target_version + - error + type: array + name: + type: string + namespaces: + items: + type: string + type: array + type: + type: string + updated_at: + type: string + verification_key_id: + nullable: true + type: string + verification_status: + enum: + - unverified + - verified + - unknown + type: string + version: + type: string + required: + - type + - installed_kibana + - installed_es + - name + - version + - install_status + - install_source + - verification_status + internal: + type: boolean + keepPoliciesUpToDate: + type: boolean + latestVersion: + type: string + license: + type: string + licensePath: + type: string + name: + type: string + notice: + type: string + owner: + additionalProperties: true + type: object + properties: + github: + type: string + type: + enum: + - elastic + - partner + - community + type: string + path: + type: string + policy_templates: + items: + additionalProperties: {} + type: object + type: array + readme: + type: string + release: + enum: + - ga + - beta + - experimental + type: string + savedObject: {} + screenshots: + items: + additionalProperties: false + type: object + properties: + dark_mode: + type: boolean + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + type: array + signature_path: + type: string + source: + additionalProperties: true + type: object + properties: + license: + type: string + required: + - license + status: + type: string + title: + type: string + type: + enum: + - integration + - input + type: string + vars: + items: + additionalProperties: {} + type: object + type: array + version: + type: string + required: + - savedObject + - name + - version + - title + - assets + metadata: + additionalProperties: false + type: object + properties: + has_policies: + type: boolean + required: + - has_policies + response: + additionalProperties: true + deprecated: true + type: object + properties: + agent: + additionalProperties: false + type: object + properties: + privileges: + additionalProperties: false + type: object + properties: + root: + type: boolean + asset_tags: + items: + additionalProperties: false + type: object + properties: + asset_ids: + items: + type: string + type: array + asset_types: + items: + type: string + type: array + text: + type: string + required: + - text + type: array + assets: + additionalProperties: {} + type: object + categories: + items: + type: string + type: array + conditions: + additionalProperties: true + type: object + properties: + elastic: + additionalProperties: true + type: object + properties: + capabilities: + items: + type: string + type: array + subscription: + type: string + kibana: + additionalProperties: true + type: object + properties: + version: + type: string + data_streams: + items: + additionalProperties: {} + type: object + type: array + description: + type: string + download: + type: string + elasticsearch: + additionalProperties: {} + type: object + format_version: + type: string + icons: + items: + additionalProperties: true + type: object + properties: + dark_mode: + type: boolean + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + type: array + installationInfo: + additionalProperties: true + type: object + properties: + additional_spaces_installed_kibana: + additionalProperties: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + type: object + created_at: + type: string + experimental_data_stream_features: + items: + additionalProperties: true + type: object + properties: + data_stream: + type: string + features: + additionalProperties: true + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + install_format_schema_version: + type: string + install_source: + enum: + - registry + - upload + - bundled + - custom + type: string + install_status: + enum: + - installed + - installing + - install_failed + type: string + installed_es: + items: + additionalProperties: true + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + installed_kibana: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + installed_kibana_space_id: + type: string + latest_executed_state: + additionalProperties: true + type: object + properties: + error: + type: string + name: + type: string + started_at: + type: string + required: + - name + - started_at + latest_install_failed_attempts: + items: + additionalProperties: true + type: object + properties: + created_at: + type: string + error: + additionalProperties: true + type: object + properties: + message: + type: string + name: + type: string + stack: + type: string + required: + - name + - message + target_version: + type: string + required: + - created_at + - target_version + - error + type: array + name: + type: string + namespaces: + items: + type: string + type: array + type: + type: string + updated_at: + type: string + verification_key_id: + nullable: true + type: string + verification_status: + enum: + - unverified + - verified + - unknown + type: string + version: + type: string + required: + - type + - installed_kibana + - installed_es + - name + - version + - install_status + - install_source + - verification_status + internal: + type: boolean + keepPoliciesUpToDate: + type: boolean + latestVersion: + type: string + license: + type: string + licensePath: + type: string + name: + type: string + notice: + type: string + owner: + additionalProperties: true + type: object + properties: + github: + type: string + type: + enum: + - elastic + - partner + - community + type: string + path: + type: string + policy_templates: + items: + additionalProperties: {} + type: object + type: array + readme: + type: string + release: + enum: + - ga + - beta + - experimental + type: string + savedObject: {} + screenshots: + items: + additionalProperties: false + type: object + properties: + dark_mode: + type: boolean + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + type: array + signature_path: + type: string + source: + additionalProperties: true + type: object + properties: + license: + type: string + required: + - license + status: + type: string + title: + type: string + type: + enum: + - integration + - input + type: string + vars: + items: + additionalProperties: {} + type: object + type: array + version: + type: string + required: + - savedObject + - name + - version + - title + - assets + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + post: + description: Install package from registry + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D#2' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: pkgName + required: true + schema: + type: string + - in: path + name: pkgVersion + required: true + schema: + type: string + - in: query + name: prerelease + required: false + schema: + type: boolean + - in: query + name: ignoreMappingUpdateErrors + required: false + schema: + default: false + type: boolean + - in: query + name: skipDataStreamRollover + required: false + schema: + default: false + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + nullable: true + type: object + properties: + force: + default: false + type: boolean + ignore_constraints: + default: false + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + _meta: + additionalProperties: false + type: object + properties: + install_source: + type: string + required: + - install_source + items: + items: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + - additionalProperties: false + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + response: + deprecated: true + items: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + - additionalProperties: false + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + required: + - items + - _meta + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + put: + description: Update package settings + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: pkgName + required: true + schema: + type: string + - in: path + name: pkgVersion + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + keepPoliciesUpToDate: + type: boolean + required: + - keepPoliciesUpToDate + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: true + type: object + properties: + agent: + additionalProperties: false + type: object + properties: + privileges: + additionalProperties: false + type: object + properties: + root: + type: boolean + asset_tags: + items: + additionalProperties: false + type: object + properties: + asset_ids: + items: + type: string + type: array + asset_types: + items: + type: string + type: array + text: + type: string + required: + - text + type: array + assets: + additionalProperties: {} + type: object + categories: + items: + type: string + type: array + conditions: + additionalProperties: true + type: object + properties: + elastic: + additionalProperties: true + type: object + properties: + capabilities: + items: + type: string + type: array + subscription: + type: string + kibana: + additionalProperties: true + type: object + properties: + version: + type: string + data_streams: + items: + additionalProperties: {} + type: object + type: array + description: + type: string + download: + type: string + elasticsearch: + additionalProperties: {} + type: object + format_version: + type: string + icons: + items: + additionalProperties: true + type: object + properties: + dark_mode: + type: boolean + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + type: array + installationInfo: + additionalProperties: true + type: object + properties: + additional_spaces_installed_kibana: + additionalProperties: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + type: object + created_at: + type: string + experimental_data_stream_features: + items: + additionalProperties: true + type: object + properties: + data_stream: + type: string + features: + additionalProperties: true + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + install_format_schema_version: + type: string + install_source: + enum: + - registry + - upload + - bundled + - custom + type: string + install_status: + enum: + - installed + - installing + - install_failed + type: string + installed_es: + items: + additionalProperties: true + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + installed_kibana: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + installed_kibana_space_id: + type: string + latest_executed_state: + additionalProperties: true + type: object + properties: + error: + type: string + name: + type: string + started_at: + type: string + required: + - name + - started_at + latest_install_failed_attempts: + items: + additionalProperties: true + type: object + properties: + created_at: + type: string + error: + additionalProperties: true + type: object + properties: + message: + type: string + name: + type: string + stack: + type: string + required: + - name + - message + target_version: + type: string + required: + - created_at + - target_version + - error + type: array + name: + type: string + namespaces: + items: + type: string + type: array + type: + type: string + updated_at: + type: string + verification_key_id: + nullable: true + type: string + verification_status: + enum: + - unverified + - verified + - unknown + type: string + version: + type: string + required: + - type + - installed_kibana + - installed_es + - name + - version + - install_status + - install_source + - verification_status + internal: + type: boolean + keepPoliciesUpToDate: + type: boolean + latestVersion: + type: string + license: + type: string + licensePath: + type: string + name: + type: string + notice: + type: string + owner: + additionalProperties: true + type: object + properties: + github: + type: string + type: + enum: + - elastic + - partner + - community + type: string + path: + type: string + policy_templates: + items: + additionalProperties: {} + type: object + type: array + readme: + type: string + release: + enum: + - ga + - beta + - experimental + type: string + savedObject: {} + screenshots: + items: + additionalProperties: false + type: object + properties: + dark_mode: + type: boolean + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + type: array + signature_path: + type: string + source: + additionalProperties: true + type: object + properties: + license: + type: string + required: + - license + status: + type: string + title: + type: string + type: + enum: + - integration + - input + type: string + vars: + items: + additionalProperties: {} + type: object + type: array + version: + type: string + required: + - savedObject + - name + - version + - title + - assets + response: + additionalProperties: true + deprecated: true + type: object + properties: + agent: + additionalProperties: false + type: object + properties: + privileges: + additionalProperties: false + type: object + properties: + root: + type: boolean + asset_tags: + items: + additionalProperties: false + type: object + properties: + asset_ids: + items: + type: string + type: array + asset_types: + items: + type: string + type: array + text: + type: string + required: + - text + type: array + assets: + additionalProperties: {} + type: object + categories: + items: + type: string + type: array + conditions: + additionalProperties: true + type: object + properties: + elastic: + additionalProperties: true + type: object + properties: + capabilities: + items: + type: string + type: array + subscription: + type: string + kibana: + additionalProperties: true + type: object + properties: + version: + type: string + data_streams: + items: + additionalProperties: {} + type: object + type: array + description: + type: string + download: + type: string + elasticsearch: + additionalProperties: {} + type: object + format_version: + type: string + icons: + items: + additionalProperties: true + type: object + properties: + dark_mode: + type: boolean + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + type: array + installationInfo: + additionalProperties: true + type: object + properties: + additional_spaces_installed_kibana: + additionalProperties: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + type: object + created_at: + type: string + experimental_data_stream_features: + items: + additionalProperties: true + type: object + properties: + data_stream: + type: string + features: + additionalProperties: true + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + install_format_schema_version: + type: string + install_source: + enum: + - registry + - upload + - bundled + - custom + type: string + install_status: + enum: + - installed + - installing + - install_failed + type: string + installed_es: + items: + additionalProperties: true + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + enum: + - index + - index_template + - component_template + - ingest_pipeline + - ilm_policy + - data_stream_ilm_policy + - transform + - ml_model + type: string + version: + type: string + required: + - id + - type + type: array + installed_kibana: + items: + additionalProperties: true + type: object + properties: + id: + type: string + originId: + type: string + type: + enum: + - dashboard + - lens + - visualization + - search + - index-pattern + - map + - ml-module + - security-rule + - csp-rule-template + - osquery-pack-asset + - osquery-saved-query + - tag + type: string + required: + - id + - type + type: array + installed_kibana_space_id: + type: string + latest_executed_state: + additionalProperties: true + type: object + properties: + error: + type: string + name: + type: string + started_at: + type: string + required: + - name + - started_at + latest_install_failed_attempts: + items: + additionalProperties: true + type: object + properties: + created_at: + type: string + error: + additionalProperties: true + type: object + properties: + message: + type: string + name: + type: string + stack: + type: string + required: + - name + - message + target_version: + type: string + required: + - created_at + - target_version + - error + type: array + name: + type: string + namespaces: + items: + type: string + type: array + type: + type: string + updated_at: + type: string + verification_key_id: + nullable: true + type: string + verification_status: + enum: + - unverified + - verified + - unknown + type: string + version: + type: string + required: + - type + - installed_kibana + - installed_es + - name + - version + - install_status + - install_source + - verification_status + internal: + type: boolean + keepPoliciesUpToDate: + type: boolean + latestVersion: + type: string + license: + type: string + licensePath: + type: string + name: + type: string + notice: + type: string + owner: + additionalProperties: true + type: object + properties: + github: + type: string + type: + enum: + - elastic + - partner + - community + type: string + path: + type: string + policy_templates: + items: + additionalProperties: {} + type: object + type: array + readme: + type: string + release: + enum: + - ga + - beta + - experimental + type: string + savedObject: {} + screenshots: + items: + additionalProperties: false + type: object + properties: + dark_mode: + type: boolean + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + type: array + signature_path: + type: string + source: + additionalProperties: true + type: object + properties: + license: + type: string + required: + - license + status: + type: string + title: + type: string + type: + enum: + - integration + - input + type: string + vars: + items: + additionalProperties: {} + type: object + type: array + version: + type: string + required: + - savedObject + - name + - version + - title + - assets + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/{pkgName}/{pkgVersion}/{filePath*}: + get: + description: Get package file + operationId: >- + %2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D%2F%7BfilePath*%7D#0 + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: pkgName + required: true + schema: + type: string + - in: path + name: pkgVersion + required: true + schema: + type: string + - in: path + name: filePath + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: {} + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/{pkgName}/{pkgVersion}/transforms/authorize: + post: + description: Authorize transforms + operationId: >- + %2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D%2Ftransforms%2Fauthorize#0 + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: pkgName + required: true + schema: + type: string + - in: path + name: pkgVersion + required: true + schema: + type: string + - in: query + name: prerelease + required: false + schema: + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + transforms: + items: + additionalProperties: false + type: object + properties: + transformId: + type: string + required: + - transformId + type: array + required: + - transforms + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + additionalProperties: false + type: object + properties: + error: + nullable: true + success: + type: boolean + transformId: + type: string + required: + - transformId + - success + - error + type: array + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/{pkgName}/stats: + get: + description: Get package stats + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2Fstats#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: pkgName + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + response: + additionalProperties: false + type: object + properties: + agent_policy_count: + type: number + required: + - agent_policy_count + required: + - response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/installed: + get: + description: Get installed packages + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2Finstalled#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: dataStreamType + required: false + schema: + enum: + - logs + - metrics + - traces + - synthetics + - profiling + type: string + - in: query + name: showOnlyActiveDataStreams + required: false + schema: + type: boolean + - in: query + name: nameQuery + required: false + schema: + type: string + - in: query + name: searchAfter + required: false + schema: + items: + anyOf: + - type: string + - type: number + type: array + - in: query + name: perPage + required: false + schema: + default: 15 + type: number + - in: query + name: sortOrder + required: false + schema: + default: asc + enum: + - asc + - desc + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + dataStreams: + items: + additionalProperties: false + type: object + properties: + name: + type: string + title: + type: string + required: + - name + - title + type: array + description: + type: string + icons: + items: + additionalProperties: false + type: object + properties: + dark_mode: + type: boolean + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + type: array + name: + type: string + status: + type: string + title: + type: string + version: + type: string + required: + - name + - version + - status + - dataStreams + type: array + searchAfter: + items: + anyOf: + - type: string + - type: number + - type: boolean + - enum: [] + nullable: true + - {} + type: array + total: + type: number + required: + - items + - total + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/limited: + get: + description: Get limited package list + operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2Flimited#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + type: string + type: array + response: + deprecated: true + items: + type: string + type: array + required: + - items + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/templates/{pkgName}/{pkgVersion}/inputs: + get: + description: Get inputs template + operationId: >- + %2Fapi%2Ffleet%2Fepm%2Ftemplates%2F%7BpkgName%7D%2F%7BpkgVersion%7D%2Finputs#0 + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: pkgName + required: true + schema: + type: string + - in: path + name: pkgVersion + required: true + schema: + type: string + - in: query + name: format + required: false + schema: + default: json + enum: + - json + - yml + - yaml + type: string + - in: query + name: prerelease + required: false + schema: + type: boolean + - in: query + name: ignoreUnverified + required: false + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + anyOf: + - type: string + - additionalProperties: false + type: object + properties: + inputs: + items: + additionalProperties: false + type: object + properties: + id: + type: string + streams: + items: + additionalProperties: true + type: object + properties: + data_stream: + additionalProperties: true + type: object + properties: + dataset: + type: string + type: + type: string + required: + - dataset + id: + type: string + required: + - id + - data_stream + type: array + type: + type: string + required: + - id + - type + type: array + required: + - inputs + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/verification_key_id: + get: + description: Get a package signature verification key ID + operationId: '%2Fapi%2Ffleet%2Fepm%2Fverification_key_id#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + id: + nullable: true + type: string + required: + - id + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Package Manager (EPM) + /api/fleet/fleet_server_hosts: + get: + description: List Fleet Server hosts + operationId: '%2Fapi%2Ffleet%2Ffleet_server_hosts#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + host_urls: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + default: false + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + required: + - id + - name + - host_urls + type: array + page: + type: number + perPage: + type: number + total: + type: number + required: + - items + - total + - page + - perPage + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet Server hosts + post: + description: Create Fleet Server host + operationId: '%2Fapi%2Ffleet%2Ffleet_server_hosts#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + host_urls: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + default: false + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + required: + - name + - host_urls + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + host_urls: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + default: false + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + required: + - id + - name + - host_urls + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet Server hosts + /api/fleet/fleet_server_hosts/{itemId}: + delete: + description: Delete Fleet Server host by ID + operationId: '%2Fapi%2Ffleet%2Ffleet_server_hosts%2F%7BitemId%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: itemId + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet Server hosts + get: + description: Get Fleet Server host by ID + operationId: '%2Fapi%2Ffleet%2Ffleet_server_hosts%2F%7BitemId%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: itemId + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + host_urls: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + default: false + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + required: + - id + - name + - host_urls + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet Server hosts + put: + description: Update Fleet Server host by ID + operationId: '%2Fapi%2Ffleet%2Ffleet_server_hosts%2F%7BitemId%7D#2' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: itemId + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + host_urls: + items: + type: string + minItems: 1 + type: array + is_default: + type: boolean + is_internal: + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + required: + - proxy_id + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + host_urls: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + default: false + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + required: + - id + - name + - host_urls + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet Server hosts + /api/fleet/health_check: + post: + description: Check Fleet Server health + operationId: '%2Fapi%2Ffleet%2Fhealth_check#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + host: + format: uri + type: string + id: + type: string + required: + - id + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + host: + deprecated: true + type: string + host_id: + type: string + name: + type: string + status: + type: string + required: + - status + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet internals + /api/fleet/kubernetes: + get: + description: Get full K8s agent manifest + operationId: '%2Fapi%2Ffleet%2Fkubernetes#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: download + required: false + schema: + type: boolean + - in: query + name: fleetServer + required: false + schema: + type: string + - in: query + name: enrolToken + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + type: string + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agent policies + /api/fleet/kubernetes/download: + get: + operationId: '%2Fapi%2Ffleet%2Fkubernetes%2Fdownload#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: download + required: false + schema: + type: boolean + - in: query + name: fleetServer + required: false + schema: + type: string + - in: query + name: enrolToken + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: string + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Elastic Agent policies + /api/fleet/logstash_api_keys: + post: + description: Generate Logstash API keyy + operationId: '%2Fapi%2Ffleet%2Flogstash_api_keys#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + api_key: + type: string + required: + - api_key + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet outputs + /api/fleet/message_signing_service/rotate_key_pair: + post: + description: Rotate fleet message signing key pair + operationId: '%2Fapi%2Ffleet%2Fmessage_signing_service%2Frotate_key_pair#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: query + name: acknowledge + required: false + schema: + default: false + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + message: + type: string + required: + - message + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Message Signing Service + /api/fleet/outputs: + get: + description: List outputs + operationId: '%2Fapi%2Ffleet%2Foutputs#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + anyOf: + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - elasticsearch + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: true + type: object + properties: + service_token: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + service_token: + nullable: true + type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - remote_elasticsearch + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: true + type: object + properties: + ssl: + additionalProperties: true + type: object + properties: + key: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - logstash + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + auth_type: + enum: + - none + - user_pass + - ssl + - kerberos + type: string + broker_timeout: + type: number + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + client_id: + type: string + compression: + enum: + - gzip + - snappy + - lz4 + - none + type: string + compression_level: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: number + - not: {} + config_yaml: + nullable: true + type: string + connection_type: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - enum: + - plaintext + - encryption + type: string + - not: {} + hash: + additionalProperties: true + type: object + properties: + hash: + type: string + random: + type: boolean + headers: + items: + additionalProperties: true + type: object + properties: + key: + type: string + value: + type: string + required: + - key + - value + type: array + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + key: + type: string + name: + type: string + partition: + enum: + - random + - round_robin + - hash + type: string + password: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - not: {} + - anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + proxy_id: + nullable: true + type: string + random: + additionalProperties: true + type: object + properties: + group_events: + type: number + required_acks: + enum: + - 1 + - 0 + - -1 + type: integer + round_robin: + additionalProperties: true + type: object + properties: + group_events: + type: number + sasl: + additionalProperties: true + nullable: true + type: object + properties: + mechanism: + enum: + - PLAIN + - SCRAM-SHA-256 + - SCRAM-SHA-512 + type: string + secrets: + additionalProperties: true + type: object + properties: + password: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + ssl: + additionalProperties: true + type: object + properties: + key: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + required: + - key + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + timeout: + type: number + topic: + type: string + topics: + items: + additionalProperties: true + type: object + properties: + topic: + type: string + when: + additionalProperties: true + type: object + properties: + condition: + type: string + type: + enum: + - equals + - contains + - regexp + type: string + required: + - topic + minItems: 1 + type: array + type: + enum: + - kafka + type: string + username: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + version: + type: string + required: + - name + - type + - hosts + - compression_level + - auth_type + - connection_type + - username + - password + type: array + page: + type: number + perPage: + type: number + total: + type: number + required: + - items + - total + - page + - perPage + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet outputs + post: + description: Create output + operationId: '%2Fapi%2Ffleet%2Foutputs#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + anyOf: + - additionalProperties: false + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + shipper: + additionalProperties: false + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: false + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - elasticsearch + type: string + required: + - name + - type + - hosts + - additionalProperties: false + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: false + type: object + properties: + service_token: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + - type: string + service_token: + nullable: true + type: string + shipper: + additionalProperties: false + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: false + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - remote_elasticsearch + type: string + required: + - name + - type + - hosts + - additionalProperties: false + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: false + type: object + properties: + ssl: + additionalProperties: false + type: object + properties: + key: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + - type: string + shipper: + additionalProperties: false + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: false + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - logstash + type: string + required: + - name + - type + - hosts + - additionalProperties: false + type: object + properties: + allow_edit: + items: + type: string + type: array + auth_type: + enum: + - none + - user_pass + - ssl + - kerberos + type: string + broker_timeout: + type: number + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + client_id: + type: string + compression: + enum: + - gzip + - snappy + - lz4 + - none + type: string + compression_level: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: number + - not: {} + config_yaml: + nullable: true + type: string + connection_type: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - enum: + - plaintext + - encryption + type: string + - not: {} + hash: + additionalProperties: false + type: object + properties: + hash: + type: string + random: + type: boolean + headers: + items: + additionalProperties: false + type: object + properties: + key: + type: string + value: + type: string + required: + - key + - value + type: array + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + key: + type: string + name: + type: string + partition: + enum: + - random + - round_robin + - hash + type: string + password: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - not: {} + - anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + proxy_id: + nullable: true + type: string + random: + additionalProperties: false + type: object + properties: + group_events: + type: number + required_acks: + enum: + - 1 + - 0 + - -1 + type: integer + round_robin: + additionalProperties: false + type: object + properties: + group_events: + type: number + sasl: + additionalProperties: false + nullable: true + type: object + properties: + mechanism: + enum: + - PLAIN + - SCRAM-SHA-256 + - SCRAM-SHA-512 + type: string + secrets: + additionalProperties: false + type: object + properties: + password: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + - type: string + ssl: + additionalProperties: false + type: object + properties: + key: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + - type: string + required: + - key + shipper: + additionalProperties: false + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: false + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + timeout: + type: number + topic: + type: string + topics: + items: + additionalProperties: false + type: object + properties: + topic: + type: string + when: + additionalProperties: false + type: object + properties: + condition: + type: string + type: + enum: + - equals + - contains + - regexp + type: string + required: + - topic + minItems: 1 + type: array + type: + enum: + - kafka + type: string + username: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + version: + type: string + required: + - name + - type + - hosts + - compression_level + - auth_type + - connection_type + - username + - password + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + anyOf: + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - elasticsearch + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: true + type: object + properties: + service_token: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + service_token: + nullable: true + type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - remote_elasticsearch + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: true + type: object + properties: + ssl: + additionalProperties: true + type: object + properties: + key: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - logstash + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + auth_type: + enum: + - none + - user_pass + - ssl + - kerberos + type: string + broker_timeout: + type: number + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + client_id: + type: string + compression: + enum: + - gzip + - snappy + - lz4 + - none + type: string + compression_level: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: number + - not: {} + config_yaml: + nullable: true + type: string + connection_type: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - enum: + - plaintext + - encryption + type: string + - not: {} + hash: + additionalProperties: true + type: object + properties: + hash: + type: string + random: + type: boolean + headers: + items: + additionalProperties: true + type: object + properties: + key: + type: string + value: + type: string + required: + - key + - value + type: array + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + key: + type: string + name: + type: string + partition: + enum: + - random + - round_robin + - hash + type: string + password: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - not: {} + - anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + proxy_id: + nullable: true + type: string + random: + additionalProperties: true + type: object + properties: + group_events: + type: number + required_acks: + enum: + - 1 + - 0 + - -1 + type: integer + round_robin: + additionalProperties: true + type: object + properties: + group_events: + type: number + sasl: + additionalProperties: true + nullable: true + type: object + properties: + mechanism: + enum: + - PLAIN + - SCRAM-SHA-256 + - SCRAM-SHA-512 + type: string + secrets: + additionalProperties: true + type: object + properties: + password: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + ssl: + additionalProperties: true + type: object + properties: + key: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + required: + - key + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + timeout: + type: number + topic: + type: string + topics: + items: + additionalProperties: true + type: object + properties: + topic: + type: string + when: + additionalProperties: true + type: object + properties: + condition: + type: string + type: + enum: + - equals + - contains + - regexp + type: string + required: + - topic + minItems: 1 + type: array + type: + enum: + - kafka + type: string + username: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + version: + type: string + required: + - name + - type + - hosts + - compression_level + - auth_type + - connection_type + - username + - password + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet outputs + /api/fleet/outputs/{outputId}: + delete: + description: Delete output by ID + operationId: '%2Fapi%2Ffleet%2Foutputs%2F%7BoutputId%7D#2' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: outputId + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet outputs + get: + description: Get output by ID + operationId: '%2Fapi%2Ffleet%2Foutputs%2F%7BoutputId%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: outputId + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + anyOf: + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - elasticsearch + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: true + type: object + properties: + service_token: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + service_token: + nullable: true + type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - remote_elasticsearch + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: true + type: object + properties: + ssl: + additionalProperties: true + type: object + properties: + key: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - logstash + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + auth_type: + enum: + - none + - user_pass + - ssl + - kerberos + type: string + broker_timeout: + type: number + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + client_id: + type: string + compression: + enum: + - gzip + - snappy + - lz4 + - none + type: string + compression_level: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: number + - not: {} + config_yaml: + nullable: true + type: string + connection_type: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - enum: + - plaintext + - encryption + type: string + - not: {} + hash: + additionalProperties: true + type: object + properties: + hash: + type: string + random: + type: boolean + headers: + items: + additionalProperties: true + type: object + properties: + key: + type: string + value: + type: string + required: + - key + - value + type: array + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + key: + type: string + name: + type: string + partition: + enum: + - random + - round_robin + - hash + type: string + password: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - not: {} + - anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + proxy_id: + nullable: true + type: string + random: + additionalProperties: true + type: object + properties: + group_events: + type: number + required_acks: + enum: + - 1 + - 0 + - -1 + type: integer + round_robin: + additionalProperties: true + type: object + properties: + group_events: + type: number + sasl: + additionalProperties: true + nullable: true + type: object + properties: + mechanism: + enum: + - PLAIN + - SCRAM-SHA-256 + - SCRAM-SHA-512 + type: string + secrets: + additionalProperties: true + type: object + properties: + password: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + ssl: + additionalProperties: true + type: object + properties: + key: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + required: + - key + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + timeout: + type: number + topic: + type: string + topics: + items: + additionalProperties: true + type: object + properties: + topic: + type: string + when: + additionalProperties: true + type: object + properties: + condition: + type: string + type: + enum: + - equals + - contains + - regexp + type: string + required: + - topic + minItems: 1 + type: array + type: + enum: + - kafka + type: string + username: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + version: + type: string + required: + - name + - type + - hosts + - compression_level + - auth_type + - connection_type + - username + - password + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet outputs + put: + description: Update output by ID + operationId: '%2Fapi%2Ffleet%2Foutputs%2F%7BoutputId%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: outputId + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + anyOf: + - additionalProperties: false + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + type: boolean + is_default_monitoring: + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + shipper: + additionalProperties: false + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: false + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - elasticsearch + type: string + - additionalProperties: false + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + type: boolean + is_default_monitoring: + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: false + type: object + properties: + service_token: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + - type: string + service_token: + nullable: true + type: string + shipper: + additionalProperties: false + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: false + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - remote_elasticsearch + type: string + - additionalProperties: false + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + type: boolean + is_default_monitoring: + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: false + type: object + properties: + ssl: + additionalProperties: false + type: object + properties: + key: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + - type: string + shipper: + additionalProperties: false + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: false + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - logstash + type: string + - additionalProperties: false + type: object + properties: + allow_edit: + items: + type: string + type: array + auth_type: + enum: + - none + - user_pass + - ssl + - kerberos + type: string + broker_timeout: + type: number + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + client_id: + type: string + compression: + enum: + - gzip + - snappy + - lz4 + - none + type: string + compression_level: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: number + - not: {} + config_yaml: + nullable: true + type: string + connection_type: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - enum: + - plaintext + - encryption + type: string + - not: {} + hash: + additionalProperties: false + type: object + properties: + hash: + type: string + random: + type: boolean + headers: + items: + additionalProperties: false + type: object + properties: + key: + type: string + value: + type: string + required: + - key + - value + type: array + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + key: + type: string + name: + type: string + partition: + enum: + - random + - round_robin + - hash + type: string + password: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - not: {} + - anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + proxy_id: + nullable: true + type: string + random: + additionalProperties: false + type: object + properties: + group_events: + type: number + required_acks: + enum: + - 1 + - 0 + - -1 + type: integer + round_robin: + additionalProperties: false + type: object + properties: + group_events: + type: number + sasl: + additionalProperties: false + nullable: true + type: object + properties: + mechanism: + enum: + - PLAIN + - SCRAM-SHA-256 + - SCRAM-SHA-512 + type: string + secrets: + additionalProperties: false + type: object + properties: + password: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + - type: string + ssl: + additionalProperties: false + type: object + properties: + key: + anyOf: + - additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + - type: string + required: + - key + shipper: + additionalProperties: false + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: false + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + timeout: + type: number + topic: + type: string + topics: + items: + additionalProperties: false + type: object + properties: + topic: + type: string + when: + additionalProperties: false + type: object + properties: + condition: + type: string + type: + enum: + - equals + - contains + - regexp + type: string + required: + - topic + minItems: 1 + type: array + type: + enum: + - kafka + type: string + username: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + version: + type: string + required: + - name + - compression_level + - connection_type + - username + - password + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + anyOf: + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - elasticsearch + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + format: uri + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: true + type: object + properties: + service_token: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + service_token: + nullable: true + type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - remote_elasticsearch + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + config_yaml: + nullable: true + type: string + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + proxy_id: + nullable: true + type: string + secrets: + additionalProperties: true + type: object + properties: + ssl: + additionalProperties: true + type: object + properties: + key: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + type: + enum: + - logstash + type: string + required: + - name + - type + - hosts + - additionalProperties: true + type: object + properties: + allow_edit: + items: + type: string + type: array + auth_type: + enum: + - none + - user_pass + - ssl + - kerberos + type: string + broker_timeout: + type: number + ca_sha256: + nullable: true + type: string + ca_trusted_fingerprint: + nullable: true + type: string + client_id: + type: string + compression: + enum: + - gzip + - snappy + - lz4 + - none + type: string + compression_level: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: number + - not: {} + config_yaml: + nullable: true + type: string + connection_type: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - enum: + - plaintext + - encryption + type: string + - not: {} + hash: + additionalProperties: true + type: object + properties: + hash: + type: string + random: + type: boolean + headers: + items: + additionalProperties: true + type: object + properties: + key: + type: string + value: + type: string + required: + - key + - value + type: array + hosts: + items: + type: string + minItems: 1 + type: array + id: + type: string + is_default: + default: false + type: boolean + is_default_monitoring: + default: false + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + key: + type: string + name: + type: string + partition: + enum: + - random + - round_robin + - hash + type: string + password: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - not: {} + - anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + proxy_id: + nullable: true + type: string + random: + additionalProperties: true + type: object + properties: + group_events: + type: number + required_acks: + enum: + - 1 + - 0 + - -1 + type: integer + round_robin: + additionalProperties: true + type: object + properties: + group_events: + type: number + sasl: + additionalProperties: true + nullable: true + type: object + properties: + mechanism: + enum: + - PLAIN + - SCRAM-SHA-256 + - SCRAM-SHA-512 + type: string + secrets: + additionalProperties: true + type: object + properties: + password: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + ssl: + additionalProperties: true + type: object + properties: + key: + anyOf: + - additionalProperties: true + type: object + properties: + id: + type: string + required: + - id + - type: string + required: + - key + shipper: + additionalProperties: true + nullable: true + type: object + properties: + compression_level: + nullable: true + type: number + disk_queue_compression_enabled: + nullable: true + type: boolean + disk_queue_enabled: + default: false + nullable: true + type: boolean + disk_queue_encryption_enabled: + nullable: true + type: boolean + disk_queue_max_size: + nullable: true + type: number + disk_queue_path: + nullable: true + type: string + loadbalance: + nullable: true + type: boolean + max_batch_bytes: + nullable: true + type: number + mem_queue_events: + nullable: true + type: number + queue_flush_timeout: + nullable: true + type: number + required: + - disk_queue_path + - disk_queue_max_size + - disk_queue_encryption_enabled + - disk_queue_compression_enabled + - compression_level + - loadbalance + - mem_queue_events + - queue_flush_timeout + - max_batch_bytes + ssl: + additionalProperties: true + nullable: true + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - full + - none + - certificate + - strict + type: string + timeout: + type: number + topic: + type: string + topics: + items: + additionalProperties: true + type: object + properties: + topic: + type: string + when: + additionalProperties: true + type: object + properties: + condition: + type: string + type: + enum: + - equals + - contains + - regexp + type: string + required: + - topic + minItems: 1 + type: array + type: + enum: + - kafka + type: string + username: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - type: string + - not: {} + version: + type: string + required: + - name + - type + - hosts + - compression_level + - auth_type + - connection_type + - username + - password + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet outputs + /api/fleet/outputs/{outputId}/health: + get: + description: Get latest output health + operationId: '%2Fapi%2Ffleet%2Foutputs%2F%7BoutputId%7D%2Fhealth#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: outputId + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + message: + description: long message if unhealthy + type: string + state: + description: state of output, HEALTHY or DEGRADED + type: string + timestamp: + description: timestamp of reported state + type: string + required: + - state + - message + - timestamp + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet outputs + /api/fleet/package_policies: + get: + description: List package policies + operationId: '%2Fapi%2Ffleet%2Fpackage_policies#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: page + required: false + schema: + type: number + - in: query + name: perPage + required: false + schema: + type: number + - in: query + name: sortField + required: false + schema: + type: string + - in: query + name: sortOrder + required: false + schema: + enum: + - desc + - asc + type: string + - in: query + name: showUpgradeable + required: false + schema: + type: boolean + - in: query + name: kuery + required: false + schema: + type: string + - in: query + name: format + required: false + schema: + enum: + - simplified + - legacy + type: string + - in: query + name: withAgentCount + required: false + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + agents: + type: number + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + anyOf: + - items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + - additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that input, (default to + true) + type: boolean + streams: + additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that stream, (default + to true) + type: boolean + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see + integration documentation for more + information) + type: object + description: >- + Input streams (see integration + documentation to know what streams are + available) + type: object + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see + integration documentation for more + information) + type: object + description: >- + Package policy inputs (see integration + documentation to know what inputs are available) + type: object + x-oas-optional: true + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to inherit + the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the package + policy. The override option should be used only in + unusual circumstances and not as a routine + procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy will be + added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy will be + added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + spaceIds: + items: + type: string + type: array + updated_at: + type: string + updated_by: + type: string + vars: + anyOf: + - additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration documentation + for more information) + type: object + - additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + x-oas-optional: true + version: + type: string + required: + - name + - enabled + - inputs + - id + - revision + - updated_at + - updated_by + - created_at + - created_by + type: array + page: + type: number + perPage: + type: number + total: + type: number + required: + - items + - total + - page + - perPage + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet package policies + post: + description: Create package policy + operationId: '%2Fapi%2Ffleet%2Fpackage_policies#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: query + name: format + required: false + schema: + enum: + - simplified + - legacy + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + anyOf: + - additionalProperties: false + type: object + properties: + description: + description: Package policy description + type: string + enabled: + type: boolean + force: + description: >- + Force package policy creation even if package is not + verified, or if the agent policy is managed. + type: boolean + id: + description: Package policy unique identifier + type: string + inputs: + items: + additionalProperties: false + type: object + properties: + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration documentation + for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration documentation + for more information) + type: object + required: + - type + - enabled + type: array + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to inherit the + agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the package + policy. The override option should be used only in + unusual circumstances and not as a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: Agent policy ID where that package policy will be added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy will be + added + type: string + type: array + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration documentation for more + information) + type: object + required: + - name + - inputs + - additionalProperties: false + type: object + properties: + description: + type: string + force: + type: boolean + id: + type: string + inputs: + additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: enable or disable that input, (default to true) + type: boolean + streams: + additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that stream, (default to + true) + type: boolean + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + description: >- + Input streams (see integration documentation to + know what streams are available) + type: object + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + description: >- + Package policy inputs (see integration documentation to + know what inputs are available) + type: object + name: + type: string + namespace: + type: string + output_id: + nullable: true + type: string + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + nullable: true + type: string + policy_ids: + items: + type: string + type: array + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + required: + - name + - package + description: >- + You should use inputs as an object and not use the deprecated + inputs array. + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + agents: + type: number + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + anyOf: + - items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + - additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that input, (default to + true) + type: boolean + streams: + additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that stream, (default + to true) + type: boolean + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see + integration documentation for more + information) + type: object + description: >- + Input streams (see integration documentation + to know what streams are available) + type: object + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + description: >- + Package policy inputs (see integration + documentation to know what inputs are available) + type: object + x-oas-optional: true + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to inherit + the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the package + policy. The override option should be used only in + unusual circumstances and not as a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy will be + added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy will be + added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + spaceIds: + items: + type: string + type: array + updated_at: + type: string + updated_by: + type: string + vars: + anyOf: + - additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration documentation + for more information) + type: object + - additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + x-oas-optional: true + version: + type: string + required: + - name + - enabled + - inputs + - id + - revision + - updated_at + - updated_by + - created_at + - created_by + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet package policies + /api/fleet/package_policies/_bulk_get: + post: + description: Bulk get package policies + operationId: '%2Fapi%2Ffleet%2Fpackage_policies%2F_bulk_get#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: query + name: format + required: false + schema: + enum: + - simplified + - legacy + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + ids: + description: list of package policy ids + items: + type: string + type: array + ignoreMissing: + type: boolean + required: + - ids + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + agents: + type: number + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + anyOf: + - items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + - additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that input, (default to + true) + type: boolean + streams: + additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that stream, (default + to true) + type: boolean + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see + integration documentation for more + information) + type: object + description: >- + Input streams (see integration + documentation to know what streams are + available) + type: object + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see + integration documentation for more + information) + type: object + description: >- + Package policy inputs (see integration + documentation to know what inputs are available) + type: object + x-oas-optional: true + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to inherit + the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the package + policy. The override option should be used only in + unusual circumstances and not as a routine + procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy will be + added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy will be + added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + spaceIds: + items: + type: string + type: array + updated_at: + type: string + updated_by: + type: string + vars: + anyOf: + - additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration documentation + for more information) + type: object + - additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + x-oas-optional: true + version: + type: string + required: + - name + - enabled + - inputs + - id + - revision + - updated_at + - updated_by + - created_at + - created_by + type: array + required: + - items + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + message: + type: string + required: + - message + summary: '' + tags: + - Fleet package policies + /api/fleet/package_policies/{packagePolicyId}: + delete: + description: Delete package policy by ID + operationId: '%2Fapi%2Ffleet%2Fpackage_policies%2F%7BpackagePolicyId%7D#2' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: packagePolicyId + required: true + schema: + type: string + - in: query + name: force + required: false + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet package policies + get: + description: Get package policy by ID + operationId: '%2Fapi%2Ffleet%2Fpackage_policies%2F%7BpackagePolicyId%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: packagePolicyId + required: true + schema: + type: string + - in: query + name: format + required: false + schema: + enum: + - simplified + - legacy + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + agents: + type: number + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + anyOf: + - items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + - additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that input, (default to + true) + type: boolean + streams: + additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that stream, (default + to true) + type: boolean + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see + integration documentation for more + information) + type: object + description: >- + Input streams (see integration documentation + to know what streams are available) + type: object + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + description: >- + Package policy inputs (see integration + documentation to know what inputs are available) + type: object + x-oas-optional: true + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to inherit + the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the package + policy. The override option should be used only in + unusual circumstances and not as a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy will be + added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy will be + added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + spaceIds: + items: + type: string + type: array + updated_at: + type: string + updated_by: + type: string + vars: + anyOf: + - additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration documentation + for more information) + type: object + - additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + x-oas-optional: true + version: + type: string + required: + - name + - enabled + - inputs + - id + - revision + - updated_at + - updated_by + - created_at + - created_by + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + message: + type: string + required: + - message + summary: '' + tags: + - Fleet package policies + put: + description: Update package policy by ID + operationId: '%2Fapi%2Ffleet%2Fpackage_policies%2F%7BpackagePolicyId%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: packagePolicyId + required: true + schema: + type: string + - in: query + name: format + required: false + schema: + enum: + - simplified + - legacy + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + anyOf: + - additionalProperties: false + type: object + properties: + description: + description: Package policy description + type: string + enabled: + type: boolean + force: + type: boolean + inputs: + items: + additionalProperties: false + type: object + properties: + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration documentation + for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration documentation + for more information) + type: object + required: + - type + - enabled + type: array + is_managed: + type: boolean + name: + type: string + namespace: + description: >- + The package policy namespace. Leave blank to inherit the + agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the package + policy. The override option should be used only in + unusual circumstances and not as a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: Agent policy ID where that package policy will be added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy will be + added + type: string + type: array + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration documentation for more + information) + type: object + version: + type: string + - additionalProperties: false + type: object + properties: + description: + type: string + force: + type: boolean + id: + type: string + inputs: + additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: enable or disable that input, (default to true) + type: boolean + streams: + additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that stream, (default to + true) + type: boolean + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + description: >- + Input streams (see integration documentation to + know what streams are available) + type: object + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + description: >- + Package policy inputs (see integration documentation to + know what inputs are available) + type: object + name: + type: string + namespace: + type: string + output_id: + nullable: true + type: string + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + nullable: true + type: string + policy_ids: + items: + type: string + type: array + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + required: + - name + - package + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + agents: + type: number + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + anyOf: + - items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + - additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that input, (default to + true) + type: boolean + streams: + additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that stream, (default + to true) + type: boolean + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see + integration documentation for more + information) + type: object + description: >- + Input streams (see integration documentation + to know what streams are available) + type: object + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + description: >- + Package policy inputs (see integration + documentation to know what inputs are available) + type: object + x-oas-optional: true + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to inherit + the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the package + policy. The override option should be used only in + unusual circumstances and not as a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy will be + added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy will be + added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + spaceIds: + items: + type: string + type: array + updated_at: + type: string + updated_by: + type: string + vars: + anyOf: + - additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration documentation + for more information) + type: object + - additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see integration + documentation for more information) + type: object + x-oas-optional: true + version: + type: string + required: + - name + - enabled + - inputs + - id + - revision + - updated_at + - updated_by + - created_at + - created_by + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet package policies + /api/fleet/package_policies/delete: + post: + description: Bulk delete package policies + operationId: '%2Fapi%2Ffleet%2Fpackage_policies%2Fdelete#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + force: + type: boolean + packagePolicyIds: + items: + type: string + type: array + required: + - packagePolicyIds + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + additionalProperties: false + type: object + properties: + body: + additionalProperties: false + type: object + properties: + message: + type: string + required: + - message + id: + type: string + name: + type: string + output_id: + nullable: true + type: string + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: Use `policy_ids` instead + nullable: true + type: string + policy_ids: + items: + type: string + type: array + statusCode: + type: number + success: + type: boolean + required: + - id + - success + - policy_ids + - package + type: array + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet package policies + /api/fleet/package_policies/upgrade: + post: + description: Upgrade package policy to a newer package version + operationId: '%2Fapi%2Ffleet%2Fpackage_policies%2Fupgrade#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + packagePolicyIds: + items: + type: string + type: array + required: + - packagePolicyIds + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + additionalProperties: false + type: object + properties: + body: + additionalProperties: false + type: object + properties: + message: + type: string + required: + - message + id: + type: string + name: + type: string + statusCode: + type: number + success: + type: boolean + required: + - id + - success + type: array + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet package policies + /api/fleet/package_policies/upgrade/dryrun: + post: + description: Dry run package policy upgrade + operationId: '%2Fapi%2Ffleet%2Fpackage_policies%2Fupgrade%2Fdryrun#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + packagePolicyIds: + items: + type: string + type: array + packageVersion: + type: string + required: + - packagePolicyIds + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + additionalProperties: false + type: object + properties: + agent_diff: + items: + items: + additionalProperties: true + type: object + properties: + data_stream: + additionalProperties: true + type: object + properties: + namespace: + type: string + required: + - namespace + id: + type: string + meta: + additionalProperties: true + type: object + properties: + package: + additionalProperties: true + type: object + properties: + name: + type: string + version: + type: string + required: + - name + - version + required: + - package + name: + type: string + package_policy_id: + type: string + processors: + items: + additionalProperties: true + type: object + properties: + add_fields: + additionalProperties: true + type: object + properties: + fields: + additionalProperties: + anyOf: + - type: string + - type: number + type: object + target: + type: string + required: + - target + - fields + required: + - add_fields + type: array + revision: + type: number + streams: + items: + additionalProperties: true + type: object + properties: + data_stream: + additionalProperties: true + type: object + properties: + dataset: + type: string + type: + type: string + required: + - dataset + id: + type: string + required: + - id + - data_stream + type: array + type: + type: string + use_output: + type: string + required: + - id + - name + - revision + - type + - data_stream + - use_output + - package_policy_id + type: array + type: array + body: + additionalProperties: false + type: object + properties: + message: + type: string + required: + - message + diff: + items: + anyOf: + - additionalProperties: false + type: object + properties: + agents: + type: number + created_at: + type: string + created_by: + type: string + description: + description: Package policy description + type: string + elasticsearch: + additionalProperties: true + type: object + properties: + privileges: + additionalProperties: true + type: object + properties: + cluster: + items: + type: string + type: array + enabled: + type: boolean + id: + type: string + inputs: + anyOf: + - items: + additionalProperties: false + type: object + properties: + compiled_input: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + - compiled_input + type: array + - additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that input, (default + to true) + type: boolean + streams: + additionalProperties: + additionalProperties: false + type: object + properties: + enabled: + description: >- + enable or disable that stream, (default + to true) + type: boolean + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see + integration documentation for more + information) + type: object + description: >- + Input streams (see integration + documentation to know what streams are + available) + type: object + vars: + additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see + integration documentation for more + information) + type: object + description: >- + Package policy inputs (see integration + documentation to know what inputs are + available) + type: object + x-oas-optional: true + is_managed: + type: boolean + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to + inherit the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the + package policy. The override option should be + used only in unusual circumstances and not as + a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy will + be added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy + will be added + type: string + type: array + revision: + type: number + secret_references: + items: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + type: array + spaceIds: + items: + type: string + type: array + updated_at: + type: string + updated_by: + type: string + vars: + anyOf: + - additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + - additionalProperties: + anyOf: + - type: boolean + - type: string + - type: number + - items: + type: string + type: array + - items: + type: number + type: array + - additionalProperties: false + type: object + properties: + id: + type: string + isSecretRef: + type: boolean + required: + - id + - isSecretRef + nullable: true + description: >- + Input/stream level variable (see + integration documentation for more + information) + type: object + x-oas-optional: true + version: + type: string + required: + - name + - enabled + - inputs + - revision + - updated_at + - updated_by + - created_at + - created_by + - additionalProperties: false + type: object + properties: + description: + description: Package policy description + type: string + enabled: + type: boolean + errors: + items: + additionalProperties: false + type: object + properties: + key: + type: string + message: + type: string + required: + - message + type: array + force: + type: boolean + id: + type: string + inputs: + items: + additionalProperties: false + type: object + properties: + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + policy_template: + type: string + streams: + items: + additionalProperties: false + type: object + properties: + compiled_stream: {} + config: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + data_stream: + additionalProperties: false + type: object + properties: + dataset: + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + dynamic_dataset: + type: boolean + dynamic_namespace: + type: boolean + privileges: + additionalProperties: false + type: object + properties: + indices: + items: + type: string + type: array + type: + type: string + required: + - dataset + - type + enabled: + type: boolean + id: + type: string + keep_enabled: + type: boolean + release: + enum: + - ga + - beta + - experimental + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - enabled + - data_stream + - compiled_stream + type: array + type: + type: string + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - type + - enabled + - streams + type: array + is_managed: + type: boolean + missingVars: + items: + type: string + type: array + name: + description: Package policy name (should be unique) + type: string + namespace: + description: >- + The package policy namespace. Leave blank to + inherit the agent policy's namespace. + type: string + output_id: + nullable: true + type: string + overrides: + additionalProperties: false + description: >- + Override settings that are defined in the + package policy. The override option should be + used only in unusual circumstances and not as + a routine procedure. + nullable: true + type: object + properties: + inputs: + additionalProperties: {} + type: object + package: + additionalProperties: false + type: object + properties: + experimental_data_stream_features: + items: + additionalProperties: false + type: object + properties: + data_stream: + type: string + features: + additionalProperties: false + type: object + properties: + doc_value_only_numeric: + type: boolean + doc_value_only_other: + type: boolean + synthetic_source: + type: boolean + tsdb: + type: boolean + required: + - data_stream + - features + type: array + name: + description: Package name + type: string + requires_root: + type: boolean + title: + type: string + version: + description: Package version + type: string + required: + - name + - version + policy_id: + deprecated: true + description: >- + Agent policy ID where that package policy will + be added + nullable: true + type: string + policy_ids: + items: + description: >- + Agent policy IDs where that package policy + will be added + type: string + type: array + vars: + additionalProperties: + additionalProperties: false + type: object + properties: + frozen: + type: boolean + type: + type: string + value: {} + required: + - value + description: >- + Package variable (see integration + documentation for more information) + type: object + required: + - name + - enabled + - inputs + type: array + hasErrors: + type: boolean + name: + type: string + statusCode: + type: number + required: + - hasErrors + type: array + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet package policies + /api/fleet/proxies: + get: + description: List proxies + operationId: '%2Fapi%2Ffleet%2Fproxies#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + certificate: + nullable: true + type: string + certificate_authorities: + nullable: true + type: string + certificate_key: + nullable: true + type: string + id: + type: string + is_preconfigured: + default: false + type: boolean + name: + type: string + proxy_headers: + additionalProperties: + anyOf: + - type: string + - type: boolean + - type: number + nullable: true + type: object + url: + type: string + required: + - id + - url + - name + type: array + page: + type: number + perPage: + type: number + total: + type: number + required: + - items + - total + - page + - perPage + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet proxies + post: + description: Create proxy + operationId: '%2Fapi%2Ffleet%2Fproxies#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + certificate: + nullable: true + type: string + certificate_authorities: + nullable: true + type: string + certificate_key: + nullable: true + type: string + id: + type: string + is_preconfigured: + default: false + type: boolean + name: + type: string + proxy_headers: + additionalProperties: + anyOf: + - type: string + - type: boolean + - type: number + nullable: true + type: object + url: + type: string + required: + - url + - name + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + certificate: + nullable: true + type: string + certificate_authorities: + nullable: true + type: string + certificate_key: + nullable: true + type: string + id: + type: string + is_preconfigured: + default: false + type: boolean + name: + type: string + proxy_headers: + additionalProperties: + anyOf: + - type: string + - type: boolean + - type: number + nullable: true + type: object + url: + type: string + required: + - id + - url + - name + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet proxies + /api/fleet/proxies/{itemId}: + delete: + description: Delete proxy by ID + operationId: '%2Fapi%2Ffleet%2Fproxies%2F%7BitemId%7D#2' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: itemId + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + id: + type: string + required: + - id + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet proxies + get: + description: Get proxy by ID + operationId: '%2Fapi%2Ffleet%2Fproxies%2F%7BitemId%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: itemId + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + certificate: + nullable: true + type: string + certificate_authorities: + nullable: true + type: string + certificate_key: + nullable: true + type: string + id: + type: string + is_preconfigured: + default: false + type: boolean + name: + type: string + proxy_headers: + additionalProperties: + anyOf: + - type: string + - type: boolean + - type: number + nullable: true + type: object + url: + type: string + required: + - id + - url + - name + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet proxies + put: + description: Update proxy by ID + operationId: '%2Fapi%2Ffleet%2Fproxies%2F%7BitemId%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: itemId + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + certificate: + nullable: true + type: string + certificate_authorities: + nullable: true + type: string + certificate_key: + nullable: true + type: string + name: + type: string + proxy_headers: + additionalProperties: + anyOf: + - type: string + - type: boolean + - type: number + nullable: true + type: object + url: + type: string + required: + - proxy_headers + - certificate_authorities + - certificate + - certificate_key + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + certificate: + nullable: true + type: string + certificate_authorities: + nullable: true + type: string + certificate_key: + nullable: true + type: string + id: + type: string + is_preconfigured: + default: false + type: boolean + name: + type: string + proxy_headers: + additionalProperties: + anyOf: + - type: string + - type: boolean + - type: number + nullable: true + type: object + url: + type: string + required: + - id + - url + - name + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet proxies + /api/fleet/service_tokens: + post: + description: Create a service token + operationId: '%2Fapi%2Ffleet%2Fservice_tokens#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + nullable: true + type: object + properties: + remote: + default: false + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + name: + type: string + value: + type: string + required: + - name + - value + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet service tokens + /api/fleet/service-tokens: + post: + deprecated: true + description: Create a service token + operationId: '%2Fapi%2Ffleet%2Fservice-tokens#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + responses: {} + summary: '' + tags: [] + /api/fleet/settings: + get: + description: Get settings + operationId: '%2Fapi%2Ffleet%2Fsettings#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + fleet_server_hosts: + items: + type: string + type: array + has_seen_add_data_notice: + type: boolean + id: + type: string + output_secret_storage_requirements_met: + type: boolean + preconfigured_fields: + items: + enum: + - fleet_server_hosts + type: string + type: array + prerelease_integrations_enabled: + type: boolean + secret_storage_requirements_met: + type: boolean + use_space_awareness_migration_started_at: + type: string + use_space_awareness_migration_status: + enum: + - pending + - success + - error + type: string + version: + type: string + required: + - prerelease_integrations_enabled + - id + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + message: + type: string + required: + - message + summary: '' + tags: + - Fleet internals + put: + description: Update settings + operationId: '%2Fapi%2Ffleet%2Fsettings#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + additional_yaml_config: + type: string + fleet_server_hosts: + items: + format: uri + type: string + type: array + has_seen_add_data_notice: + type: boolean + kibana_ca_sha256: + type: string + kibana_urls: + items: + format: uri + type: string + type: array + prerelease_integrations_enabled: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + fleet_server_hosts: + items: + type: string + type: array + has_seen_add_data_notice: + type: boolean + id: + type: string + output_secret_storage_requirements_met: + type: boolean + preconfigured_fields: + items: + enum: + - fleet_server_hosts + type: string + type: array + prerelease_integrations_enabled: + type: boolean + secret_storage_requirements_met: + type: boolean + use_space_awareness_migration_started_at: + type: string + use_space_awareness_migration_status: + enum: + - pending + - success + - error + type: string + version: + type: string + required: + - prerelease_integrations_enabled + - id + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + message: + type: string + required: + - message + summary: '' + tags: + - Fleet internals + /api/fleet/setup: + post: + description: Initiate Fleet setup + operationId: '%2Fapi%2Ffleet%2Fsetup#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: >- + A summary of the result of Fleet's `setup` lifecycle. If + `isInitialized` is true, Fleet is ready to accept agent + enrollment. `nonFatalErrors` may include useful insight into + non-blocking issues with Fleet setup. + type: object + properties: + isInitialized: + type: boolean + nonFatalErrors: + items: + additionalProperties: false + type: object + properties: + message: + type: string + name: + type: string + required: + - name + - message + type: array + required: + - isInitialized + - nonFatalErrors + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Internal Server Error + type: object + properties: + message: + type: string + required: + - message + summary: '' + tags: + - Fleet internals + /api/fleet/uninstall_tokens: + get: + description: List metadata for latest uninstall tokens per agent policy + operationId: '%2Fapi%2Ffleet%2Funinstall_tokens#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: Partial match filtering for policy IDs + in: query + name: policyId + required: false + schema: + maxLength: 50 + type: string + - in: query + name: search + required: false + schema: + maxLength: 50 + type: string + - description: The number of items to return + in: query + name: perPage + required: false + schema: + minimum: 5 + type: number + - in: query + name: page + required: false + schema: + minimum: 1 + type: number + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + items: + items: + additionalProperties: false + type: object + properties: + created_at: + type: string + id: + type: string + namespaces: + items: + type: string + type: array + policy_id: + type: string + policy_name: + nullable: true + type: string + required: + - id + - policy_id + - created_at + type: array + page: + type: number + perPage: + type: number + total: + type: number + required: + - items + - total + - page + - perPage + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet uninstall tokens + /api/fleet/uninstall_tokens/{uninstallTokenId}: + get: + description: Get one decrypted uninstall token by its ID + operationId: '%2Fapi%2Ffleet%2Funinstall_tokens%2F%7BuninstallTokenId%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: uninstallTokenId + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + item: + additionalProperties: false + type: object + properties: + created_at: + type: string + id: + type: string + namespaces: + items: + type: string + type: array + policy_id: + type: string + policy_name: + nullable: true + type: string + token: + type: string + required: + - id + - policy_id + - created_at + - token + required: + - item + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + description: Generic Error + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + required: + - message + summary: '' + tags: + - Fleet uninstall tokens + /api/lists: + delete: + description: | + Delete a list using the list ID. + > info + > When you delete a list, all of its list items are also deleted. + operationId: DeleteList + parameters: + - description: List's `id` value + in: query + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Lists_API_ListId' + - in: query + name: deleteReferences + required: false + schema: + default: false + type: boolean + - in: query + name: ignoreReferences + required: false + schema: + default: false + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Delete a list + tags: + - Security Lists API + get: + description: Get the details of a list using the list ID. + operationId: ReadList + parameters: + - description: List's `id` value + in: query + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Lists_API_ListId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Get list details + tags: + - Security Lists API + patch: + description: Update specific fields of an existing list using the list ID. + operationId: PatchList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + description: + $ref: '#/components/schemas/Security_Lists_API_ListDescription' + id: + $ref: '#/components/schemas/Security_Lists_API_ListId' + meta: + $ref: '#/components/schemas/Security_Lists_API_ListMetadata' + name: + $ref: '#/components/schemas/Security_Lists_API_ListName' + version: + minimum: 1 + type: integer + required: + - id + description: List's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Patch a list + tags: + - Security Lists API + post: + description: Create a new list. + operationId: CreateList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + description: + $ref: '#/components/schemas/Security_Lists_API_ListDescription' + deserializer: + type: string + id: + $ref: '#/components/schemas/Security_Lists_API_ListId' + meta: + $ref: '#/components/schemas/Security_Lists_API_ListMetadata' + name: + $ref: '#/components/schemas/Security_Lists_API_ListName' + serializer: + type: string + type: + $ref: '#/components/schemas/Security_Lists_API_ListType' + version: + default: 1 + minimum: 1 + type: integer + required: + - name + - description + - type + description: List's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List already exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Create a list + tags: + - Security Lists API + put: + description: > + Update a list using the list ID. The original list is replaced, and all + unspecified fields are deleted. + + > info + + > You cannot modify the `id` value. + operationId: UpdateList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + description: + $ref: '#/components/schemas/Security_Lists_API_ListDescription' + id: + $ref: '#/components/schemas/Security_Lists_API_ListId' + meta: + $ref: '#/components/schemas/Security_Lists_API_ListMetadata' + name: + $ref: '#/components/schemas/Security_Lists_API_ListName' + version: + minimum: 1 + type: integer + required: + - id + - name + - description + description: List's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Update a list + tags: + - Security Lists API + /api/lists/_find: + get: + description: >- + Get a paginated subset of lists. By default, the first page is returned, + with 20 results per page. + operationId: FindLists + parameters: + - description: The page number to return + in: query + name: page + required: false + schema: + type: integer + - description: The number of lists to return per page + in: query + name: per_page + required: false + schema: + type: integer + - description: Determines which field is used to sort the results + in: query + name: sort_field + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_NonEmptyString' + - description: Determines the sort order, which can be `desc` or `asc` + in: query + name: sort_order + required: false + schema: + enum: + - desc + - asc + type: string + - description: > + Returns the list that come after the last list returned in the + previous call + + (use the cursor value returned in the previous call). This parameter + uses + + the `tie_breaker_id` field to ensure all lists are sorted and + returned correctly. + in: query + name: cursor + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_FindListsCursor' + - description: > + Filters the returned results according to the value of the specified + field, + + using the : syntax. + in: query + name: filter + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_FindListsFilter' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + cursor: + $ref: '#/components/schemas/Security_Lists_API_FindListsCursor' + data: + items: + $ref: '#/components/schemas/Security_Lists_API_List' + type: array + page: + minimum: 0 + type: integer + per_page: + minimum: 0 + type: integer + total: + minimum: 0 + type: integer + required: + - data + - page + - per_page + - total + - cursor + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Get lists + tags: + - Security Lists API + /api/lists/index: + delete: + description: Delete the `.lists` and `.items` data streams. + operationId: DeleteListIndex + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + acknowledged: + type: boolean + required: + - acknowledged + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List data stream not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Delete list data streams + tags: + - Security Lists API + get: + description: Verify that `.lists` and `.items` data streams exist. + operationId: ReadListIndex + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + list_index: + type: boolean + list_item_index: + type: boolean + required: + - list_index + - list_item_index + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List data stream(s) not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Get status of list data streams + tags: + - Security Lists API + post: + description: Create `.lists` and `.items` data streams in the relevant space. + operationId: CreateListIndex + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + acknowledged: + type: boolean + required: + - acknowledged + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List data stream exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Create list data streams + tags: + - Security Lists API + /api/lists/items: + delete: + description: Delete a list item using its `id`, or its `list_id` and `value` fields. + operationId: DeleteListItem + parameters: + - description: Required if `list_id` and `value` are not specified + in: query + name: id + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_ListId' + - description: Required if `id` is not specified + in: query + name: list_id + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_ListId' + - description: Required if `id` is not specified + in: query + name: value + required: false + schema: + type: string + - description: >- + Determines when changes made by the request are made visible to + search + in: query + name: refresh + required: false + schema: + default: 'false' + enum: + - 'true' + - 'false' + - wait_for + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: '#/components/schemas/Security_Lists_API_ListItem' + - items: + $ref: '#/components/schemas/Security_Lists_API_ListItem' + type: array + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Delete a list item + tags: + - Security Lists API + get: + description: Get the details of a list item. + operationId: ReadListItem + parameters: + - description: Required if `list_id` and `value` are not specified + in: query + name: id + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_ListId' + - description: Required if `id` is not specified + in: query + name: list_id + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_ListId' + - description: Required if `id` is not specified + in: query + name: value + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: '#/components/schemas/Security_Lists_API_ListItem' + - items: + $ref: '#/components/schemas/Security_Lists_API_ListItem' + type: array + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Get a list item + tags: + - Security Lists API + patch: + description: Update specific fields of an existing list item using the list item ID. + operationId: PatchListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + id: + $ref: '#/components/schemas/Security_Lists_API_ListItemId' + meta: + $ref: '#/components/schemas/Security_Lists_API_ListItemMetadata' + refresh: + description: >- + Determines when changes made by the request are made visible + to search + enum: + - 'true' + - 'false' + - wait_for + type: string + value: + $ref: '#/components/schemas/Security_Lists_API_ListItemValue' + required: + - id + description: List item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_ListItem' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Patch a list item + tags: + - Security Lists API + post: + description: > + Create a list item and associate it with the specified list. + + + All list items in the same list must be the same type. For example, each + list item in an `ip` list must define a specific IP address. + + > info + + > Before creating a list item, you must create a list. + operationId: CreateListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + id: + $ref: '#/components/schemas/Security_Lists_API_ListItemId' + list_id: + $ref: '#/components/schemas/Security_Lists_API_ListId' + meta: + $ref: '#/components/schemas/Security_Lists_API_ListItemMetadata' + refresh: + description: >- + Determines when changes made by the request are made visible + to search + enum: + - 'true' + - 'false' + - wait_for + type: string + value: + $ref: '#/components/schemas/Security_Lists_API_ListItemValue' + required: + - list_id + - value + description: List item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_ListItem' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List item already exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Create a list item + tags: + - Security Lists API + put: + description: > + Update a list item using the list item ID. The original list item is + replaced, and all unspecified fields are deleted. + + > info + + > You cannot modify the `id` value. + operationId: UpdateListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + id: + $ref: '#/components/schemas/Security_Lists_API_ListItemId' + meta: + $ref: '#/components/schemas/Security_Lists_API_ListItemMetadata' + value: + $ref: '#/components/schemas/Security_Lists_API_ListItemValue' + required: + - id + - value + description: List item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_ListItem' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Update a list item + tags: + - Security Lists API + /api/lists/items/_export: + post: + description: Export list item values from the specified list. + operationId: ExportListItems + parameters: + - description: List's id to export + in: query + name: list_id + required: true + schema: + $ref: '#/components/schemas/Security_Lists_API_ListId' + responses: + '200': + content: + application/ndjson; Elastic-Api-Version=2023-10-31: + schema: + description: A `.txt` file containing list items from the specified list + format: binary + type: string + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Export list items + tags: + - Security Lists API + /api/lists/items/_find: + get: + description: Get all list items in the specified list. + operationId: FindListItems + parameters: + - description: List's id + in: query + name: list_id + required: true + schema: + $ref: '#/components/schemas/Security_Lists_API_ListId' + - description: The page number to return + in: query + name: page + required: false + schema: + type: integer + - description: The number of list items to return per page + in: query + name: per_page + required: false + schema: + type: integer + - description: Determines which field is used to sort the results + in: query + name: sort_field + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_NonEmptyString' + - description: Determines the sort order, which can be `desc` or `asc` + in: query + name: sort_order + required: false + schema: + enum: + - desc + - asc + type: string + - description: > + Returns the list that come after the last list returned in the + previous call + + (use the cursor value returned in the previous call). This parameter + uses + + the `tie_breaker_id` field to ensure all lists are sorted and + returned correctly. + in: query + name: cursor + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_FindListItemsCursor' + - description: > + Filters the returned results according to the value of the specified + field, + + using the : syntax. + in: query + name: filter + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_FindListItemsFilter' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + cursor: + $ref: >- + #/components/schemas/Security_Lists_API_FindListItemsCursor + data: + items: + $ref: '#/components/schemas/Security_Lists_API_ListItem' + type: array + page: + minimum: 0 + type: integer + per_page: + minimum: 0 + type: integer + total: + minimum: 0 + type: integer + required: + - data + - page + - per_page + - total + - cursor + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Get list items + tags: + - Security Lists API + /api/lists/items/_import: + post: + description: > + Import list items from a TXT or CSV file. The maximum file size is 9 + million bytes. + + + You can import items to a new or existing list. + operationId: ImportListItems + parameters: + - description: | + List's id. + + Required when importing to an existing list. + in: query + name: list_id + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_ListId' + - description: > + Type of the importing list. + + + Required when importing a new list that is `list_id` is not + specified. + in: query + name: type + required: false + schema: + $ref: '#/components/schemas/Security_Lists_API_ListType' + - in: query + name: serializer + required: false + schema: + type: string + - in: query + name: deserializer + required: false + schema: + type: string + - description: >- + Determines when changes made by the request are made visible to + search + in: query + name: refresh + required: false + schema: + enum: + - 'true' + - 'false' + - wait_for + type: string + requestBody: + content: + multipart/form-data; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + file: + description: >- + A `.txt` or `.csv` file containing newline separated list + items + format: binary + type: string + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: List with specified list_id does not exist response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Import list items + tags: + - Security Lists API + /api/lists/privileges: + get: + operationId: ReadListPrivileges + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + is_authenticated: + type: boolean + listItems: + $ref: '#/components/schemas/Security_Lists_API_ListItemPrivileges' + lists: + $ref: '#/components/schemas/Security_Lists_API_ListPrivileges' + required: + - lists + - listItems + - is_authenticated + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Lists_API_PlatformErrorResponse + - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' + description: Internal server error response + summary: Get list privileges + tags: + - Security Lists API + /api/ml/saved_objects/sync: + get: + description: > + Synchronizes Kibana saved objects for machine learning jobs and trained + models in the default space. You must have `all` privileges for the + **Machine Learning** feature in the **Analytics** section of the Kibana + feature privileges. This API runs automatically when you start Kibana + and periodically thereafter. + operationId: mlSync + parameters: + - $ref: '#/components/parameters/Machine_learning_APIs_simulateParam' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + syncExample: + $ref: '#/components/examples/Machine_learning_APIs_mlSyncExample' + schema: + $ref: '#/components/schemas/Machine_learning_APIs_mlSync200Response' + description: Indicates a successful call + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Machine_learning_APIs_mlSync4xxResponse' + description: Authorization information is missing or invalid. + summary: Sync saved objects in the default space + tags: + - ml + /api/note: + delete: + description: Delete a note from a Timeline using the note ID. + operationId: DeleteNote + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - nullable: true + type: object + properties: + noteId: + type: string + required: + - noteId + - nullable: true + type: object + properties: + noteIds: + items: + type: string + nullable: true + type: array + required: + - noteIds + description: The ID of the note to delete. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + description: Indicates the note was successfully deleted. + summary: Delete a note + tags: + - Security Timeline API + - access:securitySolution + get: + description: Get all notes for a given document. + operationId: GetNotes + parameters: + - in: query + name: documentIds + schema: + $ref: '#/components/schemas/Security_Timeline_API_DocumentIds' + - in: query + name: savedObjectIds + schema: + $ref: '#/components/schemas/Security_Timeline_API_SavedObjectIds' + - in: query + name: page + schema: + nullable: true + type: string + - in: query + name: perPage + schema: + nullable: true + type: string + - in: query + name: search + schema: + nullable: true + type: string + - in: query + name: sortField + schema: + nullable: true + type: string + - in: query + name: sortOrder + schema: + nullable: true + type: string + - in: query + name: filter + schema: + nullable: true + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: '#/components/schemas/Security_Timeline_API_GetNotesResult' + - type: object + description: Indicates the requested notes were returned. + summary: Get notes + tags: + - Security Timeline API + - access:securitySolution + patch: + description: Add a note to a Timeline or update an existing note. + operationId: PersistNoteRoute + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + eventDataView: + nullable: true + type: string + eventIngested: + nullable: true + type: string + eventTimestamp: + nullable: true + type: string + note: + $ref: '#/components/schemas/Security_Timeline_API_BareNote' + noteId: + nullable: true + type: string + overrideOwner: + nullable: true + type: boolean + version: + nullable: true + type: string + required: + - note + description: The note to add or update, along with additional metadata. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistNote: + $ref: >- + #/components/schemas/Security_Timeline_API_ResponseNote + required: + - persistNote + required: + - data + description: Indicates the note was successfully created. + summary: Add or update a note + tags: + - Security Timeline API + - access:securitySolution + /api/osquery/live_queries: + get: + description: Get a list of all live queries. + operationId: OsqueryFindLiveQueries + parameters: + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_FindLiveQueryRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get live queries + tags: + - Security Osquery API + post: + description: Create and run a live query. + operationId: OsqueryCreateLiveQuery + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_CreateLiveQueryRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Create a live query + tags: + - Security Osquery API + /api/osquery/live_queries/{id}: + get: + description: Get the details of a live query using the query ID. + operationId: OsqueryGetLiveQueryDetails + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Osquery_API_Id' + - in: query + name: query + schema: + additionalProperties: true + type: object + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get live query details + tags: + - Security Osquery API + /api/osquery/live_queries/{id}/results/{actionId}: + get: + description: Get the results of a live query using the query action ID. + operationId: OsqueryGetLiveQueryResults + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Osquery_API_Id' + - in: path + name: actionId + required: true + schema: + $ref: '#/components/schemas/Security_Osquery_API_Id' + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_GetLiveQueryResultsRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get live query results + tags: + - Security Osquery API + /api/osquery/packs: + get: + description: Get a list of all query packs. + operationId: OsqueryFindPacks + parameters: + - in: query + name: query + required: true + schema: + $ref: '#/components/schemas/Security_Osquery_API_FindPacksRequestQuery' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get packs + tags: + - Security Osquery API + post: + description: Create a query pack. + operationId: OsqueryCreatePacks + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Osquery_API_CreatePacksRequestBody' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Create a pack + tags: + - Security Osquery API + /api/osquery/packs/{id}: + delete: + description: Delete a query pack using the pack ID. + operationId: OsqueryDeletePacks + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Osquery_API_PackId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Delete a pack + tags: + - Security Osquery API + get: + description: Get the details of a query pack using the pack ID. + operationId: OsqueryGetPacksDetails + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Osquery_API_PackId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get pack details + tags: + - Security Osquery API + put: + description: | + Update a query pack using the pack ID. + > info + > You cannot update a prebuilt pack. + operationId: OsqueryUpdatePacks + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Osquery_API_PackId' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Osquery_API_UpdatePacksRequestBody' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Update a pack + tags: + - Security Osquery API + /api/osquery/saved_queries: + get: + description: Get a list of all saved queries. + operationId: OsqueryFindSavedQueries + parameters: + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_FindSavedQueryRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get saved queries + tags: + - Security Osquery API + post: + description: Create and run a saved query. + operationId: OsqueryCreateSavedQuery + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_CreateSavedQueryRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Create a saved query + tags: + - Security Osquery API + /api/osquery/saved_queries/{id}: + delete: + description: Delete a saved query using the query ID. + operationId: OsqueryDeleteSavedQuery + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Osquery_API_SavedQueryId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Delete a saved query + tags: + - Security Osquery API + get: + description: Get the details of a saved query using the query ID. + operationId: OsqueryGetSavedQueryDetails + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Osquery_API_SavedQueryId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get saved query details + tags: + - Security Osquery API + put: + description: | + Update a saved query using the query ID. + > info + > You cannot update a prebuilt saved query. + operationId: OsqueryUpdateSavedQuery + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Osquery_API_SavedQueryId' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_UpdateSavedQueryRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Osquery_API_DefaultSuccessResponse + description: OK + summary: Update a saved query + tags: + - Security Osquery API + /api/pinned_event: + patch: + description: Pin an event to an existing Timeline. + operationId: PersistPinnedEventRoute + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + eventId: + type: string + pinnedEventId: + nullable: true + type: string + timelineId: + type: string + required: + - eventId + - timelineId + description: The pinned event to add or update, along with additional metadata. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistPinnedEventOnTimeline: + $ref: >- + #/components/schemas/Security_Timeline_API_PersistPinnedEventResponse + required: + - persistPinnedEventOnTimeline + required: + - data + description: Indicates the event was successfully pinned to the Timeline. + summary: Pin an event + tags: + - Security Timeline API + - access:securitySolution + /api/risk_score/engine/dangerously_delete_data: + delete: + description: >- + Cleaning up the the Risk Engine by removing the indices, mapping and + transforms + operationId: CleanUpRiskEngine + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + cleanup_successful: + type: boolean + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_TaskManagerUnavailableResponse + description: Task manager is unavailable + default: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_CleanUpRiskEngineErrorResponse + description: Unexpected error + summary: Cleanup the Risk Engine + tags: + - Security Entity Analytics API + /api/risk_score/engine/schedule_now: + post: + description: >- + Schedule the risk scoring engine to run as soon as possible. You can use + this to recalculate entity risk scores after updating their asset + criticality. + operationId: ScheduleRiskEngineNow + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: {} + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_RiskEngineScheduleNowResponse + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_TaskManagerUnavailableResponse + description: Task manager is unavailable + default: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_RiskEngineScheduleNowErrorResponse + description: Unexpected error + summary: Run the risk scoring engine + tags: + - Security Entity Analytics API + /api/saved_objects/_bulk_create: + post: + deprecated: true + operationId: bulkCreateSavedObjects + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + - description: When true, overwrites the document with the same identifier. + in: query + name: overwrite + schema: + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + type: object + type: array + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request + summary: Create saved objects + tags: + - saved objects + /api/saved_objects/_bulk_delete: + post: + deprecated: true + description: | + WARNING: When you delete a saved object, it cannot be recovered. + operationId: bulkDeleteSavedObjects + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + - description: > + When true, force delete objects that exist in multiple namespaces. + Note that the option applies to the whole request. Use the delete + object API to specify per-object deletion behavior. TIP: Use this if + you attempted to delete objects and received an HTTP 400 error with + the following message: "Unable to delete saved object that exists in + multiple namespaces, use the force option to delete it anyway". + WARNING: When you bulk delete objects that exist in multiple + namespaces, the API also deletes legacy url aliases that reference + the object. These requests are batched to minimise the impact but + they can place a heavy load on Kibana. Make sure you limit the + number of objects that exist in multiple namespaces in a single bulk + delete operation. + in: query + name: force + schema: + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + type: object + type: array + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: > + Indicates a successful call. NOTE: This HTTP response code indicates + that the bulk operation succeeded. Errors pertaining to individual + objects will be returned in the response body. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request + summary: Delete saved objects + tags: + - saved objects + /api/saved_objects/_bulk_get: + post: + deprecated: true + operationId: bulkGetSavedObjects + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + type: object + type: array + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request + summary: Get saved objects + tags: + - saved objects + /api/saved_objects/_bulk_resolve: + post: + deprecated: true + description: > + Retrieve multiple Kibana saved objects by identifier using any legacy + URL aliases if they exist. Under certain circumstances when Kibana is + upgraded, saved object migrations may necessitate regenerating some + object IDs to enable new features. When an object's ID is regenerated, a + legacy URL alias is created for that object, preserving its old ID. In + such a scenario, that object can be retrieved by the bulk resolve API + using either its new ID or its old ID. + operationId: bulkResolveSavedObjects + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + type: object + type: array + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: > + Indicates a successful call. NOTE: This HTTP response code indicates + that the bulk operation succeeded. Errors pertaining to individual + objects will be returned in the response body. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request + summary: Resolve saved objects + tags: + - saved objects + /api/saved_objects/_bulk_update: + post: + deprecated: true + description: Update the attributes for multiple Kibana saved objects. + operationId: bulkUpdateSavedObjects + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + type: object + type: array + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: > + Indicates a successful call. NOTE: This HTTP response code indicates + that the bulk operation succeeded. Errors pertaining to individual + objects will be returned in the response body. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request + summary: Update saved objects + tags: + - saved objects + /api/saved_objects/_export: + post: + description: > + Retrieve sets of saved objects that you want to import into Kibana. + + You must include `type` or `objects` in the request body. + + + Exported saved objects are not backwards compatible and cannot be + imported into an older version of Kibana. + + + NOTE: The `savedObjects.maxImportExportSize` configuration setting + limits the number of saved objects which may be exported. + + + This functionality is in technical preview and may be changed or removed + in a future release. Elastic will work to fix any issues, but features + in technical preview are not subject to the support SLA of official GA + features. + operationId: exportSavedObjectsDefault + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + exportSavedObjectsRequest: + $ref: '#/components/examples/Saved_objects_export_objects_request' + schema: + type: object + properties: + excludeExportDetails: + default: false + description: Do not add export details entry at the end of the stream. + type: boolean + includeReferencesDeep: + description: >- + Includes all of the referenced objects in the exported + objects. + type: boolean + objects: + description: A list of objects to export. + items: + type: object + type: array + type: + description: >- + The saved object types to include in the export. Use `*` to + export all the types. + oneOf: + - type: string + - items: + type: string + type: array + required: true + responses: + '200': + content: + application/x-ndjson; Elastic-Api-Version=2023-10-31: + examples: + exportSavedObjectsResponse: + $ref: '#/components/examples/Saved_objects_export_objects_response' + schema: + additionalProperties: true + type: object + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request. + summary: Export saved objects + tags: + - saved objects + /api/saved_objects/_find: + get: + deprecated: true + description: Retrieve a paginated set of Kibana saved objects. + operationId: findSavedObjects + parameters: + - description: > + An aggregation structure, serialized as a string. The field format + is similar to filter, meaning that to use a saved object type + attribute in the aggregation, the `savedObjectType.attributes.title: + "myTitle"` format must be used. For root fields, the syntax is + `savedObjectType.rootField`. NOTE: As objects change in Kibana, the + results on each page of the response also change. Use the find API + for traditional paginated results, but avoid using it to export + large amounts of data. + in: query + name: aggs + schema: + type: string + - description: The default operator to use for the `simple_query_string`. + in: query + name: default_search_operator + schema: + type: string + - description: The fields to return in the attributes key of the response. + in: query + name: fields + schema: + oneOf: + - type: string + - type: array + - description: > + The filter is a KQL string with the caveat that if you filter with + an attribute from your saved object type, it should look like that: + `savedObjectType.attributes.title: "myTitle"`. However, if you use a + root attribute of a saved object such as `updated_at`, you will have + to define your filter like that: `savedObjectType.updated_at > + 2018-12-22`. + in: query + name: filter + schema: + type: string + - description: >- + Filters to objects that do not have a relationship with the type and + identifier combination. + in: query + name: has_no_reference + schema: + type: object + - description: >- + The operator to use for the `has_no_reference` parameter. Either + `OR` or `AND`. Defaults to `OR`. + in: query + name: has_no_reference_operator + schema: + type: string + - description: >- + Filters to objects that have a relationship with the type and ID + combination. + in: query + name: has_reference + schema: + type: object + - description: >- + The operator to use for the `has_reference` parameter. Either `OR` + or `AND`. Defaults to `OR`. + in: query + name: has_reference_operator + schema: + type: string + - description: The page of objects to return. + in: query + name: page + schema: + type: integer + - description: The number of objects to return per page. + in: query + name: per_page + schema: + type: integer + - description: >- + An Elasticsearch `simple_query_string` query that filters the + objects in the response. + in: query + name: search + schema: + type: string + - description: >- + The fields to perform the `simple_query_string` parsed query + against. + in: query + name: search_fields + schema: + oneOf: + - type: string + - type: array + - description: > + Sorts the response. Includes "root" and "type" fields. "root" fields + exist for all saved objects, such as "updated_at". "type" fields are + specific to an object type, such as fields returned in the + attributes key of the response. When a single type is defined in the + type parameter, the "root" and "type" fields are allowed, and + validity checks are made in that order. When multiple types are + defined in the type parameter, only "root" fields are allowed. + in: query + name: sort_field + schema: + type: string + - description: The saved object types to include. + in: query + name: type + required: true + schema: + oneOf: + - type: string + - type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request + summary: Search for saved objects + tags: + - saved objects + /api/saved_objects/_import: + post: + description: > + Create sets of Kibana saved objects from a file created by the export + API. + + Saved objects can be imported only into the same version, a newer minor + on the same major, or the next major. Exported saved objects are not + backwards compatible and cannot be imported into an older version of + Kibana. + + + This functionality is in technical preview and may be changed or removed + in a future release. Elastic will work to fix any issues, but features + in technical preview are not subject to the support SLA of official GA + features. + operationId: importSavedObjectsDefault + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + - description: > + Creates copies of saved objects, regenerates each object ID, and + resets the origin. When used, potential conflict errors are avoided. + NOTE: This option cannot be used with the `overwrite` and + `compatibilityMode` options. + in: query + name: createNewCopies + required: false + schema: + type: boolean + - description: > + Overwrites saved objects when they already exist. When used, + potential conflict errors are automatically resolved by overwriting + the destination object. NOTE: This option cannot be used with the + `createNewCopies` option. + in: query + name: overwrite + required: false + schema: + type: boolean + - description: > + Applies various adjustments to the saved objects that are being + imported to maintain compatibility between different Kibana + versions. Use this option only if you encounter issues with imported + saved objects. NOTE: This option cannot be used with the + `createNewCopies` option. + in: query + name: compatibilityMode + required: false + schema: + type: boolean + requestBody: + content: + multipart/form-data; Elastic-Api-Version=2023-10-31: + examples: + importObjectsRequest: + $ref: '#/components/examples/Saved_objects_import_objects_request' + schema: + type: object + properties: + file: + description: > + A file exported using the export API. NOTE: The + `savedObjects.maxImportExportSize` configuration setting + limits the number of saved objects which may be included in + this file. Similarly, the + `savedObjects.maxImportPayloadBytes` setting limits the + overall size of the file that can be imported. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + importObjectsResponse: + $ref: '#/components/examples/Saved_objects_import_objects_response' + schema: + type: object + properties: + errors: + description: > + Indicates the import was unsuccessful and specifies the + objects that failed to import. + + + NOTE: One object may result in multiple errors, which + requires separate steps to resolve. For instance, a + `missing_references` error and conflict error. + items: + type: object + type: array + success: + description: > + Indicates when the import was successfully completed. When + set to false, some objects may not have been created. For + additional information, refer to the `errors` and + `successResults` properties. + type: boolean + successCount: + description: Indicates the number of successfully imported records. + type: integer + successResults: + description: > + Indicates the objects that are successfully imported, with + any metadata if applicable. + + + NOTE: Objects are created only when all resolvable errors + are addressed, including conflicts and missing references. + If objects are created as new copies, each entry in the + `successResults` array includes a `destinationId` + attribute. + items: + type: object + type: array + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request. + summary: Import saved objects + tags: + - saved objects + x-codeSamples: + - label: Import with createNewCopies + lang: cURL + source: | + curl \ + -X POST api/saved_objects/_import?createNewCopies=true + -H "kbn-xsrf: true" + --form file=@file.ndjson + /api/saved_objects/_resolve_import_errors: + post: + description: > + To resolve errors from the Import objects API, you can: + + + * Retry certain saved objects + + * Overwrite specific saved objects + + * Change references to different saved objects + + + This functionality is in technical preview and may be changed or removed + in a future release. Elastic will work to fix any issues, but features + in technical preview are not subject to the support SLA of official GA + features. + operationId: resolveImportErrors + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + - description: > + Applies various adjustments to the saved objects that are being + imported to maintain compatibility between different Kibana + versions. When enabled during the initial import, also enable when + resolving import errors. This option cannot be used with the + `createNewCopies` option. + in: query + name: compatibilityMode + required: false + schema: + type: boolean + - description: > + Creates copies of the saved objects, regenerates each object ID, and + resets the origin. When enabled during the initial import, also + enable when resolving import errors. + in: query + name: createNewCopies + required: false + schema: + type: boolean + requestBody: + content: + multipart/form-data; Elastic-Api-Version=2023-10-31: + examples: + resolveImportErrorsRequest: + $ref: >- + #/components/examples/Saved_objects_resolve_missing_reference_request + schema: + type: object + properties: + file: + description: The same file given to the import API. + format: binary + type: string + retries: + description: >- + The retry operations, which can specify how to resolve + different types of errors. + items: + type: object + properties: + destinationId: + description: >- + Specifies the destination ID that the imported object + should have, if different from the current ID. + type: string + id: + description: The saved object ID. + type: string + ignoreMissingReferences: + description: >- + When set to `true`, ignores missing reference errors. + When set to `false`, does nothing. + type: boolean + overwrite: + description: >- + When set to `true`, the source object overwrites the + conflicting destination object. When set to `false`, + does nothing. + type: boolean + replaceReferences: + description: >- + A list of `type`, `from`, and `to` used to change the + object references. + items: + type: object + properties: + from: + type: string + to: + type: string + type: + type: string + type: array + type: + description: The saved object type. + type: string + required: + - type + - id + type: array + required: + - retries + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + resolveImportErrorsResponse: + $ref: >- + #/components/examples/Saved_objects_resolve_missing_reference_response + schema: + type: object + properties: + errors: + description: > + Specifies the objects that failed to resolve. + + + NOTE: One object can result in multiple errors, which + requires separate steps to resolve. For instance, a + `missing_references` error and a `conflict` error. + items: + type: object + type: array + success: + description: > + Indicates a successful import. When set to `false`, some + objects may not have been created. For additional + information, refer to the `errors` and `successResults` + properties. + type: boolean + successCount: + description: | + Indicates the number of successfully resolved records. + type: number + successResults: + description: > + Indicates the objects that are successfully imported, with + any metadata if applicable. + + + NOTE: Objects are only created when all resolvable errors + are addressed, including conflict and missing references. + items: + type: object + type: array + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request. + summary: Resolve import errors + tags: + - saved objects + /api/saved_objects/{type}: + post: + deprecated: true + description: Create a Kibana saved object with a randomly generated identifier. + operationId: createSavedObject + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + - $ref: '#/components/parameters/Saved_objects_saved_object_type' + - description: If true, overwrites the document with the same identifier. + in: query + name: overwrite + schema: + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + attributes: + $ref: '#/components/schemas/Saved_objects_attributes' + initialNamespaces: + $ref: '#/components/schemas/Saved_objects_initial_namespaces' + references: + $ref: '#/components/schemas/Saved_objects_references' + required: + - attributes + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a successful call. + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a conflict error. + summary: Create a saved object + tags: + - saved objects + /api/saved_objects/{type}/{id}: + get: + deprecated: true + description: Retrieve a single Kibana saved object by identifier. + operationId: getSavedObject + parameters: + - $ref: '#/components/parameters/Saved_objects_saved_object_id' + - $ref: '#/components/parameters/Saved_objects_saved_object_type' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request. + summary: Get a saved object + tags: + - saved objects + post: + deprecated: true + description: >- + Create a Kibana saved object and specify its identifier instead of using + a randomly generated ID. + operationId: createSavedObjectId + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + - $ref: '#/components/parameters/Saved_objects_saved_object_id' + - $ref: '#/components/parameters/Saved_objects_saved_object_type' + - description: If true, overwrites the document with the same identifier. + in: query + name: overwrite + schema: + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + attributes: + $ref: '#/components/schemas/Saved_objects_attributes' + initialNamespaces: + $ref: '#/components/schemas/Saved_objects_initial_namespaces' + references: + $ref: '#/components/schemas/Saved_objects_initial_namespaces' + required: + - attributes + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a successful call. + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a conflict error. + summary: Create a saved object + tags: + - saved objects + put: + deprecated: true + description: Update the attributes for Kibana saved objects. + operationId: updateSavedObject + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + - $ref: '#/components/parameters/Saved_objects_saved_object_id' + - $ref: '#/components/parameters/Saved_objects_saved_object_type' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a successful call. + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates the object was not found. + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a conflict error. + summary: Update a saved object + tags: + - saved objects + /api/saved_objects/resolve/{type}/{id}: + get: + deprecated: true + description: > + Retrieve a single Kibana saved object by identifier using any legacy URL + alias if it exists. Under certain circumstances, when Kibana is + upgraded, saved object migrations may necessitate regenerating some + object IDs to enable new features. When an object's ID is regenerated, a + legacy URL alias is created for that object, preserving its old ID. In + such a scenario, that object can be retrieved using either its new ID or + its old ID. + operationId: resolveSavedObject + parameters: + - $ref: '#/components/parameters/Saved_objects_saved_object_id' + - $ref: '#/components/parameters/Saved_objects_saved_object_type' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request. + summary: Resolve a saved object + tags: + - saved objects + /api/security_ai_assistant/anonymization_fields/_bulk_action: + post: + description: >- + Apply a bulk action to multiple anonymization fields. The bulk action is + applied to all anonymization fields that match the filter or to the list + of anonymization fields by their IDs. + operationId: PerformAnonymizationFieldsBulkAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + create: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldCreateProps + type: array + delete: + type: object + properties: + ids: + description: Array of anonymization fields IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter anonymization fields + type: string + update: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldUpdateProps + type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldsBulkCrudActionResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Apply a bulk action to anonymization fields + tags: + - Security AI Assistant API + - Bulk API + /api/security_ai_assistant/anonymization_fields/_find: + get: + description: Get a list of all anonymization fields. + operationId: FindAnonymizationFields + parameters: + - in: query + name: fields + required: false + schema: + items: + type: string + type: array + - description: Search query + in: query + name: filter + required: false + schema: + type: string + - description: Field to sort by + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_FindAnonymizationFieldsSortField + - description: Sort order + in: query + name: sort_order + required: false + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_SortOrder' + - description: Page number + in: query + name: page + required: false + schema: + default: 1 + minimum: 1 + type: integer + - description: AnonymizationFields per page + in: query + name: per_page + required: false + schema: + default: 20 + minimum: 0 + type: integer + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldResponse + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + required: + - page + - perPage + - total + - data + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Get anonymization fields + tags: + - Security AI Assistant API + - AnonymizationFields API + /api/security_ai_assistant/chat/complete: + post: + description: Create a model response for the given chat conversation. + operationId: ChatComplete + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_ChatCompleteProps' + required: true + responses: + '200': + content: + application/octet-stream; Elastic-Api-Version=2023-10-31: + schema: + format: binary + type: string + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Create a model response + tags: + - Security AI Assistant API + - Chat Complete API + /api/security_ai_assistant/current_user/conversations: + post: + description: Create a new Security AI Assistant conversation. + operationId: CreateConversation + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationCreateProps + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Create a conversation + tags: + - Security AI Assistant API + - Conversation API + /api/security_ai_assistant/current_user/conversations/_find: + get: + description: Get a list of all conversations for the current user. + operationId: FindConversations + parameters: + - in: query + name: fields + required: false + schema: + items: + type: string + type: array + - description: Search query + in: query + name: filter + required: false + schema: + type: string + - description: Field to sort by + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_FindConversationsSortField + - description: Sort order + in: query + name: sort_order + required: false + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_SortOrder' + - description: Page number + in: query + name: page + required: false + schema: + default: 1 + minimum: 1 + type: integer + - description: Conversations per page + in: query + name: per_page + required: false + schema: + default: 20 + minimum: 0 + type: integer + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + required: + - page + - perPage + - total + - data + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Get conversations + tags: + - Security AI Assistant API + - Conversations API + /api/security_ai_assistant/current_user/conversations/{id}: + delete: + description: Delete an existing conversation using the conversation ID. + operationId: DeleteConversation + parameters: + - description: The conversation's `id` value. + in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Delete a conversation + tags: + - Security AI Assistant API + - Conversation API + get: + description: Get the details of an existing conversation using the conversation ID. + operationId: ReadConversation + parameters: + - description: The conversation's `id` value. + in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Get a conversation + tags: + - Security AI Assistant API + - Conversations API + put: + description: Update an existing conversation using the conversation ID. + operationId: UpdateConversation + parameters: + - description: The conversation's `id` value. + in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationUpdateProps + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Update a conversation + tags: + - Security AI Assistant API + - Conversation API + /api/security_ai_assistant/prompts/_bulk_action: + post: + description: >- + Apply a bulk action to multiple prompts. The bulk action is applied to + all prompts that match the filter or to the list of prompts by their + IDs. + operationId: PerformPromptsBulkAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + create: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptCreateProps + type: array + delete: + type: object + properties: + ids: + description: Array of prompts IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter promps + type: string + update: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptUpdateProps + type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptsBulkCrudActionResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Apply a bulk action to prompts + tags: + - Security AI Assistant API + - Bulk API + /api/security_ai_assistant/prompts/_find: + get: + description: Get a list of all prompts. + operationId: FindPrompts + parameters: + - in: query + name: fields + required: false + schema: + items: + type: string + type: array + - description: Search query + in: query + name: filter + required: false + schema: + type: string + - description: Field to sort by + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_FindPromptsSortField + - description: Sort order + in: query + name: sort_order + required: false + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_SortOrder' + - description: Page number + in: query + name: page + required: false + schema: + default: 1 + minimum: 1 + type: integer + - description: Prompts per page + in: query + name: per_page + required: false + schema: + default: 20 + minimum: 0 + type: integer + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptResponse + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + required: + - page + - perPage + - total + - data + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Get prompts + tags: + - Security AI Assistant API + - Prompts API + /api/security/role: + get: + operationId: '%2Fapi%2Fsecurity%2Frole#0' + parameters: [] + responses: {} + summary: Get all roles + tags: + - roles + /api/security/role/{name}: + delete: + operationId: '%2Fapi%2Fsecurity%2Frole%2F%7Bname%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: name + required: true + schema: + minLength: 1 + type: string + responses: {} + summary: Delete a role + tags: + - roles + get: + operationId: '%2Fapi%2Fsecurity%2Frole%2F%7Bname%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: name + required: true + schema: + minLength: 1 + type: string + responses: {} + summary: Get a role + tags: + - roles + put: + operationId: '%2Fapi%2Fsecurity%2Frole%2F%7Bname%7D#2' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: name + required: true + schema: + maxLength: 1024 + minLength: 1 + type: string + - in: query + name: createOnly + required: false + schema: + default: false + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + description: + maxLength: 2048 + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + cluster: + items: + type: string + type: array + indices: + items: + additionalProperties: false + type: object + properties: + allow_restricted_indices: + type: boolean + field_security: + additionalProperties: + items: + type: string + type: array + type: object + names: + items: + type: string + minItems: 1 + type: array + privileges: + items: + type: string + minItems: 1 + type: array + query: + type: string + required: + - names + - privileges + type: array + remote_cluster: + items: + additionalProperties: false + type: object + properties: + clusters: + items: + type: string + minItems: 1 + type: array + privileges: + items: + type: string + minItems: 1 + type: array + required: + - privileges + - clusters + type: array + remote_indices: + items: + additionalProperties: false + type: object + properties: + allow_restricted_indices: + type: boolean + clusters: + items: + type: string + minItems: 1 + type: array + field_security: + additionalProperties: + items: + type: string + type: array + type: object + names: + items: + type: string + minItems: 1 + type: array + privileges: + items: + type: string + minItems: 1 + type: array + query: + type: string + required: + - clusters + - names + - privileges + type: array + run_as: + items: + type: string + type: array + kibana: + items: + additionalProperties: false + type: object + properties: + base: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - items: + type: string + type: array + - items: + type: string + type: array + feature: + additionalProperties: + items: + type: string + type: array + type: object + spaces: + anyOf: + - items: + enum: + - '*' + type: string + maxItems: 1 + minItems: 1 + type: array + - items: + type: string + type: array + default: + - '*' + required: + - base + type: array + metadata: + additionalProperties: {} + type: object + required: + - elasticsearch + responses: {} + summary: Create or update a role + tags: + - roles + /api/security/roles: + post: + operationId: '%2Fapi%2Fsecurity%2Froles#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + roles: + additionalProperties: + additionalProperties: false + type: object + properties: + description: + maxLength: 2048 + type: string + elasticsearch: + additionalProperties: false + type: object + properties: + cluster: + items: + type: string + type: array + indices: + items: + additionalProperties: false + type: object + properties: + allow_restricted_indices: + type: boolean + field_security: + additionalProperties: + items: + type: string + type: array + type: object + names: + items: + type: string + minItems: 1 + type: array + privileges: + items: + type: string + minItems: 1 + type: array + query: + type: string + required: + - names + - privileges + type: array + remote_cluster: + items: + additionalProperties: false + type: object + properties: + clusters: + items: + type: string + minItems: 1 + type: array + privileges: + items: + type: string + minItems: 1 + type: array + required: + - privileges + - clusters + type: array + remote_indices: + items: + additionalProperties: false + type: object + properties: + allow_restricted_indices: + type: boolean + clusters: + items: + type: string + minItems: 1 + type: array + field_security: + additionalProperties: + items: + type: string + type: array + type: object + names: + items: + type: string + minItems: 1 + type: array + privileges: + items: + type: string + minItems: 1 + type: array + query: + type: string + required: + - clusters + - names + - privileges + type: array + run_as: + items: + type: string + type: array + kibana: + items: + additionalProperties: false + type: object + properties: + base: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - items: + type: string + type: array + - items: + type: string + type: array + feature: + additionalProperties: + items: + type: string + type: array + type: object + spaces: + anyOf: + - items: + enum: + - '*' + type: string + maxItems: 1 + minItems: 1 + type: array + - items: + type: string + type: array + default: + - '*' + required: + - base + type: array + metadata: + additionalProperties: {} + type: object + required: + - elasticsearch + type: object + required: + - roles + responses: {} + summary: Create or update roles + tags: + - roles + /api/spaces/_copy_saved_objects: + post: + description: Copy saved objects to spaces + operationId: '%2Fapi%2Fspaces%2F_copy_saved_objects#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + compatibilityMode: + default: false + type: boolean + createNewCopies: + default: true + type: boolean + includeReferences: + default: false + type: boolean + objects: + items: + additionalProperties: false + type: object + properties: + id: + type: string + type: + type: string + required: + - type + - id + type: array + overwrite: + default: false + type: boolean + spaces: + items: + type: string + type: array + required: + - spaces + - objects + responses: {} + summary: '' + tags: [] + /api/spaces/_disable_legacy_url_aliases: + post: + description: Disable legacy URL aliases + operationId: '%2Fapi%2Fspaces%2F_disable_legacy_url_aliases#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + aliases: + items: + additionalProperties: false + type: object + properties: + sourceId: + type: string + targetSpace: + type: string + targetType: + type: string + required: + - targetSpace + - targetType + - sourceId + type: array + required: + - aliases + responses: {} + summary: '' + tags: [] + /api/spaces/_get_shareable_references: + post: + description: Get shareable references + operationId: '%2Fapi%2Fspaces%2F_get_shareable_references#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + objects: + items: + additionalProperties: false + type: object + properties: + id: + type: string + type: + type: string + required: + - type + - id + type: array + required: + - objects + responses: {} + summary: '' + tags: [] + /api/spaces/_resolve_copy_saved_objects_errors: + post: + description: Resolve conflicts copying saved objects + operationId: '%2Fapi%2Fspaces%2F_resolve_copy_saved_objects_errors#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + compatibilityMode: + default: false + type: boolean + createNewCopies: + default: true + type: boolean + includeReferences: + default: false + type: boolean + objects: + items: + additionalProperties: false + type: object + properties: + id: + type: string + type: + type: string + required: + - type + - id + type: array + retries: + additionalProperties: + items: + additionalProperties: false + type: object + properties: + createNewCopy: + type: boolean + destinationId: + type: string + id: + type: string + ignoreMissingReferences: + type: boolean + overwrite: + default: false + type: boolean + type: + type: string + required: + - type + - id + type: array + type: object + required: + - retries + - objects + responses: {} + summary: '' + tags: [] + /api/spaces/_update_objects_spaces: + post: + description: Update saved objects in spaces + operationId: '%2Fapi%2Fspaces%2F_update_objects_spaces#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + objects: + items: + additionalProperties: false + type: object + properties: + id: + type: string + type: + type: string + required: + - type + - id + type: array + spacesToAdd: + items: + type: string + type: array + spacesToRemove: + items: + type: string + type: array + required: + - objects + - spacesToAdd + - spacesToRemove + responses: {} + summary: '' + tags: [] + /api/spaces/space: + get: + description: Get all spaces + operationId: '%2Fapi%2Fspaces%2Fspace#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: query + name: purpose + required: false + schema: + enum: + - any + - copySavedObjectsIntoSpace + - shareSavedObjectsIntoSpace + type: string + - in: query + name: include_authorized_purposes + required: true + schema: + anyOf: + - items: {} + type: array + - type: boolean + - type: number + - type: object + - type: string + nullable: true + oneOf: + - enum: + - false + type: boolean + x-oas-optional: true + - type: boolean + x-oas-optional: true + responses: {} + summary: '' + tags: + - spaces + post: + description: Create a space + operationId: '%2Fapi%2Fspaces%2Fspace#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + _reserved: + type: boolean + color: + type: string + description: + type: string + disabledFeatures: + default: [] + items: + type: string + type: array + id: + type: string + imageUrl: + type: string + initials: + maxLength: 2 + type: string + name: + minLength: 1 + type: string + solution: + enum: + - security + - oblt + - es + - classic + type: string + required: + - id + - name + responses: {} + summary: '' + tags: + - spaces + /api/spaces/space/{id}: + delete: + description: Delete a space + operationId: '%2Fapi%2Fspaces%2Fspace%2F%7Bid%7D#2' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: id + required: true + schema: + type: string + responses: {} + summary: '' + tags: + - spaces + get: + description: Get a space + operationId: '%2Fapi%2Fspaces%2Fspace%2F%7Bid%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - in: path + name: id + required: true + schema: + type: string + responses: {} + summary: '' + tags: + - spaces + put: + description: Update a space + operationId: '%2Fapi%2Fspaces%2Fspace%2F%7Bid%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: id + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + _reserved: + type: boolean + color: + type: string + description: + type: string + disabledFeatures: + default: [] + items: + type: string + type: array + id: + type: string + imageUrl: + type: string + initials: + maxLength: 2 + type: string + name: + minLength: 1 + type: string + solution: + enum: + - security + - oblt + - es + - classic + type: string + required: + - id + - name + responses: {} + summary: '' + tags: + - spaces + /api/status: + get: + operationId: '%2Fapi%2Fstatus#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: Set to "true" to get the response in v7 format. + in: query + name: v7format + required: false + schema: + type: boolean + - description: Set to "true" to get the response in v8 format. + in: query + name: v8format + required: false + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + anyOf: + - $ref: '#/components/schemas/Kibana_HTTP_APIs_core_status_response' + - $ref: >- + #/components/schemas/Kibana_HTTP_APIs_core_status_redactedResponse + description: >- + Kibana's operational status. A minimal response is sent for + unauthorized users. + description: Overall status is OK and Kibana should be functioning normally. + '503': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + anyOf: + - $ref: '#/components/schemas/Kibana_HTTP_APIs_core_status_response' + - $ref: >- + #/components/schemas/Kibana_HTTP_APIs_core_status_redactedResponse + description: >- + Kibana's operational status. A minimal response is sent for + unauthorized users. + description: >- + Kibana or some of it's essential services are unavailable. Kibana + may be degraded or unavailable. + summary: Get Kibana's current status + tags: + - system + /api/timeline: + delete: + description: Delete one or more Timelines or Timeline templates. + operationId: DeleteTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + savedObjectIds: + items: + type: string + type: array + searchIds: + description: >- + Saved search ids that should be deleted alongside the + timelines + items: + type: string + type: array + required: + - savedObjectIds + description: The IDs of the Timelines or Timeline templates to delete. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + deleteTimeline: + type: boolean + required: + - deleteTimeline + required: + - data + description: Indicates the Timeline was successfully deleted. + summary: Delete Timelines or Timeline templates + tags: + - Security Timeline API + - access:securitySolution + get: + description: Get the details of an existing saved Timeline or Timeline template. + operationId: GetTimeline + parameters: + - description: The ID of the template timeline to retrieve + in: query + name: template_timeline_id + schema: + type: string + - description: The ID of the Timeline to retrieve. + in: query + name: id + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - type: object + properties: + data: + type: object + properties: + getOneTimeline: + $ref: >- + #/components/schemas/Security_Timeline_API_TimelineResponse + required: + - getOneTimeline + required: + - data + - additionalProperties: false + type: object + description: Indicates that the (template) Timeline was found and returned. + summary: Get Timeline or Timeline template details + tags: + - Security Timeline API + - access:securitySolution + patch: + description: >- + Update an existing Timeline. You can update the title, description, date + range, pinned events, pinned queries, and/or pinned saved queries of an + existing Timeline. + operationId: PatchTimeline + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + timeline: + $ref: '#/components/schemas/Security_Timeline_API_SavedTimeline' + timelineId: + nullable: true + type: string + version: + nullable: true + type: string + required: + - timelineId + - version + - timeline + description: The Timeline updates, along with the Timeline ID and version. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Timeline_API_PersistTimelineResponse + description: >- + Indicates that the draft Timeline was successfully created. In the + event the user already has a draft Timeline, the existing draft + Timeline is cleared and returned. + '405': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: >- + Indicates that the user does not have the required access to create + a draft Timeline. + summary: Update a Timeline + tags: + - Security Timeline API + - access:securitySolution + post: + description: Create a new Timeline or Timeline template. + operationId: CreateTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + status: + $ref: '#/components/schemas/Security_Timeline_API_TimelineStatus' + nullable: true + templateTimelineId: + nullable: true + type: string + templateTimelineVersion: + nullable: true + type: number + timeline: + $ref: '#/components/schemas/Security_Timeline_API_SavedTimeline' + timelineId: + nullable: true + type: string + timelineType: + $ref: '#/components/schemas/Security_Timeline_API_TimelineType' + nullable: true + version: + nullable: true + type: string + required: + - timeline + description: >- + The required Timeline fields used to create a new Timeline, along with + optional fields that will be created if not provided. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Timeline_API_PersistTimelineResponse + description: Indicates the Timeline was successfully created. + '405': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: Indicates that there was an error in the Timeline creation. + summary: Create a Timeline or Timeline template + tags: + - Security Timeline API + - access:securitySolution + /api/timeline/_copy: + get: + description: | + Copies and returns a timeline or timeline template. + operationId: CopyTimeline + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + timeline: + $ref: '#/components/schemas/Security_Timeline_API_SavedTimeline' + timelineIdToCopy: + type: string + required: + - timeline + - timelineIdToCopy + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Timeline_API_PersistTimelineResponse + description: Indicates that the timeline has been successfully copied. + summary: Copies timeline or timeline template + tags: + - Security Timeline API + - access:securitySolution + /api/timeline/_draft: + get: + description: >- + Get the details of the draft Timeline or Timeline template for the + current user. If the user doesn't have a draft Timeline, an empty + Timeline is returned. + operationId: GetDraftTimelines + parameters: + - in: query + name: timelineType + required: true + schema: + $ref: '#/components/schemas/Security_Timeline_API_TimelineType' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Timeline_API_PersistTimelineResponse + description: Indicates that the draft Timeline was successfully retrieved. + '403': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + message: + type: string + status_code: + type: number + description: >- + If a draft Timeline was not found and we attempted to create one, it + indicates that the user does not have the required permissions to + create a draft Timeline. + '409': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + message: + type: string + status_code: + type: number + description: >- + This should never happen, but if a draft Timeline was not found and + we attempted to create one, it indicates that there is already a + draft Timeline with the given `timelineId`. + summary: Get draft Timeline or Timeline template details + tags: + - Security Timeline API + - access:securitySolution + post: + description: > + Create a clean draft Timeline or Timeline template for the current user. + + > info + + > If the user already has a draft Timeline, the existing draft Timeline + is cleared and returned. + operationId: CleanDraftTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + timelineType: + $ref: '#/components/schemas/Security_Timeline_API_TimelineType' + required: + - timelineType + description: >- + The type of Timeline to create. Valid values are `default` and + `template`. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Timeline_API_PersistTimelineResponse + description: >- + Indicates that the draft Timeline was successfully created. In the + event the user already has a draft Timeline, the existing draft + Timeline is cleared and returned. + '403': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + message: + type: string + status_code: + type: number + description: >- + Indicates that the user does not have the required permissions to + create a draft Timeline. + '409': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + message: + type: string + status_code: + type: number + description: >- + Indicates that there is already a draft Timeline with the given + `timelineId`. + summary: Create a clean draft Timeline or Timeline template + tags: + - Security Timeline API + - access:securitySolution + /api/timeline/_export: + post: + description: Export Timelines as an NDJSON file. + operationId: ExportTimelines + parameters: + - description: The name of the file to export + in: query + name: file_name + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + ids: + items: + type: string + nullable: true + type: array + description: The IDs of the Timelines to export. + required: true + responses: + '200': + content: + application/ndjson; Elastic-Api-Version=2023-10-31: + schema: + description: NDJSON of the exported Timelines + type: string + description: Indicates the Timelines were successfully exported. + '400': + content: + application/ndjson; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: Indicates that the export size limit was exceeded. + summary: Export Timelines + tags: + - Security Timeline API + - access:securitySolution + /api/timeline/_favorite: + patch: + description: Favorite a Timeline or Timeline template for the current user. + operationId: PersistFavoriteRoute + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + templateTimelineId: + nullable: true + type: string + templateTimelineVersion: + nullable: true + type: number + timelineId: + nullable: true + type: string + timelineType: + $ref: '#/components/schemas/Security_Timeline_API_TimelineType' + nullable: true + required: + - timelineId + - templateTimelineId + - templateTimelineVersion + - timelineType + description: The required fields used to favorite a (template) Timeline. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistFavorite: + $ref: >- + #/components/schemas/Security_Timeline_API_FavoriteTimelineResponse + required: + - persistFavorite + required: + - data + description: Indicates the favorite status was successfully updated. + '403': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: >- + Indicates the user does not have the required permissions to persist + the favorite status. + summary: Favorite a Timeline or Timeline template + tags: + - Security Timeline API + - access:securitySolution + /api/timeline/_import: + post: + description: Import Timelines. + operationId: ImportTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + file: {} + isImmutable: + enum: + - 'true' + - 'false' + type: string + required: + - file + description: The Timelines to import as a readable stream. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Timeline_API_ImportTimelineResult + description: Indicates the import of Timelines was successful. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + id: + type: string + statusCode: + type: number + description: >- + Indicates the import of Timelines was unsuccessful because of an + invalid file extension. + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + id: + type: string + statusCode: + type: number + description: >- + Indicates that we were unable to locate the saved object client + necessary to handle the import. + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + id: + type: string + statusCode: + type: number + description: Indicates the import of Timelines was unsuccessful. + summary: Import Timelines + tags: + - Security Timeline API + - access:securitySolution + /api/timeline/_prepackaged: + post: + description: Install or update prepackaged Timelines. + operationId: InstallPrepackedTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + prepackagedTimelines: + items: + $ref: >- + #/components/schemas/Security_Timeline_API_TimelineSavedToReturnObject + nullable: true + type: array + timelinesToInstall: + items: + $ref: '#/components/schemas/Security_Timeline_API_ImportTimelines' + nullable: true + type: array + timelinesToUpdate: + items: + $ref: '#/components/schemas/Security_Timeline_API_ImportTimelines' + nullable: true + type: array + required: + - timelinesToInstall + - timelinesToUpdate + - prepackagedTimelines + description: The Timelines to install or update. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Timeline_API_ImportTimelineResult + description: Indicates the installation of prepackaged Timelines was successful. + '500': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: >- + Indicates the installation of prepackaged Timelines was + unsuccessful. + summary: Install prepackaged Timelines + tags: + - Security Timeline API + - access:securitySolution + /api/timeline/resolve: + get: + operationId: ResolveTimeline + parameters: + - description: The ID of the template timeline to resolve + in: query + name: template_timeline_id + schema: + type: string + - description: The ID of the timeline to resolve + in: query + name: id + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - type: object + properties: + data: + $ref: >- + #/components/schemas/Security_Timeline_API_ResolvedTimeline + required: + - data + - additionalProperties: false + type: object + description: The (template) Timeline has been found + '400': + description: The request is missing parameters + '404': + description: The (template) Timeline was not found + summary: Get an existing saved Timeline or Timeline template + tags: + - Security Timeline API + - access:securitySolution + /api/timelines: + get: + description: Get a list of all saved Timelines or Timeline templates. + operationId: GetTimelines + parameters: + - description: >- + If true, only timelines that are marked as favorites by the user are + returned. + in: query + name: only_user_favorite + schema: + enum: + - 'true' + - 'false' + nullable: true + type: string + - in: query + name: timeline_type + schema: + $ref: '#/components/schemas/Security_Timeline_API_TimelineType' + nullable: true + - in: query + name: sort_field + schema: + $ref: '#/components/schemas/Security_Timeline_API_SortFieldTimeline' + - in: query + name: sort_order + schema: + enum: + - asc + - desc + type: string + - in: query + name: page_size + schema: + nullable: true + type: string + - in: query + name: page_index + schema: + nullable: true + type: string + - in: query + name: search + schema: + nullable: true + type: string + - in: query + name: status + schema: + $ref: '#/components/schemas/Security_Timeline_API_TimelineStatus' + nullable: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + customTemplateTimelineCount: + type: number + defaultTimelineCount: + type: number + elasticTemplateTimelineCount: + type: number + favoriteCount: + type: number + templateTimelineCount: + type: number + timeline: + items: + $ref: >- + #/components/schemas/Security_Timeline_API_TimelineResponse + type: array + totalCount: + type: number + required: + - timeline + - totalCount + description: Indicates that the (template) Timelines were found and returned. + '400': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: Bad request. The user supplied invalid data. + summary: Get Timelines or Timeline templates + tags: + - Security Timeline API + - access:securitySolution + /s/{spaceId}/api/observability/slos: + get: + description: > + You must have the `read` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: findSlosOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - description: A valid kql query to filter the SLO with + example: 'slo.name:latency* and slo.tags : "prod"' + in: query + name: kqlQuery + schema: + type: string + - description: The page to use for pagination, must be greater or equal than 1 + example: 1 + in: query + name: page + schema: + default: 1 + type: integer + - description: Number of SLOs returned by page + example: 25 + in: query + name: perPage + schema: + default: 25 + maximum: 5000 + type: integer + - description: Sort by field + example: status + in: query + name: sortBy + schema: + default: status + enum: + - sli_value + - status + - error_budget_consumed + - error_budget_remaining + type: string + - description: Sort order + example: asc + in: query + name: sortDirection + schema: + default: asc + enum: + - asc + - desc + type: string + - description: >- + Hide stale SLOs from the list as defined by stale SLO threshold in + SLO settings + in: query + name: hideStale + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_find_slo_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Get a paginated list of SLOs + tags: + - slo + post: + description: > + You must have `all` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: createSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_create_slo_request' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_create_slo_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_409_response' + description: Conflict - The SLO id already exists + summary: Create an SLO + tags: + - slo + /s/{spaceId}/api/observability/slos/_delete_instances: + post: + description: > + The deletion occurs for the specified list of `sloId` and `instanceId`. + You must have `all` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: deleteSloInstancesOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_delete_slo_instances_request' + required: true + responses: + '204': + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + summary: Batch delete rollup and summary data + tags: + - slo + /s/{spaceId}/api/observability/slos/{sloId}: + delete: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: deleteSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + responses: + '204': + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Delete an SLO + tags: + - slo + get: + description: > + You must have the `read` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: getSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + - description: the specific instanceId used by the summary calculation + example: host-abcde + in: query + name: instanceId + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_slo_with_summary_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Get an SLO + tags: + - slo + put: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: updateSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_update_slo_request' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_slo_definition_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Update an SLO + tags: + - slo + /s/{spaceId}/api/observability/slos/{sloId}/_reset: + post: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: resetSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + responses: + '204': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_slo_definition_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Reset an SLO + tags: + - slo + /s/{spaceId}/api/observability/slos/{sloId}/disable: + post: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: disableSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + responses: + '200': + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Disable an SLO + tags: + - slo + /s/{spaceId}/api/observability/slos/{sloId}/enable: + post: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: enableSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + responses: + '204': + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Enable an SLO + tags: + - slo +components: + examples: + Alerting_get_health_response: + summary: Retrieve information about the health of the alerting framework. + value: + alerting_framework_health: + decryption_health: + status: ok + timestamp: '2023-01-13T01:28:00.280Z' + execution_health: + status: ok + timestamp: '2023-01-13T01:28:00.280Z' + read_health: + status: ok + timestamp: '2023-01-13T01:28:00.280Z' + has_permanent_encryption_key: true + is_sufficiently_secure: true + Alerting_get_rule_types_response: + summary: Retrieve rule types associated with Kibana machine learning features + value: + - action_groups: + - id: anomaly_score_match + name: Anomaly score matched the condition + - id: recovered + name: Recovered + action_variables: + context: + - description: The bucket timestamp of the anomaly + name: timestamp + - description: The bucket time of the anomaly in ISO8601 format + name: timestampIso8601 + - description: List of job IDs that triggered the alert + name: jobIds + - description: Alert info message + name: message + - description: Indicate if top hits contain interim results + name: isInterim + - description: Anomaly score at the time of the notification action + name: score + - description: Top records + name: topRecords + - description: Top influencers + name: topInfluencers + - description: URL to open in the Anomaly Explorer + name: anomalyExplorerUrl + useWithTripleBracesInTemplates: true + params: [] + state: [] + alerts: + context: ml.anomaly-detection + mappings: + fieldMap: + kibana.alert.anomaly_score: + array: false + type: double + required: false + kibana.alert.anomaly_timestamp: + array: false + type: date + required: false + kibana.alert.is_interim: + array: false + type: boolean + required: false + kibana.alert.job_id: + array: false + type: keyword + required: true + kibana.alert.top_influencers: + array: true + dynamic: false + type: object + properties: + influencer_field_name: + type: keyword + influencer_field_value: + type: keyword + influencer_score: + type: double + initial_influencer_score: + type: double + is_interim: + type: boolean + job_id: + type: keyword + timestamp: + type: date + required: false + kibana.alert.top_records: + array: true + dynamic: false + type: object + properties: + actual: + type: double + by_field_name: + type: keyword + by_field_value: + type: keyword + detector_index: + type: integer + field_name: + type: keyword + function: + type: keyword + initial_record_score: + type: double + is_interim: + type: boolean + job_id: + type: keyword + over_field_name: + type: keyword + over_field_value: + type: keyword + partition_field_name: + type: keyword + partition_field_value: + type: keyword + record_score: + type: double + timestamp: + type: date + typical: + type: double + required: false + shouldWrite: true + authorized_consumers: + alerts: + all: true + read: true + apm: + all: true read: true discover: all: true @@ -16697,87 +44636,388 @@ components: aggregatable: false count: 0 esTypes: - - _id + - _id + format: + id: string + isMapped: true + name: _id + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + _index: + aggregatable: true + count: 0 + esTypes: + - _index + format: + id: string + isMapped: true + name: _index + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + _score: + aggregatable: false + count: 0 + format: + id: number + isMapped: true + name: _score + readFromDocValues: false + scripted: false + searchable: false + shortDotsEnable: false + type: number + _source: + aggregatable: false + count: 0 + esTypes: + - _source + format: + id: _source + isMapped: true + name: _source + readFromDocValues: false + scripted: false + searchable: false + shortDotsEnable: false + type: _source + AvgTicketPrice: + aggregatable: true + count: 0 + esTypes: + - float + format: + id: number + params: + pattern: $0,0.[00] + isMapped: true + name: AvgTicketPrice + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + Cancelled: + aggregatable: true + count: 0 + esTypes: + - boolean + format: + id: boolean + isMapped: true + name: Cancelled + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: boolean + Carrier: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: Carrier + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + dayOfWeek: + aggregatable: true + count: 0 + esTypes: + - integer + format: + id: number + isMapped: true + name: dayOfWeek + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + Dest: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: Dest + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DestAirportID: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: DestAirportID + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DestCityName: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: DestCityName + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DestCountry: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: DestCountry + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DestLocation: + aggregatable: true + count: 0 + esTypes: + - geo_point + format: + id: geo_point + params: + transform: wkt + isMapped: true + name: DestLocation + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: geo_point + DestRegion: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: DestRegion + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DestWeather: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: DestWeather + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DistanceKilometers: + aggregatable: true + count: 0 + esTypes: + - float + format: + id: number + isMapped: true + name: DistanceKilometers + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + DistanceMiles: + aggregatable: true + count: 0 + esTypes: + - float + format: + id: number + isMapped: true + name: DistanceMiles + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + FlightDelay: + aggregatable: true + count: 0 + esTypes: + - boolean + format: + id: boolean + isMapped: true + name: FlightDelay + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: boolean + FlightDelayMin: + aggregatable: true + count: 0 + esTypes: + - integer + format: + id: number + isMapped: true + name: FlightDelayMin + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + FlightDelayType: + aggregatable: true + count: 0 + esTypes: + - keyword format: id: string isMapped: true - name: _id - readFromDocValues: false + name: FlightDelayType + readFromDocValues: true scripted: false searchable: true shortDotsEnable: false type: string - _index: + FlightNum: aggregatable: true count: 0 esTypes: - - _index + - keyword format: id: string isMapped: true - name: _index - readFromDocValues: false + name: FlightNum + readFromDocValues: true scripted: false searchable: true shortDotsEnable: false type: string - _score: - aggregatable: false + FlightTimeHour: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: FlightTimeHour + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + FlightTimeMin: + aggregatable: true count: 0 + esTypes: + - float format: id: number isMapped: true - name: _score + name: FlightTimeMin + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + hour_of_day: + aggregatable: true + count: 0 + esTypes: + - long + format: + id: number + params: + pattern: '00' + name: hour_of_day readFromDocValues: false + runtimeField: + script: + source: emit(doc['timestamp'].value.getHour()); + type: long scripted: false - searchable: false + searchable: true shortDotsEnable: false type: number - _source: - aggregatable: false + Origin: + aggregatable: true count: 0 esTypes: - - _source + - keyword format: - id: _source + id: string isMapped: true - name: _source - readFromDocValues: false + name: Origin + readFromDocValues: true scripted: false - searchable: false + searchable: true shortDotsEnable: false - type: _source - AvgTicketPrice: + type: string + OriginAirportID: aggregatable: true count: 0 esTypes: - - float + - keyword format: - id: number - params: - pattern: $0,0.[00] + id: string isMapped: true - name: AvgTicketPrice + name: OriginAirportID readFromDocValues: true scripted: false searchable: true shortDotsEnable: false - type: number - Cancelled: + type: string + OriginCityName: aggregatable: true count: 0 esTypes: - - boolean + - keyword format: - id: boolean + id: string isMapped: true - name: Cancelled + name: OriginCityName readFromDocValues: true scripted: false searchable: true shortDotsEnable: false - type: boolean - Carrier: + type: string + OriginCountry: aggregatable: true count: 0 esTypes: @@ -16785,27 +45025,29 @@ components: format: id: string isMapped: true - name: Carrier + name: OriginCountry readFromDocValues: true scripted: false searchable: true shortDotsEnable: false type: string - dayOfWeek: + OriginLocation: aggregatable: true count: 0 esTypes: - - integer + - geo_point format: - id: number + id: geo_point + params: + transform: wkt isMapped: true - name: dayOfWeek + name: OriginLocation readFromDocValues: true scripted: false searchable: true shortDotsEnable: false - type: number - Dest: + type: geo_point + OriginRegion: aggregatable: true count: 0 esTypes: @@ -16813,13 +45055,13 @@ components: format: id: string isMapped: true - name: Dest + name: OriginRegion readFromDocValues: true scripted: false searchable: true shortDotsEnable: false type: string - DestAirportID: + OriginWeather: aggregatable: true count: 0 esTypes: @@ -16827,1168 +45069,2340 @@ components: format: id: string isMapped: true - name: DestAirportID + name: OriginWeather + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + timestamp: + aggregatable: true + count: 0 + esTypes: + - date + format: + id: date + isMapped: true + name: timestamp readFromDocValues: true scripted: false searchable: true shortDotsEnable: false + type: date + id: d3d7af60-4c81-11e8-b3d7-01146121b73d + name: Kibana Sample Data Flights + runtimeFieldMap: + hour_of_day: + script: + source: emit(doc['timestamp'].value.getHour()); + type: long + sourceFilters: [] + timeFieldName: timestamp + title: kibana_sample_data_flights + version: WzM2LDJd + fields: + - aggregatable: true + count: 0 + esTypes: + - long + name: hour_of_day + readFromDocValues: false + runtimeField: + script: + source: emit(doc['timestamp'].value.getHour()); + type: long + scripted: false + searchable: true + shortDotsEnable: false + type: number + Data_views_preview_swap_data_view_request: + summary: Preview swapping references from data view ID "abcd-efg" to "xyz-123". + value: + fromId: abcd-efg + toId: xyz-123 + Data_views_set_default_data_view_request: + summary: Set the default data view identifier. + value: + data_view_id: ff959d40-b880-11e8-a6d9-e546fe2bba5f + force: true + Data_views_swap_data_view_request: + summary: >- + Swap references from data view ID "abcd-efg" to "xyz-123" and remove the + data view that is no longer referenced. + value: + delete: true + fromId: abcd-efg + toId: xyz-123 + Data_views_update_data_view_request: + summary: Update some properties for a data view. + value: + data_view: + allowNoIndex: false + name: Kibana Sample Data eCommerce + timeFieldName: order_date + title: kibana_sample_data_ecommerce + refresh_fields: true + Data_views_update_field_metadata_request: + summary: Update metadata for multiple fields. + value: + fields: + field1: + count: 123 + customLabel: Field 1 label + field2: + customDescription: Field 2 description + customLabel: Field 2 label + Data_views_update_runtime_field_request: + summary: Update an existing runtime field on a data view. + value: + runtimeField: + script: + source: emit(doc["bar"].value) + Machine_learning_APIs_mlSyncExample: + summary: Two anomaly detection jobs required synchronization in this example. + value: + datafeedsAdded: {} + datafeedsRemoved: {} + savedObjectsCreated: + anomaly-detector: + myjob1: + success: true + myjob2: + success: true + savedObjectsDeleted: {} + Saved_objects_export_objects_request: + summary: Export a specific saved object. + value: + excludeExportDetails: true + includeReferencesDeep: false + objects: + - id: de71f4f0-1902-11e9-919b-ffe5949a18d2 + type: map + Saved_objects_export_objects_response: + summary: >- + The export objects API response contains a JSON record for each exported + object. + value: + attributes: + description: '' + layerListJSON: >- + [{"id":"0hmz5","alpha":1,"sourceDescriptor":{"type":"EMS_TMS","isAutoSelect":true,"lightModeDefault":"road_map_desaturated"},"visible":true,"style":{},"type":"EMS_VECTOR_TILE","minZoom":0,"maxZoom":24},{"id":"edh66","label":"Total + Requests by + Destination","minZoom":0,"maxZoom":24,"alpha":0.5,"sourceDescriptor":{"type":"EMS_FILE","id":"world_countries","tooltipProperties":["name","iso2"]},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"DYNAMIC","options":{"field":{"name":"__kbnjoin__count__673ff994-fc75-4c67-909b-69fcb0e1060e","origin":"join"},"color":"Greys","fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"lineColor":{"type":"STATIC","options":{"color":"#FFFFFF"}},"lineWidth":{"type":"STATIC","options":{"size":1}},"iconSize":{"type":"STATIC","options":{"size":10}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR","joins":[{"leftField":"iso2","right":{"type":"ES_TERM_SOURCE","id":"673ff994-fc75-4c67-909b-69fcb0e1060e","indexPatternTitle":"kibana_sample_data_logs","term":"geo.dest","indexPatternRefName":"layer_1_join_0_index_pattern","metrics":[{"type":"count","label":"web + logs + count"}],"applyGlobalQuery":true}}]},{"id":"gaxya","label":"Actual + Requests","minZoom":9,"maxZoom":24,"alpha":1,"sourceDescriptor":{"id":"b7486535-171b-4d3b-bb2e-33c1a0a2854c","type":"ES_SEARCH","geoField":"geo.coordinates","limit":2048,"filterByMapBounds":true,"tooltipProperties":["clientip","timestamp","host","request","response","machine.os","agent","bytes"],"indexPatternRefName":"layer_2_source_index_pattern","applyGlobalQuery":true,"scalingType":"LIMIT"},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"STATIC","options":{"color":"#2200ff"}},"lineColor":{"type":"STATIC","options":{"color":"#FFFFFF"}},"lineWidth":{"type":"STATIC","options":{"size":2}},"iconSize":{"type":"DYNAMIC","options":{"field":{"name":"bytes","origin":"source"},"minSize":1,"maxSize":23,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR"},{"id":"tfi3f","label":"Total + Requests and + Bytes","minZoom":0,"maxZoom":9,"alpha":1,"sourceDescriptor":{"type":"ES_GEO_GRID","resolution":"COARSE","id":"8aaa65b5-a4e9-448b-9560-c98cb1c5ac5b","geoField":"geo.coordinates","requestType":"point","metrics":[{"type":"count","label":"web + logs + count"},{"type":"sum","field":"bytes"}],"indexPatternRefName":"layer_3_source_index_pattern","applyGlobalQuery":true},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"color":"Blues","fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"lineColor":{"type":"STATIC","options":{"color":"#cccccc"}},"lineWidth":{"type":"STATIC","options":{"size":1}},"iconSize":{"type":"DYNAMIC","options":{"field":{"name":"sum_of_bytes","origin":"source"},"minSize":7,"maxSize":25,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"labelText":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"labelSize":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"minSize":12,"maxSize":24,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR"}] + mapStateJSON: >- + {"zoom":3.64,"center":{"lon":-88.92107,"lat":42.16337},"timeFilters":{"from":"now-7d","to":"now"},"refreshConfig":{"isPaused":true,"interval":0},"query":{"language":"kuery","query":""},"settings":{"autoFitToDataBounds":false}} + title: '[Logs] Total Requests and Bytes' + uiStateJSON: '{"isDarkMode":false}' + coreMigrationVersion: 8.8.0 + created_at: '2023-08-23T20:03:32.204Z' + id: de71f4f0-1902-11e9-919b-ffe5949a18d2 + managed: false + references: + - id: 90943e30-9a47-11e8-b64d-95841ca0b247 + name: layer_1_join_0_index_pattern + type: index-pattern + - id: 90943e30-9a47-11e8-b64d-95841ca0b247 + name: layer_2_source_index_pattern + type: index-pattern + - id: 90943e30-9a47-11e8-b64d-95841ca0b247 + name: layer_3_source_index_pattern + type: index-pattern + type: map + typeMigrationVersion: 8.4.0 + updated_at: '2023-08-23T20:03:32.204Z' + version: WzEzLDFd + Saved_objects_import_objects_request: + value: + file: file.ndjson + Saved_objects_import_objects_response: + summary: >- + The import objects API response indicates a successful import and the + objects are created. Since these objects are created as new copies, each + entry in the successResults array includes a destinationId attribute. + value: + success: true + successCount: 1 + successResults: + - destinationId: 82d2760c-468f-49cf-83aa-b9a35b6a8943 + id: 90943e30-9a47-11e8-b64d-95841ca0b247 + managed: false + meta: + icon: indexPatternApp + title: Kibana Sample Data Logs + type: index-pattern + Saved_objects_key_rotation_response: + summary: Encryption key rotation using default parameters. + value: + failed: 0 + successful: 300 + total: 1000 + Saved_objects_resolve_missing_reference_request: + value: + file: file.ndjson + retries: + - id: my-pattern + overwrite: true + type: index-pattern + - destinationId: another-vis + id: my-vis + overwrite: true + type: visualization + - destinationId: yet-another-canvas + id: my-canvas + overwrite: true + type: canvas + - id: my-dashboard + type: dashboard + Saved_objects_resolve_missing_reference_response: + summary: Resolve missing reference errors. + value: + success: true + successCount: 3 + successResults: + - id: my-vis + meta: + icon: visualizeApp + title: Look at my visualization + type: visualization + - id: my-search + meta: + icon: searchApp + title: Look at my search + type: search + - id: my-dashboard + meta: + icon: dashboardApp + title: Look at my dashboard + type: dashboard + parameters: + Alerting_kbn_xsrf: + description: Cross-site request forgery protection + in: header + name: kbn-xsrf + required: true + schema: + type: string + Cases_alert_id: + description: An identifier for the alert. + in: path + name: alertId + required: true + schema: + example: 09f0c261e39e36351d75995b78bb83673774d1bc2cca9df2d15f0e5c0a99a540 + type: string + Cases_assignees_filter: + description: > + Filters the returned cases by assignees. Valid values are `none` or + unique identifiers for the user profiles. These identifiers can be found + by using the suggest user profile API. + in: query + name: assignees + schema: + oneOf: + - type: string + - items: type: string - DestCityName: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: DestCityName - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false + maxItems: 100 + type: array + Cases_case_id: + description: >- + The identifier for the case. To retrieve case IDs, use the find cases + API. All non-ASCII characters must be URL encoded. + in: path + name: caseId + required: true + schema: + example: 9c235210-6834-11ea-a78c-6ffb38a34414 + type: string + Cases_category: + description: Filters the returned cases by category. + in: query + name: category + schema: + oneOf: + - example: my-category + type: string + - items: type: string - DestCountry: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: DestCountry - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false + maxItems: 100 + type: array + Cases_comment_id: + description: > + The identifier for the comment. To retrieve comment IDs, use the get + case or find cases APIs. + in: path + name: commentId + required: true + schema: + example: 71ec1870-725b-11ea-a0b2-c51ea50a58e2 + type: string + Cases_configuration_id: + description: An identifier for the configuration. + in: path + name: configurationId + required: true + schema: + example: 3297a0f0-b5ec-11ec-b141-0fdb20a7f9a9 + type: string + Cases_connector_id: + description: >- + An identifier for the connector. To retrieve connector IDs, use the find + connectors API. + in: path + name: connectorId + required: true + schema: + example: abed3a70-71bd-11ea-a0b2-c51ea50a58e2 + type: string + Cases_defaultSearchOperator: + description: he default operator to use for the simple_query_string. + example: OR + in: query + name: defaultSearchOperator + schema: + default: OR + type: string + Cases_from: + description: > + Returns only cases that were created after a specific date. The date + must be specified as a KQL data range or date match expression. + in: query + name: from + schema: + example: now-1d + type: string + Cases_ids: + description: > + The cases that you want to removed. All non-ASCII characters must be URL + encoded. + example: d4e7abb0-b462-11ec-9a8d-698504725a43 + in: query + name: ids + required: true + schema: + items: + maxItems: 100 + minItems: 1 + type: string + type: array + Cases_includeComments: + deprecated: true + description: >- + Deprecated in 8.1.0. This parameter is deprecated and will be removed in + a future release. It determines whether case comments are returned. + in: query + name: includeComments + schema: + default: true + type: boolean + Cases_kbn_xsrf: + description: Cross-site request forgery protection + in: header + name: kbn-xsrf + required: true + schema: + type: string + Cases_owner: + description: > + A filter to limit the response to a specific set of applications. If + this parameter is omitted, the response contains information about all + the cases that the user has access to read. + example: cases + in: query + name: owner + schema: + oneOf: + - $ref: '#/components/schemas/Cases_owners' + - items: + $ref: '#/components/schemas/Cases_owners' + type: array + Cases_page_index: + description: The page number to return. + in: query + name: page + required: false + schema: + default: 1 + type: integer + Cases_page_size: + description: The number of items to return. Limited to 100 items. + in: query + name: perPage + required: false + schema: + default: 20 + maximum: 100 + type: integer + Cases_reporters: + description: Filters the returned cases by the user name of the reporter. + example: elastic + in: query + name: reporters + schema: + oneOf: + - type: string + - items: type: string - DestLocation: - aggregatable: true - count: 0 - esTypes: - - geo_point - format: - id: geo_point - params: - transform: wkt - isMapped: true - name: DestLocation - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: geo_point - DestRegion: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: DestRegion - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false + maxItems: 100 + type: array + Cases_search: + description: >- + An Elasticsearch simple_query_string query that filters the objects in + the response. + in: query + name: search + schema: + type: string + Cases_searchFields: + description: The fields to perform the simple_query_string parsed query against. + in: query + name: searchFields + schema: + oneOf: + - $ref: '#/components/schemas/Cases_searchFieldsType' + - items: + $ref: '#/components/schemas/Cases_searchFieldsType' + type: array + Cases_severity: + description: The severity of the case. + in: query + name: severity + schema: + enum: + - critical + - high + - low + - medium + type: string + Cases_sort_order: + description: Determines the sort order. + in: query + name: sortOrder + required: false + schema: + default: desc + enum: + - asc + - desc + type: string + Cases_sortField: + description: Determines which field is used to sort the results. + example: updatedAt + in: query + name: sortField + schema: + default: createdAt + enum: + - createdAt + - updatedAt + - closedAt + - title + - category + - status + - severity + type: string + Cases_status: + description: Filters the returned cases by state. + example: open + in: query + name: status + schema: + enum: + - closed + - in-progress + - open + type: string + Cases_tags: + description: Filters the returned cases by tags. + example: tag-1 + in: query + name: tags + schema: + oneOf: + - type: string + - items: type: string - DestWeather: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: DestWeather - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false + maxItems: 100 + type: array + Cases_to: + description: > + Returns only cases that were created before a specific date. The date + must be specified as a KQL data range or date match expression. + example: now+1d + in: query + name: to + schema: + type: string + Cases_user_action_types: + description: Determines the types of user actions to return. + example: create_case + in: query + name: types + schema: + items: + enum: + - action + - alert + - assignees + - attachment + - comment + - connector + - create_case + - description + - pushed + - settings + - severity + - status + - tags + - title + - user + type: string + type: array + Data_views_field_name: + description: The name of the runtime field. + in: path + name: fieldName + required: true + schema: + example: hour_of_day + type: string + Data_views_kbn_xsrf: + description: Cross-site request forgery protection + in: header + name: kbn-xsrf + required: true + schema: + type: string + Data_views_view_id: + description: An identifier for the data view. + in: path + name: viewId + required: true + schema: + example: ff959d40-b880-11e8-a6d9-e546fe2bba5f + type: string + Machine_learning_APIs_simulateParam: + description: >- + When true, simulates the synchronization by returning only the list of + actions that would be performed. + example: 'true' + in: query + name: simulate + required: false + schema: + type: boolean + Saved_objects_kbn_xsrf: + description: Cross-site request forgery protection + in: header + name: kbn-xsrf + required: true + schema: + type: string + Saved_objects_saved_object_id: + description: An identifier for the saved object. + in: path + name: id + required: true + schema: + type: string + Saved_objects_saved_object_type: + description: >- + Valid options include `visualization`, `dashboard`, `search`, + `index-pattern`, `config`. + in: path + name: type + required: true + schema: + type: string + SLOs_kbn_xsrf: + description: Cross-site request forgery protection + in: header + name: kbn-xsrf + required: true + schema: + type: string + SLOs_slo_id: + description: An identifier for the slo. + in: path + name: sloId + required: true + schema: + example: 9c235211-6834-11ea-a78c-6feb38a34414 + type: string + SLOs_space_id: + description: >- + An identifier for the space. If `/s/` and the identifier are omitted + from the path, the default space is used. + in: path + name: spaceId + required: true + schema: + example: default + type: string + schemas: + Alerting_401_response: + properties: + error: + enum: + - Unauthorized + example: Unauthorized + type: string + message: + type: string + statusCode: + enum: + - 401 + example: 401 + type: integer + title: Unsuccessful rule API response + type: object + Alerting_alert_response_properties: + title: Legacy alert response properties + type: object + properties: + actions: + items: + type: object + type: array + alertTypeId: + example: .index-threshold + type: string + apiKeyOwner: + example: elastic + nullable: true + type: string + createdAt: + description: The date and time that the alert was created. + example: '2022-12-05T23:36:58.284Z' + format: date-time + type: string + createdBy: + description: The identifier for the user that created the alert. + example: elastic + type: string + enabled: + description: Indicates whether the alert is currently enabled. + example: true + type: boolean + executionStatus: + type: object + properties: + lastExecutionDate: + example: '2022-12-06T00:13:43.890Z' + format: date-time type: string - DistanceKilometers: - aggregatable: true - count: 0 - esTypes: - - float - format: - id: number - isMapped: true - name: DistanceKilometers - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - DistanceMiles: - aggregatable: true - count: 0 - esTypes: - - float - format: - id: number - isMapped: true - name: DistanceMiles - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - FlightDelay: - aggregatable: true - count: 0 - esTypes: - - boolean - format: - id: boolean - isMapped: true - name: FlightDelay - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: boolean - FlightDelayMin: - aggregatable: true - count: 0 - esTypes: - - integer - format: - id: number - isMapped: true - name: FlightDelayMin - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - FlightDelayType: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: FlightDelayType - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false + status: + example: ok type: string - FlightNum: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: FlightNum - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false + id: + description: The identifier for the alert. + example: b530fed0-74f5-11ed-9801-35303b735aef + type: string + muteAll: + example: false + type: boolean + mutedInstanceIds: + items: + type: string + nullable: true + type: array + name: + description: The name of the alert. + example: my alert + type: string + notifyWhen: + example: onActionGroupChange + type: string + params: + additionalProperties: true + type: object + schedule: + type: object + properties: + interval: type: string - FlightTimeHour: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: FlightTimeHour - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false + scheduledTaskId: + example: b530fed0-74f5-11ed-9801-35303b735aef + type: string + tags: + items: + type: string + type: array + throttle: + nullable: true + type: string + updatedAt: + example: '2022-12-05T23:36:58.284Z' + type: string + updatedBy: + description: The identifier for the user that updated this alert most recently. + example: elastic + nullable: true + type: string + Alerting_fieldmap_properties: + title: Field map objects in the get rule types response + type: object + properties: + array: + description: Indicates whether the field is an array. + type: boolean + dynamic: + description: Indicates whether it is a dynamic field mapping. + type: boolean + format: + description: > + Indicates the format of the field. For example, if the `type` is + `date_range`, the `format` can be + `epoch_millis||strict_date_optional_time`. + type: string + ignore_above: + description: >- + Specifies the maximum length of a string field. Longer strings are + not indexed or stored. + type: integer + index: + description: Indicates whether field values are indexed. + type: boolean + path: + description: TBD + type: string + properties: + additionalProperties: + type: object + properties: + type: + description: The data type for each object property. + type: string + description: > + Details about the object properties. This property is applicable + when `type` is `object`. + type: object + required: + description: Indicates whether the field is required. + type: boolean + scaling_factor: + description: > + The scaling factor to use when encoding values. This property is + applicable when `type` is `scaled_float`. Values will be multiplied + by this factor at index time and rounded to the closest long value. + type: integer + type: + description: Specifies the data type for the field. + example: scaled_float + type: string + Cases_4xx_response: + properties: + error: + example: Unauthorized + type: string + message: + type: string + statusCode: + example: 401 + type: integer + title: Unsuccessful cases API response + type: object + Cases_action_types: + description: The type of action. + enum: + - assignees + - create_case + - comment + - connector + - delete_case + - description + - pushed + - tags + - title + - status + - settings + - severity + example: create_case + type: string + Cases_actions: + enum: + - add + - create + - delete + - push_to_service + - update + example: create + type: string + Cases_add_alert_comment_request_properties: + description: Defines properties for case comment requests when type is alert. + type: object + properties: + alertId: + $ref: '#/components/schemas/Cases_alert_identifiers' + index: + $ref: '#/components/schemas/Cases_alert_indices' + owner: + $ref: '#/components/schemas/Cases_owners' + rule: + $ref: '#/components/schemas/Cases_rule' + type: + description: The type of comment. + enum: + - alert + example: alert + type: string + required: + - alertId + - index + - owner + - rule + - type + title: Add case comment request properties for alerts + Cases_add_case_comment_request: + description: >- + The add comment to case API request body varies depending on whether you + are adding an alert or a comment. + discriminator: + mapping: + alert: '#/components/schemas/Cases_add_alert_comment_request_properties' + user: '#/components/schemas/Cases_add_user_comment_request_properties' + propertyName: type + oneOf: + - $ref: '#/components/schemas/Cases_add_alert_comment_request_properties' + - $ref: '#/components/schemas/Cases_add_user_comment_request_properties' + title: Add case comment request + Cases_add_user_comment_request_properties: + description: Defines properties for case comment requests when type is user. + properties: + comment: + description: The new comment. It is required only when `type` is `user`. + example: A new comment. + maxLength: 30000 + type: string + owner: + $ref: '#/components/schemas/Cases_owners' + type: + description: The type of comment. + enum: + - user + example: user + type: string + required: + - comment + - owner + - type + title: Add case comment request properties for user comments + type: object + Cases_alert_comment_response_properties: + title: Add case comment response properties for alerts + type: object + properties: + alertId: + items: + example: a6e12ac4-7bce-457b-84f6-d7ce8deb8446 + type: string + type: array + created_at: + example: '2023-11-06T19:29:38.424Z' + format: date-time + type: string + created_by: + type: object + properties: + email: + example: null + nullable: true type: string - FlightTimeMin: - aggregatable: true - count: 0 - esTypes: - - float - format: - id: number - isMapped: true - name: FlightTimeMin - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - hour_of_day: - aggregatable: true - count: 0 - esTypes: - - long - format: - id: number - params: - pattern: '00' - name: hour_of_day - readFromDocValues: false - runtimeField: - script: - source: emit(doc['timestamp'].value.getHour()); - type: long - scripted: false - searchable: true - shortDotsEnable: false - type: number - Origin: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: Origin - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false + full_name: + example: null + nullable: true type: string - OriginAirportID: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: OriginAirportID - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 type: string - OriginCityName: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: OriginCityName - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false + username: + example: elastic + nullable: true type: string - OriginCountry: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: OriginCountry - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false + required: + - email + - full_name + - username + id: + example: 73362370-ab1a-11ec-985f-97e55adae8b9 + type: string + index: + items: + example: .internal.alerts-security.alerts-default-000001 + type: string + type: array + owner: + $ref: '#/components/schemas/Cases_owners' + pushed_at: + example: null + format: date-time + nullable: true + type: string + pushed_by: + nullable: true + type: object + properties: + email: + example: null + nullable: true type: string - OriginLocation: - aggregatable: true - count: 0 - esTypes: - - geo_point - format: - id: geo_point - params: - transform: wkt - isMapped: true - name: OriginLocation - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: geo_point - OriginRegion: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: OriginRegion - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false + full_name: + example: null + nullable: true type: string - OriginWeather: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: OriginWeather - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 type: string - timestamp: - aggregatable: true - count: 0 - esTypes: - - date - format: - id: date - isMapped: true - name: timestamp - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: date - id: d3d7af60-4c81-11e8-b3d7-01146121b73d - name: Kibana Sample Data Flights - runtimeFieldMap: - hour_of_day: - script: - source: emit(doc['timestamp'].value.getHour()); - type: long - sourceFilters: [] - timeFieldName: timestamp - title: kibana_sample_data_flights - version: WzM2LDJd - fields: - - aggregatable: true - count: 0 - esTypes: - - long - name: hour_of_day - readFromDocValues: false - runtimeField: - script: - source: emit(doc['timestamp'].value.getHour()); - type: long - scripted: false - searchable: true - shortDotsEnable: false - type: number - Data_views_preview_swap_data_view_request: - summary: Preview swapping references from data view ID "abcd-efg" to "xyz-123". - value: - fromId: abcd-efg - toId: xyz-123 - Data_views_set_default_data_view_request: - summary: Set the default data view identifier. - value: - data_view_id: ff959d40-b880-11e8-a6d9-e546fe2bba5f - force: true - Data_views_swap_data_view_request: - summary: >- - Swap references from data view ID "abcd-efg" to "xyz-123" and remove the - data view that is no longer referenced. - value: - delete: true - fromId: abcd-efg - toId: xyz-123 - Data_views_update_data_view_request: - summary: Update some properties for a data view. - value: - data_view: - allowNoIndex: false - name: Kibana Sample Data eCommerce - timeFieldName: order_date - title: kibana_sample_data_ecommerce - refresh_fields: true - Data_views_update_field_metadata_request: - summary: Update metadata for multiple fields. - value: - fields: - field1: - count: 123 - customLabel: Field 1 label - field2: - customDescription: Field 2 description - customLabel: Field 2 label - Data_views_update_runtime_field_request: - summary: Update an existing runtime field on a data view. - value: - runtimeField: - script: - source: emit(doc["bar"].value) - Machine_learning_APIs_mlSyncExample: - summary: Two anomaly detection jobs required synchronization in this example. - value: - datafeedsAdded: {} - datafeedsRemoved: {} - savedObjectsCreated: - anomaly-detector: - myjob1: - success: true - myjob2: - success: true - savedObjectsDeleted: {} - Saved_objects_export_objects_request: - summary: Export a specific saved object. - value: - excludeExportDetails: true - includeReferencesDeep: false - objects: - - id: de71f4f0-1902-11e9-919b-ffe5949a18d2 - type: map - Saved_objects_export_objects_response: - summary: >- - The export objects API response contains a JSON record for each exported - object. - value: - attributes: - description: '' - layerListJSON: >- - [{"id":"0hmz5","alpha":1,"sourceDescriptor":{"type":"EMS_TMS","isAutoSelect":true,"lightModeDefault":"road_map_desaturated"},"visible":true,"style":{},"type":"EMS_VECTOR_TILE","minZoom":0,"maxZoom":24},{"id":"edh66","label":"Total - Requests by - Destination","minZoom":0,"maxZoom":24,"alpha":0.5,"sourceDescriptor":{"type":"EMS_FILE","id":"world_countries","tooltipProperties":["name","iso2"]},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"DYNAMIC","options":{"field":{"name":"__kbnjoin__count__673ff994-fc75-4c67-909b-69fcb0e1060e","origin":"join"},"color":"Greys","fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"lineColor":{"type":"STATIC","options":{"color":"#FFFFFF"}},"lineWidth":{"type":"STATIC","options":{"size":1}},"iconSize":{"type":"STATIC","options":{"size":10}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR","joins":[{"leftField":"iso2","right":{"type":"ES_TERM_SOURCE","id":"673ff994-fc75-4c67-909b-69fcb0e1060e","indexPatternTitle":"kibana_sample_data_logs","term":"geo.dest","indexPatternRefName":"layer_1_join_0_index_pattern","metrics":[{"type":"count","label":"web - logs - count"}],"applyGlobalQuery":true}}]},{"id":"gaxya","label":"Actual - Requests","minZoom":9,"maxZoom":24,"alpha":1,"sourceDescriptor":{"id":"b7486535-171b-4d3b-bb2e-33c1a0a2854c","type":"ES_SEARCH","geoField":"geo.coordinates","limit":2048,"filterByMapBounds":true,"tooltipProperties":["clientip","timestamp","host","request","response","machine.os","agent","bytes"],"indexPatternRefName":"layer_2_source_index_pattern","applyGlobalQuery":true,"scalingType":"LIMIT"},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"STATIC","options":{"color":"#2200ff"}},"lineColor":{"type":"STATIC","options":{"color":"#FFFFFF"}},"lineWidth":{"type":"STATIC","options":{"size":2}},"iconSize":{"type":"DYNAMIC","options":{"field":{"name":"bytes","origin":"source"},"minSize":1,"maxSize":23,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR"},{"id":"tfi3f","label":"Total - Requests and - Bytes","minZoom":0,"maxZoom":9,"alpha":1,"sourceDescriptor":{"type":"ES_GEO_GRID","resolution":"COARSE","id":"8aaa65b5-a4e9-448b-9560-c98cb1c5ac5b","geoField":"geo.coordinates","requestType":"point","metrics":[{"type":"count","label":"web - logs - count"},{"type":"sum","field":"bytes"}],"indexPatternRefName":"layer_3_source_index_pattern","applyGlobalQuery":true},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"color":"Blues","fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"lineColor":{"type":"STATIC","options":{"color":"#cccccc"}},"lineWidth":{"type":"STATIC","options":{"size":1}},"iconSize":{"type":"DYNAMIC","options":{"field":{"name":"sum_of_bytes","origin":"source"},"minSize":7,"maxSize":25,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"labelText":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"labelSize":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"minSize":12,"maxSize":24,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR"}] - mapStateJSON: >- - {"zoom":3.64,"center":{"lon":-88.92107,"lat":42.16337},"timeFilters":{"from":"now-7d","to":"now"},"refreshConfig":{"isPaused":true,"interval":0},"query":{"language":"kuery","query":""},"settings":{"autoFitToDataBounds":false}} - title: '[Logs] Total Requests and Bytes' - uiStateJSON: '{"isDarkMode":false}' - coreMigrationVersion: 8.8.0 - created_at: '2023-08-23T20:03:32.204Z' - id: de71f4f0-1902-11e9-919b-ffe5949a18d2 - managed: false - references: - - id: 90943e30-9a47-11e8-b64d-95841ca0b247 - name: layer_1_join_0_index_pattern - type: index-pattern - - id: 90943e30-9a47-11e8-b64d-95841ca0b247 - name: layer_2_source_index_pattern - type: index-pattern - - id: 90943e30-9a47-11e8-b64d-95841ca0b247 - name: layer_3_source_index_pattern - type: index-pattern - type: map - typeMigrationVersion: 8.4.0 - updated_at: '2023-08-23T20:03:32.204Z' - version: WzEzLDFd - Saved_objects_import_objects_request: - value: - file: file.ndjson - Saved_objects_import_objects_response: - summary: >- - The import objects API response indicates a successful import and the - objects are created. Since these objects are created as new copies, each - entry in the successResults array includes a destinationId attribute. - value: - success: true - successCount: 1 - successResults: - - destinationId: 82d2760c-468f-49cf-83aa-b9a35b6a8943 - id: 90943e30-9a47-11e8-b64d-95841ca0b247 - managed: false - meta: - icon: indexPatternApp - title: Kibana Sample Data Logs - type: index-pattern - Saved_objects_key_rotation_response: - summary: Encryption key rotation using default parameters. - value: - failed: 0 - successful: 300 - total: 1000 - Saved_objects_resolve_missing_reference_request: - value: - file: file.ndjson - retries: - - id: my-pattern - overwrite: true - type: index-pattern - - destinationId: another-vis - id: my-vis - overwrite: true - type: visualization - - destinationId: yet-another-canvas - id: my-canvas - overwrite: true - type: canvas - - id: my-dashboard - type: dashboard - Saved_objects_resolve_missing_reference_response: - summary: Resolve missing reference errors. - value: - success: true - successCount: 3 - successResults: - - id: my-vis - meta: - icon: visualizeApp - title: Look at my visualization - type: visualization - - id: my-search - meta: - icon: searchApp - title: Look at my search - type: search - - id: my-dashboard - meta: - icon: dashboardApp - title: Look at my dashboard - type: dashboard - parameters: - Alerting_kbn_xsrf: - description: Cross-site request forgery protection - in: header - name: kbn-xsrf - required: true - schema: - type: string - Cases_alert_id: - description: An identifier for the alert. - in: path - name: alertId - required: true - schema: - example: 09f0c261e39e36351d75995b78bb83673774d1bc2cca9df2d15f0e5c0a99a540 - type: string - Cases_assignees_filter: + username: + example: elastic + nullable: true + type: string + required: + - email + - full_name + - username + rule: + type: object + properties: + id: + description: The rule identifier. + example: 94d80550-aaf4-11ec-985f-97e55adae8b9 + type: string + name: + description: The rule name. + example: security_rule + type: string + type: + enum: + - alert + example: alert + type: string + updated_at: + format: date-time + nullable: true + type: string + updated_by: + nullable: true + type: object + properties: + email: + example: null + nullable: true + type: string + full_name: + example: null + nullable: true + type: string + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true + type: string + required: + - email + - full_name + - username + version: + example: WzMwNDgsMV0= + type: string + required: + - type + Cases_alert_identifiers: + description: > + The alert identifiers. It is required only when `type` is `alert`. You + can use an array of strings to add multiple alerts to a case, provided + that they all relate to the same rule; `index` must also be an array + with the same length or number of elements. Adding multiple alerts in + this manner is recommended rather than calling the API multiple times. + This functionality is in technical preview and may be changed or removed + in a future release. Elastic will work to fix any issues, but features + in technical preview are not subject to the support SLA of official GA + features. + example: 6b24c4dc44bc720cfc92797f3d61fff952f2b2627db1fb4f8cc49f4530c4ff42 + oneOf: + - type: string + - items: + type: string + maxItems: 1000 + type: array + title: Alert identifiers + x-technical-preview: true + Cases_alert_indices: + description: > + The alert indices. It is required only when `type` is `alert`. If you + are adding multiple alerts to a case, use an array of strings; the + position of each index name in the array must match the position of the + corresponding alert identifier in the `alertId` array. This + functionality is in technical preview and may be changed or removed in a + future release. Elastic will work to fix any issues, but features in + technical preview are not subject to the support SLA of official GA + features. + oneOf: + - type: string + - items: + type: string + maxItems: 1000 + type: array + title: Alert indices + x-technical-preview: true + Cases_alert_response_properties: + type: object + properties: + attached_at: + format: date-time + type: string + id: + description: The alert identifier. + type: string + index: + description: The alert index. + type: string + Cases_assignees: + description: An array containing users that are assigned to the case. + items: + type: object + properties: + uid: + description: >- + A unique identifier for the user profile. These identifiers can be + found by using the suggest user profile API. + example: u_0wpfV1MqYDaXzLtRVY-gLMrddKDEmfz51Fszhj7hWC8_0 + type: string + required: + - uid + maxItems: 10 + nullable: true + type: array + Cases_case_category: + description: A word or phrase that categorizes the case. + maxLength: 50 + type: string + Cases_case_description: + description: The description for the case. + maxLength: 30000 + type: string + Cases_case_response_closed_by_properties: + nullable: true + properties: + email: + example: null + nullable: true + type: string + full_name: + example: null + nullable: true + type: string + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true + type: string + required: + - email + - full_name + - username + title: Case response properties for closed_by + type: object + Cases_case_response_created_by_properties: + title: Case response properties for created_by + type: object + properties: + email: + example: null + nullable: true + type: string + full_name: + example: null + nullable: true + type: string + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true + type: string + required: + - email + - full_name + - username + Cases_case_response_properties: + title: Case response properties + type: object + properties: + assignees: + $ref: '#/components/schemas/Cases_assignees' + category: + description: The case category. + nullable: true + type: string + closed_at: + format: date-time + nullable: true + type: string + closed_by: + $ref: '#/components/schemas/Cases_case_response_closed_by_properties' + comments: + description: An array of comment objects for the case. + items: + discriminator: + mapping: + alert: '#/components/schemas/Cases_alert_comment_response_properties' + user: '#/components/schemas/Cases_user_comment_response_properties' + propertyName: type + oneOf: + - $ref: '#/components/schemas/Cases_alert_comment_response_properties' + - $ref: '#/components/schemas/Cases_user_comment_response_properties' + maxItems: 10000 + title: Case response properties for comments + type: array + connector: + discriminator: + mapping: + .cases-webhook: '#/components/schemas/Cases_connector_properties_cases_webhook' + .jira: '#/components/schemas/Cases_connector_properties_jira' + .none: '#/components/schemas/Cases_connector_properties_none' + .resilient: '#/components/schemas/Cases_connector_properties_resilient' + .servicenow: '#/components/schemas/Cases_connector_properties_servicenow' + .servicenow-sir: '#/components/schemas/Cases_connector_properties_servicenow_sir' + .swimlane: '#/components/schemas/Cases_connector_properties_swimlane' + propertyName: type + oneOf: + - $ref: '#/components/schemas/Cases_connector_properties_none' + - $ref: '#/components/schemas/Cases_connector_properties_cases_webhook' + - $ref: '#/components/schemas/Cases_connector_properties_jira' + - $ref: '#/components/schemas/Cases_connector_properties_resilient' + - $ref: '#/components/schemas/Cases_connector_properties_servicenow' + - $ref: '#/components/schemas/Cases_connector_properties_servicenow_sir' + - $ref: '#/components/schemas/Cases_connector_properties_swimlane' + title: Case response properties for connectors + created_at: + example: '2022-05-13T09:16:17.416Z' + format: date-time + type: string + created_by: + $ref: '#/components/schemas/Cases_case_response_created_by_properties' + customFields: + description: Custom field values for the case. + items: + type: object + properties: + key: + description: > + The unique identifier for the custom field. The key value must + exist in the case configuration settings. + type: string + type: + description: > + The custom field type. It must match the type specified in the + case configuration settings. + enum: + - text + - toggle + type: string + value: + description: > + The custom field value. If the custom field is required, it + cannot be explicitly set to null. However, for cases that + existed when the required custom field was added, the default + value stored in Elasticsearch is `undefined`. The value + returned in the API and user interface in this case is `null`. + oneOf: + - maxLength: 160 + minLength: 1 + nullable: true + type: string + - type: boolean + type: array + description: + example: A case description. + type: string + duration: + description: > + The elapsed time from the creation of the case to its closure (in + seconds). If the case has not been closed, the duration is set to + null. If the case was closed after less than half a second, the + duration is rounded down to zero. + example: 120 + nullable: true + type: integer + external_service: + $ref: '#/components/schemas/Cases_external_service' + id: + example: 66b9aa00-94fa-11ea-9f74-e7e108796192 + type: string + owner: + $ref: '#/components/schemas/Cases_owners' + settings: + $ref: '#/components/schemas/Cases_settings' + severity: + $ref: '#/components/schemas/Cases_case_severity' + status: + $ref: '#/components/schemas/Cases_case_status' + tags: + example: + - tag-1 + items: + type: string + type: array + title: + example: Case title 1 + type: string + totalAlerts: + example: 0 + type: integer + totalComment: + example: 0 + type: integer + updated_at: + format: date-time + nullable: true + type: string + updated_by: + $ref: '#/components/schemas/Cases_case_response_updated_by_properties' + version: + example: WzUzMiwxXQ== + type: string + required: + - closed_at + - closed_by + - comments + - connector + - created_at + - created_by + - description + - duration + - external_service + - id + - owner + - settings + - severity + - status + - tags + - title + - totalAlerts + - totalComment + - updated_at + - updated_by + - version + Cases_case_response_pushed_by_properties: + nullable: true + properties: + email: + example: null + nullable: true + type: string + full_name: + example: null + nullable: true + type: string + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true + type: string + required: + - email + - full_name + - username + title: Case response properties for pushed_by + type: object + Cases_case_response_updated_by_properties: + nullable: true + properties: + email: + example: null + nullable: true + type: string + full_name: + example: null + nullable: true + type: string + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true + type: string + required: + - email + - full_name + - username + title: Case response properties for updated_by + type: object + Cases_case_severity: + default: low + description: The severity of the case. + enum: + - critical + - high + - low + - medium + type: string + Cases_case_status: + description: The status of the case. + enum: + - closed + - in-progress + - open + type: string + Cases_case_tags: description: > - Filters the returned cases by assignees. Valid values are `none` or - unique identifiers for the user profiles. These identifiers can be found - by using the suggest user profile API. - in: query - name: assignees - schema: - oneOf: - - type: string - - items: + The words and phrases that help categorize cases. It can be an empty + array. + items: + maxLength: 256 + type: string + maxItems: 200 + type: array + Cases_case_title: + description: A title for the case. + maxLength: 160 + type: string + Cases_closure_types: + description: >- + Indicates whether a case is automatically closed when it is pushed to + external systems (`close-by-pushing`) or not automatically closed + (`close-by-user`). + enum: + - close-by-pushing + - close-by-user + example: close-by-user + type: string + Cases_connector_properties_cases_webhook: + description: Defines properties for connectors when type is `.cases-webhook`. + type: object + properties: + fields: + example: null + nullable: true + type: string + id: + description: >- + The identifier for the connector. To retrieve connector IDs, use the + find connectors API. + type: string + name: + description: The name of the connector. + type: string + type: + description: The type of connector. + enum: + - .cases-webhook + example: .cases-webhook + type: string + required: + - fields + - id + - name + - type + title: Create or upate case request properties for Cases Webhook connector + Cases_connector_properties_jira: + description: Defines properties for connectors when type is `.jira`. + type: object + properties: + fields: + description: >- + An object containing the connector fields. If you want to omit any + individual field, specify null as its value. + type: object + properties: + issueType: + description: The type of issue. + nullable: true + type: string + parent: + description: The key of the parent issue, when the issue type is sub-task. + nullable: true + type: string + priority: + description: The priority of the issue. + nullable: true + type: string + required: + - issueType + - parent + - priority + id: + description: >- + The identifier for the connector. To retrieve connector IDs, use the + find connectors API. + type: string + name: + description: The name of the connector. + type: string + type: + description: The type of connector. + enum: + - .jira + example: .jira + type: string + required: + - fields + - id + - name + - type + title: Create or update case request properties for a Jira connector + Cases_connector_properties_none: + description: Defines properties for connectors when type is `.none`. + type: object + properties: + fields: + description: >- + An object containing the connector fields. To create a case without + a connector, specify null. To update a case to remove the connector, + specify null. + example: null + nullable: true + type: string + id: + description: >- + The identifier for the connector. To create a case without a + connector, use `none`. To update a case to remove the connector, + specify `none`. + example: none + type: string + name: + description: >- + The name of the connector. To create a case without a connector, use + `none`. To update a case to remove the connector, specify `none`. + example: none + type: string + type: + description: >- + The type of connector. To create a case without a connector, use + `.none`. To update a case to remove the connector, specify `.none`. + enum: + - .none + example: .none + type: string + required: + - fields + - id + - name + - type + title: Create or update case request properties for no connector + Cases_connector_properties_resilient: + description: Defines properties for connectors when type is `.resilient`. + type: object + properties: + fields: + description: >- + An object containing the connector fields. If you want to omit any + individual field, specify null as its value. + nullable: true + type: object + properties: + issueTypes: + description: The type of incident. + items: + type: string + type: array + severityCode: + description: The severity code of the incident. type: string - maxItems: 100 - type: array - Cases_case_id: - description: >- - The identifier for the case. To retrieve case IDs, use the find cases - API. All non-ASCII characters must be URL encoded. - in: path - name: caseId - required: true - schema: - example: 9c235210-6834-11ea-a78c-6ffb38a34414 - type: string - Cases_category: - description: Filters the returned cases by category. - in: query - name: category - schema: - oneOf: - - example: my-category - type: string - - items: + required: + - issueTypes + - severityCode + id: + description: The identifier for the connector. + type: string + name: + description: The name of the connector. + type: string + type: + description: The type of connector. + enum: + - .resilient + example: .resilient + type: string + required: + - fields + - id + - name + - type + title: Create case request properties for a IBM Resilient connector + Cases_connector_properties_servicenow: + description: Defines properties for connectors when type is `.servicenow`. + type: object + properties: + fields: + description: >- + An object containing the connector fields. If you want to omit any + individual field, specify null as its value. + type: object + properties: + category: + description: The category of the incident. + nullable: true type: string - maxItems: 100 - type: array - Cases_comment_id: - description: > - The identifier for the comment. To retrieve comment IDs, use the get - case or find cases APIs. - in: path - name: commentId - required: true - schema: - example: 71ec1870-725b-11ea-a0b2-c51ea50a58e2 - type: string - Cases_configuration_id: - description: An identifier for the configuration. - in: path - name: configurationId - required: true - schema: - example: 3297a0f0-b5ec-11ec-b141-0fdb20a7f9a9 - type: string - Cases_connector_id: - description: >- - An identifier for the connector. To retrieve connector IDs, use the find - connectors API. - in: path - name: connectorId - required: true - schema: - example: abed3a70-71bd-11ea-a0b2-c51ea50a58e2 - type: string - Cases_defaultSearchOperator: - description: he default operator to use for the simple_query_string. - example: OR - in: query - name: defaultSearchOperator - schema: - default: OR - type: string - Cases_from: - description: > - Returns only cases that were created after a specific date. The date - must be specified as a KQL data range or date match expression. - in: query - name: from - schema: - example: now-1d - type: string - Cases_ids: - description: > - The cases that you want to removed. All non-ASCII characters must be URL - encoded. - example: d4e7abb0-b462-11ec-9a8d-698504725a43 - in: query - name: ids - required: true - schema: - items: - maxItems: 100 - minItems: 1 + impact: + description: The effect an incident had on business. + nullable: true + type: string + severity: + description: The severity of the incident. + nullable: true + type: string + subcategory: + description: The subcategory of the incident. + nullable: true + type: string + urgency: + description: The extent to which the incident resolution can be delayed. + nullable: true + type: string + required: + - category + - impact + - severity + - subcategory + - urgency + id: + description: >- + The identifier for the connector. To retrieve connector IDs, use the + find connectors API. + type: string + name: + description: The name of the connector. + type: string + type: + description: The type of connector. + enum: + - .servicenow + example: .servicenow + type: string + required: + - fields + - id + - name + - type + title: Create case request properties for a ServiceNow ITSM connector + Cases_connector_properties_servicenow_sir: + description: Defines properties for connectors when type is `.servicenow-sir`. + type: object + properties: + fields: + description: >- + An object containing the connector fields. If you want to omit any + individual field, specify null as its value. + type: object + properties: + category: + description: The category of the incident. + nullable: true + type: string + destIp: + description: >- + Indicates whether cases will send a comma-separated list of + destination IPs. + nullable: true + type: boolean + malwareHash: + description: >- + Indicates whether cases will send a comma-separated list of + malware hashes. + nullable: true + type: boolean + malwareUrl: + description: >- + Indicates whether cases will send a comma-separated list of + malware URLs. + nullable: true + type: boolean + priority: + description: The priority of the issue. + nullable: true + type: string + sourceIp: + description: >- + Indicates whether cases will send a comma-separated list of + source IPs. + nullable: true + type: boolean + subcategory: + description: The subcategory of the incident. + nullable: true + type: string + required: + - category + - destIp + - malwareHash + - malwareUrl + - priority + - sourceIp + - subcategory + id: + description: >- + The identifier for the connector. To retrieve connector IDs, use the + find connectors API. + type: string + name: + description: The name of the connector. + type: string + type: + description: The type of connector. + enum: + - .servicenow-sir + example: .servicenow-sir type: string - type: array - Cases_includeComments: - deprecated: true + required: + - fields + - id + - name + - type + title: Create case request properties for a ServiceNow SecOps connector + Cases_connector_properties_swimlane: + description: Defines properties for connectors when type is `.swimlane`. + type: object + properties: + fields: + description: >- + An object containing the connector fields. If you want to omit any + individual field, specify null as its value. + type: object + properties: + caseId: + description: The case identifier for Swimlane connectors. + nullable: true + type: string + required: + - caseId + id: + description: >- + The identifier for the connector. To retrieve connector IDs, use the + find connectors API. + type: string + name: + description: The name of the connector. + type: string + type: + description: The type of connector. + enum: + - .swimlane + example: .swimlane + type: string + required: + - fields + - id + - name + - type + title: Create case request properties for a Swimlane connector + Cases_connector_types: + description: The type of connector. + enum: + - .cases-webhook + - .jira + - .none + - .resilient + - .servicenow + - .servicenow-sir + - .swimlane + example: .none + type: string + Cases_create_case_request: description: >- - Deprecated in 8.1.0. This parameter is deprecated and will be removed in - a future release. It determines whether case comments are returned. - in: query - name: includeComments - schema: - default: true - type: boolean - Cases_kbn_xsrf: - description: Cross-site request forgery protection - in: header - name: kbn-xsrf - required: true - schema: - type: string - Cases_owner: + The create case API request body varies depending on the type of + connector. + properties: + assignees: + $ref: '#/components/schemas/Cases_assignees' + category: + $ref: '#/components/schemas/Cases_case_category' + connector: + oneOf: + - $ref: '#/components/schemas/Cases_connector_properties_none' + - $ref: '#/components/schemas/Cases_connector_properties_cases_webhook' + - $ref: '#/components/schemas/Cases_connector_properties_jira' + - $ref: '#/components/schemas/Cases_connector_properties_resilient' + - $ref: '#/components/schemas/Cases_connector_properties_servicenow' + - $ref: '#/components/schemas/Cases_connector_properties_servicenow_sir' + - $ref: '#/components/schemas/Cases_connector_properties_swimlane' + customFields: + description: > + Custom field values for a case. Any optional custom fields that are + not specified in the request are set to null. + items: + type: object + properties: + key: + description: > + The unique identifier for the custom field. The key value must + exist in the case configuration settings. + type: string + type: + description: > + The custom field type. It must match the type specified in the + case configuration settings. + enum: + - text + - toggle + type: string + value: + description: > + The custom field value. If the custom field is required, it + cannot be explicitly set to null. However, for cases that + existed when the required custom field was added, the default + value stored in Elasticsearch is `undefined`. The value + returned in the API and user interface in this case is `null`. + oneOf: + - maxLength: 160 + minLength: 1 + nullable: true + type: string + - type: boolean + required: + - key + - type + - value + maxItems: 10 + minItems: 0 + type: array + description: + $ref: '#/components/schemas/Cases_case_description' + owner: + $ref: '#/components/schemas/Cases_owners' + settings: + $ref: '#/components/schemas/Cases_settings' + severity: + $ref: '#/components/schemas/Cases_case_severity' + tags: + $ref: '#/components/schemas/Cases_case_tags' + title: + $ref: '#/components/schemas/Cases_case_title' + required: + - connector + - description + - owner + - settings + - tags + - title + title: Create case request + type: object + Cases_external_service: + nullable: true + type: object + properties: + connector_id: + type: string + connector_name: + type: string + external_id: + type: string + external_title: + type: string + external_url: + type: string + pushed_at: + format: date-time + type: string + pushed_by: + nullable: true + type: object + properties: + email: + example: null + nullable: true + type: string + full_name: + example: null + nullable: true + type: string + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true + type: string + Cases_owners: description: > - A filter to limit the response to a specific set of applications. If - this parameter is omitted, the response contains information about all - the cases that the user has access to read. + The application that owns the cases: Stack Management, Observability, or + Elastic Security. + enum: + - cases + - observability + - securitySolution example: cases - in: query - name: owner - schema: - oneOf: - - $ref: '#/components/schemas/Cases_owners' - - items: + type: string + Cases_payload_alert_comment: + type: object + properties: + comment: + type: object + properties: + alertId: + oneOf: + - example: 1c0b056b-cc9f-4b61-b5c9-cb801abd5e1d + type: string + - items: + type: string + type: array + index: + oneOf: + - example: .alerts-observability.logs.alerts-default + type: string + - items: + type: string + type: array + owner: $ref: '#/components/schemas/Cases_owners' - type: array - Cases_page_index: - description: The page number to return. - in: query - name: page - required: false - schema: - default: 1 - type: integer - Cases_page_size: - description: The number of items to return. Limited to 100 items. - in: query - name: perPage - required: false - schema: - default: 20 - maximum: 100 - type: integer - Cases_reporters: - description: Filters the returned cases by the user name of the reporter. - example: elastic - in: query - name: reporters - schema: - oneOf: - - type: string - - items: + rule: + type: object + properties: + id: + description: The rule identifier. + example: 94d80550-aaf4-11ec-985f-97e55adae8b9 + type: string + name: + description: The rule name. + example: security_rule + type: string + type: + enum: + - alert type: string - maxItems: 100 - type: array - Cases_search: - description: >- - An Elasticsearch simple_query_string query that filters the objects in - the response. - in: query - name: search - schema: - type: string - Cases_searchFields: - description: The fields to perform the simple_query_string parsed query against. - in: query - name: searchFields - schema: - oneOf: - - $ref: '#/components/schemas/Cases_searchFieldsType' - - items: - $ref: '#/components/schemas/Cases_searchFieldsType' - type: array - Cases_severity: - description: The severity of the case. - in: query - name: severity - schema: - enum: - - critical - - high - - low - - medium - type: string - Cases_sort_order: - description: Determines the sort order. - in: query - name: sortOrder - required: false - schema: - default: desc - enum: - - asc - - desc - type: string - Cases_sortField: - description: Determines which field is used to sort the results. - example: updatedAt - in: query - name: sortField - schema: - default: createdAt - enum: - - createdAt - - updatedAt - - closedAt - - title - - category - - status - - severity - type: string - Cases_status: - description: Filters the returned cases by state. - example: open - in: query - name: status - schema: - enum: - - closed - - in-progress - - open - type: string - Cases_tags: - description: Filters the returned cases by tags. - example: tag-1 - in: query - name: tags - schema: - oneOf: - - type: string - - items: + Cases_payload_assignees: + type: object + properties: + assignees: + $ref: '#/components/schemas/Cases_assignees' + Cases_payload_connector: + type: object + properties: + connector: + type: object + properties: + fields: + description: >- + An object containing the connector fields. To create a case + without a connector, specify null. If you want to omit any + individual field, specify null as its value. + example: null + nullable: true + type: object + properties: + caseId: + description: The case identifier for Swimlane connectors. + type: string + category: + description: >- + The category of the incident for ServiceNow ITSM and + ServiceNow SecOps connectors. + type: string + destIp: + description: >- + Indicates whether cases will send a comma-separated list of + destination IPs for ServiceNow SecOps connectors. + nullable: true + type: boolean + impact: + description: >- + The effect an incident had on business for ServiceNow ITSM + connectors. + type: string + issueType: + description: The type of issue for Jira connectors. + type: string + issueTypes: + description: The type of incident for IBM Resilient connectors. + items: + type: string + type: array + malwareHash: + description: >- + Indicates whether cases will send a comma-separated list of + malware hashes for ServiceNow SecOps connectors. + nullable: true + type: boolean + malwareUrl: + description: >- + Indicates whether cases will send a comma-separated list of + malware URLs for ServiceNow SecOps connectors. + nullable: true + type: boolean + parent: + description: >- + The key of the parent issue, when the issue type is sub-task + for Jira connectors. + type: string + priority: + description: >- + The priority of the issue for Jira and ServiceNow SecOps + connectors. + type: string + severity: + description: The severity of the incident for ServiceNow ITSM connectors. + type: string + severityCode: + description: >- + The severity code of the incident for IBM Resilient + connectors. + type: string + sourceIp: + description: >- + Indicates whether cases will send a comma-separated list of + source IPs for ServiceNow SecOps connectors. + nullable: true + type: boolean + subcategory: + description: >- + The subcategory of the incident for ServiceNow ITSM + connectors. + type: string + urgency: + description: >- + The extent to which the incident resolution can be delayed + for ServiceNow ITSM connectors. + type: string + id: + description: >- + The identifier for the connector. To create a case without a + connector, use `none`. + example: none + type: string + name: + description: >- + The name of the connector. To create a case without a connector, + use `none`. + example: none + type: string + type: + $ref: '#/components/schemas/Cases_connector_types' + Cases_payload_create_case: + type: object + properties: + assignees: + $ref: '#/components/schemas/Cases_assignees' + connector: + type: object + properties: + fields: + description: >- + An object containing the connector fields. To create a case + without a connector, specify null. If you want to omit any + individual field, specify null as its value. + example: null + nullable: true + type: object + properties: + caseId: + description: The case identifier for Swimlane connectors. + type: string + category: + description: >- + The category of the incident for ServiceNow ITSM and + ServiceNow SecOps connectors. + type: string + destIp: + description: >- + Indicates whether cases will send a comma-separated list of + destination IPs for ServiceNow SecOps connectors. + nullable: true + type: boolean + impact: + description: >- + The effect an incident had on business for ServiceNow ITSM + connectors. + type: string + issueType: + description: The type of issue for Jira connectors. + type: string + issueTypes: + description: The type of incident for IBM Resilient connectors. + items: + type: string + type: array + malwareHash: + description: >- + Indicates whether cases will send a comma-separated list of + malware hashes for ServiceNow SecOps connectors. + nullable: true + type: boolean + malwareUrl: + description: >- + Indicates whether cases will send a comma-separated list of + malware URLs for ServiceNow SecOps connectors. + nullable: true + type: boolean + parent: + description: >- + The key of the parent issue, when the issue type is sub-task + for Jira connectors. + type: string + priority: + description: >- + The priority of the issue for Jira and ServiceNow SecOps + connectors. + type: string + severity: + description: The severity of the incident for ServiceNow ITSM connectors. + type: string + severityCode: + description: >- + The severity code of the incident for IBM Resilient + connectors. + type: string + sourceIp: + description: >- + Indicates whether cases will send a comma-separated list of + source IPs for ServiceNow SecOps connectors. + nullable: true + type: boolean + subcategory: + description: >- + The subcategory of the incident for ServiceNow ITSM + connectors. + type: string + urgency: + description: >- + The extent to which the incident resolution can be delayed + for ServiceNow ITSM connectors. + type: string + id: + description: >- + The identifier for the connector. To create a case without a + connector, use `none`. + example: none type: string - maxItems: 100 - type: array - Cases_to: - description: > - Returns only cases that were created before a specific date. The date - must be specified as a KQL data range or date match expression. - example: now+1d - in: query - name: to - schema: - type: string - Cases_user_action_types: - description: Determines the types of user actions to return. - example: create_case - in: query - name: types - schema: - items: - enum: - - action - - alert - - assignees - - attachment - - comment - - connector - - create_case - - description - - pushed - - settings - - severity - - status - - tags - - title - - user + name: + description: >- + The name of the connector. To create a case without a connector, + use `none`. + example: none + type: string + type: + $ref: '#/components/schemas/Cases_connector_types' + description: type: string - type: array - Data_views_field_name: - description: The name of the runtime field. - in: path - name: fieldName - required: true - schema: - example: hour_of_day - type: string - Data_views_kbn_xsrf: - description: Cross-site request forgery protection - in: header - name: kbn-xsrf - required: true - schema: - type: string - Data_views_view_id: - description: An identifier for the data view. - in: path - name: viewId - required: true - schema: - example: ff959d40-b880-11e8-a6d9-e546fe2bba5f - type: string - Fleet_format: - description: Simplified or legacy format for package inputs - in: query - name: format - required: false - schema: - enum: - - simplified - - legacy - type: string - Fleet_kbn_xsrf: - description: Kibana's anti Cross-Site Request Forgery token. Can be any string value. - in: header - name: kbn-xsrf - required: true - schema: - type: string - Fleet_kuery: - in: query - name: kuery - required: false - schema: - type: string - Fleet_page_index: - in: query - name: page - required: false - schema: - default: 1 - type: integer - Fleet_page_size: - description: The number of items to return - in: query - name: perPage - required: false - schema: - default: 20 - type: integer - Fleet_show_inactive: - in: query - name: showInactive - required: false - schema: - type: boolean - Fleet_show_upgradeable: - in: query - name: showUpgradeable - required: false - schema: - type: boolean - Fleet_sort_field: - in: query - name: sortField - required: false - schema: - deprecated: true - type: string - Fleet_sort_order: - in: query - name: sortOrder - required: false - schema: - enum: - - asc - - desc - type: string - Fleet_with_metrics: - description: Return agent metrics, false by default - in: query - name: withMetrics - required: false - schema: - type: boolean - Machine_learning_APIs_simulateParam: - description: >- - When true, simulates the synchronization by returning only the list of - actions that would be performed. - example: 'true' - in: query - name: simulate - required: false - schema: - type: boolean - Saved_objects_kbn_xsrf: - description: Cross-site request forgery protection - in: header - name: kbn-xsrf - required: true - schema: - type: string - Saved_objects_saved_object_id: - description: An identifier for the saved object. - in: path - name: id - required: true - schema: - type: string - Saved_objects_saved_object_type: - description: >- - Valid options include `visualization`, `dashboard`, `search`, - `index-pattern`, `config`. - in: path - name: type - required: true - schema: - type: string - SLOs_kbn_xsrf: - description: Cross-site request forgery protection - in: header - name: kbn-xsrf - required: true - schema: - type: string - SLOs_slo_id: - description: An identifier for the slo. - in: path - name: sloId - required: true - schema: - example: 9c235211-6834-11ea-a78c-6feb38a34414 - type: string - SLOs_space_id: + owner: + $ref: '#/components/schemas/Cases_owners' + settings: + $ref: '#/components/schemas/Cases_settings' + severity: + $ref: '#/components/schemas/Cases_case_severity' + status: + $ref: '#/components/schemas/Cases_case_status' + tags: + items: + example: + - tag-1 + type: string + type: array + title: + type: string + Cases_payload_delete: description: >- - An identifier for the space. If `/s/` and the identifier are omitted - from the path, the default space is used. - in: path - name: spaceId - required: true - schema: - example: default - type: string - responses: - Fleet_error: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - description: Generic Error - schemas: - Alerting_401_response: + If the `action` is `delete` and the `type` is `delete_case`, the payload + is nullable. + nullable: true + type: object + Cases_payload_description: + type: object properties: - error: - enum: - - Unauthorized - example: Unauthorized - type: string - message: + description: type: string - statusCode: - enum: - - 401 - example: 401 - type: integer - title: Unsuccessful rule API response + Cases_payload_pushed: + type: object + properties: + externalService: + $ref: '#/components/schemas/Cases_external_service' + Cases_payload_settings: type: object - Alerting_alert_response_properties: - title: Legacy alert response properties + properties: + settings: + $ref: '#/components/schemas/Cases_settings' + Cases_payload_severity: type: object properties: - actions: + severity: + $ref: '#/components/schemas/Cases_case_severity' + Cases_payload_status: + type: object + properties: + status: + $ref: '#/components/schemas/Cases_case_status' + Cases_payload_tags: + type: object + properties: + tags: + example: + - tag-1 items: - type: object + type: string type: array - alertTypeId: - example: .index-threshold - type: string - apiKeyOwner: - example: elastic - nullable: true - type: string - createdAt: - description: The date and time that the alert was created. - example: '2022-12-05T23:36:58.284Z' - format: date-time - type: string - createdBy: - description: The identifier for the user that created the alert. - example: elastic + Cases_payload_title: + type: object + properties: + title: type: string - enabled: - description: Indicates whether the alert is currently enabled. - example: true - type: boolean - executionStatus: + Cases_payload_user_comment: + type: object + properties: + comment: type: object properties: - lastExecutionDate: - example: '2022-12-06T00:13:43.890Z' - format: date-time + comment: type: string - status: - example: ok + owner: + $ref: '#/components/schemas/Cases_owners' + type: + enum: + - user type: string + Cases_rule: + description: > + The rule that is associated with the alerts. It is required only when + `type` is `alert`. This functionality is in technical preview and may be + changed or removed in a future release. Elastic will work to fix any + issues, but features in technical preview are not subject to the support + SLA of official GA features. + title: Alerting rule + type: object + properties: id: - description: The identifier for the alert. - example: b530fed0-74f5-11ed-9801-35303b735aef + description: The rule identifier. + example: 94d80550-aaf4-11ec-985f-97e55adae8b9 type: string - muteAll: - example: false - type: boolean - mutedInstanceIds: - items: - type: string - nullable: true - type: array name: - description: The name of the alert. - example: my alert - type: string - notifyWhen: - example: onActionGroupChange + description: The rule name. + example: security_rule type: string - params: - additionalProperties: true - type: object - schedule: + x-technical-preview: true + Cases_searchFieldsType: + description: The fields to perform the `simple_query_string` parsed query against. + enum: + - description + - title + type: string + Cases_set_case_configuration_request: + description: >- + External connection details, such as the closure type and default + connector for cases. + properties: + closure_type: + $ref: '#/components/schemas/Cases_closure_types' + connector: + description: An object that contains the connector configuration. type: object properties: - interval: + fields: + description: >- + The fields specified in the case configuration are not used and + are not propagated to individual cases, therefore it is + recommended to set it to `null`. + nullable: true + type: object + id: + description: >- + The identifier for the connector. If you do not want a default + connector, use `none`. To retrieve connector IDs, use the find + connectors API. + example: none type: string - scheduledTaskId: - example: b530fed0-74f5-11ed-9801-35303b735aef - type: string - tags: + name: + description: >- + The name of the connector. If you do not want a default + connector, use `none`. To retrieve connector names, use the find + connectors API. + example: none + type: string + type: + $ref: '#/components/schemas/Cases_connector_types' + required: + - fields + - id + - name + - type + customFields: + description: Custom fields case configuration. items: - type: string + type: object + properties: + defaultValue: + description: > + A default value for the custom field. If the `type` is `text`, + the default value must be a string. If the `type` is `toggle`, + the default value must be boolean. + oneOf: + - type: string + - type: boolean + key: + description: > + A unique key for the custom field. Must be lower case and + composed only of a-z, 0-9, '_', and '-' characters. It is used + in API calls to refer to a specific custom field. + maxLength: 36 + minLength: 1 + type: string + label: + description: The custom field label that is displayed in the case. + maxLength: 50 + minLength: 1 + type: string + type: + description: The type of the custom field. + enum: + - text + - toggle + type: string + required: + description: > + Indicates whether the field is required. If `false`, the + custom field can be set to null or omitted when a case is + created or updated. + type: boolean + required: + - key + - label + - required + - type + maxItems: 10 + minItems: 0 type: array - throttle: - nullable: true - type: string - updatedAt: - example: '2022-12-05T23:36:58.284Z' - type: string - updatedBy: - description: The identifier for the user that updated this alert most recently. - example: elastic - nullable: true - type: string - Alerting_fieldmap_properties: - title: Field map objects in the get rule types response + owner: + $ref: '#/components/schemas/Cases_owners' + templates: + $ref: '#/components/schemas/Cases_templates' + required: + - closure_type + - connector + - owner + title: Set case configuration request + type: object + Cases_settings: + description: An object that contains the case settings. type: object properties: - array: - description: Indicates whether the field is an array. - type: boolean - dynamic: - description: Indicates whether it is a dynamic field mapping. - type: boolean - format: - description: > - Indicates the format of the field. For example, if the `type` is - `date_range`, the `format` can be - `epoch_millis||strict_date_optional_time`. - type: string - ignore_above: - description: >- - Specifies the maximum length of a string field. Longer strings are - not indexed or stored. - type: integer - index: - description: Indicates whether field values are indexed. + syncAlerts: + description: Turns alert syncing on or off. + example: true type: boolean - path: - description: TBD - type: string + required: + - syncAlerts + Cases_template_tags: + description: > + The words and phrases that help categorize templates. It can be an empty + array. + items: + maxLength: 256 + type: string + maxItems: 200 + type: array + Cases_templates: + items: + type: object properties: - additionalProperties: + caseFields: type: object properties: - type: - description: The data type for each object property. - type: string - description: > - Details about the object properties. This property is applicable - when `type` is `object`. - type: object - required: - description: Indicates whether the field is required. - type: boolean - scaling_factor: - description: > - The scaling factor to use when encoding values. This property is - applicable when `type` is `scaled_float`. Values will be multiplied - by this factor at index time and rounded to the closest long value. - type: integer - type: - description: Specifies the data type for the field. - example: scaled_float - type: string - Cases_4xx_response: - properties: - error: - example: Unauthorized - type: string - message: - type: string - statusCode: - example: 401 - type: integer - title: Unsuccessful cases API response - type: object - Cases_action_types: - description: The type of action. - enum: - - assignees - - create_case - - comment - - connector - - delete_case - - description - - pushed - - tags - - title - - status - - settings - - severity - example: create_case - type: string - Cases_actions: - enum: - - add - - create - - delete - - push_to_service - - update - example: create - type: string - Cases_add_alert_comment_request_properties: + assignees: + $ref: '#/components/schemas/Cases_assignees' + category: + $ref: '#/components/schemas/Cases_case_category' + connector: + type: object + properties: + fields: + description: >- + The fields specified in the case configuration are not + used and are not propagated to individual cases, therefore + it is recommended to set it to `null`. + nullable: true + type: object + id: + description: >- + The identifier for the connector. If you do not want a + default connector, use `none`. To retrieve connector IDs, + use the find connectors API. + example: none + type: string + name: + description: >- + The name of the connector. If you do not want a default + connector, use `none`. To retrieve connector names, use + the find connectors API. + example: none + type: string + type: + $ref: '#/components/schemas/Cases_connector_types' + customFields: + description: Custom field values in the template. + items: + type: object + properties: + key: + description: The unique key for the custom field. + type: string + type: + description: The type of the custom field. + enum: + - text + - toggle + type: string + value: + description: > + The default value for the custom field when a case uses + the template. If the `type` is `text`, the default value + must be a string. If the `type` is `toggle`, the default + value must be boolean. + oneOf: + - type: string + - type: boolean + type: array + x-technical-preview: true + description: + $ref: '#/components/schemas/Cases_case_description' + settings: + $ref: '#/components/schemas/Cases_settings' + severity: + $ref: '#/components/schemas/Cases_case_severity' + tags: + $ref: '#/components/schemas/Cases_case_tags' + title: + $ref: '#/components/schemas/Cases_case_title' + description: + description: A description for the template. + type: string + key: + description: > + A unique key for the template. Must be lower case and composed + only of a-z, 0-9, '_', and '-' characters. It is used in API calls + to refer to a specific template. + type: string + name: + description: The name of the template. + type: string + tags: + $ref: '#/components/schemas/Cases_template_tags' + type: array + x-technical-preview: true + Cases_update_alert_comment_request_properties: description: Defines properties for case comment requests when type is alert. type: object properties: alertId: $ref: '#/components/schemas/Cases_alert_identifiers' + id: + description: > + The identifier for the comment. To retrieve comment IDs, use the get + comments API. + example: 8af6ac20-74f6-11ea-b83a-553aecdb28b6 + type: string index: $ref: '#/components/schemas/Cases_alert_indices' owner: @@ -18001,27 +47415,227 @@ components: - alert example: alert type: string + version: + description: > + The current comment version. To retrieve version values, use the get + comments API. + example: Wzk1LDFd + type: string + required: + - alertId + - id + - index + - owner + - rule + - type + - version + title: Update case comment request properties for alerts + Cases_update_case_comment_request: + description: >- + The update case comment API request body varies depending on whether you + are updating an alert or a comment. + discriminator: + mapping: + alert: '#/components/schemas/Cases_update_alert_comment_request_properties' + user: '#/components/schemas/Cases_update_user_comment_request_properties' + propertyName: type + oneOf: + - $ref: '#/components/schemas/Cases_update_alert_comment_request_properties' + - $ref: '#/components/schemas/Cases_update_user_comment_request_properties' + title: Update case comment request + Cases_update_case_configuration_request: + description: > + You can update settings such as the closure type, custom fields, + templates, and the default connector for cases. + properties: + closure_type: + $ref: '#/components/schemas/Cases_closure_types' + connector: + description: An object that contains the connector configuration. + type: object + properties: + fields: + description: >- + The fields specified in the case configuration are not used and + are not propagated to individual cases, therefore it is + recommended to set it to `null`. + nullable: true + type: object + id: + description: >- + The identifier for the connector. If you do not want a default + connector, use `none`. To retrieve connector IDs, use the find + connectors API. + example: none + type: string + name: + description: >- + The name of the connector. If you do not want a default + connector, use `none`. To retrieve connector names, use the find + connectors API. + example: none + type: string + type: + $ref: '#/components/schemas/Cases_connector_types' + required: + - fields + - id + - name + - type + customFields: + description: Custom fields case configuration. + items: + type: object + properties: + defaultValue: + description: > + A default value for the custom field. If the `type` is `text`, + the default value must be a string. If the `type` is `toggle`, + the default value must be boolean. + oneOf: + - type: string + - type: boolean + key: + description: > + A unique key for the custom field. Must be lower case and + composed only of a-z, 0-9, '_', and '-' characters. It is used + in API calls to refer to a specific custom field. + maxLength: 36 + minLength: 1 + type: string + label: + description: The custom field label that is displayed in the case. + maxLength: 50 + minLength: 1 + type: string + type: + description: The type of the custom field. + enum: + - text + - toggle + type: string + required: + description: > + Indicates whether the field is required. If `false`, the + custom field can be set to null or omitted when a case is + created or updated. + type: boolean + required: + - key + - label + - required + - type + type: array + templates: + $ref: '#/components/schemas/Cases_templates' + version: + description: > + The version of the connector. To retrieve the version value, use the + get configuration API. + example: WzIwMiwxXQ== + type: string required: - - alertId - - index - - owner - - rule - - type - title: Add case comment request properties for alerts - Cases_add_case_comment_request: + - version + title: Update case configuration request + type: object + Cases_update_case_request: description: >- - The add comment to case API request body varies depending on whether you - are adding an alert or a comment. - discriminator: - mapping: - alert: '#/components/schemas/Cases_add_alert_comment_request_properties' - user: '#/components/schemas/Cases_add_user_comment_request_properties' - propertyName: type - oneOf: - - $ref: '#/components/schemas/Cases_add_alert_comment_request_properties' - - $ref: '#/components/schemas/Cases_add_user_comment_request_properties' - title: Add case comment request - Cases_add_user_comment_request_properties: + The update case API request body varies depending on the type of + connector. + properties: + cases: + description: An array containing one or more case objects. + items: + type: object + properties: + assignees: + $ref: '#/components/schemas/Cases_assignees' + category: + $ref: '#/components/schemas/Cases_case_category' + connector: + oneOf: + - $ref: '#/components/schemas/Cases_connector_properties_none' + - $ref: >- + #/components/schemas/Cases_connector_properties_cases_webhook + - $ref: '#/components/schemas/Cases_connector_properties_jira' + - $ref: '#/components/schemas/Cases_connector_properties_resilient' + - $ref: '#/components/schemas/Cases_connector_properties_servicenow' + - $ref: >- + #/components/schemas/Cases_connector_properties_servicenow_sir + - $ref: '#/components/schemas/Cases_connector_properties_swimlane' + customFields: + description: > + Custom field values for a case. Any optional custom fields + that are not specified in the request are set to null. + items: + type: object + properties: + key: + description: > + The unique identifier for the custom field. The key + value must exist in the case configuration settings. + type: string + type: + description: > + The custom field type. It must match the type specified + in the case configuration settings. + enum: + - text + - toggle + type: string + value: + description: > + The custom field value. If the custom field is required, + it cannot be explicitly set to null. However, for cases + that existed when the required custom field was added, + the default value stored in Elasticsearch is + `undefined`. The value returned in the API and user + interface in this case is `null`. + oneOf: + - maxLength: 160 + minLength: 1 + nullable: true + type: string + - type: boolean + required: + - key + - type + - value + maxItems: 10 + minItems: 0 + type: array + description: + $ref: '#/components/schemas/Cases_case_description' + id: + description: The identifier for the case. + maxLength: 30000 + type: string + settings: + $ref: '#/components/schemas/Cases_settings' + severity: + $ref: '#/components/schemas/Cases_case_severity' + status: + $ref: '#/components/schemas/Cases_case_status' + tags: + $ref: '#/components/schemas/Cases_case_tags' + title: + $ref: '#/components/schemas/Cases_case_title' + version: + description: >- + The current version of the case. To determine this value, use + the get case or find cases APIs. + type: string + required: + - id + - version + maxItems: 100 + minItems: 1 + type: array + required: + - cases + title: Update case request + type: object + Cases_update_user_comment_request_properties: description: Defines properties for case comment requests when type is user. properties: comment: @@ -18029,6 +47643,12 @@ components: example: A new comment. maxLength: 30000 type: string + id: + description: > + The identifier for the comment. To retrieve comment IDs, use the get + comments API. + example: 8af6ac20-74f6-11ea-b83a-553aecdb28b6 + type: string owner: $ref: '#/components/schemas/Cases_owners' type: @@ -18037,23 +47657,31 @@ components: - user example: user type: string + version: + description: > + The current comment version. To retrieve version values, use the get + comments API. + example: Wzk1LDFd + type: string required: - comment + - id - owner - type - title: Add case comment request properties for user comments + - version + title: Update case comment request properties for user comments type: object - Cases_alert_comment_response_properties: - title: Add case comment response properties for alerts + Cases_user_actions_find_response_properties: type: object properties: - alertId: - items: - example: a6e12ac4-7bce-457b-84f6-d7ce8deb8446 - type: string - type: array + action: + $ref: '#/components/schemas/Cases_actions' + comment_id: + example: 578608d0-03b1-11ed-920c-974bfa104448 + nullable: true + type: string created_at: - example: '2023-11-06T19:29:38.424Z' + example: '2022-05-13T09:16:17.416Z' format: date-time type: string created_by: @@ -18079,65 +47707,74 @@ components: - full_name - username id: - example: 73362370-ab1a-11ec-985f-97e55adae8b9 + example: 22fd3e30-03b1-11ed-920c-974bfa104448 type: string - index: - items: - example: .internal.alerts-security.alerts-default-000001 - type: string - type: array owner: $ref: '#/components/schemas/Cases_owners' - pushed_at: - example: null - format: date-time - nullable: true - type: string - pushed_by: - nullable: true - type: object - properties: - email: - example: null - nullable: true - type: string - full_name: - example: null - nullable: true - type: string - profile_uid: - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - type: string - username: - example: elastic - nullable: true - type: string - required: - - email - - full_name - - username - rule: - type: object - properties: - id: - description: The rule identifier. - example: 94d80550-aaf4-11ec-985f-97e55adae8b9 - type: string - name: - description: The rule name. - example: security_rule - type: string + payload: + oneOf: + - $ref: '#/components/schemas/Cases_payload_alert_comment' + - $ref: '#/components/schemas/Cases_payload_assignees' + - $ref: '#/components/schemas/Cases_payload_connector' + - $ref: '#/components/schemas/Cases_payload_create_case' + - $ref: '#/components/schemas/Cases_payload_delete' + - $ref: '#/components/schemas/Cases_payload_description' + - $ref: '#/components/schemas/Cases_payload_pushed' + - $ref: '#/components/schemas/Cases_payload_settings' + - $ref: '#/components/schemas/Cases_payload_severity' + - $ref: '#/components/schemas/Cases_payload_status' + - $ref: '#/components/schemas/Cases_payload_tags' + - $ref: '#/components/schemas/Cases_payload_title' + - $ref: '#/components/schemas/Cases_payload_user_comment' type: + description: The type of action. enum: - - alert - example: alert + - assignees + - create_case + - comment + - connector + - description + - pushed + - tags + - title + - status + - settings + - severity + example: create_case + type: string + version: + example: WzM1ODg4LDFd + type: string + required: + - action + - comment_id + - created_at + - created_by + - id + - owner + - payload + - type + - version + Cases_user_actions_response_properties: + type: object + properties: + action: + $ref: '#/components/schemas/Cases_actions' + action_id: + example: 22fd3e30-03b1-11ed-920c-974bfa104448 type: string - updated_at: - format: date-time - nullable: true + case_id: + example: 22df07d0-03b1-11ed-920c-974bfa104448 type: string - updated_by: + comment_id: + example: 578608d0-03b1-11ed-920c-974bfa104448 nullable: true + type: string + created_at: + example: '2022-05-13T09:16:17.416Z' + format: date-time + type: string + created_by: type: object properties: email: @@ -18159,4988 +47796,10731 @@ components: - email - full_name - username - version: - example: WzMwNDgsMV0= - type: string - required: - - type - Cases_alert_identifiers: - description: > - The alert identifiers. It is required only when `type` is `alert`. You - can use an array of strings to add multiple alerts to a case, provided - that they all relate to the same rule; `index` must also be an array - with the same length or number of elements. Adding multiple alerts in - this manner is recommended rather than calling the API multiple times. - This functionality is in technical preview and may be changed or removed - in a future release. Elastic will work to fix any issues, but features - in technical preview are not subject to the support SLA of official GA - features. - example: 6b24c4dc44bc720cfc92797f3d61fff952f2b2627db1fb4f8cc49f4530c4ff42 - oneOf: - - type: string - - items: - type: string - maxItems: 1000 - type: array - title: Alert identifiers - x-technical-preview: true - Cases_alert_indices: - description: > - The alert indices. It is required only when `type` is `alert`. If you - are adding multiple alerts to a case, use an array of strings; the - position of each index name in the array must match the position of the - corresponding alert identifier in the `alertId` array. This - functionality is in technical preview and may be changed or removed in a - future release. Elastic will work to fix any issues, but features in - technical preview are not subject to the support SLA of official GA - features. - oneOf: - - type: string - - items: - type: string - maxItems: 1000 - type: array - title: Alert indices - x-technical-preview: true - Cases_alert_response_properties: - type: object - properties: - attached_at: - format: date-time - type: string - id: - description: The alert identifier. - type: string - index: - description: The alert index. - type: string - Cases_assignees: - description: An array containing users that are assigned to the case. - items: - type: object - properties: - uid: - description: >- - A unique identifier for the user profile. These identifiers can be - found by using the suggest user profile API. - example: u_0wpfV1MqYDaXzLtRVY-gLMrddKDEmfz51Fszhj7hWC8_0 - type: string - required: - - uid - maxItems: 10 - nullable: true - type: array - Cases_case_category: - description: A word or phrase that categorizes the case. - maxLength: 50 - type: string - Cases_case_description: - description: The description for the case. - maxLength: 30000 - type: string - Cases_case_response_closed_by_properties: - nullable: true - properties: - email: - example: null - nullable: true - type: string - full_name: - example: null - nullable: true - type: string - profile_uid: - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - type: string - username: - example: elastic - nullable: true - type: string - required: - - email - - full_name - - username - title: Case response properties for closed_by - type: object - Cases_case_response_created_by_properties: - title: Case response properties for created_by - type: object - properties: - email: - example: null - nullable: true - type: string - full_name: - example: null - nullable: true - type: string - profile_uid: - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - type: string - username: - example: elastic - nullable: true - type: string - required: - - email - - full_name - - username - Cases_case_response_properties: - title: Case response properties - type: object - properties: - assignees: - $ref: '#/components/schemas/Cases_assignees' - category: - description: The case category. - nullable: true - type: string - closed_at: - format: date-time - nullable: true - type: string - closed_by: - $ref: '#/components/schemas/Cases_case_response_closed_by_properties' - comments: - description: An array of comment objects for the case. - items: - discriminator: - mapping: - alert: '#/components/schemas/Cases_alert_comment_response_properties' - user: '#/components/schemas/Cases_user_comment_response_properties' - propertyName: type - oneOf: - - $ref: '#/components/schemas/Cases_alert_comment_response_properties' - - $ref: '#/components/schemas/Cases_user_comment_response_properties' - maxItems: 10000 - title: Case response properties for comments - type: array - connector: - discriminator: - mapping: - .cases-webhook: '#/components/schemas/Cases_connector_properties_cases_webhook' - .jira: '#/components/schemas/Cases_connector_properties_jira' - .none: '#/components/schemas/Cases_connector_properties_none' - .resilient: '#/components/schemas/Cases_connector_properties_resilient' - .servicenow: '#/components/schemas/Cases_connector_properties_servicenow' - .servicenow-sir: '#/components/schemas/Cases_connector_properties_servicenow_sir' - .swimlane: '#/components/schemas/Cases_connector_properties_swimlane' - propertyName: type + owner: + $ref: '#/components/schemas/Cases_owners' + payload: oneOf: - - $ref: '#/components/schemas/Cases_connector_properties_none' - - $ref: '#/components/schemas/Cases_connector_properties_cases_webhook' - - $ref: '#/components/schemas/Cases_connector_properties_jira' - - $ref: '#/components/schemas/Cases_connector_properties_resilient' - - $ref: '#/components/schemas/Cases_connector_properties_servicenow' - - $ref: '#/components/schemas/Cases_connector_properties_servicenow_sir' - - $ref: '#/components/schemas/Cases_connector_properties_swimlane' - title: Case response properties for connectors - created_at: - example: '2022-05-13T09:16:17.416Z' - format: date-time - type: string - created_by: - $ref: '#/components/schemas/Cases_case_response_created_by_properties' - customFields: - description: Custom field values for the case. - items: - type: object - properties: - key: - description: > - The unique identifier for the custom field. The key value must - exist in the case configuration settings. - type: string - type: - description: > - The custom field type. It must match the type specified in the - case configuration settings. - enum: - - text - - toggle - type: string - value: - description: > - The custom field value. If the custom field is required, it - cannot be explicitly set to null. However, for cases that - existed when the required custom field was added, the default - value stored in Elasticsearch is `undefined`. The value - returned in the API and user interface in this case is `null`. - oneOf: - - maxLength: 160 - minLength: 1 - nullable: true - type: string - - type: boolean - type: array - description: - example: A case description. + - $ref: '#/components/schemas/Cases_payload_alert_comment' + - $ref: '#/components/schemas/Cases_payload_assignees' + - $ref: '#/components/schemas/Cases_payload_connector' + - $ref: '#/components/schemas/Cases_payload_create_case' + - $ref: '#/components/schemas/Cases_payload_delete' + - $ref: '#/components/schemas/Cases_payload_description' + - $ref: '#/components/schemas/Cases_payload_pushed' + - $ref: '#/components/schemas/Cases_payload_settings' + - $ref: '#/components/schemas/Cases_payload_severity' + - $ref: '#/components/schemas/Cases_payload_status' + - $ref: '#/components/schemas/Cases_payload_tags' + - $ref: '#/components/schemas/Cases_payload_title' + - $ref: '#/components/schemas/Cases_payload_user_comment' + type: + $ref: '#/components/schemas/Cases_action_types' + required: + - action + - action_id + - case_id + - comment_id + - created_at + - created_by + - owner + - payload + - type + Cases_user_comment_response_properties: + title: Case response properties for user comments + type: object + properties: + comment: + example: A new comment. type: string - duration: - description: > - The elapsed time from the creation of the case to its closure (in - seconds). If the case has not been closed, the duration is set to - null. If the case was closed after less than half a second, the - duration is rounded down to zero. - example: 120 - nullable: true - type: integer - external_service: - $ref: '#/components/schemas/Cases_external_service' + created_at: + example: '2022-05-13T09:16:17.416Z' + format: date-time + type: string + created_by: + $ref: '#/components/schemas/Cases_case_response_created_by_properties' id: - example: 66b9aa00-94fa-11ea-9f74-e7e108796192 + example: 8af6ac20-74f6-11ea-b83a-553aecdb28b6 type: string owner: $ref: '#/components/schemas/Cases_owners' - settings: - $ref: '#/components/schemas/Cases_settings' - severity: - $ref: '#/components/schemas/Cases_case_severity' - status: - $ref: '#/components/schemas/Cases_case_status' - tags: - example: - - tag-1 - items: - type: string - type: array - title: - example: Case title 1 + pushed_at: + example: null + format: date-time + nullable: true + type: string + pushed_by: + $ref: '#/components/schemas/Cases_case_response_pushed_by_properties' + type: + enum: + - user + example: user type: string - totalAlerts: - example: 0 - type: integer - totalComment: - example: 0 - type: integer updated_at: + example: null format: date-time nullable: true type: string updated_by: $ref: '#/components/schemas/Cases_case_response_updated_by_properties' version: - example: WzUzMiwxXQ== + example: WzIwNDMxLDFd type: string required: - - closed_at - - closed_by - - comments - - connector - - created_at - - created_by - - description - - duration - - external_service - - id - - owner - - settings - - severity - - status - - tags - - title - - totalAlerts - - totalComment - - updated_at - - updated_by - - version - Cases_case_response_pushed_by_properties: - nullable: true + - type + Data_views_400_response: + title: Bad request + type: object properties: - email: - example: null - nullable: true + error: + example: Bad Request type: string - full_name: - example: null - nullable: true + message: type: string - profile_uid: - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + statusCode: + example: 400 + type: number + required: + - statusCode + - error + - message + Data_views_404_response: + type: object + properties: + error: + enum: + - Not Found + example: Not Found type: string - username: - example: elastic - nullable: true + message: + example: >- + Saved object [index-pattern/caaad6d0-920c-11ed-b36a-874bd1548a00] + not found + type: string + statusCode: + enum: + - 404 + example: 404 + type: integer + Data_views_allownoindex: + description: Allows the data view saved object to exist before the data is available. + type: boolean + Data_views_create_data_view_request_object: + title: Create data view request + type: object + properties: + data_view: + description: The data view object. + type: object + properties: + allowNoIndex: + $ref: '#/components/schemas/Data_views_allownoindex' + fieldAttrs: + additionalProperties: + $ref: '#/components/schemas/Data_views_fieldattrs' + type: object + fieldFormats: + $ref: '#/components/schemas/Data_views_fieldformats' + fields: + type: object + id: + type: string + name: + description: The data view name. + type: string + namespaces: + $ref: '#/components/schemas/Data_views_namespaces' + runtimeFieldMap: + additionalProperties: + $ref: '#/components/schemas/Data_views_runtimefieldmap' + type: object + sourceFilters: + $ref: '#/components/schemas/Data_views_sourcefilters' + timeFieldName: + $ref: '#/components/schemas/Data_views_timefieldname' + title: + $ref: '#/components/schemas/Data_views_title' + type: + $ref: '#/components/schemas/Data_views_type' + typeMeta: + $ref: '#/components/schemas/Data_views_typemeta' + version: + type: string + required: + - title + override: + default: false + description: >- + Override an existing data view if a data view with the provided + title already exists. + type: boolean + required: + - data_view + Data_views_data_view_response_object: + title: Data view response properties + type: object + properties: + data_view: + type: object + properties: + allowNoIndex: + $ref: '#/components/schemas/Data_views_allownoindex' + fieldAttrs: + additionalProperties: + $ref: '#/components/schemas/Data_views_fieldattrs' + type: object + fieldFormats: + $ref: '#/components/schemas/Data_views_fieldformats' + fields: + type: object + id: + example: ff959d40-b880-11e8-a6d9-e546fe2bba5f + type: string + name: + description: The data view name. + type: string + namespaces: + $ref: '#/components/schemas/Data_views_namespaces' + runtimeFieldMap: + additionalProperties: + $ref: '#/components/schemas/Data_views_runtimefieldmap' + type: object + sourceFilters: + $ref: '#/components/schemas/Data_views_sourcefilters' + timeFieldName: + $ref: '#/components/schemas/Data_views_timefieldname' + title: + $ref: '#/components/schemas/Data_views_title' + typeMeta: + $ref: '#/components/schemas/Data_views_typemeta_response' + version: + example: WzQ2LDJd + type: string + Data_views_fieldattrs: + description: A map of field attributes by field name. + type: object + properties: + count: + description: Popularity count for the field. + type: integer + customDescription: + description: Custom description for the field. + maxLength: 300 + type: string + customLabel: + description: Custom label for the field. + type: string + Data_views_fieldformats: + description: A map of field formats by field name. + type: object + Data_views_namespaces: + description: >- + An array of space identifiers for sharing the data view between multiple + spaces. + items: + default: default + type: string + type: array + Data_views_runtimefieldmap: + description: A map of runtime field definitions by field name. + type: object + properties: + script: + type: object + properties: + source: + description: Script for the runtime field. + type: string + type: + description: Mapping type of the runtime field. type: string required: - - email - - full_name - - username - title: Case response properties for pushed_by + - script + - type + Data_views_sourcefilters: + description: The array of field names you want to filter out in Discover. + items: + type: object + properties: + value: + type: string + required: + - value + type: array + Data_views_swap_data_view_request_object: + title: Data view reference swap request type: object - Cases_case_response_updated_by_properties: - nullable: true properties: - email: - example: null - nullable: true + delete: + description: Deletes referenced saved object if all references are removed. + type: boolean + forId: + description: Limit the affected saved objects to one or more by identifier. + oneOf: + - type: string + - items: + type: string + type: array + forType: + description: Limit the affected saved objects by type. type: string - full_name: - example: null - nullable: true + fromId: + description: The saved object reference to change. type: string - profile_uid: - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + fromType: + description: > + Specify the type of the saved object reference to alter. The default + value is `index-pattern` for data views. type: string - username: - example: elastic - nullable: true + toId: + description: New saved object reference value to replace the old value. type: string required: - - email - - full_name - - username - title: Case response properties for updated_by - type: object - Cases_case_severity: - default: low - description: The severity of the case. - enum: - - critical - - high - - low - - medium + - fromId + - toId + Data_views_timefieldname: + description: The timestamp field name, which you use for time-based data views. type: string - Cases_case_status: - description: The status of the case. - enum: - - closed - - in-progress - - open + Data_views_title: + description: >- + Comma-separated list of data streams, indices, and aliases that you want + to search. Supports wildcards (`*`). type: string - Cases_case_tags: - description: > - The words and phrases that help categorize cases. It can be an empty - array. - items: - maxLength: 256 - type: string - maxItems: 200 - type: array - Cases_case_title: - description: A title for the case. - maxLength: 160 + Data_views_type: + description: When set to `rollup`, identifies the rollup data views. type: string - Cases_closure_types: + Data_views_typemeta: description: >- - Indicates whether a case is automatically closed when it is pushed to - external systems (`close-by-pushing`) or not automatically closed - (`close-by-user`). - enum: - - close-by-pushing - - close-by-user - example: close-by-user - type: string - Cases_connector_properties_cases_webhook: - description: Defines properties for connectors when type is `.cases-webhook`. + When you use rollup indices, contains the field list for the rollup data + view API endpoints. type: object properties: - fields: - example: null - nullable: true - type: string - id: - description: >- - The identifier for the connector. To retrieve connector IDs, use the - find connectors API. - type: string - name: - description: The name of the connector. - type: string - type: - description: The type of connector. - enum: - - .cases-webhook - example: .cases-webhook - type: string + aggs: + description: A map of rollup restrictions by aggregation type and field name. + type: object + params: + description: Properties for retrieving rollup fields. + type: object required: - - fields - - id - - name - - type - title: Create or upate case request properties for Cases Webhook connector - Cases_connector_properties_jira: - description: Defines properties for connectors when type is `.jira`. + - aggs + - params + Data_views_typemeta_response: + description: >- + When you use rollup indices, contains the field list for the rollup data + view API endpoints. + nullable: true type: object properties: - fields: - description: >- - An object containing the connector fields. If you want to omit any - individual field, specify null as its value. + aggs: + description: A map of rollup restrictions by aggregation type and field name. type: object - properties: - issueType: - description: The type of issue. - nullable: true - type: string - parent: - description: The key of the parent issue, when the issue type is sub-task. - nullable: true - type: string - priority: - description: The priority of the issue. - nullable: true - type: string - required: - - issueType - - parent - - priority - id: - description: >- - The identifier for the connector. To retrieve connector IDs, use the - find connectors API. - type: string - name: - description: The name of the connector. - type: string - type: - description: The type of connector. - enum: - - .jira - example: .jira - type: string - required: - - fields - - id - - name - - type - title: Create or update case request properties for a Jira connector - Cases_connector_properties_none: - description: Defines properties for connectors when type is `.none`. + params: + description: Properties for retrieving rollup fields. + type: object + Data_views_update_data_view_request_object: + title: Update data view request type: object properties: - fields: - description: >- - An object containing the connector fields. To create a case without - a connector, specify null. To update a case to remove the connector, - specify null. - example: null - nullable: true - type: string - id: - description: >- - The identifier for the connector. To create a case without a - connector, use `none`. To update a case to remove the connector, - specify `none`. - example: none - type: string - name: - description: >- - The name of the connector. To create a case without a connector, use - `none`. To update a case to remove the connector, specify `none`. - example: none - type: string - type: - description: >- - The type of connector. To create a case without a connector, use - `.none`. To update a case to remove the connector, specify `.none`. - enum: - - .none - example: .none - type: string + data_view: + description: > + The data view properties you want to update. Only the specified + properties are updated in the data view. Unspecified fields stay as + they are persisted. + type: object + properties: + allowNoIndex: + $ref: '#/components/schemas/Data_views_allownoindex' + fieldFormats: + $ref: '#/components/schemas/Data_views_fieldformats' + fields: + type: object + name: + type: string + runtimeFieldMap: + additionalProperties: + $ref: '#/components/schemas/Data_views_runtimefieldmap' + type: object + sourceFilters: + $ref: '#/components/schemas/Data_views_sourcefilters' + timeFieldName: + $ref: '#/components/schemas/Data_views_timefieldname' + title: + $ref: '#/components/schemas/Data_views_title' + type: + $ref: '#/components/schemas/Data_views_type' + typeMeta: + $ref: '#/components/schemas/Data_views_typemeta' + refresh_fields: + default: false + description: Reloads the data view fields after the data view is updated. + type: boolean required: - - fields - - id - - name - - type - title: Create or update case request properties for no connector - Cases_connector_properties_resilient: - description: Defines properties for connectors when type is `.resilient`. + - data_view + Kibana_HTTP_APIs_core_status_redactedResponse: + additionalProperties: false + description: A minimal representation of Kibana's operational status. type: object properties: - fields: - description: >- - An object containing the connector fields. If you want to omit any - individual field, specify null as its value. - nullable: true + status: + additionalProperties: false type: object properties: - issueTypes: - description: The type of incident. - items: - type: string - type: array - severityCode: - description: The severity code of the incident. - type: string + overall: + additionalProperties: false + type: object + properties: + level: + description: Service status levels as human and machine readable values. + enum: + - available + - degraded + - unavailable + - critical + type: string + required: + - level required: - - issueTypes - - severityCode - id: - description: The identifier for the connector. - type: string - name: - description: The name of the connector. - type: string - type: - description: The type of connector. - enum: - - .resilient - example: .resilient - type: string + - overall required: - - fields - - id - - name - - type - title: Create case request properties for a IBM Resilient connector - Cases_connector_properties_servicenow: - description: Defines properties for connectors when type is `.servicenow`. + - status + Kibana_HTTP_APIs_core_status_response: + additionalProperties: false + description: >- + Kibana's operational status as well as a detailed breakdown of plugin + statuses indication of various loads (like event loop utilization and + network traffic) at time of request. type: object properties: - fields: - description: >- - An object containing the connector fields. If you want to omit any - individual field, specify null as its value. + metrics: + additionalProperties: false + description: Metric groups collected by Kibana. type: object properties: - category: - description: The category of the incident. - nullable: true - type: string - impact: - description: The effect an incident had on business. - nullable: true - type: string - severity: - description: The severity of the incident. - nullable: true - type: string - subcategory: - description: The subcategory of the incident. - nullable: true - type: string - urgency: - description: The extent to which the incident resolution can be delayed. - nullable: true + collection_interval_in_millis: + description: The interval at which metrics should be collected. + type: number + elasticsearch_client: + additionalProperties: false + description: Current network metrics of Kibana's Elasticsearch client. + type: object + properties: + totalActiveSockets: + description: Count of network sockets currently in use. + type: number + totalIdleSockets: + description: Count of network sockets currently idle. + type: number + totalQueuedRequests: + description: Count of requests not yet assigned to sockets. + type: number + required: + - totalActiveSockets + - totalIdleSockets + - totalQueuedRequests + last_updated: + description: The time metrics were collected. type: string required: - - category - - impact - - severity - - subcategory - - urgency - id: + - elasticsearch_client + - last_updated + - collection_interval_in_millis + name: + description: Kibana instance name. + type: string + status: + additionalProperties: false + type: object + properties: + core: + additionalProperties: false + description: Statuses of core Kibana services. + type: object + properties: + elasticsearch: + additionalProperties: false + type: object + properties: + detail: + description: Human readable detail of the service status. + type: string + documentationUrl: + description: A URL to further documentation regarding this service. + type: string + level: + description: >- + Service status levels as human and machine readable + values. + enum: + - available + - degraded + - unavailable + - critical + type: string + meta: + additionalProperties: {} + description: >- + An unstructured set of extra metadata about this + service. + type: object + summary: + description: A human readable summary of the service status. + type: string + required: + - level + - summary + - meta + savedObjects: + additionalProperties: false + type: object + properties: + detail: + description: Human readable detail of the service status. + type: string + documentationUrl: + description: A URL to further documentation regarding this service. + type: string + level: + description: >- + Service status levels as human and machine readable + values. + enum: + - available + - degraded + - unavailable + - critical + type: string + meta: + additionalProperties: {} + description: >- + An unstructured set of extra metadata about this + service. + type: object + summary: + description: A human readable summary of the service status. + type: string + required: + - level + - summary + - meta + required: + - elasticsearch + - savedObjects + overall: + additionalProperties: false + type: object + properties: + detail: + description: Human readable detail of the service status. + type: string + documentationUrl: + description: A URL to further documentation regarding this service. + type: string + level: + description: Service status levels as human and machine readable values. + enum: + - available + - degraded + - unavailable + - critical + type: string + meta: + additionalProperties: {} + description: An unstructured set of extra metadata about this service. + type: object + summary: + description: A human readable summary of the service status. + type: string + required: + - level + - summary + - meta + plugins: + additionalProperties: + additionalProperties: false + type: object + properties: + detail: + description: Human readable detail of the service status. + type: string + documentationUrl: + description: A URL to further documentation regarding this service. + type: string + level: + description: >- + Service status levels as human and machine readable + values. + enum: + - available + - degraded + - unavailable + - critical + type: string + meta: + additionalProperties: {} + description: An unstructured set of extra metadata about this service. + type: object + summary: + description: A human readable summary of the service status. + type: string + required: + - level + - summary + - meta + description: A dynamic mapping of plugin ID to plugin status. + type: object + required: + - overall + - core + - plugins + uuid: description: >- - The identifier for the connector. To retrieve connector IDs, use the - find connectors API. - type: string - name: - description: The name of the connector. - type: string - type: - description: The type of connector. - enum: - - .servicenow - example: .servicenow + Unique, generated Kibana instance UUID. This UUID should persist + even if the Kibana process restarts. type: string - required: - - fields - - id - - name - - type - title: Create case request properties for a ServiceNow ITSM connector - Cases_connector_properties_servicenow_sir: - description: Defines properties for connectors when type is `.servicenow-sir`. - type: object - properties: - fields: - description: >- - An object containing the connector fields. If you want to omit any - individual field, specify null as its value. + version: + additionalProperties: false type: object properties: - category: - description: The category of the incident. - nullable: true + build_date: + description: The date and time of this build. type: string - destIp: - description: >- - Indicates whether cases will send a comma-separated list of - destination IPs. - nullable: true - type: boolean - malwareHash: + build_flavor: description: >- - Indicates whether cases will send a comma-separated list of - malware hashes. - nullable: true - type: boolean - malwareUrl: + The build flavour determines configuration and behavior of + Kibana. On premise users will almost always run the + "traditional" flavour, while other flavours are reserved for + Elastic-specific use cases. + enum: + - serverless + - traditional + type: string + build_hash: description: >- - Indicates whether cases will send a comma-separated list of - malware URLs. - nullable: true - type: boolean - priority: - description: The priority of the issue. - nullable: true + A unique hash value representing the git commit of this Kibana + build. type: string - sourceIp: + build_number: description: >- - Indicates whether cases will send a comma-separated list of - source IPs. - nullable: true + A monotonically increasing number, each subsequent build will + have a higher number. + type: number + build_snapshot: + description: Whether this build is a snapshot build. type: boolean - subcategory: - description: The subcategory of the incident. - nullable: true + number: + description: A semantic version number. type: string required: - - category - - destIp - - malwareHash - - malwareUrl - - priority - - sourceIp - - subcategory - id: + - number + - build_hash + - build_number + - build_snapshot + - build_flavor + - build_date + required: + - name + - uuid + - version + - status + - metrics + Machine_learning_APIs_mlSync200Response: + properties: + datafeedsAdded: + additionalProperties: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseDatafeeds' description: >- - The identifier for the connector. To retrieve connector IDs, use the - find connectors API. - type: string - name: - description: The name of the connector. + If a saved object for an anomaly detection job is missing a datafeed + identifier, it is added when you run the sync machine learning saved + objects API. + type: object + datafeedsRemoved: + additionalProperties: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseDatafeeds' + description: >- + If a saved object for an anomaly detection job references a datafeed + that no longer exists, it is deleted when you run the sync machine + learning saved objects API. + type: object + savedObjectsCreated: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseSavedObjectsCreated + savedObjectsDeleted: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseSavedObjectsDeleted + title: Successful sync API response + type: object + Machine_learning_APIs_mlSync4xxResponse: + properties: + error: + example: Unauthorized type: string - type: - description: The type of connector. - enum: - - .servicenow-sir - example: .servicenow-sir + message: type: string - required: - - fields - - id - - name - - type - title: Create case request properties for a ServiceNow SecOps connector - Cases_connector_properties_swimlane: - description: Defines properties for connectors when type is `.swimlane`. + statusCode: + example: 401 + type: integer + title: Unsuccessful sync API response type: object + Machine_learning_APIs_mlSyncResponseAnomalyDetectors: + description: >- + The sync machine learning saved objects API response contains this + object when there are anomaly detection jobs affected by the + synchronization. There is an object for each relevant job, which + contains the synchronization status. properties: - fields: + success: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' + title: Sync API response for anomaly detection jobs + type: object + Machine_learning_APIs_mlSyncResponseDatafeeds: + description: >- + The sync machine learning saved objects API response contains this + object when there are datafeeds affected by the synchronization. There + is an object for each relevant datafeed, which contains the + synchronization status. + properties: + success: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' + title: Sync API response for datafeeds + type: object + Machine_learning_APIs_mlSyncResponseDataFrameAnalytics: + description: >- + The sync machine learning saved objects API response contains this + object when there are data frame analytics jobs affected by the + synchronization. There is an object for each relevant job, which + contains the synchronization status. + properties: + success: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' + title: Sync API response for data frame analytics jobs + type: object + Machine_learning_APIs_mlSyncResponseSavedObjectsCreated: + description: >- + If saved objects are missing for machine learning jobs or trained + models, they are created when you run the sync machine learning saved + objects API. + properties: + anomaly-detector: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseAnomalyDetectors + description: >- + If saved objects are missing for anomaly detection jobs, they are + created. + type: object + data-frame-analytics: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseDataFrameAnalytics + description: >- + If saved objects are missing for data frame analytics jobs, they are + created. + type: object + trained-model: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseTrainedModels + description: If saved objects are missing for trained models, they are created. + type: object + title: Sync API response for created saved objects + type: object + Machine_learning_APIs_mlSyncResponseSavedObjectsDeleted: + description: >- + If saved objects exist for machine learning jobs or trained models that + no longer exist, they are deleted when you run the sync machine learning + saved objects API. + properties: + anomaly-detector: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseAnomalyDetectors + description: >- + If there are saved objects exist for nonexistent anomaly detection + jobs, they are deleted. + type: object + data-frame-analytics: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseDataFrameAnalytics description: >- - An object containing the connector fields. If you want to omit any - individual field, specify null as its value. + If there are saved objects exist for nonexistent data frame + analytics jobs, they are deleted. type: object - properties: - caseId: - description: The case identifier for Swimlane connectors. - nullable: true - type: string - required: - - caseId - id: + trained-model: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseTrainedModels description: >- - The identifier for the connector. To retrieve connector IDs, use the - find connectors API. - type: string - name: - description: The name of the connector. - type: string - type: - description: The type of connector. - enum: - - .swimlane - example: .swimlane - type: string - required: - - fields - - id - - name - - type - title: Create case request properties for a Swimlane connector - Cases_connector_types: - description: The type of connector. - enum: - - .cases-webhook - - .jira - - .none - - .resilient - - .servicenow - - .servicenow-sir - - .swimlane - example: .none - type: string - Cases_create_case_request: + If there are saved objects exist for nonexistent trained models, + they are deleted. + type: object + title: Sync API response for deleted saved objects + type: object + Machine_learning_APIs_mlSyncResponseSuccess: + description: The success or failure of the synchronization. + type: boolean + Machine_learning_APIs_mlSyncResponseTrainedModels: description: >- - The create case API request body varies depending on the type of - connector. + The sync machine learning saved objects API response contains this + object when there are trained models affected by the synchronization. + There is an object for each relevant trained model, which contains the + synchronization status. properties: - assignees: - $ref: '#/components/schemas/Cases_assignees' - category: - $ref: '#/components/schemas/Cases_case_category' - connector: - oneOf: - - $ref: '#/components/schemas/Cases_connector_properties_none' - - $ref: '#/components/schemas/Cases_connector_properties_cases_webhook' - - $ref: '#/components/schemas/Cases_connector_properties_jira' - - $ref: '#/components/schemas/Cases_connector_properties_resilient' - - $ref: '#/components/schemas/Cases_connector_properties_servicenow' - - $ref: '#/components/schemas/Cases_connector_properties_servicenow_sir' - - $ref: '#/components/schemas/Cases_connector_properties_swimlane' - customFields: - description: > - Custom field values for a case. Any optional custom fields that are - not specified in the request are set to null. - items: - type: object - properties: - key: - description: > - The unique identifier for the custom field. The key value must - exist in the case configuration settings. - type: string - type: - description: > - The custom field type. It must match the type specified in the - case configuration settings. - enum: - - text - - toggle - type: string - value: - description: > - The custom field value. If the custom field is required, it - cannot be explicitly set to null. However, for cases that - existed when the required custom field was added, the default - value stored in Elasticsearch is `undefined`. The value - returned in the API and user interface in this case is `null`. - oneOf: - - maxLength: 160 - minLength: 1 - nullable: true - type: string - - type: boolean - required: - - key - - type - - value - maxItems: 10 - minItems: 0 - type: array - description: - $ref: '#/components/schemas/Cases_case_description' - owner: - $ref: '#/components/schemas/Cases_owners' - settings: - $ref: '#/components/schemas/Cases_settings' - severity: - $ref: '#/components/schemas/Cases_case_severity' - tags: - $ref: '#/components/schemas/Cases_case_tags' - title: - $ref: '#/components/schemas/Cases_case_title' - required: - - connector - - description - - owner - - settings - - tags - - title - title: Create case request + success: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' + title: Sync API response for trained models type: object - Cases_external_service: - nullable: true + Saved_objects_400_response: + title: Bad request type: object properties: - connector_id: - type: string - connector_name: - type: string - external_id: - type: string - external_title: - type: string - external_url: + error: + enum: + - Bad Request type: string - pushed_at: - format: date-time + message: type: string - pushed_by: - nullable: true - type: object - properties: - email: - example: null - nullable: true - type: string - full_name: - example: null - nullable: true - type: string - profile_uid: - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - type: string - username: - example: elastic - nullable: true - type: string - Cases_owners: + statusCode: + enum: + - 400 + type: integer + required: + - error + - message + - statusCode + Saved_objects_attributes: description: > - The application that owns the cases: Stack Management, Observability, or - Elastic Security. - enum: - - cases - - observability - - securitySolution - example: cases - type: string - Cases_payload_alert_comment: + The data that you want to create. WARNING: When you create saved + objects, attributes are not validated, which allows you to pass + arbitrary and ill-formed data into the API that can break Kibana. Make + sure any data that you send to the API is properly formed. type: object - properties: - comment: - type: object - properties: - alertId: - oneOf: - - example: 1c0b056b-cc9f-4b61-b5c9-cb801abd5e1d - type: string - - items: - type: string - type: array - index: - oneOf: - - example: .alerts-observability.logs.alerts-default - type: string - - items: - type: string - type: array - owner: - $ref: '#/components/schemas/Cases_owners' - rule: - type: object - properties: - id: - description: The rule identifier. - example: 94d80550-aaf4-11ec-985f-97e55adae8b9 - type: string - name: - description: The rule name. - example: security_rule - type: string - type: - enum: - - alert - type: string - Cases_payload_assignees: + Saved_objects_initial_namespaces: + description: > + Identifiers for the spaces in which this object is created. If this is + provided, the object is created only in the explicitly defined spaces. + If this is not provided, the object is created in the current space + (default behavior). For shareable object types (registered with + `namespaceType: 'multiple'`), this option can be used to specify one or + more spaces, including the "All spaces" identifier ('*'). For isolated + object types (registered with `namespaceType: 'single'` or + `namespaceType: 'multiple-isolated'`), this option can only be used to + specify a single space, and the "All spaces" identifier ('*') is not + allowed. For global object types (`registered with `namespaceType: + agnostic`), this option cannot be used. + type: array + Saved_objects_references: + description: > + Objects with `name`, `id`, and `type` properties that describe the other + saved objects that this object references. Use `name` in attributes to + refer to the other saved object, but never the `id`, which can update + automatically during migrations or import and export. + type: array + Security_AI_Assistant_API_AnonymizationFieldCreateProps: type: object properties: - assignees: - $ref: '#/components/schemas/Cases_assignees' - Cases_payload_connector: + allowed: + type: boolean + anonymized: + type: boolean + field: + type: string + required: + - field + Security_AI_Assistant_API_AnonymizationFieldDetailsInError: type: object properties: - connector: - type: object - properties: - fields: - description: >- - An object containing the connector fields. To create a case - without a connector, specify null. If you want to omit any - individual field, specify null as its value. - example: null - nullable: true - type: object - properties: - caseId: - description: The case identifier for Swimlane connectors. - type: string - category: - description: >- - The category of the incident for ServiceNow ITSM and - ServiceNow SecOps connectors. - type: string - destIp: - description: >- - Indicates whether cases will send a comma-separated list of - destination IPs for ServiceNow SecOps connectors. - nullable: true - type: boolean - impact: - description: >- - The effect an incident had on business for ServiceNow ITSM - connectors. - type: string - issueType: - description: The type of issue for Jira connectors. - type: string - issueTypes: - description: The type of incident for IBM Resilient connectors. - items: - type: string - type: array - malwareHash: - description: >- - Indicates whether cases will send a comma-separated list of - malware hashes for ServiceNow SecOps connectors. - nullable: true - type: boolean - malwareUrl: - description: >- - Indicates whether cases will send a comma-separated list of - malware URLs for ServiceNow SecOps connectors. - nullable: true - type: boolean - parent: - description: >- - The key of the parent issue, when the issue type is sub-task - for Jira connectors. - type: string - priority: - description: >- - The priority of the issue for Jira and ServiceNow SecOps - connectors. - type: string - severity: - description: The severity of the incident for ServiceNow ITSM connectors. - type: string - severityCode: - description: >- - The severity code of the incident for IBM Resilient - connectors. - type: string - sourceIp: - description: >- - Indicates whether cases will send a comma-separated list of - source IPs for ServiceNow SecOps connectors. - nullable: true - type: boolean - subcategory: - description: >- - The subcategory of the incident for ServiceNow ITSM - connectors. - type: string - urgency: - description: >- - The extent to which the incident resolution can be delayed - for ServiceNow ITSM connectors. - type: string - id: - description: >- - The identifier for the connector. To create a case without a - connector, use `none`. - example: none - type: string - name: - description: >- - The name of the connector. To create a case without a connector, - use `none`. - example: none - type: string - type: - $ref: '#/components/schemas/Cases_connector_types' - Cases_payload_create_case: + id: + type: string + name: + type: string + required: + - id + Security_AI_Assistant_API_AnonymizationFieldResponse: type: object properties: - assignees: - $ref: '#/components/schemas/Cases_assignees' - connector: + allowed: + type: boolean + anonymized: + type: boolean + createdAt: + type: string + createdBy: + type: string + field: + type: string + id: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + namespace: + description: Kibana space + type: string + timestamp: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + updatedAt: + type: string + updatedBy: + type: string + required: + - id + - field + Security_AI_Assistant_API_AnonymizationFieldsBulkActionSkipReason: + enum: + - ANONYMIZATION_FIELD_NOT_MODIFIED + type: string + Security_AI_Assistant_API_AnonymizationFieldsBulkActionSkipResult: + type: object + properties: + id: + type: string + name: + type: string + skip_reason: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldsBulkActionSkipReason + required: + - id + - skip_reason + Security_AI_Assistant_API_AnonymizationFieldsBulkCrudActionResponse: + type: object + properties: + anonymization_fields_count: + type: integer + attributes: type: object properties: - fields: - description: >- - An object containing the connector fields. To create a case - without a connector, specify null. If you want to omit any - individual field, specify null as its value. - example: null - nullable: true - type: object - properties: - caseId: - description: The case identifier for Swimlane connectors. - type: string - category: - description: >- - The category of the incident for ServiceNow ITSM and - ServiceNow SecOps connectors. - type: string - destIp: - description: >- - Indicates whether cases will send a comma-separated list of - destination IPs for ServiceNow SecOps connectors. - nullable: true - type: boolean - impact: - description: >- - The effect an incident had on business for ServiceNow ITSM - connectors. - type: string - issueType: - description: The type of issue for Jira connectors. - type: string - issueTypes: - description: The type of incident for IBM Resilient connectors. - items: - type: string - type: array - malwareHash: - description: >- - Indicates whether cases will send a comma-separated list of - malware hashes for ServiceNow SecOps connectors. - nullable: true - type: boolean - malwareUrl: - description: >- - Indicates whether cases will send a comma-separated list of - malware URLs for ServiceNow SecOps connectors. - nullable: true - type: boolean - parent: - description: >- - The key of the parent issue, when the issue type is sub-task - for Jira connectors. - type: string - priority: - description: >- - The priority of the issue for Jira and ServiceNow SecOps - connectors. - type: string - severity: - description: The severity of the incident for ServiceNow ITSM connectors. - type: string - severityCode: - description: >- - The severity code of the incident for IBM Resilient - connectors. - type: string - sourceIp: - description: >- - Indicates whether cases will send a comma-separated list of - source IPs for ServiceNow SecOps connectors. - nullable: true - type: boolean - subcategory: - description: >- - The subcategory of the incident for ServiceNow ITSM - connectors. - type: string - urgency: - description: >- - The extent to which the incident resolution can be delayed - for ServiceNow ITSM connectors. - type: string - id: - description: >- - The identifier for the connector. To create a case without a - connector, use `none`. - example: none - type: string - name: - description: >- - The name of the connector. To create a case without a connector, - use `none`. - example: none - type: string - type: - $ref: '#/components/schemas/Cases_connector_types' - description: + errors: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_NormalizedAnonymizationFieldError + type: array + results: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldsBulkCrudActionResults + summary: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_BulkCrudActionSummary + required: + - results + - summary + message: + type: string + status_code: + type: integer + success: + type: boolean + required: + - attributes + Security_AI_Assistant_API_AnonymizationFieldsBulkCrudActionResults: + type: object + properties: + created: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldResponse + type: array + deleted: + items: + type: string + type: array + skipped: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldsBulkActionSkipResult + type: array + updated: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldResponse + type: array + required: + - updated + - created + - deleted + - skipped + Security_AI_Assistant_API_AnonymizationFieldUpdateProps: + type: object + properties: + allowed: + type: boolean + anonymized: + type: boolean + id: type: string - owner: - $ref: '#/components/schemas/Cases_owners' - settings: - $ref: '#/components/schemas/Cases_settings' - severity: - $ref: '#/components/schemas/Cases_case_severity' - status: - $ref: '#/components/schemas/Cases_case_status' - tags: + required: + - id + Security_AI_Assistant_API_ApiConfig: + type: object + properties: + actionTypeId: + description: action type id + type: string + connectorId: + description: connector id + type: string + defaultSystemPromptId: + description: defaultSystemPromptId + type: string + model: + description: model + type: string + provider: + $ref: '#/components/schemas/Security_AI_Assistant_API_Provider' + description: Provider + required: + - connectorId + - actionTypeId + Security_AI_Assistant_API_BulkCrudActionSummary: + type: object + properties: + failed: + type: integer + skipped: + type: integer + succeeded: + type: integer + total: + type: integer + required: + - failed + - skipped + - succeeded + - total + Security_AI_Assistant_API_ChatCompleteProps: + type: object + properties: + connectorId: + type: string + conversationId: + type: string + isStream: + type: boolean + langSmithApiKey: + type: string + langSmithProject: + type: string + messages: + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_ChatMessage' + type: array + model: + type: string + persist: + type: boolean + promptId: + type: string + responseLanguage: + type: string + required: + - messages + - persist + - connectorId + Security_AI_Assistant_API_ChatMessage: + description: AI assistant message. + type: object + properties: + content: + description: Message content. + type: string + data: + $ref: '#/components/schemas/Security_AI_Assistant_API_MessageData' + description: ECS object to attach to the context of the message. + fields_to_anonymize: items: - example: - - tag-1 type: string type: array + role: + $ref: '#/components/schemas/Security_AI_Assistant_API_ChatMessageRole' + description: Message role. + required: + - role + Security_AI_Assistant_API_ChatMessageRole: + description: Message role. + enum: + - system + - user + - assistant + type: string + Security_AI_Assistant_API_ConversationCategory: + description: The conversation category. + enum: + - assistant + - insights + type: string + Security_AI_Assistant_API_ConversationConfidence: + description: The conversation confidence. + enum: + - low + - medium + - high + type: string + Security_AI_Assistant_API_ConversationCreateProps: + type: object + properties: + apiConfig: + $ref: '#/components/schemas/Security_AI_Assistant_API_ApiConfig' + description: LLM API configuration. + category: + $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationCategory' + description: The conversation category. + excludeFromLastConversationStorage: + description: excludeFromLastConversationStorage. + type: boolean + id: + description: The conversation id. + type: string + isDefault: + description: Is default conversation. + type: boolean + messages: + description: The conversation messages. + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_Message' + type: array + replacements: + $ref: '#/components/schemas/Security_AI_Assistant_API_Replacements' title: + description: The conversation title. type: string - Cases_payload_delete: - description: >- - If the `action` is `delete` and the `type` is `delete_case`, the payload - is nullable. - nullable: true + required: + - title + Security_AI_Assistant_API_ConversationResponse: type: object - Cases_payload_description: + properties: + apiConfig: + $ref: '#/components/schemas/Security_AI_Assistant_API_ApiConfig' + description: LLM API configuration. + category: + $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationCategory' + description: The conversation category. + createdAt: + description: The last time conversation was updated. + type: string + excludeFromLastConversationStorage: + description: excludeFromLastConversationStorage. + type: boolean + id: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + isDefault: + description: Is default conversation. + type: boolean + messages: + description: The conversation messages. + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_Message' + type: array + namespace: + description: Kibana space + type: string + replacements: + $ref: '#/components/schemas/Security_AI_Assistant_API_Replacements' + summary: + $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationSummary' + timestamp: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + title: + description: The conversation title. + type: string + updatedAt: + description: The last time conversation was updated. + type: string + users: + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_User' + type: array + required: + - id + - title + - createdAt + - users + - namespace + - category + Security_AI_Assistant_API_ConversationSummary: type: object properties: - description: + confidence: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationConfidence + description: >- + How confident you are about this being a correct and useful + learning. + content: + description: Summary text of the conversation over time. type: string - Cases_payload_pushed: + public: + description: Define if summary is marked as publicly available. + type: boolean + timestamp: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + description: The timestamp summary was updated. + Security_AI_Assistant_API_ConversationUpdateProps: type: object properties: - externalService: - $ref: '#/components/schemas/Cases_external_service' - Cases_payload_settings: + apiConfig: + $ref: '#/components/schemas/Security_AI_Assistant_API_ApiConfig' + description: LLM API configuration. + category: + $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationCategory' + description: The conversation category. + excludeFromLastConversationStorage: + description: excludeFromLastConversationStorage. + type: boolean + id: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + messages: + description: The conversation messages. + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_Message' + type: array + replacements: + $ref: '#/components/schemas/Security_AI_Assistant_API_Replacements' + summary: + $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationSummary' + title: + description: The conversation title. + type: string + required: + - id + Security_AI_Assistant_API_FindAnonymizationFieldsSortField: + enum: + - created_at + - anonymized + - allowed + - field + - updated_at + type: string + Security_AI_Assistant_API_FindConversationsSortField: + enum: + - created_at + - is_default + - title + - updated_at + type: string + Security_AI_Assistant_API_FindPromptsSortField: + enum: + - created_at + - is_default + - name + - updated_at + type: string + Security_AI_Assistant_API_Message: + description: AI assistant conversation message. type: object properties: - settings: - $ref: '#/components/schemas/Cases_settings' - Cases_payload_severity: + content: + description: Message content. + type: string + isError: + description: Is error message. + type: boolean + reader: + $ref: '#/components/schemas/Security_AI_Assistant_API_Reader' + description: Message content. + role: + $ref: '#/components/schemas/Security_AI_Assistant_API_MessageRole' + description: Message role. + timestamp: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + description: The timestamp message was sent or received. + traceData: + $ref: '#/components/schemas/Security_AI_Assistant_API_TraceData' + description: trace Data + required: + - timestamp + - content + - role + Security_AI_Assistant_API_MessageData: + additionalProperties: true + type: object + Security_AI_Assistant_API_MessageRole: + description: Message role. + enum: + - system + - user + - assistant + type: string + Security_AI_Assistant_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_AI_Assistant_API_NormalizedAnonymizationFieldError: type: object properties: - severity: - $ref: '#/components/schemas/Cases_case_severity' - Cases_payload_status: + anonymization_fields: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldDetailsInError + type: array + err_code: + type: string + message: + type: string + status_code: + type: integer + required: + - message + - status_code + - anonymization_fields + Security_AI_Assistant_API_NormalizedPromptError: type: object properties: - status: - $ref: '#/components/schemas/Cases_case_status' - Cases_payload_tags: + err_code: + type: string + message: + type: string + prompts: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptDetailsInError + type: array + status_code: + type: integer + required: + - message + - status_code + - prompts + Security_AI_Assistant_API_PromptCreateProps: type: object properties: - tags: - example: - - tag-1 + categories: items: type: string type: array - Cases_payload_title: + color: + type: string + consumer: + type: string + content: + type: string + isDefault: + type: boolean + isNewConversationDefault: + type: boolean + name: + type: string + promptType: + $ref: '#/components/schemas/Security_AI_Assistant_API_PromptType' + required: + - name + - content + - promptType + Security_AI_Assistant_API_PromptDetailsInError: type: object properties: - title: + id: type: string - Cases_payload_user_comment: + name: + type: string + required: + - id + Security_AI_Assistant_API_PromptResponse: type: object properties: - comment: - type: object - properties: - comment: - type: string - owner: - $ref: '#/components/schemas/Cases_owners' - type: - enum: - - user - type: string - Cases_rule: - description: > - The rule that is associated with the alerts. It is required only when - `type` is `alert`. This functionality is in technical preview and may be - changed or removed in a future release. Elastic will work to fix any - issues, but features in technical preview are not subject to the support - SLA of official GA features. - title: Alerting rule + categories: + items: + type: string + type: array + color: + type: string + consumer: + type: string + content: + type: string + createdAt: + type: string + createdBy: + type: string + id: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + isDefault: + type: boolean + isNewConversationDefault: + type: boolean + name: + type: string + namespace: + description: Kibana space + type: string + promptType: + $ref: '#/components/schemas/Security_AI_Assistant_API_PromptType' + timestamp: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + updatedAt: + type: string + updatedBy: + type: string + users: + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_User' + type: array + required: + - id + - name + - promptType + - content + Security_AI_Assistant_API_PromptsBulkActionSkipReason: + enum: + - PROMPT_FIELD_NOT_MODIFIED + type: string + Security_AI_Assistant_API_PromptsBulkActionSkipResult: type: object properties: id: - description: The rule identifier. - example: 94d80550-aaf4-11ec-985f-97e55adae8b9 type: string name: - description: The rule name. - example: security_rule type: string - x-technical-preview: true - Cases_searchFieldsType: - description: The fields to perform the `simple_query_string` parsed query against. - enum: - - description - - title - type: string - Cases_set_case_configuration_request: - description: >- - External connection details, such as the closure type and default - connector for cases. + skip_reason: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptsBulkActionSkipReason + required: + - id + - skip_reason + Security_AI_Assistant_API_PromptsBulkCrudActionResponse: + type: object properties: - closure_type: - $ref: '#/components/schemas/Cases_closure_types' - connector: - description: An object that contains the connector configuration. + attributes: type: object properties: - fields: - description: >- - The fields specified in the case configuration are not used and - are not propagated to individual cases, therefore it is - recommended to set it to `null`. - nullable: true - type: object - id: - description: >- - The identifier for the connector. If you do not want a default - connector, use `none`. To retrieve connector IDs, use the find - connectors API. - example: none - type: string - name: - description: >- - The name of the connector. If you do not want a default - connector, use `none`. To retrieve connector names, use the find - connectors API. - example: none - type: string - type: - $ref: '#/components/schemas/Cases_connector_types' + errors: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_NormalizedPromptError + type: array + results: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptsBulkCrudActionResults + summary: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_BulkCrudActionSummary required: - - fields - - id - - name - - type - customFields: - description: Custom fields case configuration. + - results + - summary + message: + type: string + prompts_count: + type: integer + status_code: + type: integer + success: + type: boolean + required: + - attributes + Security_AI_Assistant_API_PromptsBulkCrudActionResults: + type: object + properties: + created: items: - type: object - properties: - defaultValue: - description: > - A default value for the custom field. If the `type` is `text`, - the default value must be a string. If the `type` is `toggle`, - the default value must be boolean. - oneOf: - - type: string - - type: boolean - key: - description: > - A unique key for the custom field. Must be lower case and - composed only of a-z, 0-9, '_', and '-' characters. It is used - in API calls to refer to a specific custom field. - maxLength: 36 - minLength: 1 - type: string - label: - description: The custom field label that is displayed in the case. - maxLength: 50 - minLength: 1 - type: string - type: - description: The type of the custom field. - enum: - - text - - toggle - type: string - required: - description: > - Indicates whether the field is required. If `false`, the - custom field can be set to null or omitted when a case is - created or updated. - type: boolean - required: - - key - - label - - required - - type - maxItems: 10 - minItems: 0 + $ref: '#/components/schemas/Security_AI_Assistant_API_PromptResponse' + type: array + deleted: + items: + type: string + type: array + skipped: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptsBulkActionSkipResult + type: array + updated: + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_PromptResponse' type: array - owner: - $ref: '#/components/schemas/Cases_owners' - templates: - $ref: '#/components/schemas/Cases_templates' required: - - closure_type - - connector - - owner - title: Set case configuration request - type: object - Cases_settings: - description: An object that contains the case settings. + - updated + - created + - deleted + - skipped + Security_AI_Assistant_API_PromptType: + description: Prompt type + enum: + - system + - quick + type: string + Security_AI_Assistant_API_PromptUpdateProps: type: object properties: - syncAlerts: - description: Turns alert syncing on or off. - example: true + categories: + items: + type: string + type: array + color: + type: string + consumer: + type: string + content: + type: string + id: + type: string + isDefault: + type: boolean + isNewConversationDefault: type: boolean required: - - syncAlerts - Cases_template_tags: - description: > - The words and phrases that help categorize templates. It can be an empty - array. - items: - maxLength: 256 + - id + Security_AI_Assistant_API_Provider: + description: Provider + enum: + - OpenAI + - Azure OpenAI + type: string + Security_AI_Assistant_API_Reader: + additionalProperties: true + type: object + Security_AI_Assistant_API_Replacements: + additionalProperties: type: string - maxItems: 200 - type: array - Cases_templates: - items: - type: object - properties: - caseFields: - type: object - properties: - assignees: - $ref: '#/components/schemas/Cases_assignees' - category: - $ref: '#/components/schemas/Cases_case_category' - connector: - type: object - properties: - fields: - description: >- - The fields specified in the case configuration are not - used and are not propagated to individual cases, therefore - it is recommended to set it to `null`. - nullable: true - type: object - id: - description: >- - The identifier for the connector. If you do not want a - default connector, use `none`. To retrieve connector IDs, - use the find connectors API. - example: none - type: string - name: - description: >- - The name of the connector. If you do not want a default - connector, use `none`. To retrieve connector names, use - the find connectors API. - example: none - type: string - type: - $ref: '#/components/schemas/Cases_connector_types' - customFields: - description: Custom field values in the template. - items: - type: object - properties: - key: - description: The unique key for the custom field. - type: string - type: - description: The type of the custom field. - enum: - - text - - toggle - type: string - value: - description: > - The default value for the custom field when a case uses - the template. If the `type` is `text`, the default value - must be a string. If the `type` is `toggle`, the default - value must be boolean. - oneOf: - - type: string - - type: boolean - type: array - x-technical-preview: true - description: - $ref: '#/components/schemas/Cases_case_description' - settings: - $ref: '#/components/schemas/Cases_settings' - severity: - $ref: '#/components/schemas/Cases_case_severity' - tags: - $ref: '#/components/schemas/Cases_case_tags' - title: - $ref: '#/components/schemas/Cases_case_title' - description: - description: A description for the template. - type: string - key: - description: > - A unique key for the template. Must be lower case and composed - only of a-z, 0-9, '_', and '-' characters. It is used in API calls - to refer to a specific template. - type: string - name: - description: The name of the template. - type: string - tags: - $ref: '#/components/schemas/Cases_template_tags' - type: array - x-technical-preview: true - Cases_update_alert_comment_request_properties: - description: Defines properties for case comment requests when type is alert. + description: Replacements object used to anonymize/deanomymize messsages + type: object + Security_AI_Assistant_API_SortOrder: + enum: + - asc + - desc + type: string + Security_AI_Assistant_API_TraceData: + description: trace Data + type: object + properties: + traceId: + description: Could be any string, not necessarily a UUID + type: string + transactionId: + description: Could be any string, not necessarily a UUID + type: string + Security_AI_Assistant_API_User: + description: Could be any string, not necessarily a UUID type: object properties: - alertId: - $ref: '#/components/schemas/Cases_alert_identifiers' id: - description: > - The identifier for the comment. To retrieve comment IDs, use the get - comments API. - example: 8af6ac20-74f6-11ea-b83a-553aecdb28b6 + description: User id + type: string + name: + description: User name + type: string + Security_Detections_API_AlertAssignees: + type: object + properties: + add: + description: A list of users ids to assign. + items: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + type: array + remove: + description: A list of users ids to unassign. + items: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + type: array + required: + - add + - remove + Security_Detections_API_AlertIds: + description: A list of alerts ids. + items: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + minItems: 1 + type: array + Security_Detections_API_AlertsIndex: + deprecated: true + description: (deprecated) Has no effect. + type: string + Security_Detections_API_AlertsIndexMigrationError: + type: object + properties: + error: + type: object + properties: + message: + type: string + status_code: + type: string + required: + - message + - status_code + index: type: string + required: + - index + - error + Security_Detections_API_AlertsIndexMigrationSuccess: + type: object + properties: index: - $ref: '#/components/schemas/Cases_alert_indices' - owner: - $ref: '#/components/schemas/Cases_owners' - rule: - $ref: '#/components/schemas/Cases_rule' - type: - description: The type of comment. - enum: - - alert - example: alert type: string - version: - description: > - The current comment version. To retrieve version values, use the get - comments API. - example: Wzk1LDFd + migration_id: + type: string + migration_index: type: string required: - - alertId - - id - index - - owner - - rule - - type + - migration_id + - migration_index + Security_Detections_API_AlertsIndexNamespace: + description: Has no effect. + type: string + Security_Detections_API_AlertsReindexOptions: + type: object + properties: + requests_per_second: + minimum: 1 + type: integer + size: + minimum: 1 + type: integer + slices: + minimum: 1 + type: integer + Security_Detections_API_AlertsSort: + oneOf: + - $ref: '#/components/schemas/Security_Detections_API_AlertsSortCombinations' + - items: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsSortCombinations + type: array + Security_Detections_API_AlertsSortCombinations: + anyOf: + - type: string + - additionalProperties: true + type: object + Security_Detections_API_AlertStatus: + enum: + - open + - closed + - acknowledged + - in-progress + type: string + Security_Detections_API_AlertSuppression: + type: object + properties: + duration: + $ref: >- + #/components/schemas/Security_Detections_API_AlertSuppressionDuration + group_by: + $ref: '#/components/schemas/Security_Detections_API_AlertSuppressionGroupBy' + missing_fields_strategy: + $ref: >- + #/components/schemas/Security_Detections_API_AlertSuppressionMissingFieldsStrategy + required: + - group_by + Security_Detections_API_AlertSuppressionDuration: + type: object + properties: + unit: + enum: + - s + - m + - h + type: string + value: + minimum: 1 + type: integer + required: + - value + - unit + Security_Detections_API_AlertSuppressionGroupBy: + items: + type: string + maxItems: 3 + minItems: 1 + type: array + Security_Detections_API_AlertSuppressionMissingFieldsStrategy: + description: >- + Describes how alerts will be generated for documents with missing + suppress by fields: + + doNotSuppress - per each document a separate alert will be created + + suppress - only alert will be created per suppress by bucket + enum: + - doNotSuppress + - suppress + type: string + Security_Detections_API_AlertTag: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + Security_Detections_API_AlertTags: + items: + $ref: '#/components/schemas/Security_Detections_API_AlertTag' + type: array + Security_Detections_API_AlertVersion: + type: object + properties: + count: + type: integer + version: + type: integer + required: - version - title: Update case comment request properties for alerts - Cases_update_case_comment_request: + - count + Security_Detections_API_AnomalyThreshold: + description: Anomaly threshold + minimum: 0 + type: integer + Security_Detections_API_BuildingBlockType: description: >- - The update case comment API request body varies depending on whether you - are updating an alert or a comment. - discriminator: - mapping: - alert: '#/components/schemas/Cases_update_alert_comment_request_properties' - user: '#/components/schemas/Cases_update_user_comment_request_properties' - propertyName: type - oneOf: - - $ref: '#/components/schemas/Cases_update_alert_comment_request_properties' - - $ref: '#/components/schemas/Cases_update_user_comment_request_properties' - title: Update case comment request - Cases_update_case_configuration_request: - description: > - You can update settings such as the closure type, custom fields, - templates, and the default connector for cases. + Determines if the rule acts as a building block. By default, + building-block alerts are not displayed in the UI. These rules are used + as a foundation for other rules that do generate alerts. Its value must + be default. + type: string + Security_Detections_API_BulkActionEditPayload: + anyOf: + - $ref: >- + #/components/schemas/Security_Detections_API_BulkActionEditPayloadTags + - $ref: >- + #/components/schemas/Security_Detections_API_BulkActionEditPayloadIndexPatterns + - $ref: >- + #/components/schemas/Security_Detections_API_BulkActionEditPayloadInvestigationFields + - $ref: >- + #/components/schemas/Security_Detections_API_BulkActionEditPayloadTimeline + - $ref: >- + #/components/schemas/Security_Detections_API_BulkActionEditPayloadRuleActions + - $ref: >- + #/components/schemas/Security_Detections_API_BulkActionEditPayloadSchedule + Security_Detections_API_BulkActionEditPayloadIndexPatterns: + type: object properties: - closure_type: - $ref: '#/components/schemas/Cases_closure_types' - connector: - description: An object that contains the connector configuration. + overwrite_data_views: + type: boolean + type: + enum: + - add_index_patterns + - delete_index_patterns + - set_index_patterns + type: string + value: + $ref: '#/components/schemas/Security_Detections_API_IndexPatternArray' + required: + - type + - value + Security_Detections_API_BulkActionEditPayloadInvestigationFields: + type: object + properties: + type: + enum: + - add_investigation_fields + - delete_investigation_fields + - set_investigation_fields + type: string + value: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + required: + - type + - value + Security_Detections_API_BulkActionEditPayloadRuleActions: + type: object + properties: + type: + enum: + - add_rule_actions + - set_rule_actions + type: string + value: type: object properties: - fields: - description: >- - The fields specified in the case configuration are not used and - are not propagated to individual cases, therefore it is - recommended to set it to `null`. - nullable: true - type: object - id: + actions: + items: + $ref: >- + #/components/schemas/Security_Detections_API_NormalizedRuleAction + type: array + throttle: + $ref: >- + #/components/schemas/Security_Detections_API_ThrottleForBulkActions + required: + - actions + required: + - type + - value + Security_Detections_API_BulkActionEditPayloadSchedule: + type: object + properties: + type: + enum: + - set_schedule + type: string + value: + type: object + properties: + interval: description: >- - The identifier for the connector. If you do not want a default - connector, use `none`. To retrieve connector IDs, use the find - connectors API. - example: none + Interval in which the rule runs. For example, `"1h"` means the + rule runs every hour. + example: 1h + pattern: ^[1-9]\d*[smh]$ type: string - name: - description: >- - The name of the connector. If you do not want a default - connector, use `none`. To retrieve connector names, use the find - connectors API. - example: none + lookback: + description: Lookback time for the rule + example: 1h + pattern: ^[1-9]\d*[smh]$ type: string - type: - $ref: '#/components/schemas/Cases_connector_types' required: - - fields - - id - - name - - type - customFields: - description: Custom fields case configuration. - items: - type: object - properties: - defaultValue: - description: > - A default value for the custom field. If the `type` is `text`, - the default value must be a string. If the `type` is `toggle`, - the default value must be boolean. - oneOf: - - type: string - - type: boolean - key: - description: > - A unique key for the custom field. Must be lower case and - composed only of a-z, 0-9, '_', and '-' characters. It is used - in API calls to refer to a specific custom field. - maxLength: 36 - minLength: 1 - type: string - label: - description: The custom field label that is displayed in the case. - maxLength: 50 - minLength: 1 - type: string - type: - description: The type of the custom field. - enum: - - text - - toggle - type: string - required: - description: > - Indicates whether the field is required. If `false`, the - custom field can be set to null or omitted when a case is - created or updated. - type: boolean - required: - - key - - label - - required - - type - type: array - templates: - $ref: '#/components/schemas/Cases_templates' - version: - description: > - The version of the connector. To retrieve the version value, use the - get configuration API. - example: WzIwMiwxXQ== + - interval + - lookback + required: + - type + - value + Security_Detections_API_BulkActionEditPayloadTags: + type: object + properties: + type: + enum: + - add_tags + - delete_tags + - set_tags type: string + value: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' required: - - version - title: Update case configuration request + - type + - value + Security_Detections_API_BulkActionEditPayloadTimeline: type: object - Cases_update_case_request: - description: >- - The update case API request body varies depending on the type of - connector. properties: - cases: - description: An array containing one or more case objects. - items: - type: object - properties: - assignees: - $ref: '#/components/schemas/Cases_assignees' - category: - $ref: '#/components/schemas/Cases_case_category' - connector: - oneOf: - - $ref: '#/components/schemas/Cases_connector_properties_none' - - $ref: >- - #/components/schemas/Cases_connector_properties_cases_webhook - - $ref: '#/components/schemas/Cases_connector_properties_jira' - - $ref: '#/components/schemas/Cases_connector_properties_resilient' - - $ref: '#/components/schemas/Cases_connector_properties_servicenow' - - $ref: >- - #/components/schemas/Cases_connector_properties_servicenow_sir - - $ref: '#/components/schemas/Cases_connector_properties_swimlane' - customFields: - description: > - Custom field values for a case. Any optional custom fields - that are not specified in the request are set to null. - items: - type: object - properties: - key: - description: > - The unique identifier for the custom field. The key - value must exist in the case configuration settings. - type: string - type: - description: > - The custom field type. It must match the type specified - in the case configuration settings. - enum: - - text - - toggle - type: string - value: - description: > - The custom field value. If the custom field is required, - it cannot be explicitly set to null. However, for cases - that existed when the required custom field was added, - the default value stored in Elasticsearch is - `undefined`. The value returned in the API and user - interface in this case is `null`. - oneOf: - - maxLength: 160 - minLength: 1 - nullable: true - type: string - - type: boolean - required: - - key - - type - - value - maxItems: 10 - minItems: 0 - type: array - description: - $ref: '#/components/schemas/Cases_case_description' - id: - description: The identifier for the case. - maxLength: 30000 - type: string - settings: - $ref: '#/components/schemas/Cases_settings' - severity: - $ref: '#/components/schemas/Cases_case_severity' - status: - $ref: '#/components/schemas/Cases_case_status' - tags: - $ref: '#/components/schemas/Cases_case_tags' - title: - $ref: '#/components/schemas/Cases_case_title' - version: - description: >- - The current version of the case. To determine this value, use - the get case or find cases APIs. - type: string - required: - - id - - version - maxItems: 100 - minItems: 1 - type: array + type: + enum: + - set_timeline + type: string + value: + type: object + properties: + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + required: + - timeline_id + - timeline_title required: - - cases - title: Update case request + - type + - value + Security_Detections_API_BulkActionsDryRunErrCode: + enum: + - IMMUTABLE + - MACHINE_LEARNING_AUTH + - MACHINE_LEARNING_INDEX_PATTERN + - ESQL_INDEX_PATTERN + - MANUAL_RULE_RUN_FEATURE + - MANUAL_RULE_RUN_DISABLED_RULE + type: string + Security_Detections_API_BulkActionSkipResult: type: object - Cases_update_user_comment_request_properties: - description: Defines properties for case comment requests when type is user. properties: - comment: - description: The new comment. It is required only when `type` is `user`. - example: A new comment. - maxLength: 30000 - type: string id: - description: > - The identifier for the comment. To retrieve comment IDs, use the get - comments API. - example: 8af6ac20-74f6-11ea-b83a-553aecdb28b6 type: string - owner: - $ref: '#/components/schemas/Cases_owners' - type: - description: The type of comment. + name: + type: string + skip_reason: + $ref: '#/components/schemas/Security_Detections_API_BulkEditSkipReason' + required: + - id + - skip_reason + Security_Detections_API_BulkCrudRulesResponse: + items: + oneOf: + - $ref: '#/components/schemas/Security_Detections_API_RuleResponse' + - $ref: '#/components/schemas/Security_Detections_API_ErrorSchema' + type: array + Security_Detections_API_BulkDeleteRules: + type: object + properties: + action: enum: - - user - example: user + - delete type: string - version: - description: > - The current comment version. To retrieve version values, use the get - comments API. - example: Wzk1LDFd + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules type: string required: - - comment - - id - - owner - - type - - version - title: Update case comment request properties for user comments + - action + Security_Detections_API_BulkDisableRules: type: object - Cases_user_actions_find_response_properties: + properties: + action: + enum: + - disable + type: string + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + required: + - action + Security_Detections_API_BulkDuplicateRules: type: object properties: action: - $ref: '#/components/schemas/Cases_actions' - comment_id: - example: 578608d0-03b1-11ed-920c-974bfa104448 - nullable: true + enum: + - duplicate type: string - created_at: - example: '2022-05-13T09:16:17.416Z' - format: date-time + duplicate: + type: object + properties: + include_exceptions: + description: Whether to copy exceptions from the original rule + type: boolean + include_expired_exceptions: + description: Whether to copy expired exceptions from the original rule + type: boolean + required: + - include_exceptions + - include_expired_exceptions + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules type: string - created_by: + required: + - action + Security_Detections_API_BulkEditActionResponse: + type: object + properties: + attributes: type: object properties: - email: - example: null - nullable: true - type: string - full_name: - example: null - nullable: true - type: string - profile_uid: - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - type: string - username: - example: elastic - nullable: true - type: string + errors: + items: + $ref: >- + #/components/schemas/Security_Detections_API_NormalizedRuleError + type: array + results: + $ref: >- + #/components/schemas/Security_Detections_API_BulkEditActionResults + summary: + $ref: >- + #/components/schemas/Security_Detections_API_BulkEditActionSummary required: - - email - - full_name - - username - id: - example: 22fd3e30-03b1-11ed-920c-974bfa104448 + - results + - summary + message: type: string - owner: - $ref: '#/components/schemas/Cases_owners' - payload: - oneOf: - - $ref: '#/components/schemas/Cases_payload_alert_comment' - - $ref: '#/components/schemas/Cases_payload_assignees' - - $ref: '#/components/schemas/Cases_payload_connector' - - $ref: '#/components/schemas/Cases_payload_create_case' - - $ref: '#/components/schemas/Cases_payload_delete' - - $ref: '#/components/schemas/Cases_payload_description' - - $ref: '#/components/schemas/Cases_payload_pushed' - - $ref: '#/components/schemas/Cases_payload_settings' - - $ref: '#/components/schemas/Cases_payload_severity' - - $ref: '#/components/schemas/Cases_payload_status' - - $ref: '#/components/schemas/Cases_payload_tags' - - $ref: '#/components/schemas/Cases_payload_title' - - $ref: '#/components/schemas/Cases_payload_user_comment' - type: - description: The type of action. + rules_count: + type: integer + status_code: + type: integer + success: + type: boolean + required: + - attributes + Security_Detections_API_BulkEditActionResults: + type: object + properties: + created: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleResponse' + type: array + deleted: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleResponse' + type: array + skipped: + items: + $ref: '#/components/schemas/Security_Detections_API_BulkActionSkipResult' + type: array + updated: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleResponse' + type: array + required: + - updated + - created + - deleted + - skipped + Security_Detections_API_BulkEditActionSummary: + type: object + properties: + failed: + type: integer + skipped: + type: integer + succeeded: + type: integer + total: + type: integer + required: + - failed + - skipped + - succeeded + - total + Security_Detections_API_BulkEditRules: + type: object + properties: + action: enum: - - assignees - - create_case - - comment - - connector - - description - - pushed - - tags - - title - - status - - settings - - severity - example: create_case + - edit type: string - version: - example: WzM1ODg4LDFd + edit: + description: Array of objects containing the edit operations + items: + $ref: '#/components/schemas/Security_Detections_API_BulkActionEditPayload' + minItems: 1 + type: array + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules type: string required: - action - - comment_id - - created_at - - created_by - - id - - owner - - payload - - type - - version - Cases_user_actions_response_properties: + - edit + Security_Detections_API_BulkEditSkipReason: + enum: + - RULE_NOT_MODIFIED + type: string + Security_Detections_API_BulkEnableRules: type: object properties: action: - $ref: '#/components/schemas/Cases_actions' - action_id: - example: 22fd3e30-03b1-11ed-920c-974bfa104448 + enum: + - enable type: string - case_id: - example: 22df07d0-03b1-11ed-920c-974bfa104448 + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules type: string - comment_id: - example: 578608d0-03b1-11ed-920c-974bfa104448 - nullable: true + required: + - action + Security_Detections_API_BulkExportActionResponse: + type: string + Security_Detections_API_BulkExportRules: + type: object + properties: + action: + enum: + - export type: string - created_at: - example: '2022-05-13T09:16:17.416Z' - format: date-time + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules type: string - created_by: + required: + - action + Security_Detections_API_BulkManualRuleRun: + type: object + properties: + action: + enum: + - run + type: string + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + run: type: object properties: - email: - example: null - nullable: true - type: string - full_name: - example: null - nullable: true + end_date: + description: End date of the manual rule run type: string - profile_uid: - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - type: string - username: - example: elastic - nullable: true + start_date: + description: Start date of the manual rule run type: string required: - - email - - full_name - - username - owner: - $ref: '#/components/schemas/Cases_owners' - payload: - oneOf: - - $ref: '#/components/schemas/Cases_payload_alert_comment' - - $ref: '#/components/schemas/Cases_payload_assignees' - - $ref: '#/components/schemas/Cases_payload_connector' - - $ref: '#/components/schemas/Cases_payload_create_case' - - $ref: '#/components/schemas/Cases_payload_delete' - - $ref: '#/components/schemas/Cases_payload_description' - - $ref: '#/components/schemas/Cases_payload_pushed' - - $ref: '#/components/schemas/Cases_payload_settings' - - $ref: '#/components/schemas/Cases_payload_severity' - - $ref: '#/components/schemas/Cases_payload_status' - - $ref: '#/components/schemas/Cases_payload_tags' - - $ref: '#/components/schemas/Cases_payload_title' - - $ref: '#/components/schemas/Cases_payload_user_comment' - type: - $ref: '#/components/schemas/Cases_action_types' + - start_date required: - action - - action_id - - case_id - - comment_id - - created_at - - created_by - - owner - - payload - - type - Cases_user_comment_response_properties: - title: Case response properties for user comments + - run + Security_Detections_API_ConcurrentSearches: + minimum: 1 + type: integer + Security_Detections_API_DataViewId: + type: string + Security_Detections_API_DefaultParams: type: object properties: - comment: - example: A new comment. - type: string - created_at: - example: '2022-05-13T09:16:17.416Z' - format: date-time + command: + enum: + - isolate type: string - created_by: - $ref: '#/components/schemas/Cases_case_response_created_by_properties' - id: - example: 8af6ac20-74f6-11ea-b83a-553aecdb28b6 + comment: type: string - owner: - $ref: '#/components/schemas/Cases_owners' - pushed_at: - example: null - format: date-time - nullable: true + required: + - command + Security_Detections_API_EcsMapping: + additionalProperties: + type: object + properties: + field: + type: string + value: + oneOf: + - type: string + - items: + type: string + type: array + type: object + Security_Detections_API_EndpointResponseAction: + type: object + properties: + action_type_id: + enum: + - .endpoint type: string - pushed_by: - $ref: '#/components/schemas/Cases_case_response_pushed_by_properties' + params: + oneOf: + - $ref: '#/components/schemas/Security_Detections_API_DefaultParams' + - $ref: '#/components/schemas/Security_Detections_API_ProcessesParams' + required: + - action_type_id + - params + Security_Detections_API_EqlOptionalFields: + type: object + properties: + alert_suppression: + $ref: '#/components/schemas/Security_Detections_API_AlertSuppression' + data_view_id: + $ref: '#/components/schemas/Security_Detections_API_DataViewId' + event_category_override: + $ref: '#/components/schemas/Security_Detections_API_EventCategoryOverride' + filters: + $ref: '#/components/schemas/Security_Detections_API_RuleFilterArray' + index: + $ref: '#/components/schemas/Security_Detections_API_IndexPatternArray' + response_actions: + items: + $ref: '#/components/schemas/Security_Detections_API_ResponseAction' + type: array + tiebreaker_field: + $ref: '#/components/schemas/Security_Detections_API_TiebreakerField' + timestamp_field: + $ref: '#/components/schemas/Security_Detections_API_TimestampField' + Security_Detections_API_EqlQueryLanguage: + enum: + - eql + type: string + Security_Detections_API_EqlRequiredFields: + type: object + properties: + language: + $ref: '#/components/schemas/Security_Detections_API_EqlQueryLanguage' + description: Query language to use + query: + $ref: '#/components/schemas/Security_Detections_API_RuleQuery' + description: EQL query to execute type: + description: Rule type enum: - - user - example: user - type: string - updated_at: - example: null - format: date-time - nullable: true - type: string - updated_by: - $ref: '#/components/schemas/Cases_case_response_updated_by_properties' - version: - example: WzIwNDMxLDFd + - eql type: string required: - type - Data_views_400_response: - title: Bad request + - query + - language + Security_Detections_API_EqlRule: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Detections_API_ResponseFields' + - $ref: '#/components/schemas/Security_Detections_API_EqlRuleResponseFields' + Security_Detections_API_EqlRuleCreateFields: + allOf: + - $ref: '#/components/schemas/Security_Detections_API_EqlRequiredFields' + - $ref: '#/components/schemas/Security_Detections_API_EqlOptionalFields' + Security_Detections_API_EqlRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + required: + - name + - description + - risk_score + - severity + - $ref: '#/components/schemas/Security_Detections_API_EqlRuleCreateFields' + Security_Detections_API_EqlRulePatchFields: + allOf: + - type: object + properties: + language: + $ref: '#/components/schemas/Security_Detections_API_EqlQueryLanguage' + description: Query language to use + query: + $ref: '#/components/schemas/Security_Detections_API_RuleQuery' + description: EQL query to execute + type: + description: Rule type + enum: + - eql + type: string + - $ref: '#/components/schemas/Security_Detections_API_EqlOptionalFields' + Security_Detections_API_EqlRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + id: + $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + - $ref: '#/components/schemas/Security_Detections_API_EqlRulePatchFields' + Security_Detections_API_EqlRuleResponseFields: + allOf: + - $ref: '#/components/schemas/Security_Detections_API_EqlRequiredFields' + - $ref: '#/components/schemas/Security_Detections_API_EqlOptionalFields' + Security_Detections_API_EqlRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + id: + $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + required: + - name + - description + - risk_score + - severity + - $ref: '#/components/schemas/Security_Detections_API_EqlRuleCreateFields' + Security_Detections_API_ErrorSchema: + additionalProperties: false type: object properties: error: - example: Bad Request + type: object + properties: + message: + type: string + status_code: + minimum: 400 + type: integer + required: + - status_code + - message + id: type: string - message: + item_id: + minLength: 1 type: string - statusCode: - example: 400 - type: number + list_id: + minLength: 1 + type: string + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' required: - - statusCode - error - - message - Data_views_404_response: - type: object - properties: - error: - enum: - - Not Found - example: Not Found - type: string - message: - example: >- - Saved object [index-pattern/caaad6d0-920c-11ed-b36a-874bd1548a00] - not found - type: string - statusCode: - enum: - - 404 - example: 404 - type: integer - Data_views_allownoindex: - description: Allows the data view saved object to exist before the data is available. - type: boolean - Data_views_create_data_view_request_object: - title: Create data view request + Security_Detections_API_EsqlQueryLanguage: + enum: + - esql + type: string + Security_Detections_API_EsqlRule: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Detections_API_ResponseFields' + - $ref: '#/components/schemas/Security_Detections_API_EsqlRuleResponseFields' + Security_Detections_API_EsqlRuleCreateFields: + allOf: + - $ref: '#/components/schemas/Security_Detections_API_EsqlRuleOptionalFields' + - $ref: '#/components/schemas/Security_Detections_API_EsqlRuleRequiredFields' + Security_Detections_API_EsqlRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + required: + - name + - description + - risk_score + - severity + - $ref: '#/components/schemas/Security_Detections_API_EsqlRuleCreateFields' + Security_Detections_API_EsqlRuleOptionalFields: type: object properties: - data_view: - description: The data view object. - type: object + alert_suppression: + $ref: '#/components/schemas/Security_Detections_API_AlertSuppression' + response_actions: + items: + $ref: '#/components/schemas/Security_Detections_API_ResponseAction' + type: array + Security_Detections_API_EsqlRulePatchProps: + allOf: + - type: object properties: - allowNoIndex: - $ref: '#/components/schemas/Data_views_allownoindex' - fieldAttrs: - additionalProperties: - $ref: '#/components/schemas/Data_views_fieldattrs' - type: object - fieldFormats: - $ref: '#/components/schemas/Data_views_fieldformats' - fields: - type: object + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' id: - type: string + $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + language: + $ref: '#/components/schemas/Security_Detections_API_EsqlQueryLanguage' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' name: - description: The data view name. - type: string - namespaces: - $ref: '#/components/schemas/Data_views_namespaces' - runtimeFieldMap: - additionalProperties: - $ref: '#/components/schemas/Data_views_runtimefieldmap' - type: object - sourceFilters: - $ref: '#/components/schemas/Data_views_sourcefilters' - timeFieldName: - $ref: '#/components/schemas/Data_views_timefieldname' - title: - $ref: '#/components/schemas/Data_views_title' + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + query: + $ref: '#/components/schemas/Security_Detections_API_RuleQuery' + description: ESQL query to execute + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' type: - $ref: '#/components/schemas/Data_views_type' - typeMeta: - $ref: '#/components/schemas/Data_views_typemeta' - version: + description: Rule type + enum: + - esql type: string - required: - - title - override: - default: false - description: >- - Override an existing data view if a data view with the provided - title already exists. - type: boolean - required: - - data_view - Data_views_data_view_response_object: - title: Data view response properties + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + - $ref: '#/components/schemas/Security_Detections_API_EsqlRuleOptionalFields' + Security_Detections_API_EsqlRuleRequiredFields: type: object properties: - data_view: - type: object + language: + $ref: '#/components/schemas/Security_Detections_API_EsqlQueryLanguage' + query: + $ref: '#/components/schemas/Security_Detections_API_RuleQuery' + description: ESQL query to execute + type: + description: Rule type + enum: + - esql + type: string + required: + - type + - language + - query + Security_Detections_API_EsqlRuleResponseFields: + allOf: + - $ref: '#/components/schemas/Security_Detections_API_EsqlRuleOptionalFields' + - $ref: '#/components/schemas/Security_Detections_API_EsqlRuleRequiredFields' + Security_Detections_API_EsqlRuleUpdateProps: + allOf: + - type: object properties: - allowNoIndex: - $ref: '#/components/schemas/Data_views_allownoindex' - fieldAttrs: - additionalProperties: - $ref: '#/components/schemas/Data_views_fieldattrs' - type: object - fieldFormats: - $ref: '#/components/schemas/Data_views_fieldformats' - fields: - type: object + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' id: - example: ff959d40-b880-11e8-a6d9-e546fe2bba5f - type: string + $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' name: - description: The data view name. - type: string - namespaces: - $ref: '#/components/schemas/Data_views_namespaces' - runtimeFieldMap: - additionalProperties: - $ref: '#/components/schemas/Data_views_runtimefieldmap' - type: object - sourceFilters: - $ref: '#/components/schemas/Data_views_sourcefilters' - timeFieldName: - $ref: '#/components/schemas/Data_views_timefieldname' - title: - $ref: '#/components/schemas/Data_views_title' - typeMeta: - $ref: '#/components/schemas/Data_views_typemeta_response' + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' version: - example: WzQ2LDJd - type: string - Data_views_fieldattrs: - description: A map of field attributes by field name. + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + required: + - name + - description + - risk_score + - severity + - $ref: '#/components/schemas/Security_Detections_API_EsqlRuleCreateFields' + Security_Detections_API_EventCategoryOverride: + type: string + Security_Detections_API_ExceptionListType: + description: The exception type + enum: + - detection + - rule_default + - endpoint + - endpoint_trusted_apps + - endpoint_events + - endpoint_host_isolation_exceptions + - endpoint_blocklists + type: string + Security_Detections_API_ExternalRuleSource: + description: >- + Type of rule source for externally sourced rules, i.e. rules that have + an external source, such as the Elastic Prebuilt rules repo. + type: object + properties: + is_customized: + $ref: >- + #/components/schemas/Security_Detections_API_IsExternalRuleCustomized + type: + enum: + - external + type: string + required: + - type + - is_customized + Security_Detections_API_FindRulesSortField: + enum: + - created_at + - createdAt + - enabled + - execution_summary.last_execution.date + - execution_summary.last_execution.metrics.execution_gap_duration_s + - execution_summary.last_execution.metrics.total_indexing_duration_ms + - execution_summary.last_execution.metrics.total_search_duration_ms + - execution_summary.last_execution.status + - name + - risk_score + - riskScore + - severity + - updated_at + - updatedAt + type: string + Security_Detections_API_HistoryWindowStart: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + Security_Detections_API_IndexMigrationStatus: type: object properties: - count: - description: Popularity count for the field. + index: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + is_outdated: + type: boolean + migrations: + items: + $ref: '#/components/schemas/Security_Detections_API_MigrationStatus' + type: array + signal_versions: + items: + $ref: '#/components/schemas/Security_Detections_API_AlertVersion' + type: array + version: type: integer - customDescription: - description: Custom description for the field. - maxLength: 300 - type: string - customLabel: - description: Custom label for the field. - type: string - Data_views_fieldformats: - description: A map of field formats by field name. - type: object - Data_views_namespaces: - description: >- - An array of space identifiers for sharing the data view between multiple - spaces. + required: + - index + - version + - signal_versions + - migrations + - is_outdated + Security_Detections_API_IndexPatternArray: items: - default: default type: string type: array - Data_views_runtimefieldmap: - description: A map of runtime field definitions by field name. + Security_Detections_API_InternalRuleSource: + description: >- + Type of rule source for internally sourced rules, i.e. created within + the Kibana apps. type: object properties: - script: - type: object - properties: - source: - description: Script for the runtime field. - type: string type: - description: Mapping type of the runtime field. + enum: + - internal type: string required: - - script - type - Data_views_sourcefilters: - description: The array of field names you want to filter out in Discover. - items: - type: object - properties: - value: - type: string - required: - - value - type: array - Data_views_swap_data_view_request_object: - title: Data view reference swap request + Security_Detections_API_InvestigationFields: + description: > + Schema for fields relating to investigation fields. These are user + defined fields we use to highlight + + in various features in the UI such as alert details flyout and + exceptions auto-population from alert. + + Added in PR #163235 + + Right now we only have a single field but anticipate adding more related + fields to store various + + configuration states such as `override` - where a user might say if they + want only these fields to + + display, or if they want these fields + the fields we select. When + expanding this field, it may look + + something like: + + ```typescript + + const investigationFields = z.object({ + field_names: NonEmptyArray(NonEmptyString), + override: z.boolean().optional(), + }); + + ``` type: object properties: - delete: - description: Deletes referenced saved object if all references are removed. - type: boolean - forId: - description: Limit the affected saved objects to one or more by identifier. - oneOf: - - type: string - - items: - type: string - type: array - forType: - description: Limit the affected saved objects by type. - type: string - fromId: - description: The saved object reference to change. - type: string - fromType: - description: > - Specify the type of the saved object reference to alter. The default - value is `index-pattern` for data views. - type: string - toId: - description: New saved object reference value to replace the old value. - type: string + field_names: + items: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + minItems: 1 + type: array required: - - fromId - - toId - Data_views_timefieldname: - description: The timestamp field name, which you use for time-based data views. + - field_names + Security_Detections_API_InvestigationGuide: + description: Notes to help investigate alerts produced by the rule. type: string - Data_views_title: + Security_Detections_API_IsExternalRuleCustomized: description: >- - Comma-separated list of data streams, indices, and aliases that you want - to search. Supports wildcards (`*`). - type: string - Data_views_type: - description: When set to `rollup`, identifies the rollup data views. - type: string - Data_views_typemeta: + Determines whether an external/prebuilt rule has been customized by the + user (i.e. any of its fields have been modified and diverged from the + base value). + type: boolean + Security_Detections_API_IsRuleEnabled: + description: Determines whether the rule is enabled. + type: boolean + Security_Detections_API_IsRuleImmutable: + deprecated: true description: >- - When you use rollup indices, contains the field list for the rollup data - view API endpoints. + This field determines whether the rule is a prebuilt Elastic rule. It + will be replaced with the `rule_source` field. + type: boolean + Security_Detections_API_ItemsPerSearch: + minimum: 1 + type: integer + Security_Detections_API_KqlQueryLanguage: + enum: + - kuery + - lucene + type: string + Security_Detections_API_MachineLearningJobId: + description: Machine learning job ID + oneOf: + - type: string + - items: + type: string + minItems: 1 + type: array + Security_Detections_API_MachineLearningRule: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Detections_API_MachineLearningRuleResponseFields + Security_Detections_API_MachineLearningRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Detections_API_MachineLearningRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Detections_API_MachineLearningRuleOptionalFields + Security_Detections_API_MachineLearningRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Detections_API_MachineLearningRuleCreateFields + Security_Detections_API_MachineLearningRuleOptionalFields: type: object properties: - aggs: - description: A map of rollup restrictions by aggregation type and field name. - type: object - params: - description: Properties for retrieving rollup fields. - type: object - required: - - aggs - - params - Data_views_typemeta_response: - description: >- - When you use rollup indices, contains the field list for the rollup data - view API endpoints. - nullable: true + alert_suppression: + $ref: '#/components/schemas/Security_Detections_API_AlertSuppression' + Security_Detections_API_MachineLearningRulePatchFields: + allOf: + - type: object + properties: + anomaly_threshold: + $ref: '#/components/schemas/Security_Detections_API_AnomalyThreshold' + machine_learning_job_id: + $ref: >- + #/components/schemas/Security_Detections_API_MachineLearningJobId + type: + description: Rule type + enum: + - machine_learning + type: string + - $ref: >- + #/components/schemas/Security_Detections_API_MachineLearningRuleOptionalFields + Security_Detections_API_MachineLearningRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + id: + $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + - $ref: >- + #/components/schemas/Security_Detections_API_MachineLearningRulePatchFields + Security_Detections_API_MachineLearningRuleRequiredFields: type: object properties: - aggs: - description: A map of rollup restrictions by aggregation type and field name. - type: object - params: - description: Properties for retrieving rollup fields. - type: object - Data_views_update_data_view_request_object: - title: Update data view request + anomaly_threshold: + $ref: '#/components/schemas/Security_Detections_API_AnomalyThreshold' + machine_learning_job_id: + $ref: '#/components/schemas/Security_Detections_API_MachineLearningJobId' + type: + description: Rule type + enum: + - machine_learning + type: string + required: + - type + - machine_learning_job_id + - anomaly_threshold + Security_Detections_API_MachineLearningRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Detections_API_MachineLearningRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Detections_API_MachineLearningRuleOptionalFields + Security_Detections_API_MachineLearningRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + id: + $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Detections_API_MachineLearningRuleCreateFields + Security_Detections_API_MaxSignals: + minimum: 1 + type: integer + Security_Detections_API_MigrationCleanupResult: type: object properties: - data_view: - description: > - The data view properties you want to update. Only the specified - properties are updated in the data view. Unspecified fields stay as - they are persisted. + destinationIndex: + type: string + error: type: object properties: - allowNoIndex: - $ref: '#/components/schemas/Data_views_allownoindex' - fieldFormats: - $ref: '#/components/schemas/Data_views_fieldformats' - fields: - type: object - name: + message: type: string - runtimeFieldMap: - additionalProperties: - $ref: '#/components/schemas/Data_views_runtimefieldmap' - type: object - sourceFilters: - $ref: '#/components/schemas/Data_views_sourcefilters' - timeFieldName: - $ref: '#/components/schemas/Data_views_timefieldname' - title: - $ref: '#/components/schemas/Data_views_title' - type: - $ref: '#/components/schemas/Data_views_type' - typeMeta: - $ref: '#/components/schemas/Data_views_typemeta' - refresh_fields: - default: false - description: Reloads the data view fields after the data view is updated. - type: boolean + status_code: + type: integer + required: + - message + - status_code + id: + type: string + sourceIndex: + type: string + status: + enum: + - success + - failure + - pending + type: string + updated: + format: date-time + type: string + version: + type: string required: - - data_view - Fleet_agent: - title: Agent + - id + - destinationIndex + - status + - sourceIndex + - version + - updated + Security_Detections_API_MigrationFinalizationResult: type: object properties: - access_api_key: - type: string - access_api_key_id: - type: string - active: + completed: type: boolean - components: - items: - $ref: '#/components/schemas/Fleet_agent_component' - type: array - default_api_key: + destinationIndex: type: string - default_api_key_id: + error: + type: object + properties: + message: + type: string + status_code: + type: integer + required: + - message + - status_code + id: type: string - enrolled_at: + sourceIndex: type: string - id: + status: + enum: + - success + - failure + - pending type: string - last_checkin: + updated: + format: date-time type: string - local_metadata: - $ref: '#/components/schemas/Fleet_agent_metadata' - metrics: - type: object - properties: - cpu_avg: - description: >- - Average agent CPU usage during the last 5 minutes, number - between 0-1 - type: number - memory_size_byte_avg: - description: Average agent memory consumption during the last 5 minutes - type: number - policy_id: + version: type: string - policy_revision: - type: number + required: + - id + - completed + - destinationIndex + - status + - sourceIndex + - version + - updated + Security_Detections_API_MigrationStatus: + type: object + properties: + id: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' status: - $ref: '#/components/schemas/Fleet_agent_status' - type: - $ref: '#/components/schemas/Fleet_agent_type' - unenrolled_at: + enum: + - success + - failure + - pending type: string - unenrollment_started_at: + updated: + format: date-time type: string - user_provided_metadata: - $ref: '#/components/schemas/Fleet_agent_metadata' + version: + type: integer required: - - type - - active - - enrolled_at - id - status - Fleet_agent_action: - oneOf: - - properties: - ack_data: - type: string - data: - type: string + - version + - updated + Security_Detections_API_NewTermsFields: + items: + type: string + maxItems: 3 + minItems: 1 + type: array + Security_Detections_API_NewTermsRule: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Detections_API_NewTermsRuleResponseFields + Security_Detections_API_NewTermsRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Detections_API_NewTermsRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Detections_API_NewTermsRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Detections_API_NewTermsRuleDefaultableFields + Security_Detections_API_NewTermsRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Detections_API_NewTermsRuleCreateFields + Security_Detections_API_NewTermsRuleDefaultableFields: + type: object + properties: + language: + $ref: '#/components/schemas/Security_Detections_API_KqlQueryLanguage' + Security_Detections_API_NewTermsRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: '#/components/schemas/Security_Detections_API_AlertSuppression' + data_view_id: + $ref: '#/components/schemas/Security_Detections_API_DataViewId' + filters: + $ref: '#/components/schemas/Security_Detections_API_RuleFilterArray' + index: + $ref: '#/components/schemas/Security_Detections_API_IndexPatternArray' + response_actions: + items: + $ref: '#/components/schemas/Security_Detections_API_ResponseAction' + type: array + Security_Detections_API_NewTermsRulePatchFields: + allOf: + - type: object + properties: + history_window_start: + $ref: '#/components/schemas/Security_Detections_API_HistoryWindowStart' + new_terms_fields: + $ref: '#/components/schemas/Security_Detections_API_NewTermsFields' + query: + $ref: '#/components/schemas/Security_Detections_API_RuleQuery' type: + description: Rule type enum: - - UNENROLL - - UPGRADE - - POLICY_REASSIGN - type: string - - properties: - data: - type: object - properties: - log_level: - enum: - - debug - - info - - warning - - error - nullable: true - type: string - type: + - new_terms type: string - title: Agent action - Fleet_agent_component: - title: Agent component + - $ref: >- + #/components/schemas/Security_Detections_API_NewTermsRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Detections_API_NewTermsRuleDefaultableFields + Security_Detections_API_NewTermsRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + id: + $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + - $ref: '#/components/schemas/Security_Detections_API_NewTermsRulePatchFields' + Security_Detections_API_NewTermsRuleRequiredFields: type: object properties: - id: + history_window_start: + $ref: '#/components/schemas/Security_Detections_API_HistoryWindowStart' + new_terms_fields: + $ref: '#/components/schemas/Security_Detections_API_NewTermsFields' + query: + $ref: '#/components/schemas/Security_Detections_API_RuleQuery' + type: + description: Rule type + enum: + - new_terms type: string + required: + - type + - query + - new_terms_fields + - history_window_start + Security_Detections_API_NewTermsRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Detections_API_NewTermsRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Detections_API_NewTermsRuleOptionalFields + - type: object + properties: + language: + $ref: '#/components/schemas/Security_Detections_API_KqlQueryLanguage' + required: + - language + Security_Detections_API_NewTermsRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + id: + $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Detections_API_NewTermsRuleCreateFields + Security_Detections_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_Detections_API_NormalizedRuleAction: + additionalProperties: false + type: object + properties: + alerts_filter: + $ref: '#/components/schemas/Security_Detections_API_RuleActionAlertsFilter' + frequency: + $ref: '#/components/schemas/Security_Detections_API_RuleActionFrequency' + group: + $ref: '#/components/schemas/Security_Detections_API_RuleActionGroup' + id: + $ref: '#/components/schemas/Security_Detections_API_RuleActionId' + params: + $ref: '#/components/schemas/Security_Detections_API_RuleActionParams' + required: + - id + - params + Security_Detections_API_NormalizedRuleError: + type: object + properties: + err_code: + $ref: >- + #/components/schemas/Security_Detections_API_BulkActionsDryRunErrCode message: type: string - status: - $ref: '#/components/schemas/Fleet_agent_component_status' - type: + rules: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleDetailsInError' + type: array + status_code: + type: integer + required: + - message + - status_code + - rules + Security_Detections_API_OsqueryParams: + type: object + properties: + ecs_mapping: + $ref: '#/components/schemas/Security_Detections_API_EcsMapping' + pack_id: type: string - units: + queries: items: - $ref: '#/components/schemas/Fleet_agent_component_unit' + $ref: '#/components/schemas/Security_Detections_API_OsqueryQuery' type: array - Fleet_agent_component_status: - enum: - - starting - - configuring - - healthy - - degraded - - failed - - stopping - - stopped - title: Agent component status - type: string - Fleet_agent_component_unit: - title: Agent component unit - type: object - properties: - id: + query: type: string - message: + saved_query_id: type: string - payload: - type: object - status: - $ref: '#/components/schemas/Fleet_agent_component_status' - type: - $ref: '#/components/schemas/Fleet_agent_component_unit_type' - Fleet_agent_component_unit_type: - enum: - - input - - output - title: Agent component unit type - type: string - Fleet_agent_diagnostics: - title: Agent diagnostics + timeout: + type: number + Security_Detections_API_OsqueryQuery: type: object properties: - actionId: - type: string - createTime: + ecs_mapping: + $ref: '#/components/schemas/Security_Detections_API_EcsMapping' + id: + description: Query ID type: string - filePath: + platform: type: string - id: + query: + description: Query to run type: string - name: + removed: + type: boolean + snapshot: + type: boolean + version: + description: Query version type: string - status: - enum: - - READY - - AWAITING_UPLOAD - - DELETED - - IN_PROGRESS required: - id - - name - - createTime - - filePath - - actionId - - status - Fleet_agent_get_by_actions: - items: - items: - type: string - type: array - title: Agents get by action ids - type: array - Fleet_agent_metadata: - title: Agent metadata - type: object - Fleet_agent_policy: - title: Agent Policy + - query + Security_Detections_API_OsqueryResponseAction: type: object properties: - advanced_settings: - description: >- - Advanced settings stored in the agent policy, e.g. - agent_limits_go_max_procs - nullable: true - type: object - agent_features: - items: - type: object - properties: - enabled: - type: boolean - name: - type: string - required: - - name - - enabled - type: array - agents: - type: number - data_output_id: - nullable: true + action_type_id: + enum: + - .osquery type: string - description: + params: + $ref: '#/components/schemas/Security_Detections_API_OsqueryParams' + required: + - action_type_id + - params + Security_Detections_API_PlatformErrorResponse: + type: object + properties: + error: type: string - download_source_id: - nullable: true + message: type: string - fleet_server_host_id: - nullable: true + statusCode: + type: integer + required: + - statusCode + - error + - message + Security_Detections_API_ProcessesParams: + type: object + properties: + command: + enum: + - kill-process + - suspend-process type: string - global_data_tags: - items: - additionalProperties: - oneOf: - - type: string - - type: number - description: >- - User defined data tags that are added to all of the inputs. The - values can be strings or numbers. - type: object - type: array - id: + comment: type: string - inactivity_timeout: - type: integer - is_protected: - description: >- - Indicates whether the agent policy has tamper protection enabled. - Default false. - type: boolean - keep_monitoring_alive: - description: >- - When set to true, monitoring will be enabled but logs/metrics - collection will be disabled - nullable: true - type: boolean - monitoring_diagnostics: + config: type: object properties: - limit: - type: object - properties: - burst: - type: number - interval: - type: string - uploader: - type: object - properties: - init_dur: - type: string - max_dur: - type: string - max_retries: - type: number - monitoring_enabled: - items: - enum: - - metrics - - logs - type: string - type: array - monitoring_http: - type: object + field: + description: Field to use instead of process.pid + type: string + overwrite: + default: true + description: Whether to overwrite field with process.pid + type: boolean + required: + - field + required: + - command + - config + Security_Detections_API_QueryRule: + allOf: + - type: object properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' enabled: - type: boolean - host: - type: string - port: - type: number + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' required: + - name + - description + - risk_score + - severity + - version + - tags - enabled - monitoring_output_id: - nullable: true + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Detections_API_ResponseFields' + - $ref: '#/components/schemas/Security_Detections_API_QueryRuleResponseFields' + Security_Detections_API_QueryRuleCreateFields: + allOf: + - $ref: '#/components/schemas/Security_Detections_API_QueryRuleRequiredFields' + - $ref: '#/components/schemas/Security_Detections_API_QueryRuleOptionalFields' + - $ref: >- + #/components/schemas/Security_Detections_API_QueryRuleDefaultableFields + Security_Detections_API_QueryRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + required: + - name + - description + - risk_score + - severity + - $ref: '#/components/schemas/Security_Detections_API_QueryRuleCreateFields' + Security_Detections_API_QueryRuleDefaultableFields: + type: object + properties: + language: + $ref: '#/components/schemas/Security_Detections_API_KqlQueryLanguage' + query: + $ref: '#/components/schemas/Security_Detections_API_RuleQuery' + Security_Detections_API_QueryRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: '#/components/schemas/Security_Detections_API_AlertSuppression' + data_view_id: + $ref: '#/components/schemas/Security_Detections_API_DataViewId' + filters: + $ref: '#/components/schemas/Security_Detections_API_RuleFilterArray' + index: + $ref: '#/components/schemas/Security_Detections_API_IndexPatternArray' + response_actions: + items: + $ref: '#/components/schemas/Security_Detections_API_ResponseAction' + type: array + saved_id: + $ref: '#/components/schemas/Security_Detections_API_SavedQueryId' + Security_Detections_API_QueryRulePatchFields: + allOf: + - type: object + properties: + type: + description: Rule type + enum: + - query + type: string + - $ref: '#/components/schemas/Security_Detections_API_QueryRuleOptionalFields' + - $ref: >- + #/components/schemas/Security_Detections_API_QueryRuleDefaultableFields + Security_Detections_API_QueryRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + id: + $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + - $ref: '#/components/schemas/Security_Detections_API_QueryRulePatchFields' + Security_Detections_API_QueryRuleRequiredFields: + type: object + properties: + type: + description: Rule type + enum: + - query type: string - monitoring_pprof_enabled: + required: + - type + Security_Detections_API_QueryRuleResponseFields: + allOf: + - $ref: '#/components/schemas/Security_Detections_API_QueryRuleRequiredFields' + - $ref: '#/components/schemas/Security_Detections_API_QueryRuleOptionalFields' + - type: object + properties: + language: + $ref: '#/components/schemas/Security_Detections_API_KqlQueryLanguage' + query: + $ref: '#/components/schemas/Security_Detections_API_RuleQuery' + required: + - query + - language + Security_Detections_API_QueryRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + id: + $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + required: + - name + - description + - risk_score + - severity + - $ref: '#/components/schemas/Security_Detections_API_QueryRuleCreateFields' + Security_Detections_API_RelatedIntegration: + description: > + Related integration is a potential dependency of a rule. It's assumed + that if the user installs + + one of the related integrations of a rule, the rule might start to work + properly because it will + + have source events (generated by this integration) potentially matching + the rule's query. + + + NOTE: Proper work is not guaranteed, because a related integration, if + installed, can be + + configured differently or generate data that is not necessarily relevant + for this rule. + + + Related integration is a combination of a Fleet package and (optionally) + one of the + + package's "integrations" that this package contains. It is represented + by 3 properties: + + + - `package`: name of the package (required, unique id) + + - `version`: version of the package (required, semver-compatible) + + - `integration`: name of the integration of this package (optional, id + within the package) + + + There are Fleet packages like `windows` that contain only one + integration; in this case, + + `integration` should be unspecified. There are also packages like `aws` + and `azure` that contain + + several integrations; in this case, `integration` should be specified. + + + @example + + const x: RelatedIntegration = { + package: 'windows', + version: '1.5.x', + }; + + + @example + + const x: RelatedIntegration = { + package: 'azure', + version: '~1.1.6', + integration: 'activitylogs', + }; + type: object + properties: + integration: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + package: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + version: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + required: + - package + - version + Security_Detections_API_RelatedIntegrationArray: + items: + $ref: '#/components/schemas/Security_Detections_API_RelatedIntegration' + type: array + Security_Detections_API_RequiredField: + description: > + Describes an Elasticsearch field that is needed for the rule to + function. + + + Almost all types of Security rules check source event documents for a + match to some kind of + + query or filter. If a document has certain field with certain values, + then it's a match and + + the rule will generate an alert. + + + Required field is an event field that must be present in the source + indices of a given rule. + + + @example + + const standardEcsField: RequiredField = { + name: 'event.action', + type: 'keyword', + ecs: true, + }; + + + @example + + const nonEcsField: RequiredField = { + name: 'winlog.event_data.AttributeLDAPDisplayName', + type: 'keyword', + ecs: false, + }; + type: object + properties: + ecs: + description: Whether the field is an ECS field type: boolean name: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + description: Name of an Elasticsearch field + type: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + description: Type of the Elasticsearch field + required: + - name + - type + - ecs + Security_Detections_API_RequiredFieldArray: + items: + $ref: '#/components/schemas/Security_Detections_API_RequiredField' + type: array + Security_Detections_API_RequiredFieldInput: + description: >- + Input parameters to create a RequiredField. Does not include the `ecs` + field, because `ecs` is calculated on the backend based on the field + name and type. + type: object + properties: + name: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + description: Name of an Elasticsearch field + type: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + description: Type of an Elasticsearch field + required: + - name + - type + Security_Detections_API_ResponseAction: + oneOf: + - $ref: '#/components/schemas/Security_Detections_API_OsqueryResponseAction' + - $ref: '#/components/schemas/Security_Detections_API_EndpointResponseAction' + Security_Detections_API_ResponseFields: + type: object + properties: + created_at: + format: date-time type: string - namespace: + created_by: type: string - overrides: - description: >- - Override settings that are defined in the agent policy. Input - settings cannot be overridden. The override option should be used - only in unusual circumstances and not as a routine procedure. - nullable: true - type: object - package_policies: - description: >- - This field is present only when retrieving a single agent policy, or - when retrieving a list of agent policies with the ?full=true - parameter - items: - $ref: '#/components/schemas/Fleet_package_policy' - type: array + execution_summary: + $ref: '#/components/schemas/Security_Detections_API_RuleExecutionSummary' + id: + $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' + immutable: + $ref: '#/components/schemas/Security_Detections_API_IsRuleImmutable' + required_fields: + $ref: '#/components/schemas/Security_Detections_API_RequiredFieldArray' revision: - type: number - supports_agentless: - description: >- - Indicates whether the agent policy supports agentless integrations. - Only allowed in a serverless environment. - type: boolean - unenroll_timeout: + minimum: 0 type: integer - unprivileged_agents: - type: number - updated_by: - type: string - updated_on: + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_source: + $ref: '#/components/schemas/Security_Detections_API_RuleSource' + updated_at: format: date-time type: string + updated_by: + type: string required: - id - - status - - name - - namespace - Fleet_agent_policy_create_request: - title: Create agent policy request + - rule_id + - immutable + - rule_source + - updated_at + - updated_by + - created_at + - created_by + - revision + - related_integrations + - required_fields + Security_Detections_API_RiskScore: + description: Risk score (0 to 100) + maximum: 100 + minimum: 0 + type: integer + Security_Detections_API_RiskScoreMapping: + description: >- + Overrides generated alerts' risk_score with a value from the source + event + items: + type: object + properties: + field: + type: string + operator: + enum: + - equals + type: string + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + value: + type: string + required: + - field + - operator + - value + type: array + Security_Detections_API_RuleAction: type: object properties: - agent_features: - items: - type: object - properties: - enabled: - type: boolean - name: - type: string - required: - - name - - enabled - type: array - data_output_id: - nullable: true - type: string - description: - type: string - download_source_id: - nullable: true - type: string - fleet_server_host_id: - nullable: true + action_type_id: + description: The action type used for sending notifications. type: string - force: - description: Force agent policy creation even if packages are not verified. - type: boolean - global_data_tags: - items: - additionalProperties: - oneOf: - - type: string - - type: number - description: >- - User defined data tags that are added to all of the inputs. The - values can be strings or numbers. - type: object - type: array + alerts_filter: + $ref: '#/components/schemas/Security_Detections_API_RuleActionAlertsFilter' + frequency: + $ref: '#/components/schemas/Security_Detections_API_RuleActionFrequency' + group: + $ref: '#/components/schemas/Security_Detections_API_RuleActionGroup' id: - type: string - inactivity_timeout: - type: integer - is_protected: - type: boolean - monitoring_enabled: - items: - enum: - - metrics - - logs - type: string - type: array - monitoring_output_id: - nullable: true - type: string - name: - type: string - namespace: - type: string - unenroll_timeout: - type: integer + $ref: '#/components/schemas/Security_Detections_API_RuleActionId' + params: + $ref: '#/components/schemas/Security_Detections_API_RuleActionParams' + uuid: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' required: - - name - - namespace - Fleet_agent_policy_full: - oneOf: - - type: object - properties: - item: - type: string - - type: object - properties: - item: - $ref: '#/components/schemas/Fleet_full_agent_policy' - title: Agent policy full response + - action_type_id + - id + - params + Security_Detections_API_RuleActionAlertsFilter: + additionalProperties: true type: object - Fleet_agent_policy_update_request: - title: Update agent policy request + Security_Detections_API_RuleActionFrequency: + description: >- + The action frequency defines when the action runs (for example, only on + rule execution or at specific time intervals). type: object properties: - agent_features: - items: - type: object - properties: - enabled: - type: boolean - name: - type: string - required: - - name - - enabled - type: array - data_output_id: - nullable: true - type: string - description: - type: string - download_source_id: + notifyWhen: + $ref: '#/components/schemas/Security_Detections_API_RuleActionNotifyWhen' + summary: + description: >- + Action summary indicates whether we will send a summary notification + about all the generate alerts or notification per individual alert + type: boolean + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' nullable: true + required: + - summary + - notifyWhen + - throttle + Security_Detections_API_RuleActionGroup: + description: >- + Optionally groups actions by use cases. Use `default` for alert + notifications. + type: string + Security_Detections_API_RuleActionId: + description: The connector ID. + type: string + Security_Detections_API_RuleActionNotifyWhen: + description: >- + The condition for throttling the notification: `onActionGroupChange`, + `onActiveAlert`, or `onThrottleInterval` + enum: + - onActiveAlert + - onThrottleInterval + - onActionGroupChange + type: string + Security_Detections_API_RuleActionParams: + additionalProperties: true + description: >- + Object containing the allowed connector fields, which varies according + to the connector type. + type: object + Security_Detections_API_RuleActionThrottle: + description: Defines how often rule actions are taken. + oneOf: + - enum: + - no_actions + - rule type: string - fleet_server_host_id: - nullable: true + - description: Time interval in seconds, minutes, hours, or days. + example: 1h + pattern: ^[1-9]\d*[smhd]$ type: string - force: - description: Force agent policy creation even if packages are not verified. - type: boolean - global_data_tags: - items: - additionalProperties: - oneOf: - - type: string - - type: number - description: >- - User defined data tags that are added to all of the inputs. The - values can be strings or numbers. - type: object - type: array - inactivity_timeout: - type: integer - is_protected: - type: boolean - monitoring_enabled: - items: - enum: - - metrics - - logs - type: string - type: array - monitoring_output_id: - nullable: true + Security_Detections_API_RuleAuthorArray: + items: + type: string + type: array + Security_Detections_API_RuleCreateProps: + anyOf: + - $ref: '#/components/schemas/Security_Detections_API_EqlRuleCreateProps' + - $ref: '#/components/schemas/Security_Detections_API_QueryRuleCreateProps' + - $ref: >- + #/components/schemas/Security_Detections_API_SavedQueryRuleCreateProps + - $ref: >- + #/components/schemas/Security_Detections_API_ThresholdRuleCreateProps + - $ref: >- + #/components/schemas/Security_Detections_API_ThreatMatchRuleCreateProps + - $ref: >- + #/components/schemas/Security_Detections_API_MachineLearningRuleCreateProps + - $ref: '#/components/schemas/Security_Detections_API_NewTermsRuleCreateProps' + - $ref: '#/components/schemas/Security_Detections_API_EsqlRuleCreateProps' + discriminator: + propertyName: type + Security_Detections_API_RuleDescription: + minLength: 1 + type: string + Security_Detections_API_RuleDetailsInError: + type: object + properties: + id: type: string name: type: string - namespace: + required: + - id + Security_Detections_API_RuleExceptionList: + type: object + properties: + id: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + description: ID of the exception container + list_id: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + description: List ID of the exception container + namespace_type: + description: Determines the exceptions validity in rule's Kibana space + enum: + - agnostic + - single type: string - unenroll_timeout: - type: integer + type: + $ref: '#/components/schemas/Security_Detections_API_ExceptionListType' required: - - name - - namespace - Fleet_agent_status: - enum: - - offline - - error - - online - - inactive - - warning - title: Elastic Agent status - type: string - Fleet_agent_type: + - id + - list_id + - type + - namespace_type + Security_Detections_API_RuleExecutionMetrics: + type: object + properties: + execution_gap_duration_s: + description: Duration in seconds of execution gap + minimum: 0 + type: integer + total_enrichment_duration_ms: + description: >- + Total time spent enriching documents during current rule execution + cycle + minimum: 0 + type: integer + total_indexing_duration_ms: + description: >- + Total time spent indexing documents during current rule execution + cycle + minimum: 0 + type: integer + total_search_duration_ms: + description: >- + Total time spent performing ES searches as measured by Kibana; + includes network latency and time spent serializing/deserializing + request/response + minimum: 0 + type: integer + Security_Detections_API_RuleExecutionStatus: + description: >- + Custom execution status of Security rules that is different from the + status used in the Alerting Framework. We merge our custom status with + the Framework's status to determine the resulting status of a rule. + + - going to run - @deprecated Replaced by the 'running' status but left + for backwards compatibility with rule execution events already written + to Event Log in the prior versions of Kibana. Don't use when writing + rule status changes. + + - running - Rule execution started but not reached any intermediate or + final status. + + - partial failure - Rule can partially fail for various reasons either + in the middle of an execution (in this case we update its status right + away) or in the end of it. So currently this status can be both + intermediate and final at the same time. A typical reason for a partial + failure: not all the indices that the rule searches over actually exist. + + - failed - Rule failed to execute due to unhandled exception or a reason + defined in the business logic of its executor function. + + - succeeded - Rule executed successfully without any issues. Note: this + status is just an indication of a rule's "health". The rule might or + might not generate any alerts despite of it. enum: - - PERMANENT - - EPHEMERAL - - TEMPORARY - title: Agent type + - going to run + - running + - partial failure + - failed + - succeeded type: string - Fleet_bulk_install_packages_response: - title: Bulk install packages response + Security_Detections_API_RuleExecutionStatusOrder: + type: integer + Security_Detections_API_RuleExecutionSummary: type: object properties: - items: - items: - type: object - properties: - name: - type: string - version: - type: string - type: array - response: - deprecated: true - items: - type: object - properties: - name: - type: string - version: - type: string - type: array + last_execution: + type: object + properties: + date: + description: Date of the last execution + format: date-time + type: string + message: + type: string + metrics: + $ref: >- + #/components/schemas/Security_Detections_API_RuleExecutionMetrics + status: + $ref: '#/components/schemas/Security_Detections_API_RuleExecutionStatus' + description: Status of the last execution + status_order: + $ref: >- + #/components/schemas/Security_Detections_API_RuleExecutionStatusOrder + required: + - date + - status + - status_order + - message + - metrics required: - - items - Fleet_bulk_upgrade_agents: - title: Bulk upgrade agents + - last_execution + Security_Detections_API_RuleFalsePositiveArray: + items: + type: string + type: array + Security_Detections_API_RuleFilterArray: + items: {} + type: array + Security_Detections_API_RuleInterval: + description: >- + Frequency of rule execution, using a date math range. For example, "1h" + means the rule runs every hour. Defaults to 5m (5 minutes). + type: string + Security_Detections_API_RuleIntervalFrom: + description: >- + Time from which data is analyzed each time the rule runs, using a date + math range. For example, now-4200s means the rule analyzes data from 70 + minutes before its start time. Defaults to now-6m (analyzes data from 6 + minutes before the start time). + format: date-math + type: string + Security_Detections_API_RuleIntervalTo: + type: string + Security_Detections_API_RuleLicense: + description: The rule's license. + type: string + Security_Detections_API_RuleMetadata: + additionalProperties: true + type: object + Security_Detections_API_RuleName: + minLength: 1 + type: string + Security_Detections_API_RuleNameOverride: + description: Sets the source field for the alert's signal.rule.name value + type: string + Security_Detections_API_RuleObjectId: + $ref: '#/components/schemas/Security_Detections_API_UUID' + Security_Detections_API_RulePatchProps: + anyOf: + - $ref: '#/components/schemas/Security_Detections_API_EqlRulePatchProps' + - $ref: '#/components/schemas/Security_Detections_API_QueryRulePatchProps' + - $ref: >- + #/components/schemas/Security_Detections_API_SavedQueryRulePatchProps + - $ref: '#/components/schemas/Security_Detections_API_ThresholdRulePatchProps' + - $ref: >- + #/components/schemas/Security_Detections_API_ThreatMatchRulePatchProps + - $ref: >- + #/components/schemas/Security_Detections_API_MachineLearningRulePatchProps + - $ref: '#/components/schemas/Security_Detections_API_NewTermsRulePatchProps' + - $ref: '#/components/schemas/Security_Detections_API_EsqlRulePatchProps' + Security_Detections_API_RulePreviewLoggedRequest: type: object properties: - agents: - oneOf: - - description: KQL query string, leave empty to action all agents - type: string - - description: list of agent IDs - items: - type: string - type: array - force: - description: Force upgrade, skipping validation (should be used with caution) - type: boolean - rollout_duration_seconds: - description: rolling upgrade window duration in seconds - type: number - skipRateLimitCheck: - description: Skip rate limit check for upgrade - type: boolean - source_uri: - description: alternative upgrade binary download url - type: string - start_time: - description: start time of upgrade in ISO 8601 format - type: string - version: - description: version to upgrade to - type: string + description: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + duration: + type: integer + request: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' required: - - agents - - version - Fleet_data_stream: - title: Data stream + - request + Security_Detections_API_RulePreviewLogs: type: object properties: - dashboard: + duration: + description: Execution duration in milliseconds + type: integer + errors: items: - type: object - properties: - id: - type: string - title: - type: string + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' type: array - dataset: - type: string - index: - type: string - last_activity_ms: - type: number - namespace: - type: string - package: - type: string - package_version: - type: string - size_in_bytes: - type: number - size_in_bytes_formatted: - type: string - type: - type: string - Fleet_download_sources: - title: Download Source + requests: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RulePreviewLoggedRequest + type: array + startedAt: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + warnings: + items: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + type: array + required: + - errors + - warnings + - duration + Security_Detections_API_RulePreviewParams: type: object properties: - host: - type: string - id: - type: string - is_default: - type: boolean - name: - type: string - proxy_id: - description: >- - The ID of the proxy to use for this download source. See the proxies - API for more information. - nullable: true + invocationCount: + type: integer + timeframeEnd: + format: date-time type: string required: - - is_default - - name - - host - Fleet_elasticsearch_asset_type: + - invocationCount + - timeframeEnd + Security_Detections_API_RuleQuery: + type: string + Security_Detections_API_RuleReferenceArray: + items: + type: string + type: array + Security_Detections_API_RuleResponse: + anyOf: + - $ref: '#/components/schemas/Security_Detections_API_EqlRule' + - $ref: '#/components/schemas/Security_Detections_API_QueryRule' + - $ref: '#/components/schemas/Security_Detections_API_SavedQueryRule' + - $ref: '#/components/schemas/Security_Detections_API_ThresholdRule' + - $ref: '#/components/schemas/Security_Detections_API_ThreatMatchRule' + - $ref: '#/components/schemas/Security_Detections_API_MachineLearningRule' + - $ref: '#/components/schemas/Security_Detections_API_NewTermsRule' + - $ref: '#/components/schemas/Security_Detections_API_EsqlRule' + discriminator: + propertyName: type + Security_Detections_API_RuleSignatureId: + description: Could be any string, not necessarily a UUID + type: string + Security_Detections_API_RuleSource: + description: >- + Discriminated union that determines whether the rule is internally + sourced (created within the Kibana app) or has an external source, such + as the Elastic Prebuilt rules repo. + discriminator: + propertyName: type + oneOf: + - $ref: '#/components/schemas/Security_Detections_API_ExternalRuleSource' + - $ref: '#/components/schemas/Security_Detections_API_InternalRuleSource' + Security_Detections_API_RuleTagArray: + description: >- + String array containing words and phrases to help categorize, filter, + and search rules. Defaults to an empty array. + items: + type: string + type: array + Security_Detections_API_RuleUpdateProps: + anyOf: + - $ref: '#/components/schemas/Security_Detections_API_EqlRuleUpdateProps' + - $ref: '#/components/schemas/Security_Detections_API_QueryRuleUpdateProps' + - $ref: >- + #/components/schemas/Security_Detections_API_SavedQueryRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Detections_API_ThresholdRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Detections_API_ThreatMatchRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Detections_API_MachineLearningRuleUpdateProps + - $ref: '#/components/schemas/Security_Detections_API_NewTermsRuleUpdateProps' + - $ref: '#/components/schemas/Security_Detections_API_EsqlRuleUpdateProps' + discriminator: + propertyName: type + Security_Detections_API_RuleVersion: + description: The rule's version number. + minimum: 1 + type: integer + Security_Detections_API_SavedObjectResolveAliasPurpose: enum: - - component_template - - ingest_pipeline - - index_template - - ilm_policy - - transform - - data_stream_ilm_policy - title: Elasticsearch asset type + - savedObjectConversion + - savedObjectImport type: string - Fleet_enrollment_api_key: - title: Enrollment API key + Security_Detections_API_SavedObjectResolveAliasTargetId: + type: string + Security_Detections_API_SavedObjectResolveOutcome: + enum: + - exactMatch + - aliasMatch + - conflict + type: string + Security_Detections_API_SavedQueryId: + type: string + Security_Detections_API_SavedQueryRule: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Detections_API_SavedQueryRuleResponseFields + Security_Detections_API_SavedQueryRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Detections_API_SavedQueryRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Detections_API_SavedQueryRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Detections_API_SavedQueryRuleDefaultableFields + Security_Detections_API_SavedQueryRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Detections_API_SavedQueryRuleCreateFields + Security_Detections_API_SavedQueryRuleDefaultableFields: type: object properties: - active: - description: >- - When false, the enrollment API key is revoked and cannot be used for - enrolling Elastic Agents. - type: boolean - api_key: - description: The enrollment API key (token) used for enrolling Elastic Agents. - type: string - api_key_id: - description: The ID of the API key in the Security API. - type: string - created_at: - type: string - id: - type: string - name: - description: The name of the enrollment API key. - type: string - policy_id: - description: The ID of the agent policy the Elastic Agent will be enrolled in. - type: string - required: - - id - - api_key_id - - api_key - - active - - created_at - Fleet_fleet_server_host: - title: Fleet Server Host + language: + $ref: '#/components/schemas/Security_Detections_API_KqlQueryLanguage' + Security_Detections_API_SavedQueryRuleOptionalFields: type: object properties: - host_urls: + alert_suppression: + $ref: '#/components/schemas/Security_Detections_API_AlertSuppression' + data_view_id: + $ref: '#/components/schemas/Security_Detections_API_DataViewId' + filters: + $ref: '#/components/schemas/Security_Detections_API_RuleFilterArray' + index: + $ref: '#/components/schemas/Security_Detections_API_IndexPatternArray' + query: + $ref: '#/components/schemas/Security_Detections_API_RuleQuery' + response_actions: items: - type: string + $ref: '#/components/schemas/Security_Detections_API_ResponseAction' type: array - id: - type: string - is_default: - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - name: - type: string - proxy_id: - type: string - required: - - fleet_server_hosts - - id - - is_default - - is_preconfigured - - host_urls - Fleet_fleet_settings_response: - title: Fleet settings response + Security_Detections_API_SavedQueryRulePatchFields: + allOf: + - type: object + properties: + saved_id: + $ref: '#/components/schemas/Security_Detections_API_SavedQueryId' + type: + description: Rule type + enum: + - saved_query + type: string + - $ref: >- + #/components/schemas/Security_Detections_API_SavedQueryRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Detections_API_SavedQueryRuleDefaultableFields + Security_Detections_API_SavedQueryRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + id: + $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + - $ref: >- + #/components/schemas/Security_Detections_API_SavedQueryRulePatchFields + Security_Detections_API_SavedQueryRuleRequiredFields: type: object properties: - item: - $ref: '#/components/schemas/Fleet_settings' + saved_id: + $ref: '#/components/schemas/Security_Detections_API_SavedQueryId' + type: + description: Rule type + enum: + - saved_query + type: string required: - - item - Fleet_fleet_setup_response: - title: Fleet Setup response + - type + - saved_id + Security_Detections_API_SavedQueryRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Detections_API_SavedQueryRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Detections_API_SavedQueryRuleOptionalFields + - type: object + properties: + language: + $ref: '#/components/schemas/Security_Detections_API_KqlQueryLanguage' + required: + - language + Security_Detections_API_SavedQueryRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + id: + $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Detections_API_SavedQueryRuleCreateFields + Security_Detections_API_SetAlertsStatusByIds: type: object properties: - isInitialized: - type: boolean - nonFatalErrors: + signal_ids: items: - type: object - properties: - message: - type: string - name: - type: string - required: - - name - - message + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + minItems: 1 type: array + status: + $ref: '#/components/schemas/Security_Detections_API_AlertStatus' + required: + - signal_ids + - status + Security_Detections_API_SetAlertsStatusByQuery: + type: object + properties: + conflicts: + default: abort + enum: + - abort + - proceed + type: string + query: + additionalProperties: true + type: object + status: + $ref: '#/components/schemas/Security_Detections_API_AlertStatus' required: - - isInitialized - - nonFatalErrors - Fleet_fleet_status_response: - title: Fleet status response + - query + - status + Security_Detections_API_SetAlertTags: type: object properties: - isReady: - type: boolean - missing_optional_features: - items: - enum: - - encrypted_saved_object_encryption_key_required + tags_to_add: + $ref: '#/components/schemas/Security_Detections_API_AlertTags' + tags_to_remove: + $ref: '#/components/schemas/Security_Detections_API_AlertTags' + required: + - tags_to_add + - tags_to_remove + Security_Detections_API_SetupGuide: + type: string + Security_Detections_API_Severity: + description: Severity of the rule + enum: + - low + - medium + - high + - critical + type: string + Security_Detections_API_SeverityMapping: + description: Overrides generated alerts' severity with values from the source event + items: + type: object + properties: + field: type: string - type: array - missing_requirements: - items: + operator: enum: - - tls_required - - api_keys - - fleet_admin_user - - fleet_server + - equals type: string - type: array - package_verification_key_id: + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + value: + type: string + required: + - field + - operator + - severity + - value + type: array + Security_Detections_API_SiemErrorResponse: + type: object + properties: + message: type: string + status_code: + type: integer required: - - isReady - - missing_requirements - - missing_optional_features - Fleet_full_agent_policy: - title: Full agent policy + - status_code + - message + Security_Detections_API_SkippedAlertsIndexMigration: type: object properties: - agent: - nullable: true - type: string - fleet: - oneOf: - - type: object - properties: - hosts: - items: - type: string - type: array - proxy_headers: {} - proxy_url: - type: string - ssl: - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - renegotiation: - type: string - verification_mode: - type: string - - type: object - properties: - kibana: - type: object - properties: - hosts: - items: - type: string - type: array - path: - type: string - protocol: - type: string - id: + index: type: string - inputs: + required: + - index + Security_Detections_API_SortOrder: + enum: + - asc + - desc + type: string + Security_Detections_API_Threat: + type: object + properties: + framework: + description: Relevant attack framework type: string - monitoring: - type: object - properties: - diagnostics: - type: object - properties: - limit: - type: object - properties: - burst: - type: number - interval: - type: string - uploader: - type: object - properties: - init_dur: - type: string - max_dur: - type: string - max_retries: - type: number - enabled: - type: boolean - http: + tactic: + $ref: '#/components/schemas/Security_Detections_API_ThreatTactic' + technique: + description: Array containing information on the attack techniques (optional) + items: + $ref: '#/components/schemas/Security_Detections_API_ThreatTechnique' + type: array + required: + - framework + - tactic + Security_Detections_API_ThreatArray: + items: + $ref: '#/components/schemas/Security_Detections_API_Threat' + type: array + Security_Detections_API_ThreatFilters: + items: + description: >- + Query and filter context array used to filter documents from the + Elasticsearch index containing the threat values + type: array + Security_Detections_API_ThreatIndex: + items: + type: string + type: array + Security_Detections_API_ThreatIndicatorPath: + description: >- + Defines the path to the threat indicator in the indicator documents + (optional) + type: string + Security_Detections_API_ThreatMapping: + items: + type: object + properties: + entries: + items: type: object properties: - enabled: - type: boolean - host: + field: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + type: + enum: + - mapping type: string - port: - type: number + value: + $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' required: - - enabled - logs: - type: boolean - metrics: - type: boolean + - field + - type + - value + type: array + required: + - entries + minItems: 1 + type: array + Security_Detections_API_ThreatMatchRule: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' namespace: - type: string - pprof: - type: object - properties: - enabled: - type: boolean - required: - - enabled - traces: - type: boolean - use_output: - type: string + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' required: + - name + - description + - risk_score + - severity + - version + - tags - enabled - - metrics - - logs - - traces - output_permissions: - additionalProperties: - type: object - properties: - data: - $ref: >- - #/components/schemas/Fleet_full_agent_policy_output_permissions - output: - type: integer - type: object - outputs: - additionalProperties: - $ref: '#/components/schemas/Fleet_full_agent_policy_output' - type: object - revision: - type: number - secret_references: - items: - type: object - properties: - id: - type: string - type: array - required: - - id - - outputs - - inputs - Fleet_full_agent_policy_input: + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Detections_API_ThreatMatchRuleResponseFields + Security_Detections_API_ThreatMatchRuleCreateFields: allOf: - - additionalProperties: true - type: object + - $ref: >- + #/components/schemas/Security_Detections_API_ThreatMatchRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Detections_API_ThreatMatchRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Detections_API_ThreatMatchRuleDefaultableFields + Security_Detections_API_ThreatMatchRuleCreateProps: + allOf: + - type: object properties: - data_stream: - type: object - properties: - namespace: - type: string - required: - - namespace - id: - type: string + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' meta: - additionalProperties: true - type: object - properties: - package: - type: object - properties: - name: - type: string - version: - type: string - required: - - name - - version + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' name: - type: string - revision: - type: number - streams: - $ref: '#/components/schemas/Fleet_full_agent_policy_input_stream' + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Detections_API_ThreatMatchRuleCreateFields + Security_Detections_API_ThreatMatchRuleDefaultableFields: + type: object + properties: + language: + $ref: '#/components/schemas/Security_Detections_API_KqlQueryLanguage' + Security_Detections_API_ThreatMatchRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: '#/components/schemas/Security_Detections_API_AlertSuppression' + concurrent_searches: + $ref: '#/components/schemas/Security_Detections_API_ConcurrentSearches' + data_view_id: + $ref: '#/components/schemas/Security_Detections_API_DataViewId' + filters: + $ref: '#/components/schemas/Security_Detections_API_RuleFilterArray' + index: + $ref: '#/components/schemas/Security_Detections_API_IndexPatternArray' + items_per_search: + $ref: '#/components/schemas/Security_Detections_API_ItemsPerSearch' + saved_id: + $ref: '#/components/schemas/Security_Detections_API_SavedQueryId' + threat_filters: + $ref: '#/components/schemas/Security_Detections_API_ThreatFilters' + threat_indicator_path: + $ref: '#/components/schemas/Security_Detections_API_ThreatIndicatorPath' + threat_language: + $ref: '#/components/schemas/Security_Detections_API_KqlQueryLanguage' + Security_Detections_API_ThreatMatchRulePatchFields: + allOf: + - type: object + properties: + query: + $ref: '#/components/schemas/Security_Detections_API_RuleQuery' + threat_index: + $ref: '#/components/schemas/Security_Detections_API_ThreatIndex' + threat_mapping: + $ref: '#/components/schemas/Security_Detections_API_ThreatMapping' + threat_query: + $ref: '#/components/schemas/Security_Detections_API_ThreatQuery' type: + description: Rule type + enum: + - threat_match type: string - use_output: - type: string + - $ref: >- + #/components/schemas/Security_Detections_API_ThreatMatchRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Detections_API_ThreatMatchRuleDefaultableFields + Security_Detections_API_ThreatMatchRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + id: + $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + - $ref: >- + #/components/schemas/Security_Detections_API_ThreatMatchRulePatchFields + Security_Detections_API_ThreatMatchRuleRequiredFields: + type: object + properties: + query: + $ref: '#/components/schemas/Security_Detections_API_RuleQuery' + threat_index: + $ref: '#/components/schemas/Security_Detections_API_ThreatIndex' + threat_mapping: + $ref: '#/components/schemas/Security_Detections_API_ThreatMapping' + threat_query: + $ref: '#/components/schemas/Security_Detections_API_ThreatQuery' + type: + description: Rule type + enum: + - threat_match + type: string + required: + - type + - query + - threat_query + - threat_mapping + - threat_index + Security_Detections_API_ThreatMatchRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Detections_API_ThreatMatchRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Detections_API_ThreatMatchRuleOptionalFields + - type: object + properties: + language: + $ref: '#/components/schemas/Security_Detections_API_KqlQueryLanguage' required: - - id - - name - - revision - - type - - data_stream - - use_output - title: Full agent policy input - Fleet_full_agent_policy_input_stream: + - language + Security_Detections_API_ThreatMatchRuleUpdateProps: allOf: - - additionalProperties: true - type: object + - type: object properties: - data_stream: - type: object - properties: - dataset: - type: string - type: - type: string - required: - - dataset - - type + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' id: - type: string + $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' required: - - id - - data_stream - title: Full agent policy input stream - Fleet_full_agent_policy_output: - title: Full agent policy + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Detections_API_ThreatMatchRuleCreateFields + Security_Detections_API_ThreatQuery: + description: Query to run + type: string + Security_Detections_API_ThreatSubtechnique: type: object properties: - additionalProperties: - type: object - properties: - text: {} - ca_sha256: - nullable: true + id: + description: Subtechnique ID type: string - hosts: - items: - type: string - type: array - proxy_headers: {} - proxy_url: + name: + description: Subtechnique name + type: string + reference: + description: Subtechnique reference type: string - type: {} required: - - type - - hosts - - ca_sha256 - Fleet_full_agent_policy_output_permissions: - additionalProperties: - type: object - properties: - data: - type: object - properties: - cluster: - items: - type: string - type: array - indices: - items: - type: object - properties: - names: - items: - type: string - type: array - privileges: - items: - type: string - type: array - type: array - packagePolicyName: - type: string - title: Full agent policy output permissions - Fleet_get_agent_tags_response: - title: Get Agent Tags response + - id + - name + - reference + Security_Detections_API_ThreatTactic: type: object properties: - items: - items: - type: string - type: array - Fleet_get_agents_response: - title: Get Agent response + id: + description: Tactic ID + type: string + name: + description: Tactic name + type: string + reference: + description: Tactic reference + type: string + required: + - id + - name + - reference + Security_Detections_API_ThreatTechnique: type: object properties: - items: - items: - $ref: '#/components/schemas/Fleet_agent' - type: array - list: - deprecated: true + id: + description: Technique ID + type: string + name: + description: Technique name + type: string + reference: + description: Technique reference + type: string + subtechnique: + description: Array containing more specific information on the attack technique items: - $ref: '#/components/schemas/Fleet_agent' + $ref: '#/components/schemas/Security_Detections_API_ThreatSubtechnique' type: array - page: - type: number - perPage: - type: number - statusSummary: - type: object - properties: - degraded': - type: number - enrolling: - type: number - error: - type: number - inactive: - type: number - offline: - type: number - online: - type: number - unenrolled: - type: number - unenrolling: - type: number - updating: - type: number - total: - type: number required: - - items - - total - - page - - perPage - Fleet_get_bulk_assets_response: - deprecated: true + - id + - name + - reference + Security_Detections_API_Threshold: + type: object properties: - items: - items: - type: object - properties: - appLink: - type: string - attributes: - type: object - properties: - description: - type: string - title: - type: string - id: - type: string - type: - $ref: '#/components/schemas/Fleet_saved_object_type' - updatedAt: - type: string - type: array + cardinality: + $ref: '#/components/schemas/Security_Detections_API_ThresholdCardinality' + field: + $ref: '#/components/schemas/Security_Detections_API_ThresholdField' + value: + $ref: '#/components/schemas/Security_Detections_API_ThresholdValue' required: - - items - title: Bulk get assets response - type: object - Fleet_get_categories_response: - title: Get categories response + - field + - value + Security_Detections_API_ThresholdAlertSuppression: type: object properties: - items: - items: - type: object - properties: - count: - type: number - id: - type: string - title: - type: string - required: - - id - - title - - count - type: array - response: - items: - deprecated: true - type: object - properties: - count: - type: number - id: - type: string - title: - type: string - required: - - id - - title - - count - type: array + duration: + $ref: >- + #/components/schemas/Security_Detections_API_AlertSuppressionDuration required: - - items - Fleet_get_packages_response: - title: Get Packages response + - duration + Security_Detections_API_ThresholdCardinality: + items: + type: object + properties: + field: + type: string + value: + minimum: 0 + type: integer + required: + - field + - value + type: array + Security_Detections_API_ThresholdField: + description: Field to aggregate on + oneOf: + - type: string + - items: + type: string + type: array + Security_Detections_API_ThresholdRule: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Detections_API_ThresholdRuleResponseFields + Security_Detections_API_ThresholdRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Detections_API_ThresholdRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Detections_API_ThresholdRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Detections_API_ThresholdRuleDefaultableFields + Security_Detections_API_ThresholdRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Detections_API_ThresholdRuleCreateFields + Security_Detections_API_ThresholdRuleDefaultableFields: + type: object + properties: + language: + $ref: '#/components/schemas/Security_Detections_API_KqlQueryLanguage' + Security_Detections_API_ThresholdRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Detections_API_ThresholdAlertSuppression + data_view_id: + $ref: '#/components/schemas/Security_Detections_API_DataViewId' + filters: + $ref: '#/components/schemas/Security_Detections_API_RuleFilterArray' + index: + $ref: '#/components/schemas/Security_Detections_API_IndexPatternArray' + saved_id: + $ref: '#/components/schemas/Security_Detections_API_SavedQueryId' + Security_Detections_API_ThresholdRulePatchFields: + allOf: + - type: object + properties: + query: + $ref: '#/components/schemas/Security_Detections_API_RuleQuery' + threshold: + $ref: '#/components/schemas/Security_Detections_API_Threshold' + type: + description: Rule type + enum: + - threshold + type: string + - $ref: >- + #/components/schemas/Security_Detections_API_ThresholdRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Detections_API_ThresholdRuleDefaultableFields + Security_Detections_API_ThresholdRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + id: + $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + - $ref: >- + #/components/schemas/Security_Detections_API_ThresholdRulePatchFields + Security_Detections_API_ThresholdRuleRequiredFields: type: object properties: - items: - items: - $ref: '#/components/schemas/Fleet_search_result' - type: array - response: - deprecated: true - items: - $ref: '#/components/schemas/Fleet_search_result' - type: array + query: + $ref: '#/components/schemas/Security_Detections_API_RuleQuery' + threshold: + $ref: '#/components/schemas/Security_Detections_API_Threshold' + type: + description: Rule type + enum: + - threshold + type: string required: - - items - Fleet_installation_info: - title: Installation info object + - type + - query + - threshold + Security_Detections_API_ThresholdRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Detections_API_ThresholdRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Detections_API_ThresholdRuleOptionalFields + - type: object + properties: + language: + $ref: '#/components/schemas/Security_Detections_API_KqlQueryLanguage' + required: + - language + Security_Detections_API_ThresholdRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleAction' + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' + building_block_type: + $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' + description: + $ref: '#/components/schemas/Security_Detections_API_RuleDescription' + enabled: + $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' + exceptions_list: + items: + $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Detections_API_RuleFalsePositiveArray + from: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' + id: + $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' + interval: + $ref: '#/components/schemas/Security_Detections_API_RuleInterval' + investigation_fields: + $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' + license: + $ref: '#/components/schemas/Security_Detections_API_RuleLicense' + max_signals: + $ref: '#/components/schemas/Security_Detections_API_MaxSignals' + meta: + $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' + name: + $ref: '#/components/schemas/Security_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Detections_API_AlertsIndexNamespace + note: + $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' + outcome: + $ref: >- + #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' + references: + $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' + related_integrations: + $ref: >- + #/components/schemas/Security_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Detections_API_RiskScore' + risk_score_mapping: + $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' + rule_id: + $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' + rule_name_override: + $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' + setup: + $ref: '#/components/schemas/Security_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Detections_API_Severity' + severity_mapping: + $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' + tags: + $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' + threat: + $ref: '#/components/schemas/Security_Detections_API_ThreatArray' + throttle: + $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' + timeline_id: + $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' + timeline_title: + $ref: >- + #/components/schemas/Security_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' + version: + $ref: '#/components/schemas/Security_Detections_API_RuleVersion' + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Detections_API_ThresholdRuleCreateFields + Security_Detections_API_ThresholdValue: + description: Threshold value + minimum: 1 + type: integer + Security_Detections_API_ThrottleForBulkActions: + description: >- + The condition for throttling the notification: 'rule', 'no_actions', or + time duration + enum: + - rule + - 1h + - 1d + - 7d + type: string + Security_Detections_API_TiebreakerField: + description: Sets a secondary field for sorting events + type: string + Security_Detections_API_TimelineTemplateId: + description: Timeline template ID + type: string + Security_Detections_API_TimelineTemplateTitle: + description: Timeline template title + type: string + Security_Detections_API_TimestampField: + description: Contains the event timestamp used for sorting a sequence of events + type: string + Security_Detections_API_TimestampOverride: + description: Sets the time field used to query indices + type: string + Security_Detections_API_TimestampOverrideFallbackDisabled: + description: Disables the fallback to the event's @timestamp field + type: boolean + Security_Detections_API_UUID: + description: A universally unique identifier + format: uuid + type: string + Security_Detections_API_WarningSchema: type: object properties: - created_at: - type: string - experimental_data_stream_features: - type: array - properties: - data_stream: - type: string - features: - type: object - properties: - doc_value_only_numeric: - nullable: true - type: boolean - doc_value_only_other: - nullable: true - type: boolean - synthetic_source: - nullable: true - type: boolean - tsdb: - nullable: true - type: boolean - install_format_schema_version: + actionPath: type: string - install_kibana_space_id: + buttonLabel: type: string - install_source: - enum: - - registry - - upload - - bundled + message: type: string - install_status: - enum: - - installed - - installing - - install_failed + type: type: string - installed_es: - type: object - properties: - deferred: - type: boolean - id: - type: string - type: - $ref: '#/components/schemas/Fleet_elasticsearch_asset_type' - installed_kibana: - type: object - properties: - id: - type: string - type: - $ref: '#/components/schemas/Fleet_kibana_saved_object_type' - latest_executed_state: - description: Latest successfully executed state in package install state machine + required: + - type + - message + - actionPath + Security_Endpoint_Exceptions_API_EndpointList: + oneOf: + - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_ExceptionList' + - additionalProperties: false type: object - properties: - error: - type: string - name: - enum: - - create_restart_installation - - install_kibana_assets - - install_ilm_policies - - install_ml_model - - install_index_template_pipelines - - remove_legacy_templates - - update_current_write_indices - - install_transforms - - delete_previous_pipelines - - save_archive_entries_from_assets_map - - update_so - type: string - started_at: - type: string - latest_install_failed_attempts: - description: Latest failed install errors - items: - type: object - properties: - created_at: - type: string - error: - type: object - properties: - message: - type: string - name: - type: string - stack: - type: string - target_version: - type: string - type: array + Security_Endpoint_Exceptions_API_EndpointListItem: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItem' + Security_Endpoint_Exceptions_API_ExceptionList: + type: object + properties: + _version: + type: string + created_at: + format: date-time + type: string + created_by: + type: string + description: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListDescription + id: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListId + immutable: + type: boolean + list_id: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListMeta name: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListName + namespace_type: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionNamespaceType + os_types: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListOsTypeArray + tags: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListTags + tie_breaker_id: type: string - namespaces: - items: - type: string - type: array type: - type: string + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListType updated_at: + format: date-time type: string - verification_key_id: - nullable: true - type: string - verification_status: - enum: - - verified - - unverified - - unknown + updated_by: type: string version: - type: string + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListVersion required: - - installed_kibana - - installed_es + - id + - list_id + - type - name + - description + - immutable + - namespace_type - version - - install_status - - install_version - - install_started_at - - install_source - - verification_status - - latest_install_failed_attempts - Fleet_kibana_saved_object_type: - enum: - - dashboard - - visualization - - search - - index-pattern - - map - - lens - - ml-module - - security-rule - - csp_rule_template - title: Kibana saved object asset type + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Endpoint_Exceptions_API_ExceptionListDescription: type: string - Fleet_new_package_policy: - description: '' + Security_Endpoint_Exceptions_API_ExceptionListHumanId: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' + description: Human readable string identifier, e.g. `trusted-linux-processes` + Security_Endpoint_Exceptions_API_ExceptionListId: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' + Security_Endpoint_Exceptions_API_ExceptionListItem: + type: object properties: + _version: + type: string + comments: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemCommentArray + created_at: + format: date-time + type: string + created_by: + type: string description: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryArray + expire_time: + format: date-time type: string - enabled: - type: boolean - inputs: - items: - type: object - properties: - config: - type: object - enabled: - type: boolean - processors: - items: - type: string - type: array - streams: - items: {} - type: array - type: - type: string - vars: - type: object - required: - - type - - enabled - type: array + id: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemId + item_id: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemHumanId + list_id: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemMeta name: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemName + namespace_type: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionNamespaceType + os_types: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemOsTypeArray + tags: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemTags + tie_breaker_id: type: string - namespace: - type: string - output_id: + type: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemType + updated_at: + format: date-time type: string - overrides: - type: object - package: - type: object - properties: - name: - type: string - requires_root: - type: boolean - title: - type: string - version: - type: string - required: - - name - - version - policy_id: - deprecated: true - nullable: true + updated_by: type: string - policy_ids: - items: - type: string - type: array required: - - inputs + - id + - item_id + - list_id + - type - name - title: New package policy + - description + - entries + - namespace_type + - comments + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Endpoint_Exceptions_API_ExceptionListItemComment: type: object - Fleet_output_create_request: + properties: + comment: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' + created_at: + format: date-time + type: string + created_by: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' + id: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' + updated_at: + format: date-time + type: string + updated_by: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' + required: + - id + - comment + - created_at + - created_by + Security_Endpoint_Exceptions_API_ExceptionListItemCommentArray: + items: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemComment + type: array + Security_Endpoint_Exceptions_API_ExceptionListItemDescription: + type: string + Security_Endpoint_Exceptions_API_ExceptionListItemEntry: + anyOf: + - $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryMatch + - $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryMatchAny + - $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryList + - $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryExists + - $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryNested + - $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryMatchWildcard discriminator: - mapping: - elasticsearch: '#/components/schemas/Fleet_output_create_request_elasticsearch' - kafka: '#/components/schemas/Fleet_output_create_request_kafka' - logstash: '#/components/schemas/Fleet_output_create_request_logstash' - remote_elasticsearch: >- - #/components/schemas/Fleet_output_create_request_remote_elasticsearch propertyName: type - oneOf: - - $ref: '#/components/schemas/Fleet_output_create_request_elasticsearch' - - $ref: '#/components/schemas/Fleet_output_create_request_kafka' - - $ref: '#/components/schemas/Fleet_output_create_request_logstash' - - $ref: >- - #/components/schemas/Fleet_output_create_request_remote_elasticsearch - title: Output - Fleet_output_create_request_elasticsearch: - title: elasticsearch + Security_Endpoint_Exceptions_API_ExceptionListItemEntryArray: + items: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntry + type: array + Security_Endpoint_Exceptions_API_ExceptionListItemEntryExists: type: object properties: - ca_sha256: - type: string - ca_trusted_fingerprint: - type: string - config: - type: object - config_yaml: - type: string - hosts: - items: - type: string - type: array - id: - type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: - type: boolean - name: - type: string - preset: + field: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' + operator: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryOperator + type: enum: - - balanced - - custom - - throughput - - scale - - latency - type: string - proxy_id: + - exists type: string - shipper: - type: object - properties: - compression_level: - type: number - disk_queue_compression_enabled: - type: boolean - disk_queue_enabled: - type: boolean - disk_queue_encryption_enabled: - type: boolean - disk_queue_max_size: - type: number - disk_queue_path: - type: string - loadbalance: - type: boolean - ssl: + required: + - type + - field + - operator + Security_Endpoint_Exceptions_API_ExceptionListItemEntryList: + type: object + properties: + field: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' + list: type: object properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string + id: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_ListId' + type: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_ListType' + required: + - id + - type + operator: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryOperator type: enum: - - elasticsearch + - list type: string required: - - name - Fleet_output_create_request_kafka: - title: kafka + - type + - field + - list + - operator + Security_Endpoint_Exceptions_API_ExceptionListItemEntryMatch: type: object properties: - auth_type: - type: string - broker_timeout: - type: number - ca_sha256: - type: string - ca_trusted_fingerprint: - type: string - client_id: - type: string - compression: - type: string - compression_level: - type: number - config: - type: object - config_yaml: + field: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' + operator: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - match type: string - connection_type: + value: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' + required: + - type + - field + - value + - operator + Security_Endpoint_Exceptions_API_ExceptionListItemEntryMatchAny: + type: object + properties: + field: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' + operator: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryOperator + type: enum: - - plaintext - - encryption + - match_any type: string - headers: + value: items: - type: object - properties: - key: - type: string - value: - type: string + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString + minItems: 1 type: array - hosts: + required: + - type + - field + - value + - operator + Security_Endpoint_Exceptions_API_ExceptionListItemEntryMatchWildcard: + type: object + properties: + field: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' + operator: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - wildcard + type: string + value: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' + required: + - type + - field + - value + - operator + Security_Endpoint_Exceptions_API_ExceptionListItemEntryNested: + type: object + properties: + entries: items: - type: string + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryNestedEntryItem + minItems: 1 type: array - id: - type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: - type: boolean - key: - type: string - name: + field: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' + type: + enum: + - nested type: string - partition: + required: + - type + - field + - entries + Security_Endpoint_Exceptions_API_ExceptionListItemEntryNestedEntryItem: + oneOf: + - $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryMatch + - $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryMatchAny + - $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryExists + Security_Endpoint_Exceptions_API_ExceptionListItemEntryOperator: + enum: + - excluded + - included + type: string + Security_Endpoint_Exceptions_API_ExceptionListItemHumanId: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' + Security_Endpoint_Exceptions_API_ExceptionListItemId: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' + Security_Endpoint_Exceptions_API_ExceptionListItemMeta: + additionalProperties: true + type: object + Security_Endpoint_Exceptions_API_ExceptionListItemName: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' + Security_Endpoint_Exceptions_API_ExceptionListItemOsTypeArray: + items: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListOsType + type: array + Security_Endpoint_Exceptions_API_ExceptionListItemTags: + items: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' + type: array + Security_Endpoint_Exceptions_API_ExceptionListItemType: + enum: + - simple + type: string + Security_Endpoint_Exceptions_API_ExceptionListMeta: + additionalProperties: true + type: object + Security_Endpoint_Exceptions_API_ExceptionListName: + type: string + Security_Endpoint_Exceptions_API_ExceptionListOsType: + enum: + - linux + - macos + - windows + type: string + Security_Endpoint_Exceptions_API_ExceptionListOsTypeArray: + items: + $ref: >- + #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListOsType + type: array + Security_Endpoint_Exceptions_API_ExceptionListTags: + items: + type: string + type: array + Security_Endpoint_Exceptions_API_ExceptionListType: + enum: + - detection + - rule_default + - endpoint + - endpoint_trusted_apps + - endpoint_events + - endpoint_host_isolation_exceptions + - endpoint_blocklists + type: string + Security_Endpoint_Exceptions_API_ExceptionListVersion: + minimum: 1 + type: integer + Security_Endpoint_Exceptions_API_ExceptionNamespaceType: + description: > + Determines whether the exception container is available in all Kibana + spaces or just the space + + in which it is created, where: + + + - `single`: Only available in the Kibana space in which it is created. + + - `agnostic`: Available in all Kibana spaces. + enum: + - agnostic + - single + type: string + Security_Endpoint_Exceptions_API_FindEndpointListItemsFilter: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' + Security_Endpoint_Exceptions_API_ListId: + $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' + Security_Endpoint_Exceptions_API_ListType: + enum: + - binary + - boolean + - byte + - date + - date_nanos + - date_range + - double + - double_range + - float + - float_range + - geo_point + - geo_shape + - half_float + - integer + - integer_range + - ip + - ip_range + - keyword + - long + - long_range + - shape + - short + - text + type: string + Security_Endpoint_Exceptions_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_Endpoint_Exceptions_API_PlatformErrorResponse: + type: object + properties: + error: type: string - password: + message: type: string - proxy_id: + statusCode: + type: integer + required: + - statusCode + - error + - message + Security_Endpoint_Exceptions_API_SiemErrorResponse: + type: object + properties: + message: type: string - random: - type: object - properties: - group_events: - type: number - required_acks: - type: number - round_robin: - type: object - properties: - group_events: - type: number - sasl: - type: object - properties: - mechanism: - type: string - secrets: + status_code: + type: integer + required: + - status_code + - message + Security_Endpoint_Management_API_ActionLogRequestQuery: + type: object + properties: + end_date: + $ref: '#/components/schemas/Security_Endpoint_Management_API_EndDate' + page: + $ref: '#/components/schemas/Security_Endpoint_Management_API_Page' + page_size: + $ref: '#/components/schemas/Security_Endpoint_Management_API_PageSize' + start_date: + $ref: '#/components/schemas/Security_Endpoint_Management_API_StartDate' + Security_Endpoint_Management_API_ActionStateSuccessResponse: + type: object + properties: + body: type: object properties: - password: - type: string - ssl: + data: type: object properties: - key: - type: string - shipper: - type: object - properties: - compression_level: - type: number - disk_queue_compression_enabled: - type: boolean - disk_queue_enabled: - type: boolean - disk_queue_encryption_enabled: - type: boolean - disk_queue_max_size: - type: number - disk_queue_path: - type: string - loadbalance: - type: boolean - ssl: - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - none - - full - - certificate - - strict - type: string - timeout: - type: number - topic: - type: string - topics: - deprecated: true - description: Use topic instead. - items: - type: object - properties: - topic: - type: string - when: - deprecated: true - description: >- - Deprecated, kafka output do not support conditionnal topics - anymore. - type: object - properties: - condition: - type: string - type: - type: string - type: array - type: - enum: - - kafka - type: string - username: - type: string - version: - type: string + canEncrypt: + type: boolean + required: + - data required: - - name - - type - - topics - - auth_type - - hosts - Fleet_output_create_request_logstash: - title: logstash + - body + Security_Endpoint_Management_API_ActionStatusSuccessResponse: type: object properties: - ca_sha256: - type: string - ca_trusted_fingerprint: - type: string - config: + body: type: object - config_yaml: - type: string - hosts: - items: + properties: + data: + type: object + properties: + agent_id: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_AgentId + pending_actions: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_PendingActionsSchema + required: + - agent_id + - pending_actions + required: + - data + required: + - body + Security_Endpoint_Management_API_AgentId: + description: Agent ID + type: string + Security_Endpoint_Management_API_AgentIds: + minLength: 1 + oneOf: + - items: + minLength: 1 type: string + maxItems: 50 + minItems: 1 type: array - id: - type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: - type: boolean - name: + - minLength: 1 type: string - proxy_id: + Security_Endpoint_Management_API_AgentTypes: + enum: + - endpoint + - sentinel_one + - crowdstrike + type: string + Security_Endpoint_Management_API_AlertIds: + description: A list of alerts ids. + items: + $ref: '#/components/schemas/Security_Endpoint_Management_API_NonEmptyString' + minItems: 1 + type: array + Security_Endpoint_Management_API_CaseIds: + description: Case IDs to be updated (cannot contain empty strings) + items: + minLength: 1 + type: string + minItems: 1 + type: array + Security_Endpoint_Management_API_Command: + description: The command to be executed (cannot be an empty string) + enum: + - isolate + - unisolate + - kill-process + - suspend-process + - running-processes + - get-file + - execute + - upload + - scan + minLength: 1 + type: string + Security_Endpoint_Management_API_Commands: + items: + $ref: '#/components/schemas/Security_Endpoint_Management_API_Command' + type: array + Security_Endpoint_Management_API_Comment: + description: Optional comment + type: string + Security_Endpoint_Management_API_EndDate: + description: End date + type: string + Security_Endpoint_Management_API_EndpointIds: + description: List of endpoint IDs (cannot contain empty strings) + items: + minLength: 1 + type: string + minItems: 1 + type: array + Security_Endpoint_Management_API_EntityId: + type: object + properties: + entity_id: + minLength: 1 type: string - secrets: - type: object + Security_Endpoint_Management_API_ExecuteRouteRequestBody: + allOf: + - type: object + properties: + agent_type: + $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentTypes' + alert_ids: + $ref: '#/components/schemas/Security_Endpoint_Management_API_AlertIds' + case_ids: + $ref: '#/components/schemas/Security_Endpoint_Management_API_CaseIds' + comment: + $ref: '#/components/schemas/Security_Endpoint_Management_API_Comment' + endpoint_ids: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_EndpointIds + parameters: + $ref: '#/components/schemas/Security_Endpoint_Management_API_Parameters' + required: + - endpoint_ids + - type: object + properties: + parameters: + type: object + properties: + command: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_Command + timeout: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_Timeout + required: + - command + required: + - parameters + Security_Endpoint_Management_API_GetEndpointActionListRouteQuery: + type: object + properties: + agentIds: + $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentIds' + agentTypes: + $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentTypes' + commands: + $ref: '#/components/schemas/Security_Endpoint_Management_API_Commands' + endDate: + $ref: '#/components/schemas/Security_Endpoint_Management_API_EndDate' + page: + $ref: '#/components/schemas/Security_Endpoint_Management_API_Page' + pageSize: + default: 10 + description: Number of items per page + maximum: 10000 + minimum: 1 + type: integer + startDate: + $ref: '#/components/schemas/Security_Endpoint_Management_API_StartDate' + types: + $ref: '#/components/schemas/Security_Endpoint_Management_API_Types' + userIds: + $ref: '#/components/schemas/Security_Endpoint_Management_API_UserIds' + withOutputs: + $ref: '#/components/schemas/Security_Endpoint_Management_API_WithOutputs' + Security_Endpoint_Management_API_GetFileRouteRequestBody: + allOf: + - type: object + properties: + agent_type: + $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentTypes' + alert_ids: + $ref: '#/components/schemas/Security_Endpoint_Management_API_AlertIds' + case_ids: + $ref: '#/components/schemas/Security_Endpoint_Management_API_CaseIds' + comment: + $ref: '#/components/schemas/Security_Endpoint_Management_API_Comment' + endpoint_ids: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_EndpointIds + parameters: + $ref: '#/components/schemas/Security_Endpoint_Management_API_Parameters' + required: + - endpoint_ids + - type: object properties: - ssl: + parameters: type: object properties: - key: + path: type: string - shipper: - type: object + required: + - path + required: + - parameters + Security_Endpoint_Management_API_GetProcessesRouteRequestBody: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_NoParametersRequestSchema + Security_Endpoint_Management_API_IsolateRouteRequestBody: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_NoParametersRequestSchema + Security_Endpoint_Management_API_KillProcessRouteRequestBody: + allOf: + - type: object properties: - compression_level: - type: number - disk_queue_compression_enabled: - type: boolean - disk_queue_enabled: - type: boolean - disk_queue_encryption_enabled: - type: boolean - disk_queue_max_size: - type: number - disk_queue_path: - type: string - loadbalance: - type: boolean - ssl: - type: object + agent_type: + $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentTypes' + alert_ids: + $ref: '#/components/schemas/Security_Endpoint_Management_API_AlertIds' + case_ids: + $ref: '#/components/schemas/Security_Endpoint_Management_API_CaseIds' + comment: + $ref: '#/components/schemas/Security_Endpoint_Management_API_Comment' + endpoint_ids: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_EndpointIds + parameters: + $ref: '#/components/schemas/Security_Endpoint_Management_API_Parameters' + required: + - endpoint_ids + - type: object properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - type: - enum: - - logstash - type: string - required: - - name - - hosts - - type - Fleet_output_create_request_remote_elasticsearch: - title: remote_elasticsearch + parameters: + oneOf: + - $ref: '#/components/schemas/Security_Endpoint_Management_API_Pid' + - $ref: >- + #/components/schemas/Security_Endpoint_Management_API_EntityId + - type: object + properties: + process_name: + description: Valid for SentinelOne agent type only + minLength: 1 + type: string + required: + - parameters + Security_Endpoint_Management_API_ListRequestQuery: type: object properties: - hosts: + hostStatuses: items: + enum: + - healthy + - offline + - updating + - inactive + - unenrolled type: string type: array - id: - type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: - type: boolean - name: + kuery: + nullable: true type: string - secrets: - type: object - properties: - service_token: - type: string - service_token: + page: + default: 0 + description: Page number + minimum: 0 + type: integer + pageSize: + default: 10 + description: Number of items per page + maximum: 10000 + minimum: 1 + type: integer + sortDirection: + enum: + - asc + - desc + nullable: true type: string - type: + sortField: enum: - - remote_elasticsearch + - enrolled_at + - metadata.host.hostname + - host_status + - metadata.Endpoint.policy.applied.name + - metadata.Endpoint.policy.applied.status + - metadata.host.os.name + - metadata.host.ip + - metadata.agent.version + - last_checkin type: string required: - - name - Fleet_output_update_request: - discriminator: - mapping: - elasticsearch: '#/components/schemas/Fleet_output_update_request_elasticsearch' - kafka: '#/components/schemas/Fleet_output_update_request_kafka' - logstash: '#/components/schemas/Fleet_output_update_request_logstash' - propertyName: type - oneOf: - - $ref: '#/components/schemas/Fleet_output_update_request_elasticsearch' - - $ref: '#/components/schemas/Fleet_output_update_request_kafka' - - $ref: '#/components/schemas/Fleet_output_update_request_logstash' - title: Output - Fleet_output_update_request_elasticsearch: - title: elasticsearch + - hostStatuses + Security_Endpoint_Management_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_Endpoint_Management_API_NoParametersRequestSchema: type: object properties: - ca_sha256: - type: string - ca_trusted_fingerprint: - type: string - config: - type: object - config_yaml: - type: string - hosts: - items: - type: string - type: array - id: - type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: - type: boolean - name: - type: string - preset: - enum: - - balanced - - custom - - throughput - - scale - - latency - type: string - proxy_id: - type: string - shipper: - type: object - properties: - compression_level: - type: number - disk_queue_compression_enabled: - type: boolean - disk_queue_enabled: - type: boolean - disk_queue_encryption_enabled: - type: boolean - disk_queue_max_size: - type: number - disk_queue_path: - type: string - loadbalance: - type: boolean - ssl: + body: type: object properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - type: - enum: - - elasticsearch - type: string + agent_type: + $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentTypes' + alert_ids: + $ref: '#/components/schemas/Security_Endpoint_Management_API_AlertIds' + case_ids: + $ref: '#/components/schemas/Security_Endpoint_Management_API_CaseIds' + comment: + $ref: '#/components/schemas/Security_Endpoint_Management_API_Comment' + endpoint_ids: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_EndpointIds + parameters: + $ref: '#/components/schemas/Security_Endpoint_Management_API_Parameters' + required: + - endpoint_ids required: - - name - - hosts - - type - Fleet_output_update_request_kafka: - title: kafka + - body + Security_Endpoint_Management_API_Page: + default: 1 + description: Page number + minimum: 1 + type: integer + Security_Endpoint_Management_API_PageSize: + default: 10 + description: Number of items per page + maximum: 100 + minimum: 1 + type: integer + Security_Endpoint_Management_API_Parameters: + description: Optional parameters object type: object - properties: - auth_type: - type: string - broker_timeout: - type: number - ca_sha256: - type: string - ca_trusted_fingerprint: - type: string - client_id: - type: string - compression: - type: string - compression_level: - type: number - config: + Security_Endpoint_Management_API_PendingActionDataType: + type: integer + Security_Endpoint_Management_API_PendingActionsSchema: + oneOf: + - type: object + properties: + execute: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_PendingActionDataType + get-file: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_PendingActionDataType + isolate: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_PendingActionDataType + kill-process: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_PendingActionDataType + running-processes: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_PendingActionDataType + scan: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_PendingActionDataType + suspend-process: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_PendingActionDataType + unisolate: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_PendingActionDataType + upload: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_PendingActionDataType + - additionalProperties: true type: object - config_yaml: - type: string - connection_type: - enum: - - plaintext - - encryption + Security_Endpoint_Management_API_Pid: + type: object + properties: + pid: + minimum: 1 + type: integer + Security_Endpoint_Management_API_ProtectionUpdatesNoteResponse: + type: object + properties: + note: type: string - headers: - items: - type: object - properties: - key: - type: string - value: - type: string - type: array - hosts: - items: + Security_Endpoint_Management_API_ScanRouteRequestBody: + allOf: + - type: object + properties: + agent_type: + $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentTypes' + alert_ids: + $ref: '#/components/schemas/Security_Endpoint_Management_API_AlertIds' + case_ids: + $ref: '#/components/schemas/Security_Endpoint_Management_API_CaseIds' + comment: + $ref: '#/components/schemas/Security_Endpoint_Management_API_Comment' + endpoint_ids: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_EndpointIds + parameters: + $ref: '#/components/schemas/Security_Endpoint_Management_API_Parameters' + required: + - endpoint_ids + - type: object + properties: + parameters: + type: object + properties: + path: + type: string + required: + - path + required: + - parameters + Security_Endpoint_Management_API_StartDate: + description: Start date + type: string + Security_Endpoint_Management_API_SuccessResponse: + type: object + properties: {} + Security_Endpoint_Management_API_SuspendProcessRouteRequestBody: + allOf: + - type: object + properties: + agent_type: + $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentTypes' + alert_ids: + $ref: '#/components/schemas/Security_Endpoint_Management_API_AlertIds' + case_ids: + $ref: '#/components/schemas/Security_Endpoint_Management_API_CaseIds' + comment: + $ref: '#/components/schemas/Security_Endpoint_Management_API_Comment' + endpoint_ids: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_EndpointIds + parameters: + $ref: '#/components/schemas/Security_Endpoint_Management_API_Parameters' + required: + - endpoint_ids + - type: object + properties: + parameters: + oneOf: + - $ref: '#/components/schemas/Security_Endpoint_Management_API_Pid' + - $ref: >- + #/components/schemas/Security_Endpoint_Management_API_EntityId + required: + - parameters + Security_Endpoint_Management_API_Timeout: + description: The maximum timeout value in milliseconds (optional) + minimum: 1 + type: integer + Security_Endpoint_Management_API_Type: + description: Type of response action + enum: + - automated + - manual + type: string + Security_Endpoint_Management_API_Types: + description: List of types of response actions + items: + $ref: '#/components/schemas/Security_Endpoint_Management_API_Type' + maxLength: 2 + minLength: 1 + type: array + Security_Endpoint_Management_API_UnisolateRouteRequestBody: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_NoParametersRequestSchema + Security_Endpoint_Management_API_UploadRouteRequestBody: + allOf: + - type: object + properties: + agent_type: + $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentTypes' + alert_ids: + $ref: '#/components/schemas/Security_Endpoint_Management_API_AlertIds' + case_ids: + $ref: '#/components/schemas/Security_Endpoint_Management_API_CaseIds' + comment: + $ref: '#/components/schemas/Security_Endpoint_Management_API_Comment' + endpoint_ids: + $ref: >- + #/components/schemas/Security_Endpoint_Management_API_EndpointIds + parameters: + $ref: '#/components/schemas/Security_Endpoint_Management_API_Parameters' + required: + - endpoint_ids + - type: object + properties: + file: + format: binary + type: string + parameters: + type: object + properties: + overwrite: + default: false + type: boolean + required: + - parameters + - file + Security_Endpoint_Management_API_UserIds: + description: User IDs + oneOf: + - items: + minLength: 1 type: string + minItems: 1 type: array - id: - type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: - type: boolean - key: - type: string - name: + - minLength: 1 type: string - partition: - type: string - password: + Security_Endpoint_Management_API_WithOutputs: + description: Shows detailed outputs for an action response + oneOf: + - items: + minLength: 1 + type: string + minItems: 1 + type: array + - minLength: 1 type: string - proxy_id: + Security_Entity_Analytics_API_AssetCriticalityBulkUploadErrorItem: + type: object + properties: + index: + type: integer + message: type: string - random: - type: object - properties: - group_events: - type: number - required_acks: - type: number - round_robin: - type: object + required: + - message + - index + Security_Entity_Analytics_API_AssetCriticalityBulkUploadStats: + type: object + properties: + failed: + type: integer + successful: + type: integer + total: + type: integer + required: + - successful + - failed + - total + Security_Entity_Analytics_API_AssetCriticalityLevel: + description: The criticality level of the asset. + enum: + - low_impact + - medium_impact + - high_impact + - extreme_impact + type: string + Security_Entity_Analytics_API_AssetCriticalityRecord: + allOf: + - $ref: >- + #/components/schemas/Security_Entity_Analytics_API_CreateAssetCriticalityRecord + - $ref: >- + #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityRecordEcsParts + - type: object properties: - group_events: - type: number - sasl: + '@timestamp': + description: The time the record was created or updated. + example: '2017-07-21T17:32:28Z' + format: date-time + type: string + required: + - '@timestamp' + Security_Entity_Analytics_API_AssetCriticalityRecordEcsParts: + type: object + properties: + asset: type: object properties: - mechanism: - type: string - shipper: + criticality: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityLevel + required: + - asset + host: type: object properties: - compression_level: - type: number - disk_queue_compression_enabled: - type: boolean - disk_queue_enabled: - type: boolean - disk_queue_encryption_enabled: - type: boolean - disk_queue_max_size: - type: number - disk_queue_path: + asset: + type: object + properties: + criticality: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityLevel + required: + - criticality + name: type: string - loadbalance: - type: boolean - ssl: + required: + - name + user: type: object properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - none - - full - - certificate - - strict + asset: + type: object + properties: + criticality: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityLevel + required: + - criticality + name: type: string - timeout: - type: number - topic: + required: + - name + required: + - asset + Security_Entity_Analytics_API_AssetCriticalityRecordIdParts: + type: object + properties: + id_field: + $ref: '#/components/schemas/Security_Entity_Analytics_API_IdField' + description: The field representing the ID. + example: host.name + id_value: + description: The ID value of the asset. type: string - topics: - deprecated: true - description: Use topic instead. + required: + - id_value + - id_field + Security_Entity_Analytics_API_CleanUpRiskEngineErrorResponse: + type: object + properties: + cleanup_successful: + example: false + type: boolean + errors: items: type: object properties: - topic: + error: type: string - when: - deprecated: true - description: >- - Deprecated, kafka output do not support conditionnal topics - anymore. - type: object - properties: - condition: - type: string - type: - type: string + seq: + type: integer + required: + - seq + - error type: array - type: - enum: - - kafka - type: string - username: - type: string - version: - type: string required: - - name - Fleet_output_update_request_logstash: - title: logstash + - cleanup_successful + - errors + Security_Entity_Analytics_API_CreateAssetCriticalityRecord: + allOf: + - $ref: >- + #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityRecordIdParts + - type: object + properties: + criticality_level: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityLevel + required: + - criticality_level + Security_Entity_Analytics_API_EngineDescriptor: type: object properties: - ca_sha256: + filter: type: string - ca_trusted_fingerprint: + indexPattern: + $ref: '#/components/schemas/Security_Entity_Analytics_API_IndexPattern' + status: + $ref: '#/components/schemas/Security_Entity_Analytics_API_EngineStatus' + type: + $ref: '#/components/schemas/Security_Entity_Analytics_API_EntityType' + Security_Entity_Analytics_API_EngineStatus: + enum: + - installing + - started + - stopped + type: string + Security_Entity_Analytics_API_Entity: + oneOf: + - $ref: '#/components/schemas/Security_Entity_Analytics_API_UserEntity' + - $ref: '#/components/schemas/Security_Entity_Analytics_API_HostEntity' + Security_Entity_Analytics_API_EntityRiskLevels: + enum: + - Unknown + - Low + - Moderate + - High + - Critical + type: string + Security_Entity_Analytics_API_EntityRiskScoreRecord: + type: object + properties: + '@timestamp': + description: The time at which the risk score was calculated. + example: '2017-07-21T17:32:28Z' + format: date-time type: string - config: - type: object - config_yaml: + calculated_level: + $ref: '#/components/schemas/Security_Entity_Analytics_API_EntityRiskLevels' + description: Lexical description of the entity's risk. + example: Critical + calculated_score: + description: The raw numeric value of the given entity's risk score. + format: double + type: number + calculated_score_norm: + description: >- + The normalized numeric value of the given entity's risk score. + Useful for comparing with other entities. + format: double + maximum: 100 + minimum: 0 + type: number + category_1_count: + description: >- + The number of risk input documents that contributed to the Category + 1 score (`category_1_score`). + format: integer + type: number + category_1_score: + description: >- + The contribution of Category 1 to the overall risk score + (`calculated_score`). Category 1 contains Detection Engine Alerts. + format: double + type: number + category_2_count: + format: integer + type: number + category_2_score: + format: double + type: number + criticality_level: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityLevel + criticality_modifier: + format: double + type: number + id_field: + description: >- + The identifier field defining this risk score. Coupled with + `id_value`, uniquely identifies the entity being scored. + example: host.name type: string - hosts: + id_value: + description: >- + The identifier value defining this risk score. Coupled with + `id_field`, uniquely identifies the entity being scored. + example: example.host + type: string + inputs: + description: >- + A list of the highest-risk documents contributing to this risk + score. Useful for investigative purposes. + items: + $ref: '#/components/schemas/Security_Entity_Analytics_API_RiskScoreInput' + type: array + notes: items: type: string type: array - id: - type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: - type: boolean - name: - type: string - proxy_id: - type: string - shipper: + required: + - '@timestamp' + - id_field + - id_value + - calculated_level + - calculated_score + - calculated_score_norm + - category_1_score + - category_1_count + - inputs + - notes + Security_Entity_Analytics_API_EntityType: + enum: + - user + - host + type: string + Security_Entity_Analytics_API_HostEntity: + type: object + properties: + asset: type: object properties: - compression_level: - type: number - disk_queue_compression_enabled: - type: boolean - disk_queue_enabled: - type: boolean - disk_queue_encryption_enabled: - type: boolean - disk_queue_max_size: - type: number - disk_queue_path: - type: string - loadbalance: - type: boolean - ssl: + criticality: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityLevel + required: + - criticality + entity: type: object properties: - certificate: + definitionId: + type: string + definitionVersion: + type: string + displayName: + type: string + firstSeenTimestamp: + format: date-time + type: string + id: type: string - certificate_authorities: + identityFields: items: type: string type: array - key: + lastSeenTimestamp: + format: date-time type: string - type: - enum: - - logstash - type: string - required: - - name - Fleet_package_info: - title: Package information - type: object - properties: - assets: - items: - type: string - type: array - categories: - items: - type: string - type: array - conditions: + schemaVersion: + type: string + source: + type: string + type: + enum: + - node + type: string + required: + - lastSeenTimestamp + - schemaVersion + - definitionVersion + - displayName + - identityFields + - id + - type + - firstSeenTimestamp + - definitionId + host: type: object properties: - elasticsearch: - type: object - properties: - subscription: - enum: - - basic - - gold - - platinum - - enterprise - type: string - kibana: - type: object - properties: - versions: - type: string - data_streams: - items: - type: object - properties: - ingeset_pipeline: + architecture: + items: type: string - name: + type: array + domain: + items: type: string - package: + type: array + hostname: + items: type: string - release: + type: array + id: + items: type: string - title: + type: array + ip: + items: type: string - type: + type: array + mac: + items: type: string - vars: - items: - type: object - properties: - default: - type: string - name: - type: string - required: - - name - - default - type: array - required: - - title - - name - - release - - ingeset_pipeline - - type - - package - type: array - description: - type: string - download: - type: string - elasticsearch: - type: object - properties: - privileges: - type: object - properties: - cluster: - items: - type: string - type: array - format_version: - type: string - icons: + type: array + name: + type: string + risk: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_EntityRiskScoreRecord + type: + items: + type: string + type: array + required: + - name + Security_Entity_Analytics_API_IdField: + enum: + - host.name + - user.name + type: string + Security_Entity_Analytics_API_IndexPattern: + type: string + Security_Entity_Analytics_API_InspectQuery: + type: object + properties: + dsl: items: type: string type: array - internal: - type: boolean - name: - type: string - path: - type: string - readme: - type: string - release: - deprecated: true - description: >- - release label is deprecated, derive from the version instead - (packages follow semver) - enum: - - experimental - - beta - - ga - type: string - screenshots: + response: items: - type: object - properties: - path: - type: string - size: - type: string - src: - type: string - title: - type: string - type: - type: string - required: - - src - - path + type: string type: array - source: - type: object - properties: - license: - enum: - - Apache-2.0 - - Elastic-2.0 - type: string - title: - type: string - type: + required: + - dsl + - response + Security_Entity_Analytics_API_RiskEngineScheduleNowErrorResponse: + type: object + properties: + full_error: type: string - version: + message: type: string required: - - name - - title - - version - - description - - type - - categories - - conditions - - assets - - format_version - - download - - path - Fleet_package_policy: - allOf: - - type: object - properties: - id: - type: string - inputs: - oneOf: - - items: {} - type: array - - type: object - revision: - type: number - required: - - id - - revision - - $ref: '#/components/schemas/Fleet_new_package_policy' - title: Package policy - Fleet_package_policy_request: - title: Package Policy Request + - message + - full_error + Security_Entity_Analytics_API_RiskEngineScheduleNowResponse: + type: object + properties: + success: + type: boolean + Security_Entity_Analytics_API_RiskScoreInput: + description: A generic representation of a document contributing to a Risk Score. type: object properties: + category: + description: The risk category of the risk input document. + example: category_1 + type: string + contribution_score: + format: double + type: number description: - description: Package policy description - example: my description + description: A human-readable description of the risk input document. + example: 'Generated from Detection Engine Rule: Malware Prevention Alert' type: string - force: - description: >- - Force package policy creation even if package is not verified, or if - the agent policy is managed. - type: boolean id: - description: Package policy unique identifier + description: The unique identifier (`_id`) of the original source document + example: 91a93376a507e86cfbf282166275b89f9dbdb1f0be6c8103c6ff2909ca8e1a1c type: string - inputs: - additionalProperties: - type: object - properties: - enabled: - description: enable or disable that input, (default to true) - type: boolean - streams: - additionalProperties: - type: object - properties: - enabled: - description: enable or disable that stream, (default to true) - type: boolean - vars: - description: >- - Stream level variable (see integration documentation for - more information) - type: object - description: >- - Input streams (see integration documentation to know what - streams are available) - type: object - vars: - description: >- - Input level variable (see integration documentation for more - information) - type: object - description: >- - Package policy inputs (see integration documentation to know what - inputs are available) - example: - nginx-logfile: - enabled: true - streams: - nginx.access: - enabled: true - vars: - ignore_older: 72h - paths: - - /var/log/nginx/access.log* - preserve_original_event: false - tags: - - nginx-access - type: object - name: - description: Package policy name (should be unique) - example: nginx-123 + index: + description: The unique index (`_index`) of the original source document + example: .internal.alerts-security.alerts-default-000001 type: string - namespace: - description: >- - The package policy namespace. Leave blank to inherit the agent - policy's namespace. - example: customnamespace + risk_score: + description: The weighted risk score of the risk input document. + format: double + maximum: 100 + minimum: 0 + type: number + timestamp: + description: The @timestamp of the risk input document. + example: '2017-07-21T17:32:28Z' type: string - output_id: - description: Output ID to send package data to - example: output-id - nullable: true + required: + - id + - index + - description + - category + Security_Entity_Analytics_API_TaskManagerUnavailableResponse: + description: Task manager is unavailable + type: object + properties: + message: type: string - overrides: - description: >- - Override settings that are defined in the package policy. The - override option should be used only in unusual circumstances and not - as a routine procedure. - nullable: true + status_code: + minimum: 400 + type: integer + required: + - status_code + - message + Security_Entity_Analytics_API_UserEntity: + type: object + properties: + asset: type: object properties: - inputs: - type: object - package: + criticality: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityLevel + required: + - criticality + entity: type: object properties: - name: - description: Package name - example: nginx + definitionId: type: string - version: - description: Package version - example: 1.6.0 + definitionVersion: + type: string + displayName: + type: string + firstSeenTimestamp: + format: date-time + type: string + id: + type: string + identityFields: + items: + type: string + type: array + lastSeenTimestamp: + format: date-time + type: string + schemaVersion: + type: string + source: + type: string + type: + enum: + - node type: string required: - - name - - version - policy_id: - deprecated: true - description: Agent policy ID where that package policy will be added - example: agent-policy-id - nullable: true - type: string - policy_ids: - description: Agent policy IDs where that package policy will be added - example: - - agent-policy-id - items: - type: string - type: array - vars: - description: >- - Package root level variable (see integration documentation for more - information) + - lastSeenTimestamp + - schemaVersion + - definitionVersion + - displayName + - identityFields + - id + - type + - firstSeenTimestamp + - definitionId + - source + user: type: object + properties: + domain: + items: + type: string + type: array + email: + items: + type: string + type: array + full_name: + items: + type: string + type: array + hash: + items: + type: string + type: array + id: + items: + type: string + type: array + name: + type: string + risk: + $ref: >- + #/components/schemas/Security_Entity_Analytics_API_EntityRiskScoreRecord + roles: + items: + type: string + type: array + required: + - name + Security_Exceptions_API_CreateExceptionListItemComment: + type: object + properties: + comment: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' required: - - name - - package - Fleet_package_usage_stats: - title: Package usage stats + - comment + Security_Exceptions_API_CreateExceptionListItemCommentArray: + items: + $ref: >- + #/components/schemas/Security_Exceptions_API_CreateExceptionListItemComment + type: array + Security_Exceptions_API_CreateRuleExceptionListItemComment: type: object properties: - agent_policy_count: - type: integer + comment: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' required: - - agent_policy_count - Fleet_proxies: - title: Fleet Proxy + - comment + Security_Exceptions_API_CreateRuleExceptionListItemCommentArray: + items: + $ref: >- + #/components/schemas/Security_Exceptions_API_CreateRuleExceptionListItemComment + type: array + Security_Exceptions_API_CreateRuleExceptionListItemProps: type: object properties: - certificate: - type: string - certificate_authorities: - type: string - certificate_key: - type: string - id: + comments: + $ref: >- + #/components/schemas/Security_Exceptions_API_CreateRuleExceptionListItemCommentArray + default: [] + description: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryArray + expire_time: + format: date-time type: string + item_id: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemHumanId + meta: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemMeta' name: - type: string - proxy_headers: - type: object - url: - type: string + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemName' + namespace_type: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionNamespaceType' + default: single + os_types: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemOsTypeArray + default: [] + tags: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemTags' + default: [] + type: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemType' required: + - type - name - - url - Fleet_saved_object_type: - oneOf: - - enum: - - dashboard - - visualization - - search - - index_pattern - - map - - lens - - security_rule - - csp_rule_template - - ml_module - - tag - - osquery_pack_asset - - osquery_saved_query - type: string - - enum: - - index - - component_template - - ingest_pipeline - - index_template - - ilm_policy - - transform - - data_stream_ilm_policy - - ml_model - type: string - title: Saved Object type - Fleet_search_result: - title: Search result + - description + - entries + Security_Exceptions_API_ExceptionList: type: object properties: - description: + _version: type: string - download: + created_at: + format: date-time type: string - icons: + created_by: type: string - installationInfo: - $ref: '#/components/schemas/Fleet_installation_info' + description: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListDescription + id: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListId' + immutable: + type: boolean + list_id: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListHumanId' + meta: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListMeta' name: - type: string - path: - type: string - savedObject: - deprecated: true - type: object - status: - type: string - title: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListName' + namespace_type: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionNamespaceType' + os_types: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListOsTypeArray + tags: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListTags' + tie_breaker_id: type: string type: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListType' + updated_at: + format: date-time type: string - version: + updated_by: type: string + version: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListVersion' required: - - description - - download - - icons - - name - - path - - title + - id + - list_id - type + - name + - description + - immutable + - namespace_type - version - - status - Fleet_settings: - title: Settings + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Exceptions_API_ExceptionListDescription: + type: string + Security_Exceptions_API_ExceptionListHumanId: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' + description: Human readable string identifier, e.g. `trusted-linux-processes` + Security_Exceptions_API_ExceptionListId: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' + Security_Exceptions_API_ExceptionListItem: type: object properties: - fleet_server_hosts: - deprecated: true - items: - type: string - type: array - has_seen_add_data_notice: - type: boolean + _version: + type: string + comments: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemCommentArray + created_at: + format: date-time + type: string + created_by: + type: string + description: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryArray + expire_time: + format: date-time + type: string id: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemId' + item_id: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemHumanId + list_id: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListHumanId' + meta: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemMeta' + name: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemName' + namespace_type: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionNamespaceType' + os_types: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemOsTypeArray + tags: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemTags' + tie_breaker_id: + type: string + type: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemType' + updated_at: + format: date-time + type: string + updated_by: type: string - prerelease_integrations_enabled: - type: boolean required: - - fleet_server_hosts - id - Fleet_upgrade_agent: - title: Upgrade agent + - item_id + - list_id + - type + - name + - description + - entries + - namespace_type + - comments + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Exceptions_API_ExceptionListItemComment: type: object properties: - force: - description: Force upgrade, skipping validation (should be used with caution) - type: boolean - skipRateLimitCheck: - description: Skip rate limit check for upgrade - type: boolean - source_uri: + comment: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' + created_at: + format: date-time type: string - version: + created_by: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' + id: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' + updated_at: + format: date-time type: string + updated_by: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' required: - - version - Fleet_upgrade_agent_diff: + - id + - comment + - created_at + - created_by + Security_Exceptions_API_ExceptionListItemCommentArray: items: - items: - $ref: '#/components/schemas/Fleet_full_agent_policy_input' - type: array - title: Package policy Upgrade dryrun + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemComment' type: array - Fleet_upgrade_diff: + Security_Exceptions_API_ExceptionListItemDescription: + type: string + Security_Exceptions_API_ExceptionListItemEntry: + anyOf: + - $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryMatch + - $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryMatchAny + - $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryList + - $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryExists + - $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryNested + - $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryMatchWildcard + discriminator: + propertyName: type + Security_Exceptions_API_ExceptionListItemEntryArray: items: - allOf: - - $ref: '#/components/schemas/Fleet_package_policy' - - allOf: - - $ref: '#/components/schemas/Fleet_new_package_policy' - - type: object - properties: - errors: - items: - type: object - properties: - key: - type: string - message: - type: string - type: array - missingVars: - items: - type: string - type: array - type: object - title: Package policy Upgrade dryrun + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemEntry' type: array - Kibana_HTTP_APIs_core_status_redactedResponse: - additionalProperties: false - description: A minimal representation of Kibana's operational status. + Security_Exceptions_API_ExceptionListItemEntryExists: type: object properties: - status: - additionalProperties: false - type: object - properties: - overall: - additionalProperties: false - type: object - properties: - level: - description: Service status levels as human and machine readable values. - enum: - - available - - degraded - - unavailable - - critical - type: string - required: - - level - required: - - overall + field: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' + operator: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - exists + type: string required: - - status - Kibana_HTTP_APIs_core_status_response: - additionalProperties: false - description: >- - Kibana's operational status as well as a detailed breakdown of plugin - statuses indication of various loads (like event loop utilization and - network traffic) at time of request. + - type + - field + - operator + Security_Exceptions_API_ExceptionListItemEntryList: type: object properties: - metrics: - additionalProperties: false - description: Metric groups collected by Kibana. - type: object - properties: - collection_interval_in_millis: - description: The interval at which metrics should be collected. - type: number - elasticsearch_client: - additionalProperties: false - description: Current network metrics of Kibana's Elasticsearch client. - type: object - properties: - totalActiveSockets: - description: Count of network sockets currently in use. - type: number - totalIdleSockets: - description: Count of network sockets currently idle. - type: number - totalQueuedRequests: - description: Count of requests not yet assigned to sockets. - type: number - required: - - totalActiveSockets - - totalIdleSockets - - totalQueuedRequests - last_updated: - description: The time metrics were collected. - type: string - required: - - elasticsearch_client - - last_updated - - collection_interval_in_millis - name: - description: Kibana instance name. - type: string - status: - additionalProperties: false + field: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' + list: type: object properties: - core: - additionalProperties: false - description: Statuses of core Kibana services. - type: object - properties: - elasticsearch: - additionalProperties: false - type: object - properties: - detail: - description: Human readable detail of the service status. - type: string - documentationUrl: - description: A URL to further documentation regarding this service. - type: string - level: - description: >- - Service status levels as human and machine readable - values. - enum: - - available - - degraded - - unavailable - - critical - type: string - meta: - additionalProperties: {} - description: >- - An unstructured set of extra metadata about this - service. - type: object - summary: - description: A human readable summary of the service status. - type: string - required: - - level - - summary - - meta - savedObjects: - additionalProperties: false - type: object - properties: - detail: - description: Human readable detail of the service status. - type: string - documentationUrl: - description: A URL to further documentation regarding this service. - type: string - level: - description: >- - Service status levels as human and machine readable - values. - enum: - - available - - degraded - - unavailable - - critical - type: string - meta: - additionalProperties: {} - description: >- - An unstructured set of extra metadata about this - service. - type: object - summary: - description: A human readable summary of the service status. - type: string - required: - - level - - summary - - meta - required: - - elasticsearch - - savedObjects - overall: - additionalProperties: false - type: object - properties: - detail: - description: Human readable detail of the service status. - type: string - documentationUrl: - description: A URL to further documentation regarding this service. - type: string - level: - description: Service status levels as human and machine readable values. - enum: - - available - - degraded - - unavailable - - critical - type: string - meta: - additionalProperties: {} - description: An unstructured set of extra metadata about this service. - type: object - summary: - description: A human readable summary of the service status. - type: string - required: - - level - - summary - - meta - plugins: - additionalProperties: - additionalProperties: false - type: object - properties: - detail: - description: Human readable detail of the service status. - type: string - documentationUrl: - description: A URL to further documentation regarding this service. - type: string - level: - description: >- - Service status levels as human and machine readable - values. - enum: - - available - - degraded - - unavailable - - critical - type: string - meta: - additionalProperties: {} - description: An unstructured set of extra metadata about this service. - type: object - summary: - description: A human readable summary of the service status. - type: string - required: - - level - - summary - - meta - description: A dynamic mapping of plugin ID to plugin status. - type: object + id: + $ref: '#/components/schemas/Security_Exceptions_API_ListId' + type: + $ref: '#/components/schemas/Security_Exceptions_API_ListType' required: - - overall - - core - - plugins - uuid: - description: >- - Unique, generated Kibana instance UUID. This UUID should persist - even if the Kibana process restarts. + - id + - type + operator: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - list type: string - version: - additionalProperties: false + required: + - type + - field + - list + - operator + Security_Exceptions_API_ExceptionListItemEntryMatch: + type: object + properties: + field: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' + operator: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - match + type: string + value: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' + required: + - type + - field + - value + - operator + Security_Exceptions_API_ExceptionListItemEntryMatchAny: + type: object + properties: + field: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' + operator: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - match_any + type: string + value: + items: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' + minItems: 1 + type: array + required: + - type + - field + - value + - operator + Security_Exceptions_API_ExceptionListItemEntryMatchWildcard: + type: object + properties: + field: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' + operator: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - wildcard + type: string + value: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' + required: + - type + - field + - value + - operator + Security_Exceptions_API_ExceptionListItemEntryNested: + type: object + properties: + entries: + items: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryNestedEntryItem + minItems: 1 + type: array + field: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' + type: + enum: + - nested + type: string + required: + - type + - field + - entries + Security_Exceptions_API_ExceptionListItemEntryNestedEntryItem: + oneOf: + - $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryMatch + - $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryMatchAny + - $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryExists + Security_Exceptions_API_ExceptionListItemEntryOperator: + enum: + - excluded + - included + type: string + Security_Exceptions_API_ExceptionListItemHumanId: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' + Security_Exceptions_API_ExceptionListItemId: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' + Security_Exceptions_API_ExceptionListItemMeta: + additionalProperties: true + type: object + Security_Exceptions_API_ExceptionListItemName: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' + Security_Exceptions_API_ExceptionListItemOsTypeArray: + items: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListOsType' + type: array + Security_Exceptions_API_ExceptionListItemTags: + items: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' + type: array + Security_Exceptions_API_ExceptionListItemType: + enum: + - simple + type: string + Security_Exceptions_API_ExceptionListMeta: + additionalProperties: true + type: object + Security_Exceptions_API_ExceptionListName: + type: string + Security_Exceptions_API_ExceptionListOsType: + enum: + - linux + - macos + - windows + type: string + Security_Exceptions_API_ExceptionListOsTypeArray: + items: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListOsType' + type: array + Security_Exceptions_API_ExceptionListsImportBulkError: + type: object + properties: + error: type: object properties: - build_date: - description: The date and time of this build. - type: string - build_flavor: - description: >- - The build flavour determines configuration and behavior of - Kibana. On premise users will almost always run the - "traditional" flavour, while other flavours are reserved for - Elastic-specific use cases. - enum: - - serverless - - traditional - type: string - build_hash: - description: >- - A unique hash value representing the git commit of this Kibana - build. - type: string - build_number: - description: >- - A monotonically increasing number, each subsequent build will - have a higher number. - type: number - build_snapshot: - description: Whether this build is a snapshot build. - type: boolean - number: - description: A semantic version number. + message: type: string + status_code: + type: integer required: - - number - - build_hash - - build_number - - build_snapshot - - build_flavor - - build_date + - status_code + - message + id: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListId' + item_id: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListItemHumanId + list_id: + $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListHumanId' + required: + - error + Security_Exceptions_API_ExceptionListsImportBulkErrorArray: + items: + $ref: >- + #/components/schemas/Security_Exceptions_API_ExceptionListsImportBulkError + type: array + Security_Exceptions_API_ExceptionListTags: + items: + type: string + type: array + Security_Exceptions_API_ExceptionListType: + enum: + - detection + - rule_default + - endpoint + - endpoint_trusted_apps + - endpoint_events + - endpoint_host_isolation_exceptions + - endpoint_blocklists + type: string + Security_Exceptions_API_ExceptionListVersion: + minimum: 1 + type: integer + Security_Exceptions_API_ExceptionNamespaceType: + description: > + Determines whether the exception container is available in all Kibana + spaces or just the space + + in which it is created, where: + + + - `single`: Only available in the Kibana space in which it is created. + + - `agnostic`: Available in all Kibana spaces. + enum: + - agnostic + - single + type: string + Security_Exceptions_API_FindExceptionListItemsFilter: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' + Security_Exceptions_API_FindExceptionListsFilter: + type: string + Security_Exceptions_API_ListId: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' + Security_Exceptions_API_ListType: + enum: + - binary + - boolean + - byte + - date + - date_nanos + - date_range + - double + - double_range + - float + - float_range + - geo_point + - geo_shape + - half_float + - integer + - integer_range + - ip + - ip_range + - keyword + - long + - long_range + - shape + - short + - text + type: string + Security_Exceptions_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_Exceptions_API_PlatformErrorResponse: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: integer + required: + - statusCode + - error + - message + Security_Exceptions_API_RuleId: + $ref: '#/components/schemas/Security_Exceptions_API_UUID' + Security_Exceptions_API_SiemErrorResponse: + type: object + properties: + message: + type: string + status_code: + type: integer + required: + - status_code + - message + Security_Exceptions_API_UpdateExceptionListItemComment: + type: object + properties: + comment: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' + id: + $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' + required: + - comment + Security_Exceptions_API_UpdateExceptionListItemCommentArray: + items: + $ref: >- + #/components/schemas/Security_Exceptions_API_UpdateExceptionListItemComment + type: array + Security_Exceptions_API_UUID: + description: A universally unique identifier + format: uuid + type: string + Security_Lists_API_FindListItemsCursor: + $ref: '#/components/schemas/Security_Lists_API_NonEmptyString' + Security_Lists_API_FindListItemsFilter: + type: string + Security_Lists_API_FindListsCursor: + $ref: '#/components/schemas/Security_Lists_API_NonEmptyString' + Security_Lists_API_FindListsFilter: + type: string + Security_Lists_API_List: + type: object + properties: + _version: + type: string + '@timestamp': + format: date-time + type: string + created_at: + format: date-time + type: string + created_by: + type: string + description: + $ref: '#/components/schemas/Security_Lists_API_ListDescription' + deserializer: + type: string + id: + $ref: '#/components/schemas/Security_Lists_API_ListId' + immutable: + type: boolean + meta: + $ref: '#/components/schemas/Security_Lists_API_ListMetadata' + name: + $ref: '#/components/schemas/Security_Lists_API_ListName' + serializer: + type: string + tie_breaker_id: + type: string + type: + $ref: '#/components/schemas/Security_Lists_API_ListType' + updated_at: + format: date-time + type: string + updated_by: + type: string + version: + minimum: 1 + type: integer required: + - id + - type - name - - uuid + - description + - immutable - version - - status - - metrics - Machine_learning_APIs_mlSync200Response: + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Lists_API_ListDescription: + $ref: '#/components/schemas/Security_Lists_API_NonEmptyString' + Security_Lists_API_ListId: + $ref: '#/components/schemas/Security_Lists_API_NonEmptyString' + Security_Lists_API_ListItem: + type: object properties: - datafeedsAdded: + _version: + type: string + '@timestamp': + format: date-time + type: string + created_at: + format: date-time + type: string + created_by: + type: string + deserializer: + type: string + id: + $ref: '#/components/schemas/Security_Lists_API_ListItemId' + list_id: + $ref: '#/components/schemas/Security_Lists_API_ListId' + meta: + $ref: '#/components/schemas/Security_Lists_API_ListItemMetadata' + serializer: + type: string + tie_breaker_id: + type: string + type: + $ref: '#/components/schemas/Security_Lists_API_ListType' + updated_at: + format: date-time + type: string + updated_by: + type: string + value: + $ref: '#/components/schemas/Security_Lists_API_ListItemValue' + required: + - id + - type + - list_id + - value + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Lists_API_ListItemId: + $ref: '#/components/schemas/Security_Lists_API_NonEmptyString' + Security_Lists_API_ListItemMetadata: + additionalProperties: true + type: object + Security_Lists_API_ListItemPrivileges: + type: object + properties: + application: + additionalProperties: + type: boolean + type: object + cluster: + additionalProperties: + type: boolean + type: object + has_all_requested: + type: boolean + index: + additionalProperties: + additionalProperties: + type: boolean + type: object + type: object + username: + type: string + required: + - username + - has_all_requested + - cluster + - index + - application + Security_Lists_API_ListItemValue: + $ref: '#/components/schemas/Security_Lists_API_NonEmptyString' + Security_Lists_API_ListMetadata: + additionalProperties: true + type: object + Security_Lists_API_ListName: + $ref: '#/components/schemas/Security_Lists_API_NonEmptyString' + Security_Lists_API_ListPrivileges: + type: object + properties: + application: + additionalProperties: + type: boolean + type: object + cluster: additionalProperties: - $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseDatafeeds' - description: >- - If a saved object for an anomaly detection job is missing a datafeed - identifier, it is added when you run the sync machine learning saved - objects API. + type: boolean type: object - datafeedsRemoved: + has_all_requested: + type: boolean + index: additionalProperties: - $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseDatafeeds' - description: >- - If a saved object for an anomaly detection job references a datafeed - that no longer exists, it is deleted when you run the sync machine - learning saved objects API. + additionalProperties: + type: boolean + type: object type: object - savedObjectsCreated: - $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseSavedObjectsCreated - savedObjectsDeleted: - $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseSavedObjectsDeleted - title: Successful sync API response + username: + type: string + required: + - username + - has_all_requested + - cluster + - index + - application + Security_Lists_API_ListType: + enum: + - binary + - boolean + - byte + - date + - date_nanos + - date_range + - double + - double_range + - float + - float_range + - geo_point + - geo_shape + - half_float + - integer + - integer_range + - ip + - ip_range + - keyword + - long + - long_range + - shape + - short + - text + type: string + Security_Lists_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_Lists_API_PlatformErrorResponse: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: integer + required: + - statusCode + - error + - message + Security_Lists_API_SiemErrorResponse: + type: object + properties: + message: + type: string + status_code: + type: integer + required: + - status_code + - message + Security_Osquery_API_ArrayQueries: + items: + $ref: '#/components/schemas/Security_Osquery_API_ArrayQueriesItem' + type: array + Security_Osquery_API_ArrayQueriesItem: + type: object + properties: + ecs_mapping: + $ref: '#/components/schemas/Security_Osquery_API_ECSMappingOrUndefined' + id: + $ref: '#/components/schemas/Security_Osquery_API_Id' + platform: + $ref: '#/components/schemas/Security_Osquery_API_PlatformOrUndefined' + query: + $ref: '#/components/schemas/Security_Osquery_API_Query' + removed: + $ref: '#/components/schemas/Security_Osquery_API_RemovedOrUndefined' + snapshot: + $ref: '#/components/schemas/Security_Osquery_API_SnapshotOrUndefined' + version: + $ref: '#/components/schemas/Security_Osquery_API_VersionOrUndefined' + Security_Osquery_API_CreateLiveQueryRequestBody: + type: object + properties: + agent_all: + type: boolean + agent_ids: + items: + type: string + type: array + agent_platforms: + items: + type: string + type: array + agent_policy_ids: + items: + type: string + type: array + alert_ids: + items: + type: string + type: array + case_ids: + items: + type: string + type: array + ecs_mapping: + $ref: '#/components/schemas/Security_Osquery_API_ECSMappingOrUndefined' + event_ids: + items: + type: string + type: array + metadata: + nullable: true + type: object + pack_id: + $ref: '#/components/schemas/Security_Osquery_API_PackIdOrUndefined' + queries: + $ref: '#/components/schemas/Security_Osquery_API_ArrayQueries' + query: + $ref: '#/components/schemas/Security_Osquery_API_QueryOrUndefined' + saved_query_id: + $ref: '#/components/schemas/Security_Osquery_API_SavedQueryIdOrUndefined' + Security_Osquery_API_CreatePacksRequestBody: + type: object + properties: + description: + $ref: '#/components/schemas/Security_Osquery_API_DescriptionOrUndefined' + enabled: + $ref: '#/components/schemas/Security_Osquery_API_EnabledOrUndefined' + name: + $ref: '#/components/schemas/Security_Osquery_API_PackName' + policy_ids: + $ref: '#/components/schemas/Security_Osquery_API_PolicyIdsOrUndefined' + queries: + $ref: '#/components/schemas/Security_Osquery_API_ObjectQueries' + shards: + $ref: '#/components/schemas/Security_Osquery_API_Shards' + Security_Osquery_API_CreateSavedQueryRequestBody: + type: object + properties: + description: + $ref: '#/components/schemas/Security_Osquery_API_DescriptionOrUndefined' + ecs_mapping: + $ref: '#/components/schemas/Security_Osquery_API_ECSMappingOrUndefined' + id: + $ref: '#/components/schemas/Security_Osquery_API_SavedQueryId' + interval: + $ref: '#/components/schemas/Security_Osquery_API_Interval' + platform: + $ref: '#/components/schemas/Security_Osquery_API_DescriptionOrUndefined' + query: + $ref: '#/components/schemas/Security_Osquery_API_QueryOrUndefined' + removed: + $ref: '#/components/schemas/Security_Osquery_API_RemovedOrUndefined' + snapshot: + $ref: '#/components/schemas/Security_Osquery_API_SnapshotOrUndefined' + version: + $ref: '#/components/schemas/Security_Osquery_API_VersionOrUndefined' + Security_Osquery_API_DefaultSuccessResponse: + type: object + properties: {} + Security_Osquery_API_Description: + type: string + Security_Osquery_API_DescriptionOrUndefined: + $ref: '#/components/schemas/Security_Osquery_API_Description' + nullable: true + Security_Osquery_API_ECSMapping: + additionalProperties: + $ref: '#/components/schemas/Security_Osquery_API_ECSMappingItem' + type: object + Security_Osquery_API_ECSMappingItem: + type: object + properties: + field: + type: string + value: + oneOf: + - type: string + - items: + type: string + type: array + Security_Osquery_API_ECSMappingOrUndefined: + $ref: '#/components/schemas/Security_Osquery_API_ECSMapping' + nullable: true + Security_Osquery_API_Enabled: + type: boolean + Security_Osquery_API_EnabledOrUndefined: + $ref: '#/components/schemas/Security_Osquery_API_Enabled' + nullable: true + Security_Osquery_API_FindLiveQueryRequestQuery: + type: object + properties: + kuery: + $ref: '#/components/schemas/Security_Osquery_API_KueryOrUndefined' + page: + $ref: '#/components/schemas/Security_Osquery_API_PageOrUndefined' + pageSize: + $ref: '#/components/schemas/Security_Osquery_API_PageSizeOrUndefined' + sort: + $ref: '#/components/schemas/Security_Osquery_API_SortOrUndefined' + sortOrder: + $ref: '#/components/schemas/Security_Osquery_API_SortOrderOrUndefined' + Security_Osquery_API_FindPacksRequestQuery: + type: object + properties: + page: + $ref: '#/components/schemas/Security_Osquery_API_PageOrUndefined' + pageSize: + $ref: '#/components/schemas/Security_Osquery_API_PageSizeOrUndefined' + sort: + $ref: '#/components/schemas/Security_Osquery_API_SortOrUndefined' + sortOrder: + $ref: '#/components/schemas/Security_Osquery_API_SortOrderOrUndefined' + Security_Osquery_API_FindSavedQueryRequestQuery: + type: object + properties: + page: + $ref: '#/components/schemas/Security_Osquery_API_PageOrUndefined' + pageSize: + $ref: '#/components/schemas/Security_Osquery_API_PageSizeOrUndefined' + sort: + $ref: '#/components/schemas/Security_Osquery_API_SortOrUndefined' + sortOrder: + $ref: '#/components/schemas/Security_Osquery_API_SortOrderOrUndefined' + Security_Osquery_API_GetLiveQueryResultsRequestQuery: + type: object + properties: + kuery: + $ref: '#/components/schemas/Security_Osquery_API_KueryOrUndefined' + page: + $ref: '#/components/schemas/Security_Osquery_API_PageOrUndefined' + pageSize: + $ref: '#/components/schemas/Security_Osquery_API_PageSizeOrUndefined' + sort: + $ref: '#/components/schemas/Security_Osquery_API_SortOrUndefined' + sortOrder: + $ref: '#/components/schemas/Security_Osquery_API_SortOrderOrUndefined' + Security_Osquery_API_Id: + type: string + Security_Osquery_API_Interval: + type: string + Security_Osquery_API_IntervalOrUndefined: + $ref: '#/components/schemas/Security_Osquery_API_Interval' + nullable: true + Security_Osquery_API_KueryOrUndefined: + nullable: true + type: string + Security_Osquery_API_ObjectQueries: + additionalProperties: + $ref: '#/components/schemas/Security_Osquery_API_ObjectQueriesItem' + type: object + Security_Osquery_API_ObjectQueriesItem: + type: object + properties: + ecs_mapping: + $ref: '#/components/schemas/Security_Osquery_API_ECSMappingOrUndefined' + id: + $ref: '#/components/schemas/Security_Osquery_API_Id' + platform: + $ref: '#/components/schemas/Security_Osquery_API_PlatformOrUndefined' + query: + $ref: '#/components/schemas/Security_Osquery_API_Query' + removed: + $ref: '#/components/schemas/Security_Osquery_API_RemovedOrUndefined' + saved_query_id: + $ref: '#/components/schemas/Security_Osquery_API_SavedQueryIdOrUndefined' + snapshot: + $ref: '#/components/schemas/Security_Osquery_API_SnapshotOrUndefined' + version: + $ref: '#/components/schemas/Security_Osquery_API_VersionOrUndefined' + Security_Osquery_API_PackId: + type: string + Security_Osquery_API_PackIdOrUndefined: + $ref: '#/components/schemas/Security_Osquery_API_PackId' + nullable: true + Security_Osquery_API_PackName: + type: string + Security_Osquery_API_PageOrUndefined: + nullable: true + type: integer + Security_Osquery_API_PageSizeOrUndefined: + nullable: true + type: integer + Security_Osquery_API_Platform: + type: string + Security_Osquery_API_PlatformOrUndefined: + $ref: '#/components/schemas/Security_Osquery_API_Platform' + nullable: true + Security_Osquery_API_PolicyIds: + items: + type: string + type: array + Security_Osquery_API_PolicyIdsOrUndefined: + $ref: '#/components/schemas/Security_Osquery_API_PolicyIds' + nullable: true + Security_Osquery_API_Query: + type: string + Security_Osquery_API_QueryOrUndefined: + $ref: '#/components/schemas/Security_Osquery_API_Query' + nullable: true + Security_Osquery_API_Removed: + type: boolean + Security_Osquery_API_RemovedOrUndefined: + $ref: '#/components/schemas/Security_Osquery_API_Removed' + nullable: true + Security_Osquery_API_SavedQueryId: + type: string + Security_Osquery_API_SavedQueryIdOrUndefined: + $ref: '#/components/schemas/Security_Osquery_API_SavedQueryId' + nullable: true + Security_Osquery_API_Shards: + additionalProperties: + type: number + type: object + Security_Osquery_API_Snapshot: + type: boolean + Security_Osquery_API_SnapshotOrUndefined: + $ref: '#/components/schemas/Security_Osquery_API_Snapshot' + nullable: true + Security_Osquery_API_SortOrderOrUndefined: + oneOf: + - nullable: true + type: string + - enum: + - asc + - desc + Security_Osquery_API_SortOrUndefined: + nullable: true + type: string + Security_Osquery_API_UpdatePacksRequestBody: + type: object + properties: + description: + $ref: '#/components/schemas/Security_Osquery_API_DescriptionOrUndefined' + enabled: + $ref: '#/components/schemas/Security_Osquery_API_EnabledOrUndefined' + id: + $ref: '#/components/schemas/Security_Osquery_API_PackId' + policy_ids: + $ref: '#/components/schemas/Security_Osquery_API_PolicyIdsOrUndefined' + queries: + $ref: '#/components/schemas/Security_Osquery_API_ObjectQueries' + shards: + $ref: '#/components/schemas/Security_Osquery_API_Shards' + Security_Osquery_API_UpdateSavedQueryRequestBody: + type: object + properties: + description: + $ref: '#/components/schemas/Security_Osquery_API_DescriptionOrUndefined' + ecs_mapping: + $ref: '#/components/schemas/Security_Osquery_API_ECSMappingOrUndefined' + id: + $ref: '#/components/schemas/Security_Osquery_API_SavedQueryId' + interval: + $ref: '#/components/schemas/Security_Osquery_API_IntervalOrUndefined' + platform: + $ref: '#/components/schemas/Security_Osquery_API_DescriptionOrUndefined' + query: + $ref: '#/components/schemas/Security_Osquery_API_QueryOrUndefined' + removed: + $ref: '#/components/schemas/Security_Osquery_API_RemovedOrUndefined' + snapshot: + $ref: '#/components/schemas/Security_Osquery_API_SnapshotOrUndefined' + version: + $ref: '#/components/schemas/Security_Osquery_API_VersionOrUndefined' + Security_Osquery_API_Version: + type: string + Security_Osquery_API_VersionOrUndefined: + $ref: '#/components/schemas/Security_Osquery_API_Version' + nullable: true + Security_Timeline_API_BareNote: + type: object + properties: + created: + nullable: true + type: number + createdBy: + nullable: true + type: string + eventId: + nullable: true + type: string + note: + nullable: true + type: string + timelineId: + type: string + updated: + nullable: true + type: number + updatedBy: + nullable: true + type: string + required: + - timelineId + Security_Timeline_API_BarePinnedEvent: + type: object + properties: + created: + nullable: true + type: number + createdBy: + nullable: true + type: string + eventId: + type: string + timelineId: + type: string + updated: + nullable: true + type: number + updatedBy: + nullable: true + type: string + required: + - eventId + - timelineId + Security_Timeline_API_ColumnHeaderResult: + type: object + properties: + aggregatable: + nullable: true + type: boolean + category: + nullable: true + type: string + columnHeaderType: + nullable: true + type: string + description: + nullable: true + type: string + example: + nullable: true + type: string + id: + nullable: true + type: string + indexes: + items: + type: string + nullable: true + type: array + name: + nullable: true + type: string + placeholder: + nullable: true + type: string + searchable: + nullable: true + type: boolean + type: + nullable: true + type: string + Security_Timeline_API_DataProviderQueryMatch: + type: object + properties: + enabled: + nullable: true + type: boolean + excluded: + nullable: true + type: boolean + id: + nullable: true + type: string + kqlQuery: + nullable: true + type: string + name: + nullable: true + type: string + queryMatch: + $ref: '#/components/schemas/Security_Timeline_API_QueryMatchResult' + nullable: true + type: + $ref: '#/components/schemas/Security_Timeline_API_DataProviderType' + nullable: true + Security_Timeline_API_DataProviderResult: type: object - Machine_learning_APIs_mlSync4xxResponse: properties: - error: - example: Unauthorized + and: + items: + $ref: '#/components/schemas/Security_Timeline_API_DataProviderQueryMatch' + nullable: true + type: array + enabled: + nullable: true + type: boolean + excluded: + nullable: true + type: boolean + id: + nullable: true + type: string + kqlQuery: + nullable: true + type: string + name: + nullable: true type: string + queryMatch: + $ref: '#/components/schemas/Security_Timeline_API_QueryMatchResult' + nullable: true + type: + $ref: '#/components/schemas/Security_Timeline_API_DataProviderType' + nullable: true + Security_Timeline_API_DataProviderType: + description: >- + The type of data provider to create. Valid values are `default` and + `template`. + enum: + - default + - template + type: string + Security_Timeline_API_DocumentIds: + oneOf: + - items: + type: string + type: array + - type: string + Security_Timeline_API_FavoriteTimelineResponse: + type: object + properties: + code: + nullable: true + type: number + favorite: + items: + $ref: '#/components/schemas/Security_Timeline_API_FavoriteTimelineResult' + type: array message: + nullable: true type: string - statusCode: - example: 401 - type: integer - title: Unsuccessful sync API response + savedObjectId: + type: string + templateTimelineId: + nullable: true + type: string + templateTimelineVersion: + nullable: true + type: number + timelineType: + $ref: '#/components/schemas/Security_Timeline_API_TimelineType' + version: + type: string + required: + - savedObjectId + - version + Security_Timeline_API_FavoriteTimelineResult: type: object - Machine_learning_APIs_mlSyncResponseAnomalyDetectors: - description: >- - The sync machine learning saved objects API response contains this - object when there are anomaly detection jobs affected by the - synchronization. There is an object for each relevant job, which - contains the synchronization status. properties: - success: - $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' - title: Sync API response for anomaly detection jobs + favoriteDate: + nullable: true + type: number + fullName: + nullable: true + type: string + userName: + nullable: true + type: string + Security_Timeline_API_FilterTimelineResult: type: object - Machine_learning_APIs_mlSyncResponseDatafeeds: - description: >- - The sync machine learning saved objects API response contains this - object when there are datafeeds affected by the synchronization. There - is an object for each relevant datafeed, which contains the - synchronization status. properties: - success: - $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' - title: Sync API response for datafeeds + exists: + nullable: true + type: string + match_all: + nullable: true + type: string + meta: + nullable: true + type: object + properties: + alias: + nullable: true + type: string + controlledBy: + nullable: true + type: string + disabled: + nullable: true + type: boolean + field: + nullable: true + type: string + formattedValue: + nullable: true + type: string + index: + nullable: true + type: string + key: + nullable: true + type: string + negate: + nullable: true + type: boolean + params: + nullable: true + type: string + type: + nullable: true + type: string + value: + nullable: true + type: string + missing: + nullable: true + type: string + query: + nullable: true + type: string + range: + nullable: true + type: string + script: + nullable: true + type: string + Security_Timeline_API_GetNotesResult: type: object - Machine_learning_APIs_mlSyncResponseDataFrameAnalytics: - description: >- - The sync machine learning saved objects API response contains this - object when there are data frame analytics jobs affected by the - synchronization. There is an object for each relevant job, which - contains the synchronization status. properties: - success: - $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' - title: Sync API response for data frame analytics jobs + notes: + items: + $ref: '#/components/schemas/Security_Timeline_API_Note' + type: array + totalCount: + type: number + required: + - totalCount + - notes + Security_Timeline_API_ImportTimelineResult: type: object - Machine_learning_APIs_mlSyncResponseSavedObjectsCreated: - description: >- - If saved objects are missing for machine learning jobs or trained - models, they are created when you run the sync machine learning saved - objects API. properties: - anomaly-detector: - additionalProperties: - $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseAnomalyDetectors - description: >- - If saved objects are missing for anomaly detection jobs, they are - created. - type: object - data-frame-analytics: - additionalProperties: - $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseDataFrameAnalytics - description: >- - If saved objects are missing for data frame analytics jobs, they are - created. - type: object - trained-model: - additionalProperties: - $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseTrainedModels - description: If saved objects are missing for trained models, they are created. + errors: + items: + type: object + properties: + error: + type: object + properties: + message: + type: string + status_code: + type: number + id: + type: string + type: array + success: + type: boolean + success_count: + type: number + timelines_installed: + type: number + timelines_updated: + type: number + Security_Timeline_API_ImportTimelines: + allOf: + - $ref: '#/components/schemas/Security_Timeline_API_SavedTimeline' + - type: object + properties: + eventNotes: + items: + $ref: '#/components/schemas/Security_Timeline_API_BareNote' + nullable: true + type: array + globalNotes: + items: + $ref: '#/components/schemas/Security_Timeline_API_BareNote' + nullable: true + type: array + pinnedEventIds: + items: + type: string + nullable: true + type: array + savedObjectId: + nullable: true + type: string + version: + nullable: true + type: string + required: + - savedObjectId + - version + - pinnedEventIds + - eventNotes + - globalNotes + Security_Timeline_API_Note: + allOf: + - $ref: '#/components/schemas/Security_Timeline_API_BareNote' + - type: object + properties: + noteId: + type: string + version: + type: string + required: + - noteId + - version + Security_Timeline_API_PersistPinnedEventResponse: + oneOf: + - allOf: + - $ref: '#/components/schemas/Security_Timeline_API_PinnedEvent' + - $ref: >- + #/components/schemas/Security_Timeline_API_PinnedEventBaseResponseBody + - nullable: true type: object - title: Sync API response for created saved objects + Security_Timeline_API_PersistTimelineResponse: type: object - Machine_learning_APIs_mlSyncResponseSavedObjectsDeleted: - description: >- - If saved objects exist for machine learning jobs or trained models that - no longer exist, they are deleted when you run the sync machine learning - saved objects API. properties: - anomaly-detector: - additionalProperties: - $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseAnomalyDetectors - description: >- - If there are saved objects exist for nonexistent anomaly detection - jobs, they are deleted. - type: object - data-frame-analytics: - additionalProperties: - $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseDataFrameAnalytics - description: >- - If there are saved objects exist for nonexistent data frame - analytics jobs, they are deleted. + data: type: object - trained-model: - additionalProperties: - $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseTrainedModels - description: >- - If there are saved objects exist for nonexistent trained models, - they are deleted. - type: object - title: Sync API response for deleted saved objects + properties: + persistTimeline: + type: object + properties: + timeline: + $ref: '#/components/schemas/Security_Timeline_API_TimelineResponse' + required: + - timeline + required: + - persistTimeline + required: + - data + Security_Timeline_API_PinnedEvent: + allOf: + - $ref: '#/components/schemas/Security_Timeline_API_BarePinnedEvent' + - type: object + properties: + pinnedEventId: + type: string + version: + type: string + required: + - pinnedEventId + - version + Security_Timeline_API_PinnedEventBaseResponseBody: type: object - Machine_learning_APIs_mlSyncResponseSuccess: - description: The success or failure of the synchronization. - type: boolean - Machine_learning_APIs_mlSyncResponseTrainedModels: - description: >- - The sync machine learning saved objects API response contains this - object when there are trained models affected by the synchronization. - There is an object for each relevant trained model, which contains the - synchronization status. properties: - success: - $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' - title: Sync API response for trained models + code: + type: number + message: + type: string + required: + - code + Security_Timeline_API_QueryMatchResult: type: object - Saved_objects_400_response: - title: Bad request + properties: + displayField: + nullable: true + type: string + displayValue: + nullable: true + type: string + field: + nullable: true + type: string + operator: + nullable: true + type: string + value: + oneOf: + - nullable: true + type: string + - items: + type: string + nullable: true + type: array + Security_Timeline_API_ResolvedTimeline: type: object properties: - error: - enum: - - Bad Request + alias_purpose: + $ref: >- + #/components/schemas/Security_Timeline_API_SavedObjectResolveAliasPurpose + alias_target_id: type: string + outcome: + $ref: '#/components/schemas/Security_Timeline_API_SavedObjectResolveOutcome' + timeline: + $ref: >- + #/components/schemas/Security_Timeline_API_TimelineSavedToReturnObject + required: + - timeline + - outcome + Security_Timeline_API_ResponseNote: + type: object + properties: + code: + type: number message: type: string - statusCode: - enum: - - 400 - type: integer + note: + $ref: '#/components/schemas/Security_Timeline_API_Note' required: - - error + - code - message - - statusCode - Saved_objects_attributes: - description: > - The data that you want to create. WARNING: When you create saved - objects, attributes are not validated, which allows you to pass - arbitrary and ill-formed data into the API that can break Kibana. Make - sure any data that you send to the API is properly formed. + - note + Security_Timeline_API_RowRendererId: + enum: + - alert + - alerts + - auditd + - auditd_file + - library + - netflow + - plain + - registry + - suricata + - system + - system_dns + - system_endgame_process + - system_file + - system_fim + - system_security_event + - system_socket + - threat_match + - zeek + type: string + Security_Timeline_API_SavedObjectIds: + oneOf: + - items: + type: string + type: array + - type: string + Security_Timeline_API_SavedObjectResolveAliasPurpose: + enum: + - savedObjectConversion + - savedObjectImport + type: string + Security_Timeline_API_SavedObjectResolveOutcome: + enum: + - exactMatch + - aliasMatch + - conflict + type: string + Security_Timeline_API_SavedTimeline: type: object - Saved_objects_initial_namespaces: - description: > - Identifiers for the spaces in which this object is created. If this is - provided, the object is created only in the explicitly defined spaces. - If this is not provided, the object is created in the current space - (default behavior). For shareable object types (registered with - `namespaceType: 'multiple'`), this option can be used to specify one or - more spaces, including the "All spaces" identifier ('*'). For isolated - object types (registered with `namespaceType: 'single'` or - `namespaceType: 'multiple-isolated'`), this option can only be used to - specify a single space, and the "All spaces" identifier ('*') is not - allowed. For global object types (`registered with `namespaceType: - agnostic`), this option cannot be used. - type: array - Saved_objects_references: - description: > - Objects with `name`, `id`, and `type` properties that describe the other - saved objects that this object references. Use `name` in attributes to - refer to the other saved object, but never the `id`, which can update - automatically during migrations or import and export. - type: array + properties: + columns: + items: + $ref: '#/components/schemas/Security_Timeline_API_ColumnHeaderResult' + nullable: true + type: array + created: + nullable: true + type: number + createdBy: + nullable: true + type: string + dataProviders: + items: + $ref: '#/components/schemas/Security_Timeline_API_DataProviderResult' + nullable: true + type: array + dataViewId: + nullable: true + type: string + dateRange: + nullable: true + type: object + properties: + end: + oneOf: + - nullable: true + type: string + - nullable: true + type: number + start: + oneOf: + - nullable: true + type: string + - nullable: true + type: number + description: + nullable: true + type: string + eqlOptions: + nullable: true + type: object + properties: + eventCategoryField: + nullable: true + type: string + query: + nullable: true + type: string + size: + oneOf: + - nullable: true + type: string + - nullable: true + type: number + tiebreakerField: + nullable: true + type: string + timestampField: + nullable: true + type: string + eventType: + nullable: true + type: string + excludedRowRendererIds: + items: + $ref: '#/components/schemas/Security_Timeline_API_RowRendererId' + nullable: true + type: array + favorite: + items: + $ref: '#/components/schemas/Security_Timeline_API_FavoriteTimelineResult' + nullable: true + type: array + filters: + items: + $ref: '#/components/schemas/Security_Timeline_API_FilterTimelineResult' + nullable: true + type: array + indexNames: + items: + type: string + nullable: true + type: array + kqlMode: + nullable: true + type: string + kqlQuery: + $ref: >- + #/components/schemas/Security_Timeline_API_SerializedFilterQueryResult + nullable: true + savedQueryId: + nullable: true + type: string + savedSearchId: + nullable: true + type: string + sort: + $ref: '#/components/schemas/Security_Timeline_API_Sort' + nullable: true + status: + enum: + - active + - draft + - immutable + nullable: true + type: string + templateTimelineId: + nullable: true + type: string + templateTimelineVersion: + nullable: true + type: number + timelineType: + $ref: '#/components/schemas/Security_Timeline_API_TimelineType' + nullable: true + title: + nullable: true + type: string + updated: + nullable: true + type: number + updatedBy: + nullable: true + type: string + Security_Timeline_API_SavedTimelineWithSavedObjectId: + allOf: + - $ref: '#/components/schemas/Security_Timeline_API_SavedTimeline' + - type: object + properties: + savedObjectId: + type: string + version: + type: string + required: + - savedObjectId + - version + Security_Timeline_API_SerializedFilterQueryResult: + type: object + properties: + filterQuery: + nullable: true + type: object + properties: + kuery: + nullable: true + type: object + properties: + expression: + nullable: true + type: string + kind: + nullable: true + type: string + serializedQuery: + nullable: true + type: string + Security_Timeline_API_Sort: + oneOf: + - $ref: '#/components/schemas/Security_Timeline_API_SortObject' + - items: + $ref: '#/components/schemas/Security_Timeline_API_SortObject' + type: array + Security_Timeline_API_SortFieldTimeline: + description: The field to sort the timelines by. + enum: + - title + - description + - updated + - created + type: string + Security_Timeline_API_SortObject: + type: object + properties: + columnId: + nullable: true + type: string + columnType: + nullable: true + type: string + sortDirection: + nullable: true + type: string + Security_Timeline_API_TimelineResponse: + allOf: + - $ref: '#/components/schemas/Security_Timeline_API_SavedTimeline' + - $ref: >- + #/components/schemas/Security_Timeline_API_SavedTimelineWithSavedObjectId + - type: object + properties: + eventIdToNoteIds: + items: + $ref: '#/components/schemas/Security_Timeline_API_Note' + nullable: true + type: array + noteIds: + items: + type: string + nullable: true + type: array + notes: + items: + $ref: '#/components/schemas/Security_Timeline_API_Note' + nullable: true + type: array + pinnedEventIds: + items: + type: string + nullable: true + type: array + pinnedEventsSaveObject: + items: + $ref: '#/components/schemas/Security_Timeline_API_PinnedEvent' + nullable: true + type: array + Security_Timeline_API_TimelineSavedToReturnObject: + allOf: + - $ref: '#/components/schemas/Security_Timeline_API_SavedTimeline' + - type: object + properties: + eventIdToNoteIds: + items: + $ref: '#/components/schemas/Security_Timeline_API_Note' + nullable: true + type: array + noteIds: + items: + type: string + nullable: true + type: array + notes: + items: + $ref: '#/components/schemas/Security_Timeline_API_Note' + nullable: true + type: array + pinnedEventIds: + items: + type: string + nullable: true + type: array + pinnedEventsSaveObject: + items: + $ref: '#/components/schemas/Security_Timeline_API_PinnedEvent' + nullable: true + type: array + savedObjectId: + type: string + version: + type: string + required: + - savedObjectId + - version + Security_Timeline_API_TimelineStatus: + description: >- + The status of the timeline. Valid values are `active`, `draft`, and + `immutable`. + enum: + - active + - draft + - immutable + type: string + Security_Timeline_API_TimelineType: + description: >- + The type of timeline to create. Valid values are `default` and + `template`. + enum: + - default + - template + type: string SLOs_400_response: title: Bad request type: object @@ -24382,13 +59762,13 @@ tags: - name: Elastic Package Manager (EPM) - name: Fleet enrollment API keys - name: Fleet internals - - name: Fleet Kubernetes - name: Fleet outputs - name: Fleet package policies - name: Fleet proxies - name: Fleet Server hosts - name: Fleet service tokens - name: Fleet uninstall tokens + - name: Message Signing Service - description: Machine learning name: ml - name: roles @@ -24416,6 +59796,44 @@ tags: permanently breaks future Kibana versions. name: saved objects x-displayName: Saved objects + - description: Manage and interact with Security Assistant resources. + name: Security AI Assistant API + x-displayName: Security AI assistant + - description: >- + You can create rules that automatically turn events and external alerts + sent to Elastic Security into detection alerts. These alerts are displayed + on the Detections page. + name: Security Detections API + x-displayName: Security detections + - description: >- + Endpoint Exceptions API allows you to manage detection rule endpoint + exceptions to prevent a rule from generating an alert from incoming events + even when the rule's other criteria are met. + name: Security Endpoint Exceptions API + x-displayName: Security endpoint exceptions + - description: Interact with and manage endpoints running the Elastic Defend integration. + name: Security Endpoint Management API + x-displayName: Security endpoint management + - description: '' + name: Security Entity Analytics API + x-displayName: Security entity analytics + - description: >- + Exceptions API allows you to manage detection rule exceptions to prevent a + rule from generating an alert from incoming events even when the rule's + other criteria are met. + name: Security Exceptions API + x-displayName: Security exceptions + - description: Lists API allows you to manage lists of keywords, IPs or IP ranges items. + name: Security Lists API + x-displayName: Security lists + - description: Run live queries, manage packs and saved queries. + name: Security Osquery API + x-displayName: Security Osquery + - description: >- + You can create Timelines and Timeline templates via the API, as well as + import new Timelines from an ndjson file. + name: Security Timeline API + x-displayName: Security timeline - description: SLO APIs enable you to define, manage and track service-level objectives name: slo - name: spaces diff --git a/oas_docs/overlays/kibana.overlays.serverless.yaml b/oas_docs/overlays/kibana.overlays.serverless.yaml index 5d1064eecb37e..64040383ae38c 100644 --- a/oas_docs/overlays/kibana.overlays.serverless.yaml +++ b/oas_docs/overlays/kibana.overlays.serverless.yaml @@ -54,9 +54,18 @@ actions: description: Change displayName update: x-displayName: "Service level objectives" - - target: '$.tags[?(@.name=="system")]' + - target: '$.tags[?(@.name=="spaces")]' description: Change displayName + update: + x-displayName: "Spaces" + description: Manage your Kibana spaces. + - target: '$.tags[?(@.name=="system")]' + description: Change displayName and description update: x-displayName: "System" description: > - Get information about the system status, resource usage, and installed plugins. \ No newline at end of file + Get information about the system status, resource usage, and installed plugins. + # Remove extra tags from operations + - target: "$.paths[*][*].tags[1:]" + description: Remove all but first tag from operations + remove: true \ No newline at end of file diff --git a/oas_docs/overlays/kibana.overlays.yaml b/oas_docs/overlays/kibana.overlays.yaml index cd3b40eeda819..c4747d7d13a0a 100644 --- a/oas_docs/overlays/kibana.overlays.yaml +++ b/oas_docs/overlays/kibana.overlays.yaml @@ -23,7 +23,7 @@ actions: If you use the Kibana console to send API requests, it automatically adds the appropriate space identifier. - To learn more, check out [Spaces](https://www.elastic.co/guide/en/kibana/current/xpack-spaces.html). + To learn more, check out [Spaces](https://www.elastic.co/guide/en/kibana/master/xpack-spaces.html). # Add some tag descriptions and displayNames - target: '$.tags[?(@.name=="alerting")]' description: Change tag description and displayName @@ -34,7 +34,7 @@ actions: Actions typically involve the use of connectors to interact with Kibana services or third party integrations. externalDocs: description: Alerting documentation - url: https://www.elastic.co/guide/en/kibana/current/alerting-getting-started.html + url: https://www.elastic.co/guide/en/kibana/master/alerting-getting-started.html x-displayName: "Alerting" - target: '$.tags[?(@.name=="cases")]' description: Change tag description and displayName @@ -45,7 +45,7 @@ actions: You can also send cases to external incident management systems by configuring connectors. externalDocs: description: Cases documentation - url: https://www.elastic.co/guide/en/kibana/current/cases.html + url: https://www.elastic.co/guide/en/kibana/master/cases.html x-displayName: "Cases" - target: '$.tags[?(@.name=="connectors")]' description: Change tag description and displayName @@ -65,13 +65,33 @@ actions: description: Change displayName update: x-displayName: "Machine learning" + - target: '$.tags[?(@.name=="roles")]' + description: Change displayName and description + update: + x-displayName: "Roles" + description: Manage the roles that grant Elasticsearch and Kibana privileges. + externalDocs: + description: Kibana role management + url: https://www.elastic.co/guide/en/kibana/master/kibana-role-management.html - target: '$.tags[?(@.name=="slo")]' description: Change displayName update: x-displayName: "Service level objectives" - - target: '$.tags[?(@.name=="system")]' + - target: '$.tags[?(@.name=="spaces")]' description: Change displayName + update: + x-displayName: "Spaces" + description: Manage your Kibana spaces. + externalDocs: + url: https://www.elastic.co/guide/en/kibana/master/xpack-spaces.html + description: Space overview + - target: '$.tags[?(@.name=="system")]' + description: Change displayName and description update: x-displayName: "System" description: > Get information about the system status, resource usage, and installed plugins. + # Remove extra tags from operations + - target: "$.paths[*][*].tags[1:]" + description: Remove all but first tag from operations + remove: true \ No newline at end of file diff --git a/oas_docs/scripts/merge_ess_oas.js b/oas_docs/scripts/merge_ess_oas.js index 9a0bd9217817f..218e8dfa5b803 100644 --- a/oas_docs/scripts/merge_ess_oas.js +++ b/oas_docs/scripts/merge_ess_oas.js @@ -20,13 +20,18 @@ const { REPO_ROOT } = require('@kbn/repo-info'); `${REPO_ROOT}/src/plugins/data_views/docs/openapi/bundled.yaml`, `${REPO_ROOT}/x-pack/plugins/ml/common/openapi/ml_apis.yaml`, `${REPO_ROOT}/packages/core/saved-objects/docs/openapi/bundled.yaml`, - `${REPO_ROOT}/x-pack/plugins/fleet/common/openapi/bundled.yaml`, // Observability Solution `${REPO_ROOT}/x-pack/plugins/observability_solution/apm/docs/openapi/apm.yaml`, `${REPO_ROOT}/x-pack/plugins/observability_solution/slo/docs/openapi/slo/bundled.yaml`, // Security solution + `${REPO_ROOT}/x-pack/plugins/security_solution/docs/openapi/ess/*.schema.yaml`, + `${REPO_ROOT}/packages/kbn-securitysolution-lists-common/docs/openapi/ess/*.schema.yaml`, + `${REPO_ROOT}/packages/kbn-securitysolution-exceptions-common/docs/openapi/ess/*.schema.yaml`, + `${REPO_ROOT}/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/ess/*.schema.yaml`, + `${REPO_ROOT}/x-pack/packages/kbn-elastic-assistant-common/docs/openapi/ess/*.schema.yaml`, + `${REPO_ROOT}/x-pack/plugins/osquery/docs/openapi/ess/*.schema.yaml`, ], outputFilePath: `${REPO_ROOT}/oas_docs/output/kibana.yaml`, options: { diff --git a/oas_docs/scripts/merge_ess_oas_staging.js b/oas_docs/scripts/merge_ess_oas_staging.js index 03fc7d0786a3d..e7c5eb719c9f6 100644 --- a/oas_docs/scripts/merge_ess_oas_staging.js +++ b/oas_docs/scripts/merge_ess_oas_staging.js @@ -20,7 +20,6 @@ const { REPO_ROOT } = require('@kbn/repo-info'); `${REPO_ROOT}/src/plugins/data_views/docs/openapi/bundled.yaml`, `${REPO_ROOT}/x-pack/plugins/ml/common/openapi/ml_apis.yaml`, `${REPO_ROOT}/packages/core/saved-objects/docs/openapi/bundled.yaml`, - `${REPO_ROOT}/x-pack/plugins/fleet/common/openapi/bundled.yaml`, // Observability Solution `${REPO_ROOT}/x-pack/plugins/observability_solution/apm/docs/openapi/apm.yaml`, diff --git a/oas_docs/scripts/merge_serverless_oas.js b/oas_docs/scripts/merge_serverless_oas.js index 3d5384a7af2fb..c66187dea8d8d 100644 --- a/oas_docs/scripts/merge_serverless_oas.js +++ b/oas_docs/scripts/merge_serverless_oas.js @@ -18,13 +18,18 @@ const { REPO_ROOT } = require('@kbn/repo-info'); `${REPO_ROOT}/src/plugins/data_views/docs/openapi/bundled.yaml`, `${REPO_ROOT}/x-pack/plugins/ml/common/openapi/ml_apis_serverless.yaml`, `${REPO_ROOT}/packages/core/saved-objects/docs/openapi/bundled_serverless.yaml`, - `${REPO_ROOT}/x-pack/plugins/fleet/common/openapi/bundled.yaml`, // Observability Solution `${REPO_ROOT}/x-pack/plugins/observability_solution/apm/docs/openapi/apm.yaml`, `${REPO_ROOT}/x-pack/plugins/observability_solution/slo/docs/openapi/slo/bundled.yaml`, // Security solution + `${REPO_ROOT}/x-pack/plugins/security_solution/docs/openapi/serverless/*.schema.yaml`, + `${REPO_ROOT}/packages/kbn-securitysolution-lists-common/docs/openapi/serverless/*.schema.yaml`, + `${REPO_ROOT}/packages/kbn-securitysolution-exceptions-common/docs/openapi/serverless/*.schema.yaml`, + `${REPO_ROOT}/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/serverless/*.schema.yaml`, + `${REPO_ROOT}/x-pack/packages/kbn-elastic-assistant-common/docs/openapi/serverless/*.schema.yaml`, + `${REPO_ROOT}/x-pack/plugins/osquery/docs/openapi/serverless/*.schema.yaml`, ], outputFilePath: `${REPO_ROOT}/oas_docs/output/kibana.serverless.yaml`, options: { diff --git a/oas_docs/scripts/merge_serverless_oas_staging.js b/oas_docs/scripts/merge_serverless_oas_staging.js index 72b5c744df79b..b918c7900196e 100644 --- a/oas_docs/scripts/merge_serverless_oas_staging.js +++ b/oas_docs/scripts/merge_serverless_oas_staging.js @@ -18,7 +18,6 @@ const { REPO_ROOT } = require('@kbn/repo-info'); `${REPO_ROOT}/src/plugins/data_views/docs/openapi/bundled.yaml`, `${REPO_ROOT}/x-pack/plugins/ml/common/openapi/ml_apis_serverless.yaml`, `${REPO_ROOT}/packages/core/saved-objects/docs/openapi/bundled_serverless.yaml`, - `${REPO_ROOT}/x-pack/plugins/fleet/common/openapi/bundled.yaml`, // Observability Solution `${REPO_ROOT}/x-pack/plugins/observability_solution/apm/docs/openapi/apm.yaml`, diff --git a/package.json b/package.json index 8da1f4a647d4b..fb4b6ebcc44c9 100644 --- a/package.json +++ b/package.json @@ -1456,6 +1456,7 @@ "@kbn/picomatcher": "link:packages/kbn-picomatcher", "@kbn/plugin-generator": "link:packages/kbn-plugin-generator", "@kbn/plugin-helpers": "link:packages/kbn-plugin-helpers", + "@kbn/product-doc-artifact-builder": "link:x-pack/packages/ai-infra/product-doc-artifact-builder", "@kbn/repo-file-maps": "link:packages/kbn-repo-file-maps", "@kbn/repo-linter": "link:packages/kbn-repo-linter", "@kbn/repo-path": "link:packages/kbn-repo-path", @@ -1490,7 +1491,7 @@ "@octokit/rest": "^17.11.2", "@parcel/watcher": "^2.1.0", "@playwright/test": "=1.46.0", - "@redocly/cli": "^1.21.0", + "@redocly/cli": "^1.25.3", "@statoscope/webpack-plugin": "^5.28.2", "@storybook/addon-a11y": "^6.5.16", "@storybook/addon-actions": "^6.5.16", diff --git a/packages/core/plugins/core-plugins-server/src/types.ts b/packages/core/plugins/core-plugins-server/src/types.ts index 785959e62b897..6da8b2727733e 100644 --- a/packages/core/plugins/core-plugins-server/src/types.ts +++ b/packages/core/plugins/core-plugins-server/src/types.ts @@ -107,7 +107,7 @@ export interface PluginConfigDescriptor { */ exposeToBrowser?: ExposedToBrowserDescriptor; /** - * List of configuration properties that can be dynamically changed via the PUT /_settings API. + * List of configuration properties that can be dynamically changed via the PUT /internal/core/_settings API. */ dynamicConfig?: DynamicConfigDescriptor; /** diff --git a/packages/kbn-esql-validation-autocomplete/src/definitions/generated/scalar_functions.ts b/packages/kbn-esql-validation-autocomplete/src/definitions/generated/scalar_functions.ts index c0556db33db37..9f75e8dcab429 100644 --- a/packages/kbn-esql-validation-autocomplete/src/definitions/generated/scalar_functions.ts +++ b/packages/kbn-esql-validation-autocomplete/src/definitions/generated/scalar_functions.ts @@ -1834,6 +1834,22 @@ const greatestDefinition: FunctionDefinition = { returnType: 'boolean', minParams: 1, }, + { + params: [ + { + name: 'first', + type: 'date', + optional: false, + }, + { + name: 'rest', + type: 'date', + optional: true, + }, + ], + returnType: 'date', + minParams: 1, + }, { params: [ { @@ -2072,6 +2088,22 @@ const leastDefinition: FunctionDefinition = { returnType: 'boolean', minParams: 1, }, + { + params: [ + { + name: 'first', + type: 'date', + optional: false, + }, + { + name: 'rest', + type: 'date', + optional: true, + }, + ], + returnType: 'date', + minParams: 1, + }, { params: [ { @@ -5734,6 +5766,45 @@ const replaceDefinition: FunctionDefinition = { examples: ['ROW str = "Hello World"\n| EVAL str = REPLACE(str, "World", "Universe")\n| KEEP str'], }; +// Do not edit this manually... generated by scripts/generate_function_definitions.ts +const reverseDefinition: FunctionDefinition = { + type: 'eval', + name: 'reverse', + description: i18n.translate('kbn-esql-validation-autocomplete.esql.definitions.reverse', { + defaultMessage: 'Returns a new string representing the input string in reverse order.', + }), + alias: undefined, + signatures: [ + { + params: [ + { + name: 'str', + type: 'keyword', + optional: false, + }, + ], + returnType: 'keyword', + }, + { + params: [ + { + name: 'str', + type: 'text', + optional: false, + }, + ], + returnType: 'text', + }, + ], + supportedCommands: ['stats', 'inlinestats', 'metrics', 'eval', 'where', 'row', 'sort'], + supportedOptions: ['by'], + validate: undefined, + examples: [ + 'ROW message = "Some Text" | EVAL message_reversed = REVERSE(message);', + 'ROW bending_arts = "💧🪨🔥💨" | EVAL bending_arts_reversed = REVERSE(bending_arts);', + ], +}; + // Do not edit this manually... generated by scripts/generate_function_definitions.ts const rightDefinition: FunctionDefinition = { type: 'eval', @@ -8767,6 +8838,7 @@ export const scalarFunctionDefinitions = [ qstrDefinition, repeatDefinition, replaceDefinition, + reverseDefinition, rightDefinition, roundDefinition, rtrimDefinition, diff --git a/packages/kbn-esql-validation-autocomplete/src/shared/helpers.ts b/packages/kbn-esql-validation-autocomplete/src/shared/helpers.ts index d58101e9ff8eb..fd53d08e67f90 100644 --- a/packages/kbn-esql-validation-autocomplete/src/shared/helpers.ts +++ b/packages/kbn-esql-validation-autocomplete/src/shared/helpers.ts @@ -548,9 +548,6 @@ export function isVariable( ): column is ESQLVariable { return Boolean(column && 'location' in column); } -export function hasCCSSource(name: string) { - return name.includes(':'); -} /** * This will return the name without any quotes. diff --git a/packages/kbn-esql-validation-autocomplete/src/validation/__tests__/test_suites/validation.command.from.ts b/packages/kbn-esql-validation-autocomplete/src/validation/__tests__/test_suites/validation.command.from.ts index ccb28d88fd78f..e3589bb8da643 100644 --- a/packages/kbn-esql-validation-autocomplete/src/validation/__tests__/test_suites/validation.command.from.ts +++ b/packages/kbn-esql-validation-autocomplete/src/validation/__tests__/test_suites/validation.command.from.ts @@ -56,10 +56,12 @@ export const validationFromCommandTestSuite = (setup: helpers.Setup) => { await expectErrors('fRoM in*ex', []); await expectErrors('fRoM ind*ex', []); await expectErrors('fRoM *,-.*', []); - await expectErrors('fRoM remote-*:indexes*', []); - await expectErrors('fRoM remote-*:indexes', []); - await expectErrors('fRoM remote-ccs:indexes', []); - await expectErrors('fRoM a_index, remote-ccs:indexes', []); + await expectErrors('fRoM remote-*:indexes*', ['Unknown index [remote-*:indexes*]']); + await expectErrors('fRoM remote-*:indexes', ['Unknown index [remote-*:indexes]']); + await expectErrors('fRoM remote-ccs:indexes', ['Unknown index [remote-ccs:indexes]']); + await expectErrors('fRoM a_index, remote-ccs:indexes', [ + 'Unknown index [remote-ccs:indexes]', + ]); await expectErrors('fRoM .secret_index', []); await expectErrors('from my-index', []); }); @@ -151,12 +153,12 @@ export const validationFromCommandTestSuite = (setup: helpers.Setup) => { ); await expectErrors( `from remote-ccs:indexes ${setWrapping('METADATA _id')}`, - [], + ['Unknown index [remote-ccs:indexes]'], addBracketsWarning() ); await expectErrors( `from *:indexes ${setWrapping('METADATA _id')}`, - [], + ['Unknown index [*:indexes]'], addBracketsWarning() ); }); diff --git a/packages/kbn-esql-validation-autocomplete/src/validation/__tests__/test_suites/validation.command.metrics.ts b/packages/kbn-esql-validation-autocomplete/src/validation/__tests__/test_suites/validation.command.metrics.ts index 30236aa38ab3a..8dd1634f63279 100644 --- a/packages/kbn-esql-validation-autocomplete/src/validation/__tests__/test_suites/validation.command.metrics.ts +++ b/packages/kbn-esql-validation-autocomplete/src/validation/__tests__/test_suites/validation.command.metrics.ts @@ -51,10 +51,14 @@ export const validationMetricsCommandTestSuite = (setup: helpers.Setup) => { await expectErrors('metrics in*ex', []); await expectErrors('metrics ind*ex', []); await expectErrors('metrics *,-.*', []); - await expectErrors('metrics remote-*:indexes*', []); - await expectErrors('metrics remote-*:indexes', []); - await expectErrors('metrics remote-ccs:indexes', []); - await expectErrors('metrics a_index, remote-ccs:indexes', []); + await expectErrors('metrics remote-*:indexes*', ['Unknown index [remote-*:indexes*]']); + await expectErrors('metrics remote-*:indexes', ['Unknown index [remote-*:indexes]']); + await expectErrors('metrics remote-ccs:indexes', [ + 'Unknown index [remote-ccs:indexes]', + ]); + await expectErrors('metrics a_index, remote-ccs:indexes', [ + 'Unknown index [remote-ccs:indexes]', + ]); await expectErrors('metrics .secret_index', []); }); diff --git a/packages/kbn-esql-validation-autocomplete/src/validation/validation.ts b/packages/kbn-esql-validation-autocomplete/src/validation/validation.ts index 428a2d1fcd4f5..fdfe03852fc48 100644 --- a/packages/kbn-esql-validation-autocomplete/src/validation/validation.ts +++ b/packages/kbn-esql-validation-autocomplete/src/validation/validation.ts @@ -47,7 +47,6 @@ import { sourceExists, getColumnExists, hasWildcard, - hasCCSSource, isSettingItem, isAssignment, isVariable, @@ -815,11 +814,6 @@ function validateSource( return messages; } - const hasCCS = hasCCSSource(source.name); - if (hasCCS) { - return messages; - } - const commandDef = getCommandDefinition(commandName); const isWildcardAndNotSupported = hasWildcard(source.name) && !commandDef.signature.params.some(({ wildcards }) => wildcards); diff --git a/packages/kbn-investigation-shared/src/rest_specs/event.ts b/packages/kbn-investigation-shared/src/rest_specs/event.ts index df2f3941ad332..e63083f75c824 100644 --- a/packages/kbn-investigation-shared/src/rest_specs/event.ts +++ b/packages/kbn-investigation-shared/src/rest_specs/event.ts @@ -13,6 +13,7 @@ import { eventSchema } from '../schema'; const eventResponseSchema = eventSchema; type EventResponse = z.output; +type EventSchema = z.output; export { eventResponseSchema }; -export type { EventResponse }; +export type { EventResponse, EventSchema }; diff --git a/packages/kbn-language-documentation/src/sections/generated/scalar_functions.tsx b/packages/kbn-language-documentation/src/sections/generated/scalar_functions.tsx index 30e0de8fa8ac3..c4f8bba9ed7ec 100644 --- a/packages/kbn-language-documentation/src/sections/generated/scalar_functions.tsx +++ b/packages/kbn-language-documentation/src/sections/generated/scalar_functions.tsx @@ -1906,6 +1906,38 @@ export const functions = { | EVAL str = REPLACE(str, "World", "Universe") | KEEP str \`\`\` + `, + description: + 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', + ignoreTag: true, + } + )} + /> + ), + }, + // Do not edit manually... automatically generated by scripts/generate_esql_docs.ts + { + label: i18n.translate('languageDocumentation.documentationESQL.reverse', { + defaultMessage: 'REVERSE', + }), + description: ( + + + ### REVERSE + Returns a new string representing the input string in reverse order. + + \`\`\` + ROW message = "Some Text" | EVAL message_reversed = REVERSE(message); + \`\`\` `, description: 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', diff --git a/packages/kbn-optimizer/src/worker/webpack.config.ts b/packages/kbn-optimizer/src/worker/webpack.config.ts index fb1ae98863429..539d3098030e0 100644 --- a/packages/kbn-optimizer/src/worker/webpack.config.ts +++ b/packages/kbn-optimizer/src/worker/webpack.config.ts @@ -214,18 +214,6 @@ export function getWebpackConfig( includePaths: [Path.resolve(worker.repoRoot, 'node_modules')], sourceMap: true, quietDeps: true, - logger: { - warn: (message: string, warning: any) => { - // Muted - see https://github.com/elastic/kibana/issues/190345 for tracking remediation - if (warning?.deprecationType?.id === 'mixed-decls') return; - - if (warning.deprecation) - return process.stderr.write( - `DEPRECATION WARNING: ${message}\n${warning.stack}` - ); - process.stderr.write('WARNING: ' + message); - }, - }, }, }, }, diff --git a/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/ess/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml b/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/ess/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml index 78c75760f1888..366efe23d586b 100644 --- a/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/ess/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml +++ b/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/ess/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml @@ -885,3 +885,4 @@ tags: exceptions to prevent a rule from generating an alert from incoming events even when the rule's other criteria are met. name: Security Endpoint Exceptions API + x-displayName: Security endpoint exceptions diff --git a/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/serverless/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml b/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/serverless/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml index 6b3b4d4eaa55d..0ecce40ef34d3 100644 --- a/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/serverless/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml +++ b/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/serverless/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml @@ -885,3 +885,4 @@ tags: exceptions to prevent a rule from generating an alert from incoming events even when the rule's other criteria are met. name: Security Endpoint Exceptions API + x-displayName: Security endpoint exceptions diff --git a/packages/kbn-securitysolution-endpoint-exceptions-common/scripts/openapi_bundle.js b/packages/kbn-securitysolution-endpoint-exceptions-common/scripts/openapi_bundle.js index edd9cb25f6d44..e5a02965593c3 100644 --- a/packages/kbn-securitysolution-endpoint-exceptions-common/scripts/openapi_bundle.js +++ b/packages/kbn-securitysolution-endpoint-exceptions-common/scripts/openapi_bundle.js @@ -30,6 +30,7 @@ const ROOT = resolve(__dirname, '..'); tags: [ { name: 'Security Endpoint Exceptions API', + 'x-displayName': 'Security endpoint exceptions', description: "Endpoint Exceptions API allows you to manage detection rule endpoint exceptions to prevent a rule from generating an alert from incoming events even when the rule's other criteria are met.", }, @@ -54,6 +55,7 @@ const ROOT = resolve(__dirname, '..'); tags: [ { name: 'Security Endpoint Exceptions API', + 'x-displayName': 'Security endpoint exceptions', description: "Endpoint Exceptions API allows you to manage detection rule endpoint exceptions to prevent a rule from generating an alert from incoming events even when the rule's other criteria are met.", }, diff --git a/packages/kbn-securitysolution-exceptions-common/docs/openapi/ess/security_solution_exceptions_api_2023_10_31.bundled.schema.yaml b/packages/kbn-securitysolution-exceptions-common/docs/openapi/ess/security_solution_exceptions_api_2023_10_31.bundled.schema.yaml index 89208f3a9ced0..bf290e872f915 100644 --- a/packages/kbn-securitysolution-exceptions-common/docs/openapi/ess/security_solution_exceptions_api_2023_10_31.bundled.schema.yaml +++ b/packages/kbn-securitysolution-exceptions-common/docs/openapi/ess/security_solution_exceptions_api_2023_10_31.bundled.schema.yaml @@ -1904,3 +1904,4 @@ tags: rule from generating an alert from incoming events even when the rule's other criteria are met. name: Security Exceptions API + x-displayName: Security exceptions diff --git a/packages/kbn-securitysolution-exceptions-common/docs/openapi/serverless/security_solution_exceptions_api_2023_10_31.bundled.schema.yaml b/packages/kbn-securitysolution-exceptions-common/docs/openapi/serverless/security_solution_exceptions_api_2023_10_31.bundled.schema.yaml index 190c2bd64aab5..115658261c909 100644 --- a/packages/kbn-securitysolution-exceptions-common/docs/openapi/serverless/security_solution_exceptions_api_2023_10_31.bundled.schema.yaml +++ b/packages/kbn-securitysolution-exceptions-common/docs/openapi/serverless/security_solution_exceptions_api_2023_10_31.bundled.schema.yaml @@ -1904,3 +1904,4 @@ tags: rule from generating an alert from incoming events even when the rule's other criteria are met. name: Security Exceptions API + x-displayName: Security exceptions diff --git a/packages/kbn-securitysolution-exceptions-common/scripts/openapi_bundle.js b/packages/kbn-securitysolution-exceptions-common/scripts/openapi_bundle.js index edbe0f14ed75f..83c84d91daaf5 100644 --- a/packages/kbn-securitysolution-exceptions-common/scripts/openapi_bundle.js +++ b/packages/kbn-securitysolution-exceptions-common/scripts/openapi_bundle.js @@ -31,6 +31,7 @@ const ROOT = resolve(__dirname, '..'); tags: [ { name: 'Security Exceptions API', + 'x-displayName': 'Security exceptions', description: "Exceptions API allows you to manage detection rule exceptions to prevent a rule from generating an alert from incoming events even when the rule's other criteria are met.", }, @@ -56,6 +57,7 @@ const ROOT = resolve(__dirname, '..'); tags: [ { name: 'Security Exceptions API', + 'x-displayName': 'Security exceptions', description: "Exceptions API allows you to manage detection rule exceptions to prevent a rule from generating an alert from incoming events even when the rule's other criteria are met.", }, diff --git a/packages/kbn-securitysolution-lists-common/docs/openapi/ess/security_solution_lists_api_2023_10_31.bundled.schema.yaml b/packages/kbn-securitysolution-lists-common/docs/openapi/ess/security_solution_lists_api_2023_10_31.bundled.schema.yaml index e2f6e182e1ed8..17eef19505e40 100644 --- a/packages/kbn-securitysolution-lists-common/docs/openapi/ess/security_solution_lists_api_2023_10_31.bundled.schema.yaml +++ b/packages/kbn-securitysolution-lists-common/docs/openapi/ess/security_solution_lists_api_2023_10_31.bundled.schema.yaml @@ -1564,3 +1564,4 @@ security: tags: - description: Lists API allows you to manage lists of keywords, IPs or IP ranges items. name: Security Lists API + x-displayName: Security lists diff --git a/packages/kbn-securitysolution-lists-common/docs/openapi/serverless/security_solution_lists_api_2023_10_31.bundled.schema.yaml b/packages/kbn-securitysolution-lists-common/docs/openapi/serverless/security_solution_lists_api_2023_10_31.bundled.schema.yaml index c11f67f85014c..5348d9404a0e3 100644 --- a/packages/kbn-securitysolution-lists-common/docs/openapi/serverless/security_solution_lists_api_2023_10_31.bundled.schema.yaml +++ b/packages/kbn-securitysolution-lists-common/docs/openapi/serverless/security_solution_lists_api_2023_10_31.bundled.schema.yaml @@ -1564,3 +1564,4 @@ security: tags: - description: Lists API allows you to manage lists of keywords, IPs or IP ranges items. name: Security Lists API + x-displayName: Security lists diff --git a/packages/kbn-securitysolution-lists-common/scripts/openapi_bundle.js b/packages/kbn-securitysolution-lists-common/scripts/openapi_bundle.js index 2f809aa1f5ee2..b8ea2ea2e8377 100644 --- a/packages/kbn-securitysolution-lists-common/scripts/openapi_bundle.js +++ b/packages/kbn-securitysolution-lists-common/scripts/openapi_bundle.js @@ -30,6 +30,7 @@ const ROOT = resolve(__dirname, '..'); tags: [ { name: 'Security Lists API', + 'x-displayName': 'Security lists', description: 'Lists API allows you to manage lists of keywords, IPs or IP ranges items.', }, @@ -54,6 +55,7 @@ const ROOT = resolve(__dirname, '..'); tags: [ { name: 'Security Lists API', + 'x-displayName': 'Security lists', description: 'Lists API allows you to manage lists of keywords, IPs or IP ranges items.', }, diff --git a/packages/kbn-storybook/src/webpack.config.ts b/packages/kbn-storybook/src/webpack.config.ts index 94302fdc19c41..fb901692e7f66 100644 --- a/packages/kbn-storybook/src/webpack.config.ts +++ b/packages/kbn-storybook/src/webpack.config.ts @@ -120,18 +120,6 @@ export default ({ config: storybookConfig }: { config: Configuration }) => { sassOptions: { includePaths: [resolve(REPO_ROOT, 'node_modules')], quietDeps: true, - logger: { - warn: (message: string, warning: any) => { - // Muted - see https://github.com/elastic/kibana/issues/190345 for tracking remediation - if (warning?.deprecationType?.id === 'mixed-decls') return; - - if (warning.deprecation) - return process.stderr.write( - `DEPRECATION WARNING: ${message}\n${warning.stack}` - ); - process.stderr.write('WARNING: ' + message); - }, - }, }, }, }, diff --git a/packages/kbn-unified-data-table/src/components/custom_control_columns/color_indicator/color_indicator_control_column.tsx b/packages/kbn-unified-data-table/src/components/custom_control_columns/color_indicator/color_indicator_control_column.tsx index ac7e3d80a4432..38cfab2648950 100644 --- a/packages/kbn-unified-data-table/src/components/custom_control_columns/color_indicator/color_indicator_control_column.tsx +++ b/packages/kbn-unified-data-table/src/components/custom_control_columns/color_indicator/color_indicator_control_column.tsx @@ -42,6 +42,8 @@ const ColorIndicatorCell: React.FC = ({ getRowIndicato data-test-subj="unifiedDataTableRowColorIndicatorCell" title={label} css={css` + position: absolute; + top: 0; background: ${color}; width: ${COLOR_INDICATOR_WIDTH}px; height: 100%; diff --git a/packages/kbn-unified-data-table/src/components/data_table.scss b/packages/kbn-unified-data-table/src/components/data_table.scss index 263cc1a801083..6093659d487d6 100644 --- a/packages/kbn-unified-data-table/src/components/data_table.scss +++ b/packages/kbn-unified-data-table/src/components/data_table.scss @@ -83,7 +83,6 @@ } .euiDataGridRowCell.euiDataGridRowCell--controlColumn[data-gridcell-column-id='colorIndicator'] .euiDataGridRowCell__content { height: 100%; - padding: 0; border-bottom: 0; } diff --git a/scripts/build_product_doc_artifacts.js b/scripts/build_product_doc_artifacts.js new file mode 100644 index 0000000000000..0d6bea2a6e775 --- /dev/null +++ b/scripts/build_product_doc_artifacts.js @@ -0,0 +1,11 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the "Elastic License + * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side + * Public License v 1"; you may not use this file except in compliance with, at + * your election, the "Elastic License 2.0", the "GNU Affero General Public + * License v3.0 only", or the "Server Side Public License, v 1". + */ + +require('../src/setup_node_env'); +require('@kbn/product-doc-artifact-builder').runScript(); diff --git a/src/core/public/styles/rendering/_base.scss b/src/core/public/styles/rendering/_base.scss index 1bcfaab71ea17..259115f6a526a 100644 --- a/src/core/public/styles/rendering/_base.scss +++ b/src/core/public/styles/rendering/_base.scss @@ -67,7 +67,8 @@ } .kbnBody--chromeHidden { - --euiFixedHeadersOffset: 0; + // stylelint-disable-next-line length-zero-no-unit + --euiFixedHeadersOffset: 0px; &.kbnBody--hasHeaderBanner { --euiFixedHeadersOffset: var(--kbnHeaderBannerHeight); diff --git a/src/dev/precommit_hook/casing_check_config.js b/src/dev/precommit_hook/casing_check_config.js index 1ddf99b0a1d49..2eaeb64f8be5f 100644 --- a/src/dev/precommit_hook/casing_check_config.js +++ b/src/dev/precommit_hook/casing_check_config.js @@ -116,6 +116,7 @@ export const IGNORE_DIRECTORY_GLOBS = [ 'src/babel-*', 'packages/*', 'packages/core/*/*', + 'x-pack/packages/ai-infra/*', 'packages/kbn-pm/src/utils/__fixtures__/*', 'packages/kbn-check-prod-native-modules-cli/integration_tests/__fixtures__/*/node_modules/*', 'x-pack/dev-tools', diff --git a/src/plugins/console/public/application/containers/main/main.tsx b/src/plugins/console/public/application/containers/main/main.tsx index 1b5116b2307a6..9cc1300eea5fb 100644 --- a/src/plugins/console/public/application/containers/main/main.tsx +++ b/src/plugins/console/public/application/containers/main/main.tsx @@ -229,6 +229,7 @@ export function Main({ currentTabProp, isEmbeddable = false }: MainProps) { downloadFileAs(EXPORT_FILE_NAME, { content: inputEditorValue, diff --git a/src/plugins/console/public/lib/utils/index.ts b/src/plugins/console/public/lib/utils/index.ts index c896d52aa627c..86da34c7162bc 100644 --- a/src/plugins/console/public/lib/utils/index.ts +++ b/src/plugins/console/public/lib/utils/index.ts @@ -91,8 +91,11 @@ export function extractWarningMessages(warnings: string) { }); } +// To avoid double unescaping, the best approach is to process the backslash escape sequence last. +// This ensures that any escaped characters are correctly handled first, preventing premature +// interpretation of the backslash itself as part of another escape sequence. export function unescape(s: string) { - return s.replace(/\\\\/g, '\\').replace(/\\"/g, '"'); + return s.replace(/\\"/g, '"').replace(/\\\\/g, '\\'); } export function splitOnUnquotedCommaSpace(s: string) { diff --git a/src/plugins/dashboard/public/dashboard_listing/index.tsx b/src/plugins/dashboard/public/dashboard_listing/index.tsx index a6996008f9b35..0fa1df0be5220 100644 --- a/src/plugins/dashboard/public/dashboard_listing/index.tsx +++ b/src/plugins/dashboard/public/dashboard_listing/index.tsx @@ -7,10 +7,10 @@ * License v3.0 only", or the "Server Side Public License, v 1". */ -import React, { Suspense } from 'react'; import { EuiEmptyPrompt, EuiLoadingSpinner } from '@elastic/eui'; +import React, { Suspense } from 'react'; -import { servicesReady } from '../plugin'; +import { untilPluginStartServicesReady } from '../services/kibana_services'; import { DashboardListingProps } from './types'; const ListingTableLoadingIndicator = () => { @@ -20,7 +20,7 @@ const ListingTableLoadingIndicator = () => { const LazyDashboardListing = React.lazy(() => (async () => { const modulePromise = import('./dashboard_listing_table'); - const [module] = await Promise.all([modulePromise, servicesReady]); + const [module] = await Promise.all([modulePromise, untilPluginStartServicesReady()]); return { default: module.DashboardListingTable, diff --git a/src/plugins/dashboard/public/plugin.tsx b/src/plugins/dashboard/public/plugin.tsx index c46dcbc3e4139..b1d60adc84d0f 100644 --- a/src/plugins/dashboard/public/plugin.tsx +++ b/src/plugins/dashboard/public/plugin.tsx @@ -138,7 +138,6 @@ export interface DashboardStart { } export let resolveServicesReady: () => void; -export const servicesReady = new Promise((resolve) => (resolveServicesReady = resolve)); export class DashboardPlugin implements diff --git a/src/plugins/discover/public/application/main/components/pattern_analysis/pattern_analysis_table.tsx b/src/plugins/discover/public/application/main/components/pattern_analysis/pattern_analysis_table.tsx index bc93d2b90c645..0c0236ab60c08 100644 --- a/src/plugins/discover/public/application/main/components/pattern_analysis/pattern_analysis_table.tsx +++ b/src/plugins/discover/public/application/main/components/pattern_analysis/pattern_analysis_table.tsx @@ -12,6 +12,7 @@ import { METRIC_TYPE, UiCounterMetricType } from '@kbn/analytics'; import { type EmbeddablePatternAnalysisInput } from '@kbn/aiops-log-pattern-analysis/embeddable'; import { pick } from 'lodash'; import type { LogCategorizationEmbeddableProps } from '@kbn/aiops-plugin/public/components/log_categorization/log_categorization_for_embeddable/log_categorization_for_discover'; +import type { AiopsAppContextValue } from '@kbn/aiops-plugin/public/hooks/use_aiops_app_context'; import { useDiscoverServices } from '../../../../hooks/use_discover_services'; import type { DiscoverStateContainer } from '../../state_management/discover_state'; import { PATTERN_ANALYSIS_LOADED } from './constants'; @@ -63,8 +64,11 @@ export const PatternAnalysisTable = (props: PatternAnalysisTableProps) => { return ( ); }; diff --git a/test/functional/apps/management/data_views/_edit_field.ts b/test/functional/apps/management/data_views/_edit_field.ts index 51ff0bb0d1019..4ebde059d9d78 100644 --- a/test/functional/apps/management/data_views/_edit_field.ts +++ b/test/functional/apps/management/data_views/_edit_field.ts @@ -7,14 +7,11 @@ * License v3.0 only", or the "Server Side Public License, v 1". */ -import expect from '@kbn/expect'; import { FtrProviderContext } from '../../../ftr_provider_context'; export default function ({ getService, getPageObjects }: FtrProviderContext) { const kibanaServer = getService('kibanaServer'); - const retry = getService('retry'); const PageObjects = getPageObjects(['settings']); - const testSubjects = getService('testSubjects'); describe('edit field', function () { before(async function () { @@ -33,29 +30,19 @@ export default function ({ getService, getPageObjects }: FtrProviderContext) { }); it('should show preview for fields in _source', async function () { - await PageObjects.settings.filterField('extension'); - await testSubjects.click('editFieldFormat'); - await testSubjects.find('value'); - let previewText = ''; - await retry.waitForWithTimeout('get preview value', 1000, async () => { - previewText = await testSubjects.getVisibleText('value'); - return previewText !== 'Value not set'; + await PageObjects.settings.changeAndValidateFieldFormat({ + name: 'extension', + fieldType: 'text', + expectedPreviewText: 'css', }); - expect(previewText).to.be('css'); - await PageObjects.settings.closeIndexPatternFieldEditor(); }); it('should show preview for fields not in _source', async function () { - await PageObjects.settings.filterField('extension.raw'); - await testSubjects.click('editFieldFormat'); - await testSubjects.find('value'); - let previewText = ''; - await retry.waitForWithTimeout('get preview value', 1000, async () => { - previewText = await testSubjects.getVisibleText('value'); - return previewText !== 'Value not set'; + await PageObjects.settings.changeAndValidateFieldFormat({ + name: 'extension.raw', + fieldType: 'keyword', + expectedPreviewText: 'css', }); - expect(previewText).to.be('css'); - await PageObjects.settings.closeIndexPatternFieldEditor(); }); }); }); diff --git a/test/functional/page_objects/settings_page.ts b/test/functional/page_objects/settings_page.ts index 94f3b9f3e3e40..2d2f50fc9f1f1 100644 --- a/test/functional/page_objects/settings_page.ts +++ b/test/functional/page_objects/settings_page.ts @@ -1053,7 +1053,15 @@ export class SettingsPageObject extends FtrService { ); } - async changeAndValidateFieldFormat(name: string, fieldType: string) { + async changeAndValidateFieldFormat({ + name, + fieldType, + expectedPreviewText, + }: { + name: string; + fieldType: string; + expectedPreviewText: string; + }) { await this.filterField(name); await this.setFieldTypeFilter(fieldType); await this.testSubjects.click('editFieldFormat'); @@ -1062,7 +1070,10 @@ export class SettingsPageObject extends FtrService { await this.retry.tryForTime(5000, async () => { const previewText = await this.testSubjects.getVisibleText('fieldPreviewItem > value'); - expect(previewText).to.be('css'); + expect(previewText).to.eql( + expectedPreviewText, + `Expected previewText to eql [${expectedPreviewText}], but got: [${previewText}]` + ); }); await this.closeIndexPatternFieldEditor(); } diff --git a/test/plugin_functional/test_suites/core_plugins/rendering.ts b/test/plugin_functional/test_suites/core_plugins/rendering.ts index 5ca4460e27eb4..0054750a55b24 100644 --- a/test/plugin_functional/test_suites/core_plugins/rendering.ts +++ b/test/plugin_functional/test_suites/core_plugins/rendering.ts @@ -315,7 +315,6 @@ export default function ({ getService }: PluginFunctionalProviderContext) { // 'xpack.reporting.poll.jobsRefresh.intervalErrorMultiplier (number)', 'xpack.rollup.ui.enabled (boolean?)', 'xpack.saved_object_tagging.cache_refresh_interval (duration?)', - 'xpack.search.homepage.ui.enabled (boolean?)', 'xpack.searchInferenceEndpoints.ui.enabled (boolean?)', 'xpack.searchPlayground.ui.enabled (boolean?)', 'xpack.security.loginAssistanceMessage (string?)', diff --git a/tsconfig.base.json b/tsconfig.base.json index 936c60930d262..3df30d9cf8c30 100644 --- a/tsconfig.base.json +++ b/tsconfig.base.json @@ -1360,6 +1360,8 @@ "@kbn/presentation-publishing/*": ["packages/presentation/presentation_publishing/*"], "@kbn/presentation-util-plugin": ["src/plugins/presentation_util"], "@kbn/presentation-util-plugin/*": ["src/plugins/presentation_util/*"], + "@kbn/product-doc-artifact-builder": ["x-pack/packages/ai-infra/product-doc-artifact-builder"], + "@kbn/product-doc-artifact-builder/*": ["x-pack/packages/ai-infra/product-doc-artifact-builder/*"], "@kbn/profiling-data-access-plugin": ["x-pack/plugins/observability_solution/profiling_data_access"], "@kbn/profiling-data-access-plugin/*": ["x-pack/plugins/observability_solution/profiling_data_access/*"], "@kbn/profiling-plugin": ["x-pack/plugins/observability_solution/profiling"], @@ -2078,4 +2080,4 @@ "@kbn/ambient-storybook-types" ] } -} \ No newline at end of file +} diff --git a/x-pack/packages/ai-infra/product-doc-artifact-builder/README.md b/x-pack/packages/ai-infra/product-doc-artifact-builder/README.md new file mode 100644 index 0000000000000..eb64d53b5b8f7 --- /dev/null +++ b/x-pack/packages/ai-infra/product-doc-artifact-builder/README.md @@ -0,0 +1,3 @@ +# @kbn/product-doc-artifact-builder + +Script to build the knowledge base artifacts diff --git a/x-pack/packages/ai-infra/product-doc-artifact-builder/index.ts b/x-pack/packages/ai-infra/product-doc-artifact-builder/index.ts new file mode 100644 index 0000000000000..c84a0a64540e9 --- /dev/null +++ b/x-pack/packages/ai-infra/product-doc-artifact-builder/index.ts @@ -0,0 +1,8 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export { runScript } from './src/command'; diff --git a/x-pack/plugins/fleet/server/types/rest_spec/app.ts b/x-pack/packages/ai-infra/product-doc-artifact-builder/jest.config.js similarity index 58% rename from x-pack/plugins/fleet/server/types/rest_spec/app.ts rename to x-pack/packages/ai-infra/product-doc-artifact-builder/jest.config.js index e79f8dda0d2ee..9ada1460ee7aa 100644 --- a/x-pack/plugins/fleet/server/types/rest_spec/app.ts +++ b/x-pack/packages/ai-infra/product-doc-artifact-builder/jest.config.js @@ -5,10 +5,8 @@ * 2.0. */ -import { schema } from '@kbn/config-schema'; - -export const GenerateServiceTokenRequestSchema = { - body: schema.object({ - remote: schema.boolean({ defaultValue: false }), - }), +module.exports = { + preset: '@kbn/test/jest_node', + rootDir: '../../../..', + roots: ['/x-pack/packages/ai-infra/product-doc-artifact-builder'], }; diff --git a/x-pack/packages/ai-infra/product-doc-artifact-builder/kibana.jsonc b/x-pack/packages/ai-infra/product-doc-artifact-builder/kibana.jsonc new file mode 100644 index 0000000000000..7b5a85fd5b7c8 --- /dev/null +++ b/x-pack/packages/ai-infra/product-doc-artifact-builder/kibana.jsonc @@ -0,0 +1,6 @@ +{ + "type": "shared-common", + "id": "@kbn/product-doc-artifact-builder", + "owner": "@elastic/appex-ai-infra", + "devOnly": true +} diff --git a/x-pack/packages/ai-infra/product-doc-artifact-builder/package.json b/x-pack/packages/ai-infra/product-doc-artifact-builder/package.json new file mode 100644 index 0000000000000..b1a22882bb329 --- /dev/null +++ b/x-pack/packages/ai-infra/product-doc-artifact-builder/package.json @@ -0,0 +1,6 @@ +{ + "name": "@kbn/product-doc-artifact-builder", + "private": true, + "version": "1.0.0", + "license": "Elastic License 2.0" +} \ No newline at end of file diff --git a/x-pack/packages/ai-infra/product-doc-artifact-builder/src/artifact/artifact_name.ts b/x-pack/packages/ai-infra/product-doc-artifact-builder/src/artifact/artifact_name.ts new file mode 100644 index 0000000000000..678b17088c7b4 --- /dev/null +++ b/x-pack/packages/ai-infra/product-doc-artifact-builder/src/artifact/artifact_name.ts @@ -0,0 +1,16 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export const getArtifactName = ({ + productName, + productVersion, +}: { + productName: string; + productVersion: string; +}): string => { + return `kibana-kb-${productName}-${productVersion}.zip`.toLowerCase(); +}; diff --git a/x-pack/packages/ai-infra/product-doc-artifact-builder/src/artifact/manifest.ts b/x-pack/packages/ai-infra/product-doc-artifact-builder/src/artifact/manifest.ts new file mode 100644 index 0000000000000..cbebcdc22981b --- /dev/null +++ b/x-pack/packages/ai-infra/product-doc-artifact-builder/src/artifact/manifest.ts @@ -0,0 +1,26 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export interface ArtifactManifest { + formatVersion: string; + productName: string; + productVersion: string; +} + +export const getArtifactManifest = ({ + productName, + stackVersion, +}: { + productName: string; + stackVersion: string; +}): ArtifactManifest => { + return { + formatVersion: '1.0.0', + productName, + productVersion: stackVersion, + }; +}; diff --git a/x-pack/packages/ai-infra/product-doc-artifact-builder/src/artifact/mappings.ts b/x-pack/packages/ai-infra/product-doc-artifact-builder/src/artifact/mappings.ts new file mode 100644 index 0000000000000..ae84ae60616a3 --- /dev/null +++ b/x-pack/packages/ai-infra/product-doc-artifact-builder/src/artifact/mappings.ts @@ -0,0 +1,39 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { MappingTypeMapping } from '@elastic/elasticsearch/lib/api/types'; + +export const getArtifactMappings = (inferenceEndpoint: string): MappingTypeMapping => { + return { + dynamic: 'strict', + properties: { + content_title: { type: 'text' }, + content_body: { + type: 'semantic_text', + inference_id: inferenceEndpoint, + }, + product_name: { type: 'keyword' }, + root_type: { type: 'keyword' }, + slug: { type: 'keyword' }, + url: { type: 'keyword' }, + version: { type: 'version' }, + ai_subtitle: { + type: 'semantic_text', + inference_id: inferenceEndpoint, + }, + ai_summary: { + type: 'semantic_text', + inference_id: inferenceEndpoint, + }, + ai_questions_answered: { + type: 'semantic_text', + inference_id: inferenceEndpoint, + }, + ai_tags: { type: 'keyword' }, + }, + }; +}; diff --git a/x-pack/packages/ai-infra/product-doc-artifact-builder/src/artifact/product_name.ts b/x-pack/packages/ai-infra/product-doc-artifact-builder/src/artifact/product_name.ts new file mode 100644 index 0000000000000..cfcc141323f4f --- /dev/null +++ b/x-pack/packages/ai-infra/product-doc-artifact-builder/src/artifact/product_name.ts @@ -0,0 +1,11 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +/** + * The allowed product names, as found in the source's cluster + */ +export const sourceProductNames = ['Kibana', 'Elasticsearch', 'Security', 'Observability']; diff --git a/x-pack/packages/ai-infra/product-doc-artifact-builder/src/build_artifacts.ts b/x-pack/packages/ai-infra/product-doc-artifact-builder/src/build_artifacts.ts new file mode 100644 index 0000000000000..bbde3310f8e3a --- /dev/null +++ b/x-pack/packages/ai-infra/product-doc-artifact-builder/src/build_artifacts.ts @@ -0,0 +1,161 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import Path from 'path'; +import { Client } from '@elastic/elasticsearch'; +import { ToolingLog } from '@kbn/tooling-log'; +import { + // checkConnectivity, + createTargetIndex, + extractDocumentation, + indexDocuments, + installElser, + createChunkFiles, + createArtifact, + cleanupFolders, + deleteIndex, +} from './tasks'; +import type { TaskConfig } from './types'; + +const getSourceClient = (config: TaskConfig) => { + return new Client({ + compression: true, + nodes: [config.sourceClusterUrl], + sniffOnStart: false, + auth: { + username: config.sourceClusterUsername, + password: config.sourceClusterPassword, + }, + }); +}; + +const getEmbeddingClient = (config: TaskConfig) => { + return new Client({ + compression: true, + nodes: [config.embeddingClusterUrl], + auth: { + username: config.embeddingClusterUsername, + password: config.embeddingClusterPassword, + }, + // generating embeddings takes time + requestTimeout: 10 * 60 * 1000, + }); +}; + +export const buildArtifacts = async (config: TaskConfig) => { + const log = new ToolingLog({ + level: 'info', + writeTo: process.stdout, + }); + + log.info( + `Starting building artifacts for version=[${ + config.stackVersion + }] and products=[${config.productNames.join(',')}]` + ); + + const sourceClient = getSourceClient(config); + const embeddingClient = getEmbeddingClient(config); + + // log.info('Checking connectivity against clusters'); + // await checkConnectivity({ sourceClient, embeddingClient }); + + await cleanupFolders({ folders: [config.buildFolder] }); + + log.info('Ensuring ELSER is installed on the embedding cluster'); + await installElser({ client: embeddingClient }); + + for (const productName of config.productNames) { + await buildArtifact({ + productName, + stackVersion: config.stackVersion, + buildFolder: config.buildFolder, + targetFolder: config.targetFolder, + sourceClient, + embeddingClient, + log, + }); + } + + await cleanupFolders({ folders: [config.buildFolder] }); +}; + +const buildArtifact = async ({ + productName, + stackVersion, + buildFolder, + targetFolder, + embeddingClient, + sourceClient, + log, +}: { + productName: string; + stackVersion: string; + buildFolder: string; + targetFolder: string; + sourceClient: Client; + embeddingClient: Client; + log: ToolingLog; +}) => { + log.info(`Starting building artifact for product [${productName}] and version [${stackVersion}]`); + + const targetIndex = getTargetIndexName({ productName, stackVersion }); + + const documents = await extractDocumentation({ + client: sourceClient, + index: 'search-docs-1', + log, + productName, + stackVersion, + }); + + await createTargetIndex({ + client: embeddingClient, + indexName: targetIndex, + }); + + await indexDocuments({ + client: embeddingClient, + index: targetIndex, + documents, + log, + }); + + await createChunkFiles({ + index: targetIndex, + client: embeddingClient, + productName, + destFolder: Path.join(buildFolder, productName), + log, + }); + + await createArtifact({ + buildFolder: Path.join(buildFolder, productName), + targetFolder, + productName, + stackVersion, + log, + }); + + await deleteIndex({ + indexName: targetIndex, + client: embeddingClient, + log, + }); + + log.info(`Finished building artifact for product [${productName}] and version [${stackVersion}]`); +}; + +const getTargetIndexName = ({ + productName, + stackVersion, +}: { + productName: string; + stackVersion: string; +}) => { + return `kb-artifact-builder-${productName}-${stackVersion}`.toLowerCase(); +}; diff --git a/x-pack/packages/ai-infra/product-doc-artifact-builder/src/command.ts b/x-pack/packages/ai-infra/product-doc-artifact-builder/src/command.ts new file mode 100644 index 0000000000000..49af1d158db83 --- /dev/null +++ b/x-pack/packages/ai-infra/product-doc-artifact-builder/src/command.ts @@ -0,0 +1,97 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import Path from 'path'; +import { REPO_ROOT } from '@kbn/repo-info'; +import yargs from 'yargs'; +import type { TaskConfig } from './types'; +import { buildArtifacts } from './build_artifacts'; +import { sourceProductNames } from './artifact/product_name'; + +function options(y: yargs.Argv) { + return y + .option('productName', { + describe: 'name of products to generate documentation for', + array: true, + choices: sourceProductNames, + default: ['Kibana'], + }) + .option('stackVersion', { + describe: 'The stack version to generate documentation for', + string: true, + default: '8.16', // TODO: master is on 9.0 now, not sure we can default to version in package.json? + }) + .option('targetFolder', { + describe: 'The folder to generate the artifacts in', + string: true, + default: Path.join(REPO_ROOT, 'build', 'kb-artifacts'), + }) + .option('buildFolder', { + describe: 'The folder to use for temporary files', + string: true, + default: Path.join(REPO_ROOT, 'build', 'temp-kb-artifacts'), + }) + .option('sourceClusterUrl', { + describe: 'The source cluster url', + string: true, + demandOption: true, + default: process.env.KIBANA_SOURCE_CLUSTER_URL, + }) + .option('sourceClusterUsername', { + describe: 'The source cluster username', + string: true, + demandOption: true, + default: process.env.KIBANA_SOURCE_CLUSTER_USERNAME, + }) + .option('sourceClusterPassword', { + describe: 'The source cluster password', + string: true, + demandOption: true, + default: process.env.KIBANA_SOURCE_CLUSTER_PASSWORD, + }) + .option('embeddingClusterUrl', { + describe: 'The embedding cluster url', + string: true, + demandOption: true, + default: process.env.KIBANA_EMBEDDING_CLUSTER_URL, + }) + .option('embeddingClusterUsername', { + describe: 'The embedding cluster username', + string: true, + demandOption: true, + default: process.env.KIBANA_EMBEDDING_CLUSTER_USERNAME, + }) + .option('embeddingClusterPassword', { + describe: 'The embedding cluster password', + string: true, + demandOption: true, + default: process.env.KIBANA_EMBEDDING_CLUSTER_PASSWORD, + }) + .locale('en'); +} + +export function runScript() { + yargs(process.argv.slice(2)) + .command('*', 'Build knowledge base artifacts', options, async (argv) => { + // argv contains additional entries - let's keep our input clear + const taskConfig: TaskConfig = { + productNames: argv.productName, + stackVersion: argv.stackVersion, + buildFolder: argv.buildFolder, + targetFolder: argv.targetFolder, + sourceClusterUrl: argv.sourceClusterUrl!, + sourceClusterUsername: argv.sourceClusterUsername!, + sourceClusterPassword: argv.sourceClusterPassword!, + embeddingClusterUrl: argv.embeddingClusterUrl!, + embeddingClusterUsername: argv.embeddingClusterUsername!, + embeddingClusterPassword: argv.embeddingClusterPassword!, + }; + + return buildArtifacts(taskConfig); + }) + .parse(); +} diff --git a/x-pack/packages/ai-infra/product-doc-artifact-builder/src/tasks/check_connectivity.ts b/x-pack/packages/ai-infra/product-doc-artifact-builder/src/tasks/check_connectivity.ts new file mode 100644 index 0000000000000..aaf2be6bf12e5 --- /dev/null +++ b/x-pack/packages/ai-infra/product-doc-artifact-builder/src/tasks/check_connectivity.ts @@ -0,0 +1,18 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { Client } from '@elastic/elasticsearch'; + +export const checkConnectivity = async ({ + sourceClient, + embeddingClient, +}: { + sourceClient: Client; + embeddingClient: Client; +}) => { + await Promise.all([sourceClient.ping(), embeddingClient.ping()]); +}; diff --git a/x-pack/plugins/observability_solution/apm/public/context/entity_manager_context/use_entity_manager_enablement_context.ts b/x-pack/packages/ai-infra/product-doc-artifact-builder/src/tasks/cleanup_folders.ts similarity index 53% rename from x-pack/plugins/observability_solution/apm/public/context/entity_manager_context/use_entity_manager_enablement_context.ts rename to x-pack/packages/ai-infra/product-doc-artifact-builder/src/tasks/cleanup_folders.ts index 83942af2e7715..3ae364d61f20e 100644 --- a/x-pack/plugins/observability_solution/apm/public/context/entity_manager_context/use_entity_manager_enablement_context.ts +++ b/x-pack/packages/ai-infra/product-doc-artifact-builder/src/tasks/cleanup_folders.ts @@ -5,9 +5,8 @@ * 2.0. */ -import { useContext } from 'react'; -import { EntityManagerEnablementContext } from './entity_manager_context'; +import { rm } from 'fs/promises'; -export function useEntityManagerEnablementContext() { - return useContext(EntityManagerEnablementContext); -} +export const cleanupFolders = async ({ folders }: { folders: string[] }) => { + await Promise.all(folders.map((folder) => rm(folder, { recursive: true, force: true }))); +}; diff --git a/x-pack/packages/ai-infra/product-doc-artifact-builder/src/tasks/create_artifact.ts b/x-pack/packages/ai-infra/product-doc-artifact-builder/src/tasks/create_artifact.ts new file mode 100644 index 0000000000000..343099876585a --- /dev/null +++ b/x-pack/packages/ai-infra/product-doc-artifact-builder/src/tasks/create_artifact.ts @@ -0,0 +1,51 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import Path from 'path'; +import AdmZip from 'adm-zip'; +import type { ToolingLog } from '@kbn/tooling-log'; +import { getArtifactMappings } from '../artifact/mappings'; +import { getArtifactManifest } from '../artifact/manifest'; +import { getArtifactName } from '../artifact/artifact_name'; + +export const createArtifact = async ({ + productName, + stackVersion, + buildFolder, + targetFolder, + log, +}: { + buildFolder: string; + targetFolder: string; + productName: string; + stackVersion: string; + log: ToolingLog; +}) => { + log.info( + `Starting to create artifact from build folder [${buildFolder}] into target [${targetFolder}]` + ); + + const zip = new AdmZip(); + + const mappings = getArtifactMappings('.default-elser'); + const mappingFileContent = JSON.stringify(mappings, undefined, 2); + zip.addFile('mappings.json', Buffer.from(mappingFileContent, 'utf-8')); + + const manifest = getArtifactManifest({ productName, stackVersion }); + const manifestFileContent = JSON.stringify(manifest, undefined, 2); + zip.addFile('manifest.json', Buffer.from(manifestFileContent, 'utf-8')); + + zip.addLocalFolder(buildFolder, 'content'); + + const artifactName = getArtifactName({ + productName, + productVersion: stackVersion, + }); + zip.writeZip(Path.join(targetFolder, artifactName)); + + log.info(`Finished creating artifact [${artifactName}]`); +}; diff --git a/x-pack/packages/ai-infra/product-doc-artifact-builder/src/tasks/create_chunk_files.ts b/x-pack/packages/ai-infra/product-doc-artifact-builder/src/tasks/create_chunk_files.ts new file mode 100644 index 0000000000000..8b0e7323c2886 --- /dev/null +++ b/x-pack/packages/ai-infra/product-doc-artifact-builder/src/tasks/create_chunk_files.ts @@ -0,0 +1,68 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import Path from 'path'; +import Fs from 'fs/promises'; +import type { Client } from '@elastic/elasticsearch'; +import type { ToolingLog } from '@kbn/tooling-log'; + +const fileSizeLimit = 250_000; + +export const createChunkFiles = async ({ + index, + productName, + destFolder, + client, + log, +}: { + index: string; + productName: string; + destFolder: string; + client: Client; + log: ToolingLog; +}) => { + log.info(`Starting to create chunk files in directory [${destFolder}]`); + + const searchRes = await client.search({ + index, + size: 10000, + query: { + bool: { + must: [{ term: { product_name: productName } }], + }, + }, + }); + + await Fs.mkdir(destFolder, { recursive: true }); + + let chunkNumber = 1; + let chunkDocCount = 0; + let chunkContent: string = ''; + + const writeCurrentChunk = async () => { + const chunkFileName = `content-${chunkNumber}.ndjson`; + log.info(`Writing chunk file ${chunkFileName} containing ${chunkDocCount} docs`); + await Fs.writeFile(Path.join(destFolder, chunkFileName), chunkContent); + chunkContent = ''; + chunkDocCount = 0; + chunkNumber++; + }; + + for (let i = 0; i < searchRes.hits.hits.length; i++) { + const hit = searchRes.hits.hits[i]; + chunkContent += JSON.stringify(hit._source) + '\n'; + chunkDocCount++; + if ( + Buffer.byteLength(chunkContent, 'utf8') > fileSizeLimit || + i === searchRes.hits.hits.length - 1 + ) { + await writeCurrentChunk(); + } + } + + log.info(`Finished creating chunk files`); +}; diff --git a/x-pack/packages/ai-infra/product-doc-artifact-builder/src/tasks/create_index.ts b/x-pack/packages/ai-infra/product-doc-artifact-builder/src/tasks/create_index.ts new file mode 100644 index 0000000000000..e4f24725883ab --- /dev/null +++ b/x-pack/packages/ai-infra/product-doc-artifact-builder/src/tasks/create_index.ts @@ -0,0 +1,51 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { Client } from '@elastic/elasticsearch'; +import type { MappingTypeMapping } from '@elastic/elasticsearch/lib/api/types'; + +const mappings: MappingTypeMapping = { + dynamic: 'strict', + properties: { + content_title: { type: 'text' }, + content_body: { + type: 'semantic_text', + inference_id: 'kibana-elser2', + }, + product_name: { type: 'keyword' }, + root_type: { type: 'keyword' }, + slug: { type: 'keyword' }, + url: { type: 'keyword' }, + version: { type: 'version' }, + ai_subtitle: { + type: 'semantic_text', + inference_id: 'kibana-elser2', + }, + ai_summary: { + type: 'semantic_text', + inference_id: 'kibana-elser2', + }, + ai_questions_answered: { + type: 'semantic_text', + inference_id: 'kibana-elser2', + }, + ai_tags: { type: 'keyword' }, + }, +}; + +export const createTargetIndex = async ({ + indexName, + client, +}: { + indexName: string; + client: Client; +}) => { + await client.indices.create({ + index: indexName, + mappings, + }); +}; diff --git a/x-pack/packages/ai-infra/product-doc-artifact-builder/src/tasks/delete_index.ts b/x-pack/packages/ai-infra/product-doc-artifact-builder/src/tasks/delete_index.ts new file mode 100644 index 0000000000000..6daacae1f92de --- /dev/null +++ b/x-pack/packages/ai-infra/product-doc-artifact-builder/src/tasks/delete_index.ts @@ -0,0 +1,27 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { Client } from '@elastic/elasticsearch'; +import type { ToolingLog } from '@kbn/tooling-log'; + +export const deleteIndex = async ({ + indexName, + client, + log, +}: { + indexName: string; + client: Client; + log: ToolingLog; +}) => { + log.info(`Deleting index ${indexName}`); + await client.indices.delete( + { + index: indexName, + }, + { ignore: [404] } + ); +}; diff --git a/x-pack/packages/ai-infra/product-doc-artifact-builder/src/tasks/extract_documentation.ts b/x-pack/packages/ai-infra/product-doc-artifact-builder/src/tasks/extract_documentation.ts new file mode 100644 index 0000000000000..f1dd051394bbd --- /dev/null +++ b/x-pack/packages/ai-infra/product-doc-artifact-builder/src/tasks/extract_documentation.ts @@ -0,0 +1,102 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { Client } from '@elastic/elasticsearch'; +import type { SearchHit } from '@elastic/elasticsearch/lib/api/types'; +import type { ToolingLog } from '@kbn/tooling-log'; + +/** the list of fields to import from the source cluster */ +const fields = [ + 'content_title', + 'content_body', + 'product_name', // "Kibana", "Elasticsearch" + 'category', // "documentation" + 'slug', + 'url', + 'version', + 'ai_fields.ai_subtitle', + 'ai_fields.ai_summary', + 'ai_fields.ai_questions_answered', + 'ai_fields.ai_tags', +]; + +export interface ExtractedDocument { + content_title: string; + content_body: string; + product_name: string; + root_type: string; + slug: string; + url: string; + version: string; + ai_subtitle: string; + ai_summary: string; + ai_questions_answered: string[]; + ai_tags: string[]; +} + +const convertHit = (hit: SearchHit): ExtractedDocument => { + const source = hit._source; + return { + content_title: source.content_title, + content_body: source.content_body, + product_name: source.product_name, + root_type: 'documentation', + slug: source.slug, + url: source.url, + version: source.version, + ai_subtitle: source.ai_fields.ai_subtitle, + ai_summary: source.ai_fields.ai_summary, + ai_questions_answered: source.ai_fields.ai_questions_answered, + ai_tags: source.ai_fields.ai_tags, + }; +}; + +export const extractDocumentation = async ({ + client, + index, + stackVersion, + productName, + log, +}: { + client: Client; + index: string; + stackVersion: string; + productName: string; + log: ToolingLog; +}) => { + log.info(`Starting to extract documents from source cluster`); + + const response = await client.search({ + index, + size: 10000, + query: { + bool: { + must: [ + { term: { product_name: productName } }, + { term: { version: stackVersion } }, + { exists: { field: 'ai_fields.ai_summary' } }, + ], + }, + }, + fields, + }); + + const totalHits = + typeof response.hits.total === 'number' + ? response.hits.total // This format is to be removed in 8.0 + : response.hits.total?.value ?? response.hits.hits.length; + + if (totalHits > 10_000) { + throw new Error('Found more than 10k documents to extract - aborting'); + } + + log.info( + `Finished extracting documents from source. ${response.hits.hits.length} documents were extracted` + ); + + return response.hits.hits.map(convertHit); +}; diff --git a/x-pack/packages/ai-infra/product-doc-artifact-builder/src/tasks/index.ts b/x-pack/packages/ai-infra/product-doc-artifact-builder/src/tasks/index.ts new file mode 100644 index 0000000000000..0c63431362329 --- /dev/null +++ b/x-pack/packages/ai-infra/product-doc-artifact-builder/src/tasks/index.ts @@ -0,0 +1,17 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export { extractDocumentation } from './extract_documentation'; +export { indexDocuments } from './index_documents'; +export { createTargetIndex } from './create_index'; +export { installElser } from './install_elser'; +export { createChunkFiles } from './create_chunk_files'; +export { performSemanticSearch } from './perform_semantic_search'; +export { checkConnectivity } from './check_connectivity'; +export { createArtifact } from './create_artifact'; +export { cleanupFolders } from './cleanup_folders'; +export { deleteIndex } from './delete_index'; diff --git a/x-pack/packages/ai-infra/product-doc-artifact-builder/src/tasks/index_documents.ts b/x-pack/packages/ai-infra/product-doc-artifact-builder/src/tasks/index_documents.ts new file mode 100644 index 0000000000000..120d71e3f2947 --- /dev/null +++ b/x-pack/packages/ai-infra/product-doc-artifact-builder/src/tasks/index_documents.ts @@ -0,0 +1,50 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { chunk as toChunks } from 'lodash'; +import type { Client } from '@elastic/elasticsearch'; +import type { BulkRequest } from '@elastic/elasticsearch/lib/api/types'; +import type { ToolingLog } from '@kbn/tooling-log'; +import type { ExtractedDocument } from './extract_documentation'; + +const indexingChunkSize = 10; + +export const indexDocuments = async ({ + index, + client, + documents, + log, +}: { + index: string; + documents: ExtractedDocument[]; + client: Client; + log: ToolingLog; +}) => { + const chunks = toChunks(documents, indexingChunkSize); + + log.info(`Starting indexing process`); + + for (let i = 0; i < chunks.length; i++) { + const chunk = chunks[i]; + const before = Date.now(); + await client.bulk( + { + refresh: 'wait_for', + operations: chunk.reduce((operations, document) => { + operations!.push(...[{ index: { _index: index } }, document]); + return operations; + }, [] as BulkRequest['operations']), + }, + { requestTimeout: 10 * 60 * 1000 } + ); + + const duration = Date.now() - before; + log.info(`Indexed ${i + 1} of ${chunks.length} chunks (took ${duration}ms)`); + } + + log.info(`Finished indexing process`); +}; diff --git a/x-pack/packages/ai-infra/product-doc-artifact-builder/src/tasks/install_elser.ts b/x-pack/packages/ai-infra/product-doc-artifact-builder/src/tasks/install_elser.ts new file mode 100644 index 0000000000000..037a9e809d1e1 --- /dev/null +++ b/x-pack/packages/ai-infra/product-doc-artifact-builder/src/tasks/install_elser.ts @@ -0,0 +1,74 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { Client } from '@elastic/elasticsearch'; + +const inferenceEndpointId = 'kibana-elser2'; + +export const installElser = async ({ client }: { client: Client }) => { + const getInferenceRes = await client.inference.get( + { + task_type: 'sparse_embedding', + inference_id: 'kibana-elser2', + }, + { ignore: [404] } + ); + + const installed = (getInferenceRes.endpoints ?? []).some( + (endpoint) => endpoint.inference_id === inferenceEndpointId + ); + + if (!installed) { + await client.inference.put({ + task_type: 'sparse_embedding', + inference_id: inferenceEndpointId, + inference_config: { + service: 'elser', + service_settings: { + num_allocations: 1, + num_threads: 1, + model_id: '.elser_model_2', + }, + task_settings: {}, + }, + }); + } + + await waitUntilDeployed({ + modelId: '.elser_model_2', + client, + }); +}; + +const waitUntilDeployed = async ({ + modelId, + client, + maxRetries = 20, + delay = 2000, +}: { + modelId: string; + client: Client; + maxRetries?: number; + delay?: number; +}) => { + for (let i = 0; i < maxRetries; i++) { + const statsRes = await client.ml.getTrainedModelsStats({ + model_id: modelId, + }); + const deploymentStats = statsRes.trained_model_stats[0]?.deployment_stats; + // @ts-expect-error deploymentStats.nodes not defined as array even if it is. + if (!deploymentStats || deploymentStats.nodes.length === 0) { + await sleep(delay); + continue; + } + return; + } + + throw new Error(`Timeout waiting for ML model ${modelId} to be deployed`); +}; + +const sleep = (ms: number) => new Promise((resolve) => setTimeout(resolve, ms)); diff --git a/x-pack/packages/ai-infra/product-doc-artifact-builder/src/tasks/perform_semantic_search.ts b/x-pack/packages/ai-infra/product-doc-artifact-builder/src/tasks/perform_semantic_search.ts new file mode 100644 index 0000000000000..373a6b8755429 --- /dev/null +++ b/x-pack/packages/ai-infra/product-doc-artifact-builder/src/tasks/perform_semantic_search.ts @@ -0,0 +1,92 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { Client } from '@elastic/elasticsearch'; + +// https://search-labs.elastic.co/search-labs/blog/elser-rag-search-for-relevance + +export const performSemanticSearch = async ({ + searchQuery, + index, + client, +}: { + searchQuery: string; + index: string; + client: Client; +}) => { + const results = await client.search({ + index, + size: 3, + query: { + bool: { + filter: { + bool: { + must: [{ term: { version: '8.15' } }], + }, + }, + should: [ + { + multi_match: { + query: searchQuery, + minimum_should_match: '1<-1 3<49%', + type: 'cross_fields', + fields: [ + 'content_title', + 'content_body.text', + 'ai_subtitle.text', + 'ai_summary.text', + 'ai_questions_answered.text', + 'ai_tags', + ], + }, + }, + { + multi_match: { + query: searchQuery, + type: 'phrase', + boost: 3, + slop: 0, + fields: [ + 'content_title.stem', + 'content_body.stem', + 'ai_subtitle.stem', + 'ai_summary.stem', + 'ai_questions_answered.stem', + ], + }, + }, + { + semantic: { + field: 'content_body', + query: searchQuery, + }, + }, + { + semantic: { + field: 'ai_subtitle', + query: searchQuery, + }, + }, + { + semantic: { + field: 'ai_summary', + query: searchQuery, + }, + }, + { + semantic: { + field: 'ai_questions_answered', + query: searchQuery, + }, + }, + ], + }, + }, + }); + + return results.hits.hits; +}; diff --git a/x-pack/packages/ai-infra/product-doc-artifact-builder/src/types.ts b/x-pack/packages/ai-infra/product-doc-artifact-builder/src/types.ts new file mode 100644 index 0000000000000..d2acfb5774500 --- /dev/null +++ b/x-pack/packages/ai-infra/product-doc-artifact-builder/src/types.ts @@ -0,0 +1,19 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export interface TaskConfig { + productNames: string[]; + stackVersion: string; + buildFolder: string; + targetFolder: string; + sourceClusterUrl: string; + sourceClusterUsername: string; + sourceClusterPassword: string; + embeddingClusterUrl: string; + embeddingClusterUsername: string; + embeddingClusterPassword: string; +} diff --git a/x-pack/packages/ai-infra/product-doc-artifact-builder/tsconfig.json b/x-pack/packages/ai-infra/product-doc-artifact-builder/tsconfig.json new file mode 100644 index 0000000000000..508d4c715d0a7 --- /dev/null +++ b/x-pack/packages/ai-infra/product-doc-artifact-builder/tsconfig.json @@ -0,0 +1,20 @@ +{ + "extends": "../../../../tsconfig.base.json", + "compilerOptions": { + "outDir": "target/types", + "types": [ + "jest", + "node" + ] + }, + "include": [ + "**/*.ts", + ], + "exclude": [ + "target/**/*" + ], + "kbn_references": [ + "@kbn/tooling-log", + "@kbn/repo-info", + ] +} diff --git a/x-pack/packages/kbn-cloud-security-posture-common/constants.ts b/x-pack/packages/kbn-cloud-security-posture-common/constants.ts index 0e8b1b3e16cfa..7ff50efdd9489 100644 --- a/x-pack/packages/kbn-cloud-security-posture-common/constants.ts +++ b/x-pack/packages/kbn-cloud-security-posture-common/constants.ts @@ -4,6 +4,8 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { VulnSeverity } from './types/vulnerabilities'; + export const KSPM_POLICY_TEMPLATE = 'kspm'; export const CSPM_POLICY_TEMPLATE = 'cspm'; export const CDR_LATEST_NATIVE_MISCONFIGURATIONS_INDEX_PATTERN = @@ -33,3 +35,11 @@ export const CDR_LATEST_THIRD_PARTY_VULNERABILITIES_INDEX_PATTERN = 'security_solution-*.vulnerability_latest'; export const CDR_VULNERABILITIES_INDEX_PATTERN = `${CDR_LATEST_THIRD_PARTY_VULNERABILITIES_INDEX_PATTERN},${CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN}`; export const LATEST_VULNERABILITIES_RETENTION_POLICY = '3d'; + +export const VULNERABILITIES_SEVERITY: Record = { + LOW: 'LOW', + MEDIUM: 'MEDIUM', + HIGH: 'HIGH', + CRITICAL: 'CRITICAL', + UNKNOWN: 'UNKNOWN', +}; diff --git a/x-pack/packages/kbn-cloud-security-posture-common/utils/helpers.test.ts b/x-pack/packages/kbn-cloud-security-posture-common/utils/helpers.test.ts index d920a8dc25165..0248cdf9b6e36 100644 --- a/x-pack/packages/kbn-cloud-security-posture-common/utils/helpers.test.ts +++ b/x-pack/packages/kbn-cloud-security-posture-common/utils/helpers.test.ts @@ -153,7 +153,7 @@ describe('test helper methods', () => { filter: [ { bool: { - should: [{ term: { 'host.name': { value: 'exampleHost' } } }], + should: [{ term: { 'host.name': 'exampleHost' } }], minimum_should_match: 1, }, }, @@ -171,7 +171,7 @@ describe('test helper methods', () => { filter: [ { bool: { - should: [{ term: { 'host.name': { value: '' } } }], + should: [{ term: { 'host.name': '' } }], minimum_should_match: 1, }, }, diff --git a/x-pack/packages/kbn-cloud-security-posture-common/utils/helpers.ts b/x-pack/packages/kbn-cloud-security-posture-common/utils/helpers.ts index 1c593fcebf545..7039c99af6d53 100644 --- a/x-pack/packages/kbn-cloud-security-posture-common/utils/helpers.ts +++ b/x-pack/packages/kbn-cloud-security-posture-common/utils/helpers.ts @@ -48,7 +48,13 @@ export const buildEntityFlyoutPreviewQuery = (field: string, queryValue?: string filter: [ { bool: { - should: [{ term: { [field]: { value: `${queryValue || ''}` } } }], + should: [ + { + term: { + [field]: `${queryValue || ''}`, + }, + }, + ], minimum_should_match: 1, }, }, diff --git a/x-pack/packages/kbn-cloud-security-posture/index.ts b/x-pack/packages/kbn-cloud-security-posture/index.ts index 895624ba805e7..73b77376db46c 100644 --- a/x-pack/packages/kbn-cloud-security-posture/index.ts +++ b/x-pack/packages/kbn-cloud-security-posture/index.ts @@ -12,3 +12,5 @@ export type { NavFilter } from './src/hooks/use_navigate_findings'; export { showErrorToast } from './src/utils/show_error_toast'; export { encodeQuery, decodeQuery } from './src/utils/query_utils'; export { CspEvaluationBadge } from './src/components/csp_evaluation_badge'; +export { getSeverityStatusColor } from './src/utils/get_vulnerability_colors'; +export { getSeverityText } from './src/utils/get_vulnerability_text'; diff --git a/x-pack/packages/kbn-cloud-security-posture/src/hooks/use_misconfiguration_findings.ts b/x-pack/packages/kbn-cloud-security-posture/src/hooks/use_misconfiguration_findings.ts index aee35ca602ef8..fe25224cf417a 100644 --- a/x-pack/packages/kbn-cloud-security-posture/src/hooks/use_misconfiguration_findings.ts +++ b/x-pack/packages/kbn-cloud-security-posture/src/hooks/use_misconfiguration_findings.ts @@ -14,7 +14,7 @@ import type { CspClientPluginStartDeps, LatestFindingsRequest, LatestFindingsResponse, - UseMisconfigurationOptions, + UseCspOptions, } from '../../type'; import { useGetCspBenchmarkRulesStatesApi } from './use_get_benchmark_rules_state_api'; @@ -23,7 +23,7 @@ import { getMisconfigurationAggregationCount, } from '../utils/hooks_utils'; -export const useMisconfigurationFindings = (options: UseMisconfigurationOptions) => { +export const useMisconfigurationFindings = (options: UseCspOptions) => { const { data, notifications: { toasts }, diff --git a/x-pack/packages/kbn-cloud-security-posture/src/hooks/use_misconfiguration_preview.ts b/x-pack/packages/kbn-cloud-security-posture/src/hooks/use_misconfiguration_preview.ts index 9828bb32c7752..4711cd752ee5f 100644 --- a/x-pack/packages/kbn-cloud-security-posture/src/hooks/use_misconfiguration_preview.ts +++ b/x-pack/packages/kbn-cloud-security-posture/src/hooks/use_misconfiguration_preview.ts @@ -13,7 +13,7 @@ import type { CspClientPluginStartDeps, LatestFindingsRequest, LatestFindingsResponse, - UseMisconfigurationOptions, + UseCspOptions, } from '../../type'; import { useGetCspBenchmarkRulesStatesApi } from './use_get_benchmark_rules_state_api'; import { @@ -21,7 +21,7 @@ import { getMisconfigurationAggregationCount, } from '../utils/hooks_utils'; -export const useMisconfigurationPreview = (options: UseMisconfigurationOptions) => { +export const useMisconfigurationPreview = (options: UseCspOptions) => { const { data, notifications: { toasts }, diff --git a/x-pack/packages/kbn-cloud-security-posture/src/hooks/use_vulnerabilities_preview.ts b/x-pack/packages/kbn-cloud-security-posture/src/hooks/use_vulnerabilities_preview.ts new file mode 100644 index 0000000000000..00ca9691b013f --- /dev/null +++ b/x-pack/packages/kbn-cloud-security-posture/src/hooks/use_vulnerabilities_preview.ts @@ -0,0 +1,90 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ +import { useQuery } from '@tanstack/react-query'; +import { useKibana } from '@kbn/kibana-react-plugin/public'; +import { lastValueFrom } from 'rxjs'; +import type { IKibanaSearchResponse, IKibanaSearchRequest } from '@kbn/search-types'; +import { + SearchRequest, + SearchResponse, + AggregationsMultiBucketAggregateBase, + AggregationsStringRareTermsBucketKeys, +} from '@elastic/elasticsearch/lib/api/typesWithBodyKey'; +import { + CDR_VULNERABILITIES_INDEX_PATTERN, + LATEST_VULNERABILITIES_RETENTION_POLICY, +} from '@kbn/cloud-security-posture-common'; +import type { CspVulnerabilityFinding } from '@kbn/cloud-security-posture-common/schema/vulnerabilities/latest'; +import type { CoreStart } from '@kbn/core/public'; +import type { CspClientPluginStartDeps, UseCspOptions } from '../../type'; +import { showErrorToast } from '../..'; +import { + getFindingsCountAggQueryVulnerabilities, + getVulnerabilitiesAggregationCount, +} from '../utils/hooks_utils'; + +type LatestFindingsRequest = IKibanaSearchRequest; +type LatestFindingsResponse = IKibanaSearchResponse< + SearchResponse +>; + +interface FindingsAggs { + count: AggregationsMultiBucketAggregateBase; +} + +const getVulnerabilitiesQuery = ({ query }: UseCspOptions, isPreview = false) => ({ + index: CDR_VULNERABILITIES_INDEX_PATTERN, + size: 0, + aggs: getFindingsCountAggQueryVulnerabilities(), + ignore_unavailable: true, + query: { + ...query, + bool: { + ...query?.bool, + filter: [ + ...(query?.bool?.filter ?? []), + { + range: { + '@timestamp': { + gte: `now-${LATEST_VULNERABILITIES_RETENTION_POLICY}`, + lte: 'now', + }, + }, + }, + ], + }, + }, +}); + +export const useVulnerabilitiesPreview = (options: UseCspOptions) => { + const { + data, + notifications: { toasts }, + } = useKibana().services; + + return useQuery( + ['csp_vulnerabilities_preview', { params: options }], + async () => { + const { + rawResponse: { aggregations }, + } = await lastValueFrom( + data.search.search({ + params: getVulnerabilitiesQuery(options), + }) + ); + + return { + count: getVulnerabilitiesAggregationCount(aggregations?.count?.buckets), + }; + }, + { + keepPreviousData: true, + enabled: options.enabled, + onError: (err: Error) => showErrorToast(toasts, err), + } + ); +}; diff --git a/x-pack/packages/kbn-cloud-security-posture/src/utils/get_vulnerabilitiy_colors.test.ts b/x-pack/packages/kbn-cloud-security-posture/src/utils/get_vulnerabilitiy_colors.test.ts new file mode 100644 index 0000000000000..0516faa7e83f7 --- /dev/null +++ b/x-pack/packages/kbn-cloud-security-posture/src/utils/get_vulnerabilitiy_colors.test.ts @@ -0,0 +1,30 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { euiThemeVars } from '@kbn/ui-theme'; +import { getSeverityStatusColor } from './get_vulnerability_colors'; +describe('getSeverityStatusColor', () => { + it('should return the correct color for LOW severity', () => { + expect(getSeverityStatusColor('LOW')).toBe(euiThemeVars.euiColorVis0); + }); + + it('should return the correct color for MEDIUM severity', () => { + expect(getSeverityStatusColor('MEDIUM')).toBe(euiThemeVars.euiColorVis5_behindText); + }); + + it('should return the correct color for HIGH severity', () => { + expect(getSeverityStatusColor('HIGH')).toBe(euiThemeVars.euiColorVis9_behindText); + }); + + it('should return the correct color for CRITICAL severity', () => { + expect(getSeverityStatusColor('CRITICAL')).toBe(euiThemeVars.euiColorDanger); + }); + + it('should return #aaa for an unknown severity', () => { + expect(getSeverityStatusColor('UNKNOWN')).toBe('#aaa'); + }); +}); diff --git a/x-pack/packages/kbn-cloud-security-posture/src/utils/get_vulnerability_colors.ts b/x-pack/packages/kbn-cloud-security-posture/src/utils/get_vulnerability_colors.ts new file mode 100644 index 0000000000000..7e651f790fd80 --- /dev/null +++ b/x-pack/packages/kbn-cloud-security-posture/src/utils/get_vulnerability_colors.ts @@ -0,0 +1,25 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { euiThemeVars } from '@kbn/ui-theme'; +import type { VulnSeverity } from '@kbn/cloud-security-posture-common'; +import { VULNERABILITIES_SEVERITY } from '@kbn/cloud-security-posture-common'; + +export const getSeverityStatusColor = (severity: VulnSeverity): string => { + switch (severity) { + case VULNERABILITIES_SEVERITY.LOW: + return euiThemeVars.euiColorVis0; + case VULNERABILITIES_SEVERITY.MEDIUM: + return euiThemeVars.euiColorVis5_behindText; + case VULNERABILITIES_SEVERITY.HIGH: + return euiThemeVars.euiColorVis9_behindText; + case VULNERABILITIES_SEVERITY.CRITICAL: + return euiThemeVars.euiColorDanger; + default: + return '#aaa'; + } +}; diff --git a/x-pack/packages/kbn-cloud-security-posture/src/utils/get_vulnerability_text.test.ts b/x-pack/packages/kbn-cloud-security-posture/src/utils/get_vulnerability_text.test.ts new file mode 100644 index 0000000000000..68a07d177c664 --- /dev/null +++ b/x-pack/packages/kbn-cloud-security-posture/src/utils/get_vulnerability_text.test.ts @@ -0,0 +1,29 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { getSeverityText } from './get_vulnerability_text'; +describe('getSeverityStatusColor', () => { + it('should return the correct color for LOW severity', () => { + expect(getSeverityText('LOW')).toBe('Low'); + }); + + it('should return the correct color for MEDIUM severity', () => { + expect(getSeverityText('MEDIUM')).toBe('Medium'); + }); + + it('should return the correct color for HIGH severity', () => { + expect(getSeverityText('HIGH')).toBe('High'); + }); + + it('should return the correct color for CRITICAL severity', () => { + expect(getSeverityText('CRITICAL')).toBe('Critical'); + }); + + it('should return #aaa for an unknown severity', () => { + expect(getSeverityText('UNKNOWN')).toBe('None'); + }); +}); diff --git a/x-pack/packages/kbn-cloud-security-posture/src/utils/get_vulnerability_text.ts b/x-pack/packages/kbn-cloud-security-posture/src/utils/get_vulnerability_text.ts new file mode 100644 index 0000000000000..c2042f5c6fd78 --- /dev/null +++ b/x-pack/packages/kbn-cloud-security-posture/src/utils/get_vulnerability_text.ts @@ -0,0 +1,24 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { VulnSeverity } from '@kbn/cloud-security-posture-common'; +import { VULNERABILITIES_SEVERITY } from '@kbn/cloud-security-posture-common'; + +export const getSeverityText = (severity: VulnSeverity): string => { + switch (severity) { + case VULNERABILITIES_SEVERITY.LOW: + return 'Low'; + case VULNERABILITIES_SEVERITY.MEDIUM: + return 'Medium'; + case VULNERABILITIES_SEVERITY.HIGH: + return 'High'; + case VULNERABILITIES_SEVERITY.CRITICAL: + return 'Critical'; + default: + return 'None'; + } +}; diff --git a/x-pack/packages/kbn-cloud-security-posture/src/utils/hooks_utils.test.ts b/x-pack/packages/kbn-cloud-security-posture/src/utils/hooks_utils.test.ts new file mode 100644 index 0000000000000..86e8f3c8f668b --- /dev/null +++ b/x-pack/packages/kbn-cloud-security-posture/src/utils/hooks_utils.test.ts @@ -0,0 +1,59 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type * as estypes from '@elastic/elasticsearch/lib/api/typesWithBodyKey'; +import { + AggregationBuckets, + getVulnerabilitiesAggregationCount, + VULNERABILITIES_RESULT_EVALUATION, +} from './hooks_utils'; + +describe('getVulnerabilitiesAggregationCount', () => { + it('should return default counts when nothing is provided', () => { + const result = { + [VULNERABILITIES_RESULT_EVALUATION.LOW]: 0, + [VULNERABILITIES_RESULT_EVALUATION.MEDIUM]: 0, + [VULNERABILITIES_RESULT_EVALUATION.HIGH]: 0, + [VULNERABILITIES_RESULT_EVALUATION.CRITICAL]: 0, + [VULNERABILITIES_RESULT_EVALUATION.NONE]: 0, + }; + expect(getVulnerabilitiesAggregationCount()).toEqual(result); + }); + + it('should return default counts when empty bucket is provided', () => { + const result = { + [VULNERABILITIES_RESULT_EVALUATION.LOW]: 0, + [VULNERABILITIES_RESULT_EVALUATION.MEDIUM]: 0, + [VULNERABILITIES_RESULT_EVALUATION.HIGH]: 0, + [VULNERABILITIES_RESULT_EVALUATION.CRITICAL]: 0, + [VULNERABILITIES_RESULT_EVALUATION.NONE]: 0, + }; + expect(getVulnerabilitiesAggregationCount({})).toEqual(result); + }); + + it('should return counts when provided with non empty buckets', () => { + const buckets: AggregationBuckets = { + [VULNERABILITIES_RESULT_EVALUATION.LOW]: { doc_count: 1 }, + [VULNERABILITIES_RESULT_EVALUATION.MEDIUM]: { doc_count: 2 }, + [VULNERABILITIES_RESULT_EVALUATION.HIGH]: { doc_count: 3 }, + [VULNERABILITIES_RESULT_EVALUATION.CRITICAL]: { doc_count: 4 }, + [VULNERABILITIES_RESULT_EVALUATION.NONE]: { doc_count: 5 }, + }; + + const vulnerabilitiesAggregrationCount = getVulnerabilitiesAggregationCount( + buckets as estypes.AggregationsBuckets + ); + const result = { + [VULNERABILITIES_RESULT_EVALUATION.LOW]: 1, + [VULNERABILITIES_RESULT_EVALUATION.MEDIUM]: 2, + [VULNERABILITIES_RESULT_EVALUATION.HIGH]: 3, + [VULNERABILITIES_RESULT_EVALUATION.CRITICAL]: 4, + [VULNERABILITIES_RESULT_EVALUATION.NONE]: 5, + }; + expect(vulnerabilitiesAggregrationCount).toEqual(result); + }); +}); diff --git a/x-pack/packages/kbn-cloud-security-posture/src/utils/hooks_utils.ts b/x-pack/packages/kbn-cloud-security-posture/src/utils/hooks_utils.ts index a1951f7327b40..d99fac8d6d96e 100644 --- a/x-pack/packages/kbn-cloud-security-posture/src/utils/hooks_utils.ts +++ b/x-pack/packages/kbn-cloud-security-posture/src/utils/hooks_utils.ts @@ -12,14 +12,14 @@ import { } from '@kbn/cloud-security-posture-common'; import type { CspBenchmarkRulesStates } from '@kbn/cloud-security-posture-common/schema/rules/latest'; import { buildMutedRulesFilter } from '@kbn/cloud-security-posture-common'; -import type { UseMisconfigurationOptions } from '../../type'; +import type { UseCspOptions } from '../../type'; const MISCONFIGURATIONS_SOURCE_FIELDS = ['result.*', 'rule.*', 'resource.*']; interface AggregationBucket { doc_count?: number; } -type AggregationBuckets = Record; +export type AggregationBuckets = Record; const RESULT_EVALUATION = { PASSED: 'passed', @@ -27,6 +27,14 @@ const RESULT_EVALUATION = { UNKNOWN: 'unknown', }; +export const VULNERABILITIES_RESULT_EVALUATION = { + LOW: 'LOW', + MEDIUM: 'MEDIUM', + HIGH: 'HIGH', + CRITICAL: 'CRITICAL', + NONE: 'NONE', +}; + export const getFindingsCountAggQueryMisconfiguration = () => ({ count: { filters: { @@ -64,7 +72,7 @@ export const getMisconfigurationAggregationCount = ( }; export const buildMisconfigurationsFindingsQuery = ( - { query }: UseMisconfigurationOptions, + { query }: UseCspOptions, rulesStates: CspBenchmarkRulesStates, isPreview = false ) => { @@ -81,7 +89,7 @@ export const buildMisconfigurationsFindingsQuery = ( }; const buildMisconfigurationsFindingsQueryWithFilters = ( - query: UseMisconfigurationOptions['query'], + query: UseCspOptions['query'], mutedRulesFilterQuery: estypes.QueryDslQueryContainer[] ) => { return { @@ -103,3 +111,53 @@ const buildMisconfigurationsFindingsQueryWithFilters = ( }, }; }; + +export const getVulnerabilitiesAggregationCount = ( + buckets?: estypes.AggregationsBuckets +) => { + const defaultBuckets: AggregationBuckets = { + [VULNERABILITIES_RESULT_EVALUATION.LOW]: { doc_count: 0 }, + [VULNERABILITIES_RESULT_EVALUATION.MEDIUM]: { doc_count: 0 }, + [VULNERABILITIES_RESULT_EVALUATION.HIGH]: { doc_count: 0 }, + [VULNERABILITIES_RESULT_EVALUATION.CRITICAL]: { doc_count: 0 }, + [VULNERABILITIES_RESULT_EVALUATION.NONE]: { doc_count: 0 }, + }; + + // if buckets are undefined we will use default buckets + const usedBuckets = buckets || defaultBuckets; + return Object.entries(usedBuckets).reduce( + (evaluation, [key, value]) => { + evaluation[key] = (evaluation[key] || 0) + (value.doc_count || 0); + return evaluation; + }, + { + [VULNERABILITIES_RESULT_EVALUATION.LOW]: 0, + [VULNERABILITIES_RESULT_EVALUATION.MEDIUM]: 0, + [VULNERABILITIES_RESULT_EVALUATION.HIGH]: 0, + [VULNERABILITIES_RESULT_EVALUATION.CRITICAL]: 0, + [VULNERABILITIES_RESULT_EVALUATION.NONE]: 0, + } + ); +}; + +export const getFindingsCountAggQueryVulnerabilities = () => ({ + count: { + filters: { + other_bucket_key: VULNERABILITIES_RESULT_EVALUATION.NONE, + filters: { + [VULNERABILITIES_RESULT_EVALUATION.LOW]: { + match: { 'vulnerability.severity': VULNERABILITIES_RESULT_EVALUATION.LOW }, + }, + [VULNERABILITIES_RESULT_EVALUATION.MEDIUM]: { + match: { 'vulnerability.severity': VULNERABILITIES_RESULT_EVALUATION.MEDIUM }, + }, + [VULNERABILITIES_RESULT_EVALUATION.HIGH]: { + match: { 'vulnerability.severity': VULNERABILITIES_RESULT_EVALUATION.HIGH }, + }, + [VULNERABILITIES_RESULT_EVALUATION.CRITICAL]: { + match: { 'vulnerability.severity': VULNERABILITIES_RESULT_EVALUATION.CRITICAL }, + }, + }, + }, + }, +}); diff --git a/x-pack/packages/kbn-cloud-security-posture/type.ts b/x-pack/packages/kbn-cloud-security-posture/type.ts index 666d432df609d..493e58519bd91 100644 --- a/x-pack/packages/kbn-cloud-security-posture/type.ts +++ b/x-pack/packages/kbn-cloud-security-posture/type.ts @@ -55,7 +55,7 @@ export interface CspClientPluginStartDeps { usageCollection?: UsageCollectionStart; } -export interface MisconfigurationBaseEsQuery { +export interface CspBaseEsQuery { query?: { bool: { filter: estypes.QueryDslQueryContainer[]; @@ -63,7 +63,7 @@ export interface MisconfigurationBaseEsQuery { }; } -export interface UseMisconfigurationOptions extends MisconfigurationBaseEsQuery { +export interface UseCspOptions extends CspBaseEsQuery { sort: string[][]; enabled: boolean; pageSize: number; diff --git a/x-pack/packages/kbn-elastic-assistant-common/docs/openapi/ess/elastic_assistant_api_2023_10_31.bundled.schema.yaml b/x-pack/packages/kbn-elastic-assistant-common/docs/openapi/ess/elastic_assistant_api_2023_10_31.bundled.schema.yaml index dfd9be372b7f0..1e070b75322d4 100644 --- a/x-pack/packages/kbn-elastic-assistant-common/docs/openapi/ess/elastic_assistant_api_2023_10_31.bundled.schema.yaml +++ b/x-pack/packages/kbn-elastic-assistant-common/docs/openapi/ess/elastic_assistant_api_2023_10_31.bundled.schema.yaml @@ -1237,3 +1237,4 @@ security: tags: - description: Manage and interact with Security Assistant resources. name: Security AI Assistant API + x-displayName: Security AI assistant diff --git a/x-pack/packages/kbn-elastic-assistant-common/docs/openapi/serverless/elastic_assistant_api_2023_10_31.bundled.schema.yaml b/x-pack/packages/kbn-elastic-assistant-common/docs/openapi/serverless/elastic_assistant_api_2023_10_31.bundled.schema.yaml index 9c8cc4a8ca21d..e13d7a05af41f 100644 --- a/x-pack/packages/kbn-elastic-assistant-common/docs/openapi/serverless/elastic_assistant_api_2023_10_31.bundled.schema.yaml +++ b/x-pack/packages/kbn-elastic-assistant-common/docs/openapi/serverless/elastic_assistant_api_2023_10_31.bundled.schema.yaml @@ -1237,3 +1237,4 @@ security: tags: - description: Manage and interact with Security Assistant resources. name: Security AI Assistant API + x-displayName: Security AI assistant diff --git a/x-pack/packages/kbn-elastic-assistant-common/scripts/openapi/bundle.js b/x-pack/packages/kbn-elastic-assistant-common/scripts/openapi/bundle.js index 63d21a2d93ae3..b06776be03a4b 100644 --- a/x-pack/packages/kbn-elastic-assistant-common/scripts/openapi/bundle.js +++ b/x-pack/packages/kbn-elastic-assistant-common/scripts/openapi/bundle.js @@ -29,6 +29,7 @@ const ELASTIC_ASSISTANT_ROOT = resolve(__dirname, '../..'); tags: [ { name: 'Security AI Assistant API', + 'x-displayName': 'Security AI assistant', description: 'Manage and interact with Security Assistant resources.', }, ], @@ -52,6 +53,7 @@ const ELASTIC_ASSISTANT_ROOT = resolve(__dirname, '../..'); tags: [ { name: 'Security AI Assistant API', + 'x-displayName': 'Security AI assistant', description: 'Manage and interact with Security Assistant resources.', }, ], diff --git a/x-pack/packages/ml/aiops_common/constants.ts b/x-pack/packages/ml/aiops_common/constants.ts index ba33439f32221..39a0fdc5842c8 100644 --- a/x-pack/packages/ml/aiops_common/constants.ts +++ b/x-pack/packages/ml/aiops_common/constants.ts @@ -16,9 +16,15 @@ export const AIOPS_API_ENDPOINT = { CATEGORIZATION_FIELD_VALIDATION: '/internal/aiops/categorization_field_validation', } as const; -export const AIOPS_TELEMETRY_ID = { - AIOPS_DEFAULT_SOURCE: 'ml_aiops_labs', - AIOPS_ANALYSIS_RUN_ORIGIN: 'aiops-analysis-run-origin', -} as const; +/** + * Used for telemetry purposes to track the origin of the analysis run. + */ +export const AIOPS_ANALYSIS_RUN_ORIGIN = 'aiops-analysis-run-origin'; -export const EMBEDDABLE_ORIGIN = 'embeddable'; +export const AIOPS_EMBEDDABLE_ORIGIN = { + CASES: 'cases', + DASHBOARD: 'dashboard', + DEFAULT: 'embeddable', + DISCOVER: 'discover', + ML_AIOPS_LABS: 'ml_aiops_labs', +} as const; diff --git a/x-pack/packages/ml/aiops_common/create_default_query.test.ts b/x-pack/packages/ml/aiops_common/create_default_query.test.ts new file mode 100644 index 0000000000000..e1fa99b70dce0 --- /dev/null +++ b/x-pack/packages/ml/aiops_common/create_default_query.test.ts @@ -0,0 +1,156 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { createDefaultQuery } from './create_default_query'; + +describe('createDefaultQuery', () => { + it('should create a default match_all query when no input query is provided', () => { + const result = createDefaultQuery(undefined, 'timestamp', undefined); + expect(result).toEqual({ + bool: { + must: [{ match_all: {} }], + }, + }); + }); + + it('should wrap an existing match_all query in a bool must clause', () => { + const inputQuery = { match_all: {} }; + const result = createDefaultQuery(inputQuery, 'timestamp', undefined); + expect(result).toEqual({ + bool: { + must: [{ match_all: {} }], + }, + }); + }); + + it('should wrap an existing query_string query in a bool must clause', () => { + const inputQuery = { query_string: { query: '*' } }; + const result = createDefaultQuery(inputQuery, 'timestamp', undefined); + expect(result).toEqual({ + bool: { + must: [{ query_string: { query: '*' } }], + }, + }); + }); + + it('should wrap an existing multi_match query in a bool should clause', () => { + const inputQuery = { multi_match: { query: 'test', fields: ['field1', 'field2'] } }; + const result = createDefaultQuery(inputQuery, 'timestamp', undefined); + expect(result).toEqual({ + bool: { + must: [], + should: { multi_match: { query: 'test', fields: ['field1', 'field2'] } }, + }, + }); + }); + + it('should add a time range filter to the query', () => { + const timeRange = { from: 1609459200000, to: 1609545600000 }; + const result = createDefaultQuery(undefined, 'timestamp', timeRange); + expect(result).toEqual({ + bool: { + must: [ + { match_all: {} }, + { + range: { + timestamp: { + gte: 1609459200000, + lte: 1609545600000, + format: 'epoch_millis', + }, + }, + }, + ], + }, + }); + }); + + it('should merge existing bool query with new time range filter', () => { + const inputQuery = { bool: { must: [{ term: { field: 'value' } }] } }; + const timeRange = { from: 1609459200000, to: 1609545600000 }; + const result = createDefaultQuery(inputQuery, 'timestamp', timeRange); + expect(result).toEqual({ + bool: { + must: [ + { term: { field: 'value' } }, + { + range: { + timestamp: { + gte: 1609459200000, + lte: 1609545600000, + format: 'epoch_millis', + }, + }, + }, + ], + }, + }); + }); + + it('should handle an existing bool query with must clause', () => { + const inputQuery = { bool: { must: [{ term: { field: 'value' } }] } }; + const result = createDefaultQuery(inputQuery, 'timestamp', undefined); + expect(result).toEqual({ + bool: { + must: [{ term: { field: 'value' } }], + }, + }); + }); + + it('should handle an existing bool query with should clause', () => { + const inputQuery = { bool: { should: [{ term: { field: 'value' } }] } }; + const result = createDefaultQuery(inputQuery, 'timestamp', undefined); + expect(result).toEqual({ + bool: { + must: [], + should: [{ term: { field: 'value' } }], + }, + }); + }); + + it('should handle an existing bool query with must_not clause', () => { + const inputQuery = { bool: { must_not: [{ term: { field: 'value' } }] } }; + const result = createDefaultQuery(inputQuery, 'timestamp', undefined); + expect(result).toEqual({ + bool: { + must: [], + must_not: [{ term: { field: 'value' } }], + }, + }); + }); + + it('should handle an existing bool query with filter clause', () => { + const inputQuery = { bool: { filter: [{ term: { field: 'value' } }] } }; + const result = createDefaultQuery(inputQuery, 'timestamp', undefined); + expect(result).toEqual({ + bool: { + must: [], + filter: [{ term: { field: 'value' } }], + }, + }); + }); + + it('should handle an input query with multiple clauses', () => { + const inputQuery = { + bool: { + must: [{ term: { field1: 'value1' } }], + should: [{ term: { field2: 'value2' } }], + must_not: [{ term: { field3: 'value3' } }], + filter: [{ term: { field4: 'value4' } }], + }, + }; + const result = createDefaultQuery(inputQuery, 'timestamp', undefined); + expect(result).toEqual({ + bool: { + must: [{ term: { field1: 'value1' } }], + should: [{ term: { field2: 'value2' } }], + must_not: [{ term: { field3: 'value3' } }], + filter: [{ term: { field4: 'value4' } }], + }, + }); + }); +}); diff --git a/x-pack/packages/ml/aiops_log_pattern_analysis/create_categorize_query.ts b/x-pack/packages/ml/aiops_common/create_default_query.ts similarity index 76% rename from x-pack/packages/ml/aiops_log_pattern_analysis/create_categorize_query.ts rename to x-pack/packages/ml/aiops_common/create_default_query.ts index c3289d1527f2b..39cfafff4097b 100644 --- a/x-pack/packages/ml/aiops_log_pattern_analysis/create_categorize_query.ts +++ b/x-pack/packages/ml/aiops_common/create_default_query.ts @@ -7,9 +7,12 @@ import { cloneDeep } from 'lodash'; -import type { QueryDslQueryContainer } from '@elastic/elasticsearch/lib/api/types'; +import type { + QueryDslBoolQuery, + QueryDslQueryContainer, +} from '@elastic/elasticsearch/lib/api/types'; -export function createCategorizeQuery( +export function createDefaultQuery( queryIn: QueryDslQueryContainer | undefined, timeField: string, timeRange: { from: number; to: number } | undefined @@ -17,14 +20,19 @@ export function createCategorizeQuery( const query = cloneDeep(queryIn ?? { match_all: {} }); if (query.bool === undefined) { - query.bool = {}; + query.bool = Object.create(null) as QueryDslBoolQuery; } + if (query.bool.must === undefined) { query.bool.must = []; if (query.match_all !== undefined) { query.bool.must.push({ match_all: query.match_all }); delete query.match_all; } + if (query.query_string !== undefined) { + query.bool.must.push({ query_string: query.query_string }); + delete query.query_string; + } } if (query.multi_match !== undefined) { query.bool.should = { diff --git a/x-pack/packages/ml/aiops_log_pattern_analysis/create_category_request.ts b/x-pack/packages/ml/aiops_log_pattern_analysis/create_category_request.ts index c3556803745a7..c1d6f82c9e582 100644 --- a/x-pack/packages/ml/aiops_log_pattern_analysis/create_category_request.ts +++ b/x-pack/packages/ml/aiops_log_pattern_analysis/create_category_request.ts @@ -14,7 +14,7 @@ import { isPopulatedObject } from '@kbn/ml-is-populated-object/src/is_populated_ import type { createRandomSamplerWrapper } from '@kbn/ml-random-sampler-utils'; -import { createCategorizeQuery } from './create_categorize_query'; +import { createDefaultQuery } from '@kbn/aiops-common/create_default_query'; const CATEGORY_LIMIT = 1000; const EXAMPLE_LIMIT = 4; @@ -38,7 +38,7 @@ export function createCategoryRequest( useStandardTokenizer: boolean = true, includeSparkline: boolean = true ) { - const query = createCategorizeQuery(queryIn, timeField, timeRange); + const query = createDefaultQuery(queryIn, timeField, timeRange); const aggs = { categories: { categorize_text: { diff --git a/x-pack/packages/ml/aiops_log_pattern_analysis/tsconfig.json b/x-pack/packages/ml/aiops_log_pattern_analysis/tsconfig.json index fb51a4d8c1b30..fe2542b34c5e9 100644 --- a/x-pack/packages/ml/aiops_log_pattern_analysis/tsconfig.json +++ b/x-pack/packages/ml/aiops_log_pattern_analysis/tsconfig.json @@ -23,5 +23,6 @@ "@kbn/saved-search-plugin", "@kbn/data-views-plugin", "@kbn/ml-is-populated-object", + "@kbn/aiops-common", ] } diff --git a/x-pack/packages/observability/observability_utils/chart/utils.ts b/x-pack/packages/observability/observability_utils/chart/utils.ts new file mode 100644 index 0000000000000..487b4df200c40 --- /dev/null +++ b/x-pack/packages/observability/observability_utils/chart/utils.ts @@ -0,0 +1,16 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { BrushEvent } from '@elastic/charts'; +import moment from 'moment'; + +export function getBrushData(e: BrushEvent) { + const [from, to] = [Number(e.x?.[0]), Number(e.x?.[1])]; + const [fromUtc, toUtc] = [moment(from).format(), moment(to).format()]; + + return { from: fromUtc, to: toUtc }; +} diff --git a/x-pack/plugins/actions/common/routes/connector/apis/update/index.ts b/x-pack/plugins/actions/common/routes/connector/apis/update/index.ts new file mode 100644 index 0000000000000..b1538e224ae7b --- /dev/null +++ b/x-pack/plugins/actions/common/routes/connector/apis/update/index.ts @@ -0,0 +1,19 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export { updateConnectorParamsSchema, updateConnectorBodySchema } from './schemas/latest'; +export type { UpdateConnectorBody, UpdateConnectorParams } from './types/latest'; + +export { + updateConnectorParamsSchema as updateConnectorParamsSchemaV1, + updateConnectorBodySchema as updateConnectorBodySchemaV1, +} from './schemas/v1'; + +export type { + UpdateConnectorBody as UpdateConnectorBodyV1, + UpdateConnectorParams as UpdateConnectorParamsV1, +} from './types/v1'; diff --git a/x-pack/plugins/actions/common/routes/connector/apis/update/schemas/latest.ts b/x-pack/plugins/actions/common/routes/connector/apis/update/schemas/latest.ts new file mode 100644 index 0000000000000..25300c97a6d2e --- /dev/null +++ b/x-pack/plugins/actions/common/routes/connector/apis/update/schemas/latest.ts @@ -0,0 +1,8 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export * from './v1'; diff --git a/x-pack/plugins/actions/common/routes/connector/apis/update/schemas/v1.ts b/x-pack/plugins/actions/common/routes/connector/apis/update/schemas/v1.ts new file mode 100644 index 0000000000000..c07fff89574db --- /dev/null +++ b/x-pack/plugins/actions/common/routes/connector/apis/update/schemas/v1.ts @@ -0,0 +1,28 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { schema } from '@kbn/config-schema'; +import { validateEmptyStrings } from '../../../../../validate_empty_strings'; + +export const updateConnectorParamsSchema = schema.object({ + id: schema.string({ + meta: { description: 'An identifier for the connector.' }, + }), +}); + +export const updateConnectorBodySchema = schema.object({ + name: schema.string({ + validate: validateEmptyStrings, + meta: { description: 'The display name for the connector.' }, + }), + config: schema.recordOf(schema.string(), schema.any({ validate: validateEmptyStrings }), { + defaultValue: {}, + }), + secrets: schema.recordOf(schema.string(), schema.any({ validate: validateEmptyStrings }), { + defaultValue: {}, + }), +}); diff --git a/x-pack/plugins/actions/common/routes/connector/apis/update/types/latest.ts b/x-pack/plugins/actions/common/routes/connector/apis/update/types/latest.ts new file mode 100644 index 0000000000000..25300c97a6d2e --- /dev/null +++ b/x-pack/plugins/actions/common/routes/connector/apis/update/types/latest.ts @@ -0,0 +1,8 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export * from './v1'; diff --git a/x-pack/plugins/actions/common/routes/connector/apis/update/types/v1.ts b/x-pack/plugins/actions/common/routes/connector/apis/update/types/v1.ts new file mode 100644 index 0000000000000..57279f6db4fbe --- /dev/null +++ b/x-pack/plugins/actions/common/routes/connector/apis/update/types/v1.ts @@ -0,0 +1,12 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { TypeOf } from '@kbn/config-schema'; +import { updateConnectorBodySchemaV1, updateConnectorParamsSchemaV1 } from '..'; + +export type UpdateConnectorParams = TypeOf; +export type UpdateConnectorBody = TypeOf; diff --git a/x-pack/plugins/actions/server/lib/validate_empty_strings.test.ts b/x-pack/plugins/actions/common/validate_empty_strings.test.ts similarity index 100% rename from x-pack/plugins/actions/server/lib/validate_empty_strings.test.ts rename to x-pack/plugins/actions/common/validate_empty_strings.test.ts diff --git a/x-pack/plugins/actions/server/lib/validate_empty_strings.ts b/x-pack/plugins/actions/common/validate_empty_strings.ts similarity index 100% rename from x-pack/plugins/actions/server/lib/validate_empty_strings.ts rename to x-pack/plugins/actions/common/validate_empty_strings.ts diff --git a/x-pack/plugins/actions/server/actions_client/actions_client.ts b/x-pack/plugins/actions/server/actions_client/actions_client.ts index 10c47731ef004..7e4d72faedaed 100644 --- a/x-pack/plugins/actions/server/actions_client/actions_client.ts +++ b/x-pack/plugins/actions/server/actions_client/actions_client.ts @@ -11,7 +11,7 @@ import url from 'url'; import { UsageCounter } from '@kbn/usage-collection-plugin/server'; import { i18n } from '@kbn/i18n'; -import { omitBy, isUndefined, compact, uniq } from 'lodash'; +import { compact, uniq } from 'lodash'; import { IScopedClusterClient, SavedObjectsClientContract, @@ -24,10 +24,11 @@ import { AuditLogger } from '@kbn/security-plugin/server'; import { RunNowResult } from '@kbn/task-manager-plugin/server'; import { IEventLogClient } from '@kbn/event-log-plugin/server'; import { KueryNode } from '@kbn/es-query'; -import { ConnectorWithExtraFindData } from '../application/connector/types'; +import { Connector, ConnectorWithExtraFindData } from '../application/connector/types'; import { ConnectorType } from '../application/connector/types'; import { get } from '../application/connector/methods/get'; -import { getAll } from '../application/connector/methods/get_all'; +import { getAll, getAllSystemConnectors } from '../application/connector/methods/get_all'; +import { update } from '../application/connector/methods/update'; import { listTypes } from '../application/connector/methods/list_types'; import { GetGlobalExecutionKPIParams, @@ -91,15 +92,10 @@ import { } from '../lib/get_execution_log_aggregation'; import { connectorFromSavedObject, isConnectorDeprecated } from '../application/connector/lib'; import { ListTypesParams } from '../application/connector/methods/list_types/types'; -import { getAllSystemConnectors } from '../application/connector/methods/get_all/get_all'; +import { ConnectorUpdateParams } from '../application/connector/methods/update/types'; +import { ConnectorUpdate } from '../application/connector/methods/update/types/types'; -interface ActionUpdate { - name: string; - config: SavedObjectAttributes; - secrets: SavedObjectAttributes; -} - -interface Action extends ActionUpdate { +interface Action extends ConnectorUpdate { actionTypeId: string; } @@ -126,11 +122,6 @@ export interface ConstructorOptions { getEventLogClient: () => Promise; } -export interface UpdateOptions { - id: string; - action: ActionUpdate; -} - export interface ActionsClientContext { logger: Logger; kibanaIndices: string[]; @@ -288,113 +279,13 @@ export class ActionsClient { } /** - * Update action + * Update connector */ - public async update({ id, action }: UpdateOptions): Promise { - try { - await this.context.authorization.ensureAuthorized({ operation: 'update' }); - - const foundInMemoryConnector = this.context.inMemoryConnectors.find( - (connector) => connector.id === id - ); - - if (foundInMemoryConnector?.isSystemAction) { - throw Boom.badRequest( - i18n.translate('xpack.actions.serverSideErrors.systemActionUpdateForbidden', { - defaultMessage: 'System action {id} can not be updated.', - values: { - id, - }, - }) - ); - } - - if (foundInMemoryConnector?.isPreconfigured) { - throw new PreconfiguredActionDisabledModificationError( - i18n.translate('xpack.actions.serverSideErrors.predefinedActionUpdateDisabled', { - defaultMessage: 'Preconfigured action {id} can not be updated.', - values: { - id, - }, - }), - 'update' - ); - } - } catch (error) { - this.context.auditLogger?.log( - connectorAuditEvent({ - action: ConnectorAuditAction.UPDATE, - savedObject: { type: 'action', id }, - error, - }) - ); - throw error; - } - const { attributes, references, version } = - await this.context.unsecuredSavedObjectsClient.get('action', id); - const { actionTypeId } = attributes; - const { name, config, secrets } = action; - const actionType = this.context.actionTypeRegistry.get(actionTypeId); - const configurationUtilities = this.context.actionTypeRegistry.getUtils(); - const validatedActionTypeConfig = validateConfig(actionType, config, { - configurationUtilities, - }); - const validatedActionTypeSecrets = validateSecrets(actionType, secrets, { - configurationUtilities, - }); - if (actionType.validate?.connector) { - validateConnector(actionType, { config, secrets }); - } - - this.context.actionTypeRegistry.ensureActionTypeEnabled(actionTypeId); - - this.context.auditLogger?.log( - connectorAuditEvent({ - action: ConnectorAuditAction.UPDATE, - savedObject: { type: 'action', id }, - outcome: 'unknown', - }) - ); - - const result = await this.context.unsecuredSavedObjectsClient.create( - 'action', - { - ...attributes, - actionTypeId, - name, - isMissingSecrets: false, - config: validatedActionTypeConfig as SavedObjectAttributes, - secrets: validatedActionTypeSecrets as SavedObjectAttributes, - }, - omitBy( - { - id, - overwrite: true, - references, - version, - }, - isUndefined - ) - ); - - try { - await this.context.connectorTokenClient.deleteConnectorTokens({ connectorId: id }); - } catch (e) { - this.context.logger.error( - `Failed to delete auth tokens for connector "${id}" after update: ${e.message}` - ); - } - - return { - id, - actionTypeId: result.attributes.actionTypeId as string, - isMissingSecrets: result.attributes.isMissingSecrets as boolean, - name: result.attributes.name as string, - config: result.attributes.config as Record, - isPreconfigured: false, - isSystemAction: false, - isDeprecated: isConnectorDeprecated(result.attributes), - }; + public async update({ + id, + action, + }: Pick): Promise { + return update({ context: this.context, id, action }); } /** diff --git a/x-pack/plugins/actions/server/application/connector/methods/get_all/index.ts b/x-pack/plugins/actions/server/application/connector/methods/get_all/index.ts index 5b3da65578d65..62630487ebec1 100644 --- a/x-pack/plugins/actions/server/application/connector/methods/get_all/index.ts +++ b/x-pack/plugins/actions/server/application/connector/methods/get_all/index.ts @@ -5,4 +5,4 @@ * 2.0. */ -export { getAll, getAllUnsecured } from './get_all'; +export { getAll, getAllUnsecured, getAllSystemConnectors } from './get_all'; diff --git a/x-pack/plugins/actions/server/application/connector/methods/update/index.ts b/x-pack/plugins/actions/server/application/connector/methods/update/index.ts new file mode 100644 index 0000000000000..380394da71e4e --- /dev/null +++ b/x-pack/plugins/actions/server/application/connector/methods/update/index.ts @@ -0,0 +1,8 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export { update } from './update'; diff --git a/x-pack/plugins/actions/server/application/connector/methods/update/types/index.ts b/x-pack/plugins/actions/server/application/connector/methods/update/types/index.ts new file mode 100644 index 0000000000000..a20346331952a --- /dev/null +++ b/x-pack/plugins/actions/server/application/connector/methods/update/types/index.ts @@ -0,0 +1,8 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export type { ConnectorUpdateParams } from './types'; diff --git a/x-pack/plugins/actions/server/application/connector/methods/update/types/types.ts b/x-pack/plugins/actions/server/application/connector/methods/update/types/types.ts new file mode 100644 index 0000000000000..dfe760d19e91e --- /dev/null +++ b/x-pack/plugins/actions/server/application/connector/methods/update/types/types.ts @@ -0,0 +1,21 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { SavedObjectAttributes } from '@kbn/core/server'; +import { ActionsClientContext } from '../../../../../actions_client'; + +export interface ConnectorUpdate { + name: string; + config: SavedObjectAttributes; + secrets: SavedObjectAttributes; +} + +export interface ConnectorUpdateParams { + context: ActionsClientContext; + id: string; + action: ConnectorUpdate; +} diff --git a/x-pack/plugins/actions/server/application/connector/methods/update/update.ts b/x-pack/plugins/actions/server/application/connector/methods/update/update.ts new file mode 100644 index 0000000000000..7baa099a29029 --- /dev/null +++ b/x-pack/plugins/actions/server/application/connector/methods/update/update.ts @@ -0,0 +1,125 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import Boom from '@hapi/boom'; +import { i18n } from '@kbn/i18n'; +import { SavedObjectAttributes } from '@kbn/core/server'; +import { isUndefined, omitBy } from 'lodash'; +import { Connector } from '../../types'; +import { ConnectorUpdateParams } from './types'; +import { PreconfiguredActionDisabledModificationError } from '../../../../lib/errors/preconfigured_action_disabled_modification'; +import { ConnectorAuditAction, connectorAuditEvent } from '../../../../lib/audit_events'; +import { validateConfig, validateConnector, validateSecrets } from '../../../../lib'; +import { isConnectorDeprecated } from '../../lib'; +import { RawAction } from '../../../../types'; + +export async function update({ context, id, action }: ConnectorUpdateParams): Promise { + try { + await context.authorization.ensureAuthorized({ operation: 'update' }); + + const foundInMemoryConnector = context.inMemoryConnectors.find( + (connector) => connector.id === id + ); + + if (foundInMemoryConnector?.isSystemAction) { + throw Boom.badRequest( + i18n.translate('xpack.actions.serverSideErrors.systemActionUpdateForbidden', { + defaultMessage: 'System action {id} can not be updated.', + values: { + id, + }, + }) + ); + } + + if (foundInMemoryConnector?.isPreconfigured) { + throw new PreconfiguredActionDisabledModificationError( + i18n.translate('xpack.actions.serverSideErrors.predefinedActionUpdateDisabled', { + defaultMessage: 'Preconfigured action {id} can not be updated.', + values: { + id, + }, + }), + 'update' + ); + } + } catch (error) { + context.auditLogger?.log( + connectorAuditEvent({ + action: ConnectorAuditAction.UPDATE, + savedObject: { type: 'action', id }, + error, + }) + ); + throw error; + } + const { attributes, references, version } = + await context.unsecuredSavedObjectsClient.get('action', id); + const { actionTypeId } = attributes; + const { name, config, secrets } = action; + const actionType = context.actionTypeRegistry.get(actionTypeId); + const configurationUtilities = context.actionTypeRegistry.getUtils(); + const validatedActionTypeConfig = validateConfig(actionType, config, { + configurationUtilities, + }); + const validatedActionTypeSecrets = validateSecrets(actionType, secrets, { + configurationUtilities, + }); + if (actionType.validate?.connector) { + validateConnector(actionType, { config, secrets }); + } + + context.actionTypeRegistry.ensureActionTypeEnabled(actionTypeId); + + context.auditLogger?.log( + connectorAuditEvent({ + action: ConnectorAuditAction.UPDATE, + savedObject: { type: 'action', id }, + outcome: 'unknown', + }) + ); + + const result = await context.unsecuredSavedObjectsClient.create( + 'action', + { + ...attributes, + actionTypeId, + name, + isMissingSecrets: false, + config: validatedActionTypeConfig as SavedObjectAttributes, + secrets: validatedActionTypeSecrets as SavedObjectAttributes, + }, + omitBy( + { + id, + overwrite: true, + references, + version, + }, + isUndefined + ) + ); + + try { + await context.connectorTokenClient.deleteConnectorTokens({ connectorId: id }); + } catch (e) { + context.logger.error( + `Failed to delete auth tokens for connector "${id}" after update: ${e.message}` + ); + } + + return { + id, + actionTypeId: result.attributes.actionTypeId as string, + isMissingSecrets: result.attributes.isMissingSecrets as boolean, + name: result.attributes.name as string, + config: result.attributes.config as Record, + isPreconfigured: false, + isSystemAction: false, + isDeprecated: isConnectorDeprecated(result.attributes), + }; +} diff --git a/x-pack/plugins/actions/server/lib/index.ts b/x-pack/plugins/actions/server/lib/index.ts index 2737d83abfff6..9b8d452f446a9 100644 --- a/x-pack/plugins/actions/server/lib/index.ts +++ b/x-pack/plugins/actions/server/lib/index.ts @@ -35,7 +35,6 @@ export { isNotificationExecutionSource, ActionExecutionSourceType, } from './action_execution_source'; -export { validateEmptyStrings } from './validate_empty_strings'; export { parseDate } from './parse_date'; export type { RelatedSavedObjects } from './related_saved_objects'; export { getBasicAuthHeader, combineHeadersWithBasicAuthHeader } from './get_basic_auth_header'; diff --git a/x-pack/plugins/actions/server/routes/connector/update/index.ts b/x-pack/plugins/actions/server/routes/connector/update/index.ts new file mode 100644 index 0000000000000..ccad70f1b3033 --- /dev/null +++ b/x-pack/plugins/actions/server/routes/connector/update/index.ts @@ -0,0 +1,8 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export { updateConnectorRoute } from './update'; diff --git a/x-pack/plugins/actions/server/routes/connector/update/transforms/index.ts b/x-pack/plugins/actions/server/routes/connector/update/transforms/index.ts new file mode 100644 index 0000000000000..3eac74b1b676a --- /dev/null +++ b/x-pack/plugins/actions/server/routes/connector/update/transforms/index.ts @@ -0,0 +1,10 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export { transformUpdateConnectorResponse } from './transform_update_connector_response/latest'; + +export { transformUpdateConnectorResponse as transformUpdateConnectorResponseV1 } from './transform_update_connector_response/v1'; diff --git a/x-pack/plugins/actions/server/routes/connector/update/transforms/transform_update_connector_response/latest.ts b/x-pack/plugins/actions/server/routes/connector/update/transforms/transform_update_connector_response/latest.ts new file mode 100644 index 0000000000000..b1e19bcde42d0 --- /dev/null +++ b/x-pack/plugins/actions/server/routes/connector/update/transforms/transform_update_connector_response/latest.ts @@ -0,0 +1,8 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export { transformUpdateConnectorResponse } from './v1'; diff --git a/x-pack/plugins/actions/server/routes/connector/update/transforms/transform_update_connector_response/v1.ts b/x-pack/plugins/actions/server/routes/connector/update/transforms/transform_update_connector_response/v1.ts new file mode 100644 index 0000000000000..abb26f8012caf --- /dev/null +++ b/x-pack/plugins/actions/server/routes/connector/update/transforms/transform_update_connector_response/v1.ts @@ -0,0 +1,25 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { ConnectorResponseV1 } from '../../../../../../common/routes/connector/response'; +import { Connector } from '../../../../../application/connector/types'; + +export const transformUpdateConnectorResponse = ({ + actionTypeId, + isPreconfigured, + isMissingSecrets, + isDeprecated, + isSystemAction, + ...res +}: Connector): ConnectorResponseV1 => ({ + ...res, + connector_type_id: actionTypeId, + is_preconfigured: isPreconfigured, + is_deprecated: isDeprecated, + is_missing_secrets: isMissingSecrets, + is_system_action: isSystemAction, +}); diff --git a/x-pack/plugins/actions/server/routes/update.test.ts b/x-pack/plugins/actions/server/routes/connector/update/update.test.ts similarity index 85% rename from x-pack/plugins/actions/server/routes/update.test.ts rename to x-pack/plugins/actions/server/routes/connector/update/update.test.ts index 9fdac7740129d..f48c87fca43c2 100644 --- a/x-pack/plugins/actions/server/routes/update.test.ts +++ b/x-pack/plugins/actions/server/routes/connector/update/update.test.ts @@ -5,14 +5,15 @@ * 2.0. */ -import { bodySchema, updateActionRoute } from './update'; +import { updateConnectorRoute } from './update'; import { httpServiceMock } from '@kbn/core/server/mocks'; -import { licenseStateMock } from '../lib/license_state.mock'; -import { mockHandlerArguments } from './legacy/_mock_handler_arguments'; -import { actionsClientMock } from '../actions_client/actions_client.mock'; -import { verifyAccessAndContext } from './verify_access_and_context'; +import { licenseStateMock } from '../../../lib/license_state.mock'; +import { mockHandlerArguments } from '../../legacy/_mock_handler_arguments'; +import { actionsClientMock } from '../../../actions_client/actions_client.mock'; +import { verifyAccessAndContext } from '../../verify_access_and_context'; +import { updateConnectorBodySchema } from '../../../../common/routes/connector/apis/update'; -jest.mock('./verify_access_and_context', () => ({ +jest.mock('../../verify_access_and_context', () => ({ verifyAccessAndContext: jest.fn(), })); @@ -21,12 +22,12 @@ beforeEach(() => { (verifyAccessAndContext as jest.Mock).mockImplementation((license, handler) => handler); }); -describe('updateActionRoute', () => { +describe('updateConnectorRoute', () => { it('updates an action with proper parameters', async () => { const licenseState = licenseStateMock.create(); const router = httpServiceMock.createRouter(); - updateActionRoute(router, licenseState); + updateConnectorRoute(router, licenseState); const [config, handler] = router.put.mock.calls[0]; @@ -97,7 +98,7 @@ describe('updateActionRoute', () => { const licenseState = licenseStateMock.create(); const router = httpServiceMock.createRouter(); - updateActionRoute(router, licenseState); + updateConnectorRoute(router, licenseState); const [, handler] = router.put.mock.calls[0]; @@ -142,7 +143,7 @@ describe('updateActionRoute', () => { throw new Error('OMG'); }); - updateActionRoute(router, licenseState); + updateConnectorRoute(router, licenseState); const [, handler] = router.put.mock.calls[0]; @@ -185,7 +186,7 @@ describe('updateActionRoute', () => { config: { foo: true }, secrets: { key: 'i8oh34yf9783y39' }, }; - expect(() => bodySchema.validate(body)).toThrowErrorMatchingInlineSnapshot( + expect(() => updateConnectorBodySchema.validate(body)).toThrowErrorMatchingInlineSnapshot( `"[name]: value '' is not valid"` ); }); diff --git a/x-pack/plugins/actions/server/routes/connector/update/update.ts b/x-pack/plugins/actions/server/routes/connector/update/update.ts new file mode 100644 index 0000000000000..888cdee9b0e3a --- /dev/null +++ b/x-pack/plugins/actions/server/routes/connector/update/update.ts @@ -0,0 +1,64 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { IRouter } from '@kbn/core/server'; +import { ILicenseState } from '../../../lib'; +import { BASE_ACTION_API_PATH } from '../../../../common'; +import { ActionsRequestHandlerContext } from '../../../types'; +import { verifyAccessAndContext } from '../../verify_access_and_context'; +import { connectorResponseSchemaV1 } from '../../../../common/routes/connector/response'; +import { + UpdateConnectorBodyV1, + UpdateConnectorParamsV1, + updateConnectorBodySchemaV1, + updateConnectorParamsSchemaV1, +} from '../../../../common/routes/connector/apis/update'; +import { transformUpdateConnectorResponseV1 } from './transforms'; + +export const updateConnectorRoute = ( + router: IRouter, + licenseState: ILicenseState +) => { + router.put( + { + path: `${BASE_ACTION_API_PATH}/connector/{id}`, + options: { + access: 'public', + summary: `Update a connector`, + tags: ['oas-tag:connectors'], + }, + validate: { + request: { + body: updateConnectorBodySchemaV1, + params: updateConnectorParamsSchemaV1, + }, + response: { + 200: { + description: 'Indicates a successful call.', + body: () => connectorResponseSchemaV1, + }, + }, + }, + }, + router.handleLegacyErrors( + verifyAccessAndContext(licenseState, async function (context, req, res) { + const actionsClient = (await context.actions).getActionsClient(); + const { id }: UpdateConnectorParamsV1 = req.params; + const { name, config, secrets }: UpdateConnectorBodyV1 = req.body; + + return res.ok({ + body: transformUpdateConnectorResponseV1( + await actionsClient.update({ + id, + action: { name, config, secrets }, + }) + ), + }); + }) + ) + ); +}; diff --git a/x-pack/plugins/actions/server/routes/create.ts b/x-pack/plugins/actions/server/routes/create.ts index 7c651fd67290c..25962701918a5 100644 --- a/x-pack/plugins/actions/server/routes/create.ts +++ b/x-pack/plugins/actions/server/routes/create.ts @@ -8,11 +8,12 @@ import { schema } from '@kbn/config-schema'; import { IRouter } from '@kbn/core/server'; import { ActionResult, ActionsRequestHandlerContext } from '../types'; -import { ILicenseState, validateEmptyStrings } from '../lib'; +import { ILicenseState } from '../lib'; import { BASE_ACTION_API_PATH, RewriteRequestCase, RewriteResponseCase } from '../../common'; import { verifyAccessAndContext } from './verify_access_and_context'; import { CreateOptions } from '../actions_client'; import { connectorResponseSchemaV1 } from '../../common/routes/connector/response'; +import { validateEmptyStrings } from '../../common/validate_empty_strings'; export const bodySchema = schema.object({ name: schema.string({ diff --git a/x-pack/plugins/actions/server/routes/index.ts b/x-pack/plugins/actions/server/routes/index.ts index 975eb662be415..cccca87d849e2 100644 --- a/x-pack/plugins/actions/server/routes/index.ts +++ b/x-pack/plugins/actions/server/routes/index.ts @@ -17,7 +17,7 @@ import { createActionRoute } from './create'; import { deleteConnectorRoute } from './connector/delete'; import { executeActionRoute } from './execute'; import { getConnectorRoute } from './connector/get'; -import { updateActionRoute } from './update'; +import { updateConnectorRoute } from './connector/update'; import { getOAuthAccessToken } from './get_oauth_access_token'; import { defineLegacyRoutes } from './legacy'; import { ActionsConfigurationUtilities } from '../actions_config'; @@ -40,7 +40,7 @@ export function defineRoutes(opts: RouteOptions) { deleteConnectorRoute(router, licenseState); getConnectorRoute(router, licenseState); getAllConnectorsRoute(router, licenseState); - updateActionRoute(router, licenseState); + updateConnectorRoute(router, licenseState); listTypesRoute(router, licenseState); executeActionRoute(router, licenseState); getGlobalExecutionLogRoute(router, licenseState); diff --git a/x-pack/plugins/actions/server/routes/update.ts b/x-pack/plugins/actions/server/routes/update.ts deleted file mode 100644 index 8e1ffcb2b3230..0000000000000 --- a/x-pack/plugins/actions/server/routes/update.ts +++ /dev/null @@ -1,93 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { schema } from '@kbn/config-schema'; -import { IRouter } from '@kbn/core/server'; -import { ILicenseState, validateEmptyStrings } from '../lib'; -import { BASE_ACTION_API_PATH, RewriteResponseCase } from '../../common'; -import { ActionResult, ActionsRequestHandlerContext } from '../types'; -import { verifyAccessAndContext } from './verify_access_and_context'; -import { connectorResponseSchemaV1 } from '../../common/routes/connector/response'; - -const paramSchema = schema.object({ - id: schema.string({ - meta: { description: 'An identifier for the connector.' }, - }), -}); - -export const bodySchema = schema.object({ - name: schema.string({ - validate: validateEmptyStrings, - meta: { description: 'The display name for the connector.' }, - }), - config: schema.recordOf(schema.string(), schema.any({ validate: validateEmptyStrings }), { - defaultValue: {}, - }), - secrets: schema.recordOf(schema.string(), schema.any({ validate: validateEmptyStrings }), { - defaultValue: {}, - }), -}); - -const rewriteBodyRes: RewriteResponseCase = ({ - actionTypeId, - isPreconfigured, - isMissingSecrets, - isDeprecated, - isSystemAction, - ...res -}) => ({ - ...res, - connector_type_id: actionTypeId, - is_preconfigured: isPreconfigured, - is_deprecated: isDeprecated, - is_missing_secrets: isMissingSecrets, - is_system_action: isSystemAction, -}); - -export const updateActionRoute = ( - router: IRouter, - licenseState: ILicenseState -) => { - router.put( - { - path: `${BASE_ACTION_API_PATH}/connector/{id}`, - options: { - access: 'public', - summary: `Update a connector`, - tags: ['oas-tag:connectors'], - }, - validate: { - request: { - body: bodySchema, - params: paramSchema, - }, - response: { - 200: { - description: 'Indicates a successful call.', - body: () => connectorResponseSchemaV1, - }, - }, - }, - }, - router.handleLegacyErrors( - verifyAccessAndContext(licenseState, async function (context, req, res) { - const actionsClient = (await context.actions).getActionsClient(); - const { id } = req.params; - const { name, config, secrets } = req.body; - - return res.ok({ - body: rewriteBodyRes( - await actionsClient.update({ - id, - action: { name, config, secrets }, - }) - ), - }); - }) - ) - ); -}; diff --git a/x-pack/plugins/aiops/public/components/change_point_detection/change_point_detection_context.tsx b/x-pack/plugins/aiops/public/components/change_point_detection/change_point_detection_context.tsx index 2a9ab8d535fa1..45ef73c5dd7b5 100644 --- a/x-pack/plugins/aiops/public/components/change_point_detection/change_point_detection_context.tsx +++ b/x-pack/plugins/aiops/public/components/change_point_detection/change_point_detection_context.tsx @@ -16,6 +16,7 @@ import { ES_FIELD_TYPES } from '@kbn/field-types'; import { type QueryDslQueryContainer } from '@kbn/data-views-plugin/common/types'; import type { TimeBuckets, TimeBucketsInterval } from '@kbn/ml-time-buckets'; import { useTimeBuckets } from '@kbn/ml-time-buckets'; +import { createDefaultQuery } from '@kbn/aiops-common/create_default_query'; import { useFilterQueryUpdates } from '../../hooks/use_filters_query'; import { type ChangePointType, DEFAULT_AGG_FUNCTION } from './constants'; import { @@ -261,23 +262,10 @@ export const ChangePointDetectionContextProvider: FC> const combinedQuery = useMemo(() => { const mergedQuery = createMergedEsQuery(resultQuery, resultFilters, dataView, uiSettings); - if (!Array.isArray(mergedQuery.bool?.filter)) { - if (!mergedQuery.bool) { - mergedQuery.bool = {}; - } - mergedQuery.bool.filter = []; - } - - mergedQuery.bool!.filter.push({ - range: { - [dataView.timeFieldName!]: { - from: searchBounds.min?.valueOf(), - to: searchBounds.max?.valueOf(), - }, - }, - }); - - return mergedQuery; + const to = searchBounds.max?.valueOf(); + const from = searchBounds.min?.valueOf(); + const timeRange = to !== undefined && from !== undefined ? { from, to } : undefined; + return createDefaultQuery(mergedQuery, dataView.timeFieldName!, timeRange); }, [resultFilters, resultQuery, uiSettings, dataView, searchBounds]); if (!bucketInterval) return null; diff --git a/x-pack/plugins/aiops/public/components/change_point_detection/change_point_detection_root.tsx b/x-pack/plugins/aiops/public/components/change_point_detection/change_point_detection_root.tsx index a259e3debfb04..36f8f3e2ddaf6 100644 --- a/x-pack/plugins/aiops/public/components/change_point_detection/change_point_detection_root.tsx +++ b/x-pack/plugins/aiops/public/components/change_point_detection/change_point_detection_root.tsx @@ -24,10 +24,10 @@ import { mlTimefilterRefresh$, } from '@kbn/ml-date-picker'; import { UI_SETTINGS } from '@kbn/data-plugin/common'; -import { AIOPS_TELEMETRY_ID } from '@kbn/aiops-common/constants'; +import { AIOPS_EMBEDDABLE_ORIGIN } from '@kbn/aiops-common/constants'; import { DataSourceContext } from '../../hooks/use_data_source'; -import type { AiopsAppDependencies } from '../../hooks/use_aiops_app_context'; +import type { AiopsAppContextValue } from '../../hooks/use_aiops_app_context'; import { AiopsAppContext } from '../../hooks/use_aiops_app_context'; import { AIOPS_STORAGE_KEYS } from '../../types/storage'; @@ -52,8 +52,8 @@ export interface ChangePointDetectionAppStateProps { dataView: DataView; /** The saved search to analyze. */ savedSearch: SavedSearch | null; - /** App dependencies */ - appDependencies: AiopsAppDependencies; + /** App context value */ + appContextValue: AiopsAppContextValue; /** Optional flag to indicate whether kibana is running in serverless */ showFrozenDataTierChoice?: boolean; } @@ -61,11 +61,11 @@ export interface ChangePointDetectionAppStateProps { export const ChangePointDetectionAppState: FC = ({ dataView, savedSearch, - appDependencies, + appContextValue, showFrozenDataTierChoice = true, }) => { const datePickerDeps: DatePickerDependencies = { - ...pick(appDependencies, ['data', 'http', 'notifications', 'theme', 'uiSettings', 'i18n']), + ...pick(appContextValue, ['data', 'http', 'notifications', 'theme', 'uiSettings', 'i18n']), uiSettingsKeys: UI_SETTINGS, showFrozenDataTierChoice, }; @@ -80,19 +80,19 @@ export const ChangePointDetectionAppState: FC return <>{warning}; } - appDependencies.embeddingOrigin = AIOPS_TELEMETRY_ID.AIOPS_DEFAULT_SOURCE; + appContextValue.embeddingOrigin = AIOPS_EMBEDDABLE_ORIGIN.ML_AIOPS_LABS; const PresentationContextProvider = - appDependencies.presentationUtil?.ContextProvider ?? React.Fragment; + appContextValue.presentationUtil?.ContextProvider ?? React.Fragment; - const CasesContext = appDependencies.cases?.ui.getCasesContext() ?? React.Fragment; - const casesPermissions = appDependencies.cases?.helpers.canUseCases(); + const CasesContext = appContextValue.cases?.ui.getCasesContext() ?? React.Fragment; + const casesPermissions = appContextValue.cases?.helpers.canUseCases(); return ( - + - + diff --git a/x-pack/plugins/aiops/public/components/log_categorization/log_categorization_app_state.tsx b/x-pack/plugins/aiops/public/components/log_categorization/log_categorization_app_state.tsx index dc9d8c8c0dba2..85e81ec0f2996 100644 --- a/x-pack/plugins/aiops/public/components/log_categorization/log_categorization_app_state.tsx +++ b/x-pack/plugins/aiops/public/components/log_categorization/log_categorization_app_state.tsx @@ -15,10 +15,9 @@ import { UrlStateProvider } from '@kbn/ml-url-state'; import { Storage } from '@kbn/kibana-utils-plugin/public'; import { DatePickerContextProvider, type DatePickerDependencies } from '@kbn/ml-date-picker'; import { UI_SETTINGS } from '@kbn/data-plugin/common'; -import { AIOPS_TELEMETRY_ID } from '@kbn/aiops-common/constants'; import { DataSourceContext } from '../../hooks/use_data_source'; -import type { AiopsAppDependencies } from '../../hooks/use_aiops_app_context'; +import type { AiopsAppContextValue } from '../../hooks/use_aiops_app_context'; import { AIOPS_STORAGE_KEYS } from '../../types/storage'; import { AiopsAppContext } from '../../hooks/use_aiops_app_context'; @@ -35,8 +34,8 @@ export interface LogCategorizationAppStateProps { dataView: DataView; /** The saved search to analyze. */ savedSearch: SavedSearch | null; - /** App dependencies */ - appDependencies: AiopsAppDependencies; + /** App context value */ + appContextValue: AiopsAppContextValue; /** Optional flag to indicate whether kibana is running in serverless */ showFrozenDataTierChoice?: boolean; } @@ -44,7 +43,7 @@ export interface LogCategorizationAppStateProps { export const LogCategorizationAppState: FC = ({ dataView, savedSearch, - appDependencies, + appContextValue, showFrozenDataTierChoice = true, }) => { if (!dataView) return null; @@ -56,18 +55,18 @@ export const LogCategorizationAppState: FC = ({ } const datePickerDeps: DatePickerDependencies = { - ...pick(appDependencies, ['data', 'http', 'notifications', 'theme', 'uiSettings', 'i18n']), + ...pick(appContextValue, ['data', 'http', 'notifications', 'theme', 'uiSettings', 'i18n']), uiSettingsKeys: UI_SETTINGS, showFrozenDataTierChoice, }; return ( - + - + diff --git a/x-pack/plugins/aiops/public/components/log_categorization/log_categorization_for_embeddable/log_categorization_for_discover.tsx b/x-pack/plugins/aiops/public/components/log_categorization/log_categorization_for_embeddable/log_categorization_for_discover.tsx index 27d680fc1769c..db2135e94ab74 100644 --- a/x-pack/plugins/aiops/public/components/log_categorization/log_categorization_for_embeddable/log_categorization_for_discover.tsx +++ b/x-pack/plugins/aiops/public/components/log_categorization/log_categorization_for_embeddable/log_categorization_for_discover.tsx @@ -19,7 +19,7 @@ import type { FieldValidationResults } from '@kbn/ml-category-validator'; import type { Category } from '@kbn/aiops-log-pattern-analysis/types'; import type { CategorizationAdditionalFilter } from '@kbn/aiops-log-pattern-analysis/create_category_request'; -import { AIOPS_TELEMETRY_ID } from '@kbn/aiops-common/constants'; +import { AIOPS_ANALYSIS_RUN_ORIGIN } from '@kbn/aiops-common/constants'; import type { EmbeddablePatternAnalysisInput } from '@kbn/aiops-log-pattern-analysis/embeddable'; import { css } from '@emotion/react'; import { useTableState } from '@kbn/ml-in-memory-table/hooks/use_table_state'; @@ -270,7 +270,7 @@ export const LogCategorizationDiscover: FC = ( searchQuery, runtimeMappings, { - [AIOPS_TELEMETRY_ID.AIOPS_ANALYSIS_RUN_ORIGIN]: embeddingOrigin, + [AIOPS_ANALYSIS_RUN_ORIGIN]: embeddingOrigin, } ), runCategorizeRequest( diff --git a/x-pack/plugins/aiops/public/components/log_categorization/log_categorization_for_embeddable/log_categorization_for_discover_wrapper.tsx b/x-pack/plugins/aiops/public/components/log_categorization/log_categorization_for_embeddable/log_categorization_for_discover_wrapper.tsx index 1af4f03a06bb3..6582ba5333b40 100644 --- a/x-pack/plugins/aiops/public/components/log_categorization/log_categorization_for_embeddable/log_categorization_for_discover_wrapper.tsx +++ b/x-pack/plugins/aiops/public/components/log_categorization/log_categorization_for_embeddable/log_categorization_for_discover_wrapper.tsx @@ -7,67 +7,40 @@ import type { FC } from 'react'; import React, { Suspense } from 'react'; -import type { ThemeServiceStart } from '@kbn/core-theme-browser'; -import type { DataPublicPluginStart } from '@kbn/data-plugin/public'; -import type { IUiSettingsClient } from '@kbn/core/public'; -import type { CoreStart } from '@kbn/core/public'; -import type { LensPublicStart } from '@kbn/lens-plugin/public'; -import type { FieldFormatsStart } from '@kbn/field-formats-plugin/public'; -import type { ChartsPluginStart } from '@kbn/charts-plugin/public'; -import type { UiActionsStart } from '@kbn/ui-actions-plugin/public'; +import { pick } from 'lodash'; + import { DatePickerContextProvider } from '@kbn/ml-date-picker'; import { StorageContextProvider } from '@kbn/ml-local-storage'; - -import { pick } from 'lodash'; import { UI_SETTINGS } from '@kbn/data-plugin/public'; import { Storage } from '@kbn/kibana-utils-plugin/public'; + import { AIOPS_STORAGE_KEYS } from '../../../types/storage'; -import type { AiopsAppDependencies } from '../../../hooks/use_aiops_app_context'; -import { AiopsAppContext } from '../../../hooks/use_aiops_app_context'; +import { AiopsAppContext, type AiopsAppContextValue } from '../../../hooks/use_aiops_app_context'; + import type { LogCategorizationEmbeddableProps } from './log_categorization_for_discover'; import { LogCategorizationDiscover } from './log_categorization_for_discover'; -export interface EmbeddableLogCategorizationDeps { - theme: ThemeServiceStart; - data: DataPublicPluginStart; - uiSettings: IUiSettingsClient; - http: CoreStart['http']; - notifications: CoreStart['notifications']; - i18n: CoreStart['i18n']; - lens: LensPublicStart; - fieldFormats: FieldFormatsStart; - application: CoreStart['application']; - charts: ChartsPluginStart; - uiActions: UiActionsStart; -} - export interface LogCategorizationEmbeddableWrapperProps { - deps: EmbeddableLogCategorizationDeps; + appContextValue: AiopsAppContextValue; props: LogCategorizationEmbeddableProps; - embeddingOrigin?: string; } const localStorage = new Storage(window.localStorage); export const LogCategorizationDiscoverWrapper: FC = ({ - deps, + appContextValue, props, - embeddingOrigin, }) => { - const I18nContext = deps.i18n.Context; - const aiopsAppContextValue = { - embeddingOrigin, - ...deps, - } as unknown as AiopsAppDependencies; + const I18nContext = appContextValue.i18n.Context; const datePickerDeps = { - ...pick(deps, ['data', 'http', 'notifications', 'theme', 'uiSettings', 'i18n']), + ...pick(appContextValue, ['data', 'http', 'notifications', 'theme', 'uiSettings', 'i18n']), uiSettingsKeys: UI_SETTINGS, }; return ( - + diff --git a/x-pack/plugins/aiops/public/components/log_categorization/log_categorization_for_embeddable/log_categorization_for_embeddable.tsx b/x-pack/plugins/aiops/public/components/log_categorization/log_categorization_for_embeddable/log_categorization_for_embeddable.tsx index 0d4cf093019cd..9178ac7428664 100644 --- a/x-pack/plugins/aiops/public/components/log_categorization/log_categorization_for_embeddable/log_categorization_for_embeddable.tsx +++ b/x-pack/plugins/aiops/public/components/log_categorization/log_categorization_for_embeddable/log_categorization_for_embeddable.tsx @@ -18,7 +18,7 @@ import type { Category } from '@kbn/aiops-log-pattern-analysis/types'; import type { CategorizationAdditionalFilter } from '@kbn/aiops-log-pattern-analysis/create_category_request'; import type { EmbeddablePatternAnalysisInput } from '@kbn/aiops-log-pattern-analysis/embeddable'; import { useTableState } from '@kbn/ml-in-memory-table/hooks/use_table_state'; -import { AIOPS_TELEMETRY_ID } from '@kbn/aiops-common/constants'; +import { AIOPS_ANALYSIS_RUN_ORIGIN } from '@kbn/aiops-common/constants'; import datemath from '@elastic/datemath'; import useMountedState from 'react-use/lib/useMountedState'; import { useFilterQueryUpdates } from '../../../hooks/use_filters_query'; @@ -224,7 +224,7 @@ export const LogCategorizationEmbeddable: FC = searchQuery, runtimeMappings, { - [AIOPS_TELEMETRY_ID.AIOPS_ANALYSIS_RUN_ORIGIN]: embeddingOrigin, + [AIOPS_ANALYSIS_RUN_ORIGIN]: embeddingOrigin, } ), runCategorizeRequest( diff --git a/x-pack/plugins/aiops/public/components/log_categorization/log_categorization_for_flyout.tsx b/x-pack/plugins/aiops/public/components/log_categorization/log_categorization_for_flyout.tsx index ec61dca179da2..2036c5d3a24e9 100644 --- a/x-pack/plugins/aiops/public/components/log_categorization/log_categorization_for_flyout.tsx +++ b/x-pack/plugins/aiops/public/components/log_categorization/log_categorization_for_flyout.tsx @@ -28,7 +28,7 @@ import { i18n } from '@kbn/i18n'; import { FormattedMessage } from '@kbn/i18n-react'; import { usePageUrlState } from '@kbn/ml-url-state'; import type { FieldValidationResults } from '@kbn/ml-category-validator'; -import { AIOPS_TELEMETRY_ID } from '@kbn/aiops-common/constants'; +import { AIOPS_ANALYSIS_RUN_ORIGIN } from '@kbn/aiops-common/constants'; import type { CategorizationAdditionalFilter } from '@kbn/aiops-log-pattern-analysis/create_category_request'; import type { Category } from '@kbn/aiops-log-pattern-analysis/types'; @@ -64,8 +64,6 @@ export interface LogCategorizationPageProps { savedSearch: SavedSearch | null; selectedField: DataViewField; onClose: () => void; - /** Identifier to indicate the plugin utilizing the component */ - embeddingOrigin: string; additionalFilter?: CategorizationAdditionalFilter; } @@ -76,7 +74,6 @@ export const LogCategorizationFlyout: FC = ({ savedSearch, selectedField, onClose, - embeddingOrigin, additionalFilter, }) => { const { @@ -85,6 +82,7 @@ export const LogCategorizationFlyout: FC = ({ query: { getState }, }, uiSettings, + embeddingOrigin, } = useAiopsAppContext(); const { runValidateFieldRequest, cancelRequest: cancelValidationRequest } = @@ -198,7 +196,7 @@ export const LogCategorizationFlyout: FC = ({ searchQuery, runtimeMappings, { - [AIOPS_TELEMETRY_ID.AIOPS_ANALYSIS_RUN_ORIGIN]: embeddingOrigin, + [AIOPS_ANALYSIS_RUN_ORIGIN]: embeddingOrigin, } ), runCategorizeRequest( diff --git a/x-pack/plugins/aiops/public/components/log_categorization/log_categorization_page.tsx b/x-pack/plugins/aiops/public/components/log_categorization/log_categorization_page.tsx index 567201fff0dd2..4c31f4df1e044 100644 --- a/x-pack/plugins/aiops/public/components/log_categorization/log_categorization_page.tsx +++ b/x-pack/plugins/aiops/public/components/log_categorization/log_categorization_page.tsx @@ -28,10 +28,10 @@ import { FormattedMessage } from '@kbn/i18n-react'; import { usePageUrlState, useUrlState } from '@kbn/ml-url-state'; import type { FieldValidationResults } from '@kbn/ml-category-validator'; import type { SearchQueryLanguage } from '@kbn/ml-query-utils'; -import { AIOPS_TELEMETRY_ID } from '@kbn/aiops-common/constants'; +import { AIOPS_ANALYSIS_RUN_ORIGIN } from '@kbn/aiops-common/constants'; import type { Category } from '@kbn/aiops-log-pattern-analysis/types'; - import { useTableState } from '@kbn/ml-in-memory-table/hooks/use_table_state'; + import { useDataSource } from '../../hooks/use_data_source'; import { useData } from '../../hooks/use_data'; import { useSearch } from '../../hooks/use_search'; @@ -59,14 +59,10 @@ import { useActions } from './category_table/use_actions'; const BAR_TARGET = 20; const DEFAULT_SELECTED_FIELD = 'message'; -interface LogCategorizationPageProps { - /** Identifier to indicate the plugin utilizing the component */ - embeddingOrigin: string; -} - -export const LogCategorizationPage: FC = ({ embeddingOrigin }) => { +export const LogCategorizationPage: FC = () => { const { notifications: { toasts }, + embeddingOrigin, } = useAiopsAppContext(); const { dataView, savedSearch } = useDataSource(); @@ -229,7 +225,7 @@ export const LogCategorizationPage: FC = ({ embeddin searchQuery, runtimeMappings, { - [AIOPS_TELEMETRY_ID.AIOPS_ANALYSIS_RUN_ORIGIN]: embeddingOrigin, + [AIOPS_ANALYSIS_RUN_ORIGIN]: embeddingOrigin, } ), diff --git a/x-pack/plugins/aiops/public/components/log_categorization/show_flyout.tsx b/x-pack/plugins/aiops/public/components/log_categorization/show_flyout.tsx index 87a2e9e934cc3..a97f4c7f7fe79 100644 --- a/x-pack/plugins/aiops/public/components/log_categorization/show_flyout.tsx +++ b/x-pack/plugins/aiops/public/components/log_categorization/show_flyout.tsx @@ -21,7 +21,7 @@ import { StorageContextProvider } from '@kbn/ml-local-storage'; import type { CategorizationAdditionalFilter } from '@kbn/aiops-log-pattern-analysis/create_category_request'; import type { AiopsPluginStartDeps } from '../../types'; import { LogCategorizationFlyout } from './log_categorization_for_flyout'; -import { AiopsAppContext, type AiopsAppDependencies } from '../../hooks/use_aiops_app_context'; +import { AiopsAppContext, type AiopsAppContextValue } from '../../hooks/use_aiops_app_context'; import { AIOPS_STORAGE_KEYS } from '../../types/storage'; const localStorage = new Storage(window.localStorage); @@ -43,13 +43,14 @@ export async function showCategorizeFlyout( resolve(); }; - const appDependencies: AiopsAppDependencies = { + const appContextValue: AiopsAppContextValue = { + embeddingOrigin: originatingApp, ...coreStart, ...plugins, }; const startServices = pick(coreStart, 'analytics', 'i18n', 'theme'); const datePickerDeps: DatePickerDependencies = { - ...pick(appDependencies, ['data', 'http', 'notifications', 'theme', 'uiSettings']), + ...pick(appContextValue, ['data', 'http', 'notifications', 'theme', 'uiSettings']), i18n, uiSettingsKeys: UI_SETTINGS, }; @@ -61,7 +62,7 @@ export async function showCategorizeFlyout( ...coreStart, }} > - + diff --git a/x-pack/plugins/aiops/public/components/log_categorization/use_validate_category_field.ts b/x-pack/plugins/aiops/public/components/log_categorization/use_validate_category_field.ts index edf055635f82a..571bb3d1e0f87 100644 --- a/x-pack/plugins/aiops/public/components/log_categorization/use_validate_category_field.ts +++ b/x-pack/plugins/aiops/public/components/log_categorization/use_validate_category_field.ts @@ -14,7 +14,7 @@ import type { FieldValidationResults } from '@kbn/ml-category-validator'; import type { HttpFetchOptions } from '@kbn/core/public'; import { AIOPS_API_ENDPOINT } from '@kbn/aiops-common/constants'; -import { createCategorizeQuery } from '@kbn/aiops-log-pattern-analysis/create_categorize_query'; +import { createDefaultQuery } from '@kbn/aiops-common/create_default_query'; import { useAiopsAppContext } from '../../hooks/use_aiops_app_context'; @@ -32,7 +32,7 @@ export function useValidateFieldRequest() { runtimeMappings: MappingRuntimeFields | undefined, headers?: HttpFetchOptions['headers'] ) => { - const query = createCategorizeQuery(queryIn, timeField, timeRange); + const query = createDefaultQuery(queryIn, timeField, timeRange); const resp = await http.post( AIOPS_API_ENDPOINT.CATEGORIZATION_FIELD_VALIDATION, { diff --git a/x-pack/plugins/aiops/public/components/log_rate_analysis/log_rate_analysis_app_state.tsx b/x-pack/plugins/aiops/public/components/log_rate_analysis/log_rate_analysis_app_state.tsx index 740bc87ef9cb3..89a8c9aee19ae 100644 --- a/x-pack/plugins/aiops/public/components/log_rate_analysis/log_rate_analysis_app_state.tsx +++ b/x-pack/plugins/aiops/public/components/log_rate_analysis/log_rate_analysis_app_state.tsx @@ -18,7 +18,7 @@ import { DatePickerContextProvider, type DatePickerDependencies } from '@kbn/ml- import { UI_SETTINGS } from '@kbn/data-plugin/common'; import { LogRateAnalysisReduxProvider } from '@kbn/aiops-log-rate-analysis/state'; -import type { AiopsAppDependencies } from '../../hooks/use_aiops_app_context'; +import type { AiopsAppContextValue } from '../../hooks/use_aiops_app_context'; import { AiopsAppContext } from '../../hooks/use_aiops_app_context'; import { DataSourceContext } from '../../hooks/use_data_source'; import { AIOPS_STORAGE_KEYS } from '../../types/storage'; @@ -36,8 +36,8 @@ export interface LogRateAnalysisAppStateProps { dataView: DataView; /** The saved search to analyze. */ savedSearch: SavedSearch | null; - /** App dependencies */ - appDependencies: AiopsAppDependencies; + /** App context value */ + appContextValue: AiopsAppContextValue; /** Optional flag to indicate whether to show contextual insights */ showContextualInsights?: boolean; /** Optional flag to indicate whether kibana is running in serverless */ @@ -47,7 +47,7 @@ export interface LogRateAnalysisAppStateProps { export const LogRateAnalysisAppState: FC = ({ dataView, savedSearch, - appDependencies, + appContextValue, showContextualInsights = false, showFrozenDataTierChoice = true, }) => { @@ -60,13 +60,13 @@ export const LogRateAnalysisAppState: FC = ({ } const datePickerDeps: DatePickerDependencies = { - ...pick(appDependencies, ['data', 'http', 'notifications', 'theme', 'uiSettings', 'i18n']), + ...pick(appContextValue, ['data', 'http', 'notifications', 'theme', 'uiSettings', 'i18n']), uiSettingsKeys: UI_SETTINGS, showFrozenDataTierChoice, }; return ( - + diff --git a/x-pack/plugins/aiops/public/components/log_rate_analysis/log_rate_analysis_content/log_rate_analysis_content.tsx b/x-pack/plugins/aiops/public/components/log_rate_analysis/log_rate_analysis_content/log_rate_analysis_content.tsx index e7c33dd43d18f..7bf43037f45c0 100644 --- a/x-pack/plugins/aiops/public/components/log_rate_analysis/log_rate_analysis_content/log_rate_analysis_content.tsx +++ b/x-pack/plugins/aiops/public/components/log_rate_analysis/log_rate_analysis_content/log_rate_analysis_content.tsx @@ -60,8 +60,6 @@ export interface LogRateAnalysisContentProps { onAnalysisCompleted?: (d: LogRateAnalysisResultsData) => void; /** Optional callback that exposes current window parameters */ onWindowParametersChange?: (wp?: WindowParameters, replace?: boolean) => void; - /** Identifier to indicate the plugin utilizing the component */ - embeddingOrigin: string; } export const LogRateAnalysisContent: FC = ({ @@ -70,7 +68,6 @@ export const LogRateAnalysisContent: FC = ({ barHighlightColorOverride, onAnalysisCompleted, onWindowParametersChange, - embeddingOrigin, }) => { const dispatch = useAppDispatch(); @@ -218,7 +215,6 @@ export const LogRateAnalysisContent: FC = ({ searchQuery={searchQuery} barColorOverride={barColorOverride} barHighlightColorOverride={barHighlightColorOverride} - embeddingOrigin={embeddingOrigin} /> )} {showNoAutoRunEmptyPrompt && ( diff --git a/x-pack/plugins/aiops/public/components/log_rate_analysis/log_rate_analysis_content/log_rate_analysis_content_wrapper.tsx b/x-pack/plugins/aiops/public/components/log_rate_analysis/log_rate_analysis_content/log_rate_analysis_content_wrapper.tsx index dace975115deb..96b1f3f2c80e4 100644 --- a/x-pack/plugins/aiops/public/components/log_rate_analysis/log_rate_analysis_content/log_rate_analysis_content_wrapper.tsx +++ b/x-pack/plugins/aiops/public/components/log_rate_analysis/log_rate_analysis_content/log_rate_analysis_content_wrapper.tsx @@ -21,7 +21,7 @@ import { UI_SETTINGS } from '@kbn/data-plugin/common'; import { LogRateAnalysisReduxProvider } from '@kbn/aiops-log-rate-analysis/state'; import { timeSeriesDataViewWarning } from '../../../application/utils/time_series_dataview_check'; -import { AiopsAppContext, type AiopsAppDependencies } from '../../../hooks/use_aiops_app_context'; +import { AiopsAppContext, type AiopsAppContextValue } from '../../../hooks/use_aiops_app_context'; import { DataSourceContext } from '../../../hooks/use_data_source'; import { AIOPS_STORAGE_KEYS } from '../../../types/storage'; @@ -39,7 +39,7 @@ export interface LogRateAnalysisContentWrapperProps { /** The data view to analyze. */ dataView: DataView; /** App dependencies */ - appDependencies: AiopsAppDependencies; + appContextValue: AiopsAppContextValue; /** Timestamp for start of initial analysis */ initialAnalysisStart?: number | WindowParameters; /** Optional time range */ @@ -57,13 +57,11 @@ export interface LogRateAnalysisContentWrapperProps { onAnalysisCompleted?: (d: LogRateAnalysisResultsData) => void; /** Optional flag to indicate whether kibana is running in serverless */ showFrozenDataTierChoice?: boolean; - /** Identifier to indicate the plugin utilizing the component */ - embeddingOrigin: string; } export const LogRateAnalysisContentWrapper: FC = ({ dataView, - appDependencies, + appContextValue, initialAnalysisStart, timeRange, esSearchQuery, @@ -71,7 +69,6 @@ export const LogRateAnalysisContentWrapper: FC { if (!dataView) return null; @@ -82,13 +79,13 @@ export const LogRateAnalysisContentWrapper: FC + @@ -103,7 +100,6 @@ export const LogRateAnalysisContentWrapper: FC diff --git a/x-pack/plugins/aiops/public/components/log_rate_analysis/log_rate_analysis_page.tsx b/x-pack/plugins/aiops/public/components/log_rate_analysis/log_rate_analysis_page.tsx index acaa2fb27d998..862de229958f0 100644 --- a/x-pack/plugins/aiops/public/components/log_rate_analysis/log_rate_analysis_page.tsx +++ b/x-pack/plugins/aiops/public/components/log_rate_analysis/log_rate_analysis_page.tsx @@ -19,7 +19,6 @@ import { FilterStateStore } from '@kbn/es-query'; import { useUrlState, usePageUrlState } from '@kbn/ml-url-state'; import type { SearchQueryLanguage } from '@kbn/ml-query-utils'; import type { WindowParameters } from '@kbn/aiops-log-rate-analysis'; -import { AIOPS_TELEMETRY_ID } from '@kbn/aiops-common/constants'; import { useAppDispatch, useCurrentSelectedSignificantItem, @@ -311,7 +310,6 @@ export const LogRateAnalysisPage: FC = ({ = ({ @@ -162,9 +160,8 @@ export const LogRateAnalysisResults: FC = ({ searchQuery, barColorOverride, barHighlightColorOverride, - embeddingOrigin, }) => { - const { analytics, http } = useAiopsAppContext(); + const { analytics, http, embeddingOrigin } = useAiopsAppContext(); const { dataView } = useDataSource(); const dispatch = useAppDispatch(); @@ -351,7 +348,7 @@ export const LogRateAnalysisResults: FC = ({ overrides, sampleProbability, }, - headers: { [AIOPS_TELEMETRY_ID.AIOPS_ANALYSIS_RUN_ORIGIN]: embeddingOrigin }, + headers: { [AIOPS_ANALYSIS_RUN_ORIGIN]: embeddingOrigin }, }; }, [ analysisType, diff --git a/x-pack/plugins/aiops/public/embeddables/change_point_chart/embeddable_change_point_chart_factory.tsx b/x-pack/plugins/aiops/public/embeddables/change_point_chart/embeddable_change_point_chart_factory.tsx index 7e0e00b7ac02d..7cf39eb1cf4ae 100644 --- a/x-pack/plugins/aiops/public/embeddables/change_point_chart/embeddable_change_point_chart_factory.tsx +++ b/x-pack/plugins/aiops/public/embeddables/change_point_chart/embeddable_change_point_chart_factory.tsx @@ -23,6 +23,7 @@ import { initializeTitles, useBatchedPublishingSubjects, } from '@kbn/presentation-publishing'; + import fastIsEqual from 'fast-deep-equal'; import { cloneDeep } from 'lodash'; import React, { useMemo } from 'react'; @@ -231,10 +232,9 @@ export const getChangePointChartEmbeddableFactory = ( const lastReloadRequestTime = useObservable(reload$, Date.now()); const timeRange = useObservable(timeRange$, undefined); - let embeddingOrigin; - if (apiHasExecutionContext(parentApi)) { - embeddingOrigin = parentApi.executionContext.type; - } + const embeddingOrigin = apiHasExecutionContext(parentApi) + ? parentApi.executionContext.type + : undefined; return ( (undefined); +export const AiopsAppContext = createContext(undefined); /** * Custom hook to get AIOps app dependency context. */ -export const useAiopsAppContext = (): AiopsAppDependencies => { +export const useAiopsAppContext = (): AiopsAppContextValue => { const aiopsAppContext = useContext(AiopsAppContext); // if `undefined`, throw an error diff --git a/x-pack/plugins/aiops/public/index.ts b/x-pack/plugins/aiops/public/index.ts index 6b34bd1d77c91..a498ce71544f8 100755 --- a/x-pack/plugins/aiops/public/index.ts +++ b/x-pack/plugins/aiops/public/index.ts @@ -15,7 +15,7 @@ export function plugin() { export type { AiopsPluginStart, AiopsPluginSetup } from './types'; -export type { AiopsAppDependencies } from './hooks/use_aiops_app_context'; +export type { AiopsAppContextValue } from './hooks/use_aiops_app_context'; export type { LogRateAnalysisAppStateProps } from './components/log_rate_analysis'; export type { LogRateAnalysisContentWrapperProps } from './components/log_rate_analysis/log_rate_analysis_content/log_rate_analysis_content_wrapper'; export type { LogCategorizationAppStateProps } from './components/log_categorization'; diff --git a/x-pack/plugins/aiops/public/shared_components/change_point_detection.tsx b/x-pack/plugins/aiops/public/shared_components/change_point_detection.tsx index 8746730f74134..9afbd9e1c4c8d 100644 --- a/x-pack/plugins/aiops/public/shared_components/change_point_detection.tsx +++ b/x-pack/plugins/aiops/public/shared_components/change_point_detection.tsx @@ -6,7 +6,7 @@ */ import { css } from '@emotion/react'; import type { ChangePointDetectionViewType } from '@kbn/aiops-change-point-detection/constants'; -import { EMBEDDABLE_ORIGIN } from '@kbn/aiops-common/constants'; +import { AIOPS_EMBEDDABLE_ORIGIN } from '@kbn/aiops-common/constants'; import type { CoreStart } from '@kbn/core-lifecycle-browser'; import { UI_SETTINGS } from '@kbn/data-service'; import type { TimeRange } from '@kbn/es-query'; @@ -21,7 +21,7 @@ import { type ChangePointAnnotation, } from '../components/change_point_detection/change_point_detection_context'; import { ChartGridEmbeddableWrapper } from '../embeddables/change_point_chart/embeddable_chart_component_wrapper'; -import { AiopsAppContext, type AiopsAppDependencies } from '../hooks/use_aiops_app_context'; +import { AiopsAppContext, type AiopsAppContextValue } from '../hooks/use_aiops_app_context'; import { DataSourceContextProvider } from '../hooks/use_data_source'; import { FilterQueryContextProvider } from '../hooks/use_filters_query'; import { ReloadContextProvider } from '../hooks/use_reload'; @@ -85,18 +85,19 @@ const ChangePointDetectionWrapper: FC = ({ lastReloadRequestTime, }) => { const deps = useMemo(() => { - const { http, uiSettings, notifications, ...startServices } = coreStart; - const { lens, data, usageCollection, fieldFormats } = pluginStart; + const { charts, lens, data, usageCollection, fieldFormats, share, storage, unifiedSearch } = + pluginStart; return { - http, - uiSettings, + charts, data, - notifications, lens, usageCollection, fieldFormats, - ...startServices, + unifiedSearch, + share, + storage, + ...coreStart, }; }, [coreStart, pluginStart]); @@ -105,11 +106,11 @@ const ChangePointDetectionWrapper: FC = ({ uiSettingsKeys: UI_SETTINGS, }; - const aiopsAppContextValue = useMemo(() => { + const aiopsAppContextValue = useMemo(() => { return { - embeddingOrigin: embeddingOrigin ?? EMBEDDABLE_ORIGIN, + embeddingOrigin: embeddingOrigin ?? AIOPS_EMBEDDABLE_ORIGIN.DEFAULT, ...deps, - } as unknown as AiopsAppDependencies; + }; }, [deps, embeddingOrigin]); const [manualReload$] = useState>( diff --git a/x-pack/plugins/aiops/public/shared_components/pattern_analysis.tsx b/x-pack/plugins/aiops/public/shared_components/pattern_analysis.tsx index af474f4f5ef3e..78261cd1f62f0 100644 --- a/x-pack/plugins/aiops/public/shared_components/pattern_analysis.tsx +++ b/x-pack/plugins/aiops/public/shared_components/pattern_analysis.tsx @@ -4,7 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ -import { EMBEDDABLE_ORIGIN } from '@kbn/aiops-common/constants'; +import { AIOPS_EMBEDDABLE_ORIGIN } from '@kbn/aiops-common/constants'; import type { Category } from '@kbn/aiops-log-pattern-analysis/types'; import type { CoreStart } from '@kbn/core-lifecycle-browser'; import { UI_SETTINGS } from '@kbn/data-service'; @@ -21,7 +21,7 @@ import type { RandomSamplerProbability, } from '../components/log_categorization/sampling_menu/random_sampler'; import { PatternAnalysisEmbeddableWrapper } from '../embeddables/pattern_analysis/pattern_analysys_component_wrapper'; -import { AiopsAppContext, type AiopsAppDependencies } from '../hooks/use_aiops_app_context'; +import { AiopsAppContext, type AiopsAppContextValue } from '../hooks/use_aiops_app_context'; import { DataSourceContextProvider } from '../hooks/use_data_source'; import { FilterQueryContextProvider } from '../hooks/use_filters_query'; import { ReloadContextProvider } from '../hooks/use_reload'; @@ -82,19 +82,19 @@ const PatternAnalysisWrapper: FC = ({ onChange, }) => { const deps = useMemo(() => { - const { http, uiSettings, notifications, ...startServices } = coreStart; - const { lens, data, usageCollection, fieldFormats, charts } = pluginStart; + const { lens, data, usageCollection, fieldFormats, charts, share, storage, unifiedSearch } = + pluginStart; return { - http, - uiSettings, data, - notifications, lens, usageCollection, fieldFormats, charts, - ...startServices, + share, + storage, + unifiedSearch, + ...coreStart, }; }, [coreStart, pluginStart]); @@ -103,11 +103,11 @@ const PatternAnalysisWrapper: FC = ({ uiSettingsKeys: UI_SETTINGS, }; - const aiopsAppContextValue = useMemo(() => { + const aiopsAppContextValue = useMemo(() => { return { - embeddingOrigin: embeddingOrigin ?? EMBEDDABLE_ORIGIN, + embeddingOrigin: embeddingOrigin ?? AIOPS_EMBEDDABLE_ORIGIN.DEFAULT, ...deps, - } as unknown as AiopsAppDependencies; + }; }, [deps, embeddingOrigin]); const [manualReload$] = useState>( diff --git a/x-pack/plugins/aiops/server/routes/categorization_field_validation/route_handler_factory.ts b/x-pack/plugins/aiops/server/routes/categorization_field_validation/route_handler_factory.ts index 950b6a9551d68..d0bfc4cb8a2db 100644 --- a/x-pack/plugins/aiops/server/routes/categorization_field_validation/route_handler_factory.ts +++ b/x-pack/plugins/aiops/server/routes/categorization_field_validation/route_handler_factory.ts @@ -13,7 +13,7 @@ import type { } from '@kbn/core/server'; import { categorizationExamplesProvider } from '@kbn/ml-category-validator'; import type { UsageCounter } from '@kbn/usage-collection-plugin/server'; -import { AIOPS_TELEMETRY_ID } from '@kbn/aiops-common/constants'; +import { AIOPS_ANALYSIS_RUN_ORIGIN } from '@kbn/aiops-common/constants'; import { AIOPS_API_ENDPOINT } from '@kbn/aiops-common/constants'; import type { CategorizationFieldValidationSchema } from '@kbn/aiops-log-pattern-analysis/schema'; @@ -34,7 +34,7 @@ export const routeHandlerFactory: ( const { headers } = request; trackAIOpsRouteUsage( `POST ${AIOPS_API_ENDPOINT.CATEGORIZATION_FIELD_VALIDATION}`, - headers[AIOPS_TELEMETRY_ID.AIOPS_ANALYSIS_RUN_ORIGIN], + headers[AIOPS_ANALYSIS_RUN_ORIGIN], usageCounter ); diff --git a/x-pack/plugins/aiops/server/routes/log_rate_analysis/route_handler_factory.ts b/x-pack/plugins/aiops/server/routes/log_rate_analysis/route_handler_factory.ts index e6e680c46a055..4421e8122d86e 100644 --- a/x-pack/plugins/aiops/server/routes/log_rate_analysis/route_handler_factory.ts +++ b/x-pack/plugins/aiops/server/routes/log_rate_analysis/route_handler_factory.ts @@ -16,7 +16,7 @@ import { withSpan } from '@kbn/apm-utils'; import type { Logger } from '@kbn/logging'; import { createExecutionContext } from '@kbn/ml-route-utils'; import type { UsageCounter } from '@kbn/usage-collection-plugin/server'; -import { AIOPS_TELEMETRY_ID, AIOPS_PLUGIN_ID } from '@kbn/aiops-common/constants'; +import { AIOPS_ANALYSIS_RUN_ORIGIN, AIOPS_PLUGIN_ID } from '@kbn/aiops-common/constants'; import type { AiopsLogRateAnalysisSchema, AiopsLogRateAnalysisApiVersion as ApiVersion, @@ -50,7 +50,7 @@ export function routeHandlerFactory( trackAIOpsRouteUsage( `POST ${AIOPS_API_ENDPOINT.LOG_RATE_ANALYSIS}`, - headers[AIOPS_TELEMETRY_ID.AIOPS_ANALYSIS_RUN_ORIGIN], + headers[AIOPS_ANALYSIS_RUN_ORIGIN], usageCounter ); diff --git a/x-pack/plugins/aiops/server/routes/log_rate_analysis_field_candidates/route_handler_factory.ts b/x-pack/plugins/aiops/server/routes/log_rate_analysis_field_candidates/route_handler_factory.ts index b640927588ef1..22ab36fa81fb9 100644 --- a/x-pack/plugins/aiops/server/routes/log_rate_analysis_field_candidates/route_handler_factory.ts +++ b/x-pack/plugins/aiops/server/routes/log_rate_analysis_field_candidates/route_handler_factory.ts @@ -14,7 +14,7 @@ import type { } from '@kbn/core/server'; import { createExecutionContext } from '@kbn/ml-route-utils'; import type { UsageCounter } from '@kbn/usage-collection-plugin/server'; -import { AIOPS_TELEMETRY_ID, AIOPS_PLUGIN_ID } from '@kbn/aiops-common/constants'; +import { AIOPS_ANALYSIS_RUN_ORIGIN, AIOPS_PLUGIN_ID } from '@kbn/aiops-common/constants'; import type { AiopsLogRateAnalysisSchema, AiopsLogRateAnalysisApiVersion as ApiVersion, @@ -44,7 +44,7 @@ export function routeHandlerFactory( trackAIOpsRouteUsage( `POST ${AIOPS_API_ENDPOINT.LOG_RATE_ANALYSIS_FIELD_CANDIDATES}`, - headers[AIOPS_TELEMETRY_ID.AIOPS_ANALYSIS_RUN_ORIGIN], + headers[AIOPS_ANALYSIS_RUN_ORIGIN], usageCounter ); diff --git a/x-pack/plugins/aiops/tsconfig.json b/x-pack/plugins/aiops/tsconfig.json index c606b479284c4..a90c72660f069 100644 --- a/x-pack/plugins/aiops/tsconfig.json +++ b/x-pack/plugins/aiops/tsconfig.json @@ -24,7 +24,6 @@ "@kbn/core-execution-context-browser", "@kbn/core-http-server", "@kbn/core-lifecycle-browser", - "@kbn/core-theme-browser", "@kbn/core-ui-settings-browser-mocks", "@kbn/core", "@kbn/data-plugin", diff --git a/x-pack/plugins/alerting/server/saved_objects/schemas/raw_rule/v1.ts b/x-pack/plugins/alerting/server/saved_objects/schemas/raw_rule/v1.ts index cc4d9311f8294..efa197ac5f590 100644 --- a/x-pack/plugins/alerting/server/saved_objects/schemas/raw_rule/v1.ts +++ b/x-pack/plugins/alerting/server/saved_objects/schemas/raw_rule/v1.ts @@ -167,9 +167,10 @@ const rawRuleAlertsFilterSchema = schema.object({ isMultiIndex: schema.maybe(schema.boolean()), type: schema.maybe(schema.string()), key: schema.maybe(schema.string()), - params: schema.maybe(schema.recordOf(schema.string(), schema.any())), // better type? + params: schema.maybe(schema.any()), value: schema.maybe(schema.string()), field: schema.maybe(schema.string()), + relation: schema.maybe(schema.oneOf([schema.literal('OR'), schema.literal('AND')])), }), $state: schema.maybe( schema.object({ diff --git a/x-pack/plugins/alerting/server/usage/task_state.test.ts b/x-pack/plugins/alerting/server/usage/task_state.test.ts index 28d186b421cd4..f7286a1952d7a 100644 --- a/x-pack/plugins/alerting/server/usage/task_state.test.ts +++ b/x-pack/plugins/alerting/server/usage/task_state.test.ts @@ -174,4 +174,180 @@ describe('telemetry task state', () => { expect(result).not.toHaveProperty('foo'); }); }); + + describe('v2', () => { + const v2 = stateSchemaByVersion[2]; + it('should work on empty object when running the up migration', () => { + const result = v2.up({}); + expect(result).toMatchInlineSnapshot(` + Object { + "avg_es_search_duration_by_type_per_day": Object {}, + "avg_es_search_duration_per_day": 0, + "avg_execution_time_by_type_per_day": Object {}, + "avg_execution_time_per_day": 0, + "avg_total_search_duration_by_type_per_day": Object {}, + "avg_total_search_duration_per_day": 0, + "connectors_per_alert": Object { + "avg": 0, + "max": 0, + "min": 0, + }, + "count_active_by_type": Object {}, + "count_active_total": 0, + "count_alerts_by_rule_type": Object {}, + "count_alerts_total": 0, + "count_by_type": Object {}, + "count_connector_types_by_consumers": Object {}, + "count_disabled_total": 0, + "count_failed_and_unrecognized_rule_tasks_by_status_by_type_per_day": Object {}, + "count_failed_and_unrecognized_rule_tasks_by_status_per_day": Object {}, + "count_failed_and_unrecognized_rule_tasks_per_day": 0, + "count_mw_total": 0, + "count_mw_with_filter_alert_toggle_on": 0, + "count_mw_with_repeat_toggle_on": 0, + "count_rules_by_execution_status": Object { + "error": 0, + "success": 0, + "warning": 0, + }, + "count_rules_by_execution_status_per_day": Object {}, + "count_rules_by_notify_when": Object { + "on_action_group_change": 0, + "on_active_alert": 0, + "on_throttle_interval": 0, + }, + "count_rules_executions_by_type_per_day": Object {}, + "count_rules_executions_failured_by_reason_by_type_per_day": Object {}, + "count_rules_executions_failured_by_reason_per_day": Object {}, + "count_rules_executions_failured_per_day": 0, + "count_rules_executions_per_day": 0, + "count_rules_executions_timeouts_by_type_per_day": Object {}, + "count_rules_executions_timeouts_per_day": 0, + "count_rules_muted": 0, + "count_rules_namespaces": 0, + "count_rules_snoozed": 0, + "count_rules_with_muted_alerts": 0, + "count_rules_with_tags": 0, + "count_total": 0, + "error_messages": undefined, + "has_errors": false, + "percentile_num_alerts_by_type_per_day": Object {}, + "percentile_num_alerts_per_day": Object {}, + "percentile_num_generated_actions_by_type_per_day": Object {}, + "percentile_num_generated_actions_per_day": Object {}, + "runs": 0, + "schedule_time": Object { + "avg": "0s", + "max": "0s", + "min": "0s", + }, + "schedule_time_number_s": Object { + "avg": 0, + "max": 0, + "min": 0, + }, + "throttle_time": Object { + "avg": "0s", + "max": "0s", + "min": "0s", + }, + "throttle_time_number_s": Object { + "avg": 0, + "max": 0, + "min": 0, + }, + } + `); + }); + + it(`shouldn't overwrite properties when running the up migration`, () => { + const state = { + avg_es_search_duration_by_type_per_day: { '.index-threshold': 1 }, + avg_es_search_duration_per_day: 2, + avg_execution_time_by_type_per_day: { '.index-threshold': 3 }, + avg_execution_time_per_day: 4, + avg_total_search_duration_by_type_per_day: { '.index-threshold': 5 }, + avg_total_search_duration_per_day: 6, + connectors_per_alert: { + avg: 7, + max: 8, + min: 9, + }, + count_active_by_type: { '.index-threshold': 10 }, + count_active_total: 11, + count_alerts_by_rule_type: {}, + count_alerts_total: 0, + count_by_type: { '.index-threshold': 12 }, + count_connector_types_by_consumers: { '.index-threshold': 13 }, + count_disabled_total: 14, + count_failed_and_unrecognized_rule_tasks_by_status_by_type_per_day: { + '.index-threshold': 15, + }, + count_failed_and_unrecognized_rule_tasks_by_status_per_day: { '.index-threshold': 16 }, + count_failed_and_unrecognized_rule_tasks_per_day: 17, + count_mw_total: 0, + count_mw_with_filter_alert_toggle_on: 0, + count_mw_with_repeat_toggle_on: 0, + count_rules_by_execution_status: { + error: 18, + success: 19, + warning: 20, + }, + count_rules_by_execution_status_per_day: { '.index-threshold': 21 }, + count_rules_by_notify_when: { + on_action_group_change: 22, + on_active_alert: 23, + on_throttle_interval: 24, + }, + count_rules_executions_by_type_per_day: { '.index-threshold': 25 }, + count_rules_executions_failured_by_reason_by_type_per_day: { '.index-threshold': 26 }, + count_rules_executions_failured_by_reason_per_day: { '.index-threshold': 27 }, + count_rules_executions_failured_per_day: 28, + count_rules_executions_per_day: 29, + count_rules_executions_timeouts_by_type_per_day: { '.index-threshold': 30 }, + count_rules_executions_timeouts_per_day: 31, + count_rules_muted: 32, + count_rules_namespaces: 33, + count_rules_snoozed: 34, + count_rules_with_muted_alerts: 35, + count_rules_with_tags: 36, + count_total: 37, + error_messages: ['foo'], + has_errors: true, + percentile_num_alerts_by_type_per_day: { '.index-threshold': 38 }, + percentile_num_alerts_per_day: { '.index-threshold': 39 }, + percentile_num_generated_actions_by_type_per_day: { '.index-threshold': 40 }, + percentile_num_generated_actions_per_day: { '.index-threshold': 41 }, + runs: 42, + schedule_time: { + avg: '43s', + max: '44s', + min: '45s', + }, + schedule_time_number_s: { + avg: 46, + max: 47, + min: 48, + }, + throttle_time: { + avg: '49s', + max: '50s', + min: '51s', + }, + throttle_time_number_s: { + avg: 52, + max: 53, + min: 54, + }, + }; + const result = v2.up(cloneDeep(state)); + expect(result).toEqual(state); + }); + + it('should drop unknown properties when running the up migration', () => { + const state = { foo: true }; + const result = v2.up(state); + expect(result).not.toHaveProperty('foo'); + }); + }); }); diff --git a/x-pack/plugins/alerting/server/usage/task_state.ts b/x-pack/plugins/alerting/server/usage/task_state.ts index ac9852b3dbace..3b33e540914ce 100644 --- a/x-pack/plugins/alerting/server/usage/task_state.ts +++ b/x-pack/plugins/alerting/server/usage/task_state.ts @@ -14,6 +14,112 @@ import { schema, TypeOf } from '@kbn/config-schema'; * As you add a new schema version, don't forget to change latestTaskStateSchema variable to reference the latest schema. * For example, changing stateSchemaByVersion[1].schema to stateSchemaByVersion[2].schema. */ + +const stateSchemaV1 = schema.object({ + has_errors: schema.boolean(), + error_messages: schema.maybe(schema.arrayOf(schema.any())), + runs: schema.number(), + count_total: schema.number(), + count_by_type: schema.recordOf(schema.string(), schema.number()), + throttle_time: schema.object({ + min: schema.string(), + avg: schema.string(), + max: schema.string(), + }), + schedule_time: schema.object({ + min: schema.string(), + avg: schema.string(), + max: schema.string(), + }), + throttle_time_number_s: schema.object({ + min: schema.number(), + avg: schema.number(), + max: schema.number(), + }), + schedule_time_number_s: schema.object({ + min: schema.number(), + avg: schema.number(), + max: schema.number(), + }), + connectors_per_alert: schema.object({ + min: schema.number(), + avg: schema.number(), + max: schema.number(), + }), + count_active_by_type: schema.recordOf(schema.string(), schema.number()), + count_active_total: schema.number(), + count_disabled_total: schema.number(), + count_rules_by_execution_status: schema.object({ + success: schema.number(), + error: schema.number(), + warning: schema.number(), + }), + count_rules_with_tags: schema.number(), + count_rules_by_notify_when: schema.object({ + on_action_group_change: schema.number(), + on_active_alert: schema.number(), + on_throttle_interval: schema.number(), + }), + count_rules_snoozed: schema.number(), + count_rules_muted: schema.number(), + count_rules_with_muted_alerts: schema.number(), + count_connector_types_by_consumers: schema.recordOf( + schema.string(), + schema.recordOf(schema.string(), schema.number()) + ), + count_rules_namespaces: schema.number(), + count_rules_executions_per_day: schema.number(), + count_rules_executions_by_type_per_day: schema.recordOf(schema.string(), schema.number()), + count_rules_executions_failured_per_day: schema.number(), + count_rules_executions_failured_by_reason_per_day: schema.recordOf( + schema.string(), + schema.number() + ), + count_rules_executions_failured_by_reason_by_type_per_day: schema.recordOf( + schema.string(), + schema.recordOf(schema.string(), schema.number()) + ), + count_rules_by_execution_status_per_day: schema.recordOf(schema.string(), schema.number()), + count_rules_executions_timeouts_per_day: schema.number(), + count_rules_executions_timeouts_by_type_per_day: schema.recordOf( + schema.string(), + schema.number() + ), + count_failed_and_unrecognized_rule_tasks_per_day: schema.number(), + count_failed_and_unrecognized_rule_tasks_by_status_per_day: schema.recordOf( + schema.string(), + schema.number() + ), + count_failed_and_unrecognized_rule_tasks_by_status_by_type_per_day: schema.recordOf( + schema.string(), + schema.recordOf(schema.string(), schema.number()) + ), + avg_execution_time_per_day: schema.number(), + avg_execution_time_by_type_per_day: schema.recordOf(schema.string(), schema.number()), + avg_es_search_duration_per_day: schema.number(), + avg_es_search_duration_by_type_per_day: schema.recordOf(schema.string(), schema.number()), + avg_total_search_duration_per_day: schema.number(), + avg_total_search_duration_by_type_per_day: schema.recordOf(schema.string(), schema.number()), + percentile_num_generated_actions_per_day: schema.recordOf(schema.string(), schema.number()), + percentile_num_generated_actions_by_type_per_day: schema.recordOf( + schema.string(), + schema.recordOf(schema.string(), schema.number()) + ), + percentile_num_alerts_per_day: schema.recordOf(schema.string(), schema.number()), + percentile_num_alerts_by_type_per_day: schema.recordOf( + schema.string(), + schema.recordOf(schema.string(), schema.number()) + ), +}); + +const stateSchemaV2 = stateSchemaV1.extends({ + count_mw_total: schema.number(), + count_mw_with_repeat_toggle_on: schema.number(), + count_mw_with_filter_alert_toggle_on: schema.number(), + count_alerts_total: schema.number(), + count_alerts_by_rule_type: schema.recordOf(schema.string(), schema.number()), +}); + export const stateSchemaByVersion = { 1: { // A task that was created < 8.10 will go through this "up" migration @@ -99,111 +205,22 @@ export const stateSchemaByVersion = { percentile_num_alerts_per_day: state.percentile_num_alerts_per_day || {}, percentile_num_alerts_by_type_per_day: state.percentile_num_alerts_by_type_per_day || {}, }), - schema: schema.object({ - has_errors: schema.boolean(), - error_messages: schema.maybe(schema.arrayOf(schema.any())), - runs: schema.number(), - count_total: schema.number(), - count_by_type: schema.recordOf(schema.string(), schema.number()), - throttle_time: schema.object({ - min: schema.string(), - avg: schema.string(), - max: schema.string(), - }), - schedule_time: schema.object({ - min: schema.string(), - avg: schema.string(), - max: schema.string(), - }), - throttle_time_number_s: schema.object({ - min: schema.number(), - avg: schema.number(), - max: schema.number(), - }), - schedule_time_number_s: schema.object({ - min: schema.number(), - avg: schema.number(), - max: schema.number(), - }), - connectors_per_alert: schema.object({ - min: schema.number(), - avg: schema.number(), - max: schema.number(), - }), - count_active_by_type: schema.recordOf(schema.string(), schema.number()), - count_active_total: schema.number(), - count_disabled_total: schema.number(), - count_rules_by_execution_status: schema.object({ - success: schema.number(), - error: schema.number(), - warning: schema.number(), - }), - count_rules_with_tags: schema.number(), - count_rules_by_notify_when: schema.object({ - on_action_group_change: schema.number(), - on_active_alert: schema.number(), - on_throttle_interval: schema.number(), - }), - count_rules_snoozed: schema.number(), - count_rules_muted: schema.number(), - count_mw_total: schema.number(), - count_mw_with_repeat_toggle_on: schema.number(), - count_mw_with_filter_alert_toggle_on: schema.number(), - count_rules_with_muted_alerts: schema.number(), - count_connector_types_by_consumers: schema.recordOf( - schema.string(), - schema.recordOf(schema.string(), schema.number()) - ), - count_rules_namespaces: schema.number(), - count_rules_executions_per_day: schema.number(), - count_rules_executions_by_type_per_day: schema.recordOf(schema.string(), schema.number()), - count_rules_executions_failured_per_day: schema.number(), - count_rules_executions_failured_by_reason_per_day: schema.recordOf( - schema.string(), - schema.number() - ), - count_rules_executions_failured_by_reason_by_type_per_day: schema.recordOf( - schema.string(), - schema.recordOf(schema.string(), schema.number()) - ), - count_rules_by_execution_status_per_day: schema.recordOf(schema.string(), schema.number()), - count_rules_executions_timeouts_per_day: schema.number(), - count_rules_executions_timeouts_by_type_per_day: schema.recordOf( - schema.string(), - schema.number() - ), - count_failed_and_unrecognized_rule_tasks_per_day: schema.number(), - count_failed_and_unrecognized_rule_tasks_by_status_per_day: schema.recordOf( - schema.string(), - schema.number() - ), - count_failed_and_unrecognized_rule_tasks_by_status_by_type_per_day: schema.recordOf( - schema.string(), - schema.recordOf(schema.string(), schema.number()) - ), - avg_execution_time_per_day: schema.number(), - avg_execution_time_by_type_per_day: schema.recordOf(schema.string(), schema.number()), - avg_es_search_duration_per_day: schema.number(), - avg_es_search_duration_by_type_per_day: schema.recordOf(schema.string(), schema.number()), - avg_total_search_duration_per_day: schema.number(), - avg_total_search_duration_by_type_per_day: schema.recordOf(schema.string(), schema.number()), - percentile_num_generated_actions_per_day: schema.recordOf(schema.string(), schema.number()), - percentile_num_generated_actions_by_type_per_day: schema.recordOf( - schema.string(), - schema.recordOf(schema.string(), schema.number()) - ), - percentile_num_alerts_per_day: schema.recordOf(schema.string(), schema.number()), - percentile_num_alerts_by_type_per_day: schema.recordOf( - schema.string(), - schema.recordOf(schema.string(), schema.number()) - ), - count_alerts_total: schema.number(), - count_alerts_by_rule_type: schema.recordOf(schema.string(), schema.number()), + schema: stateSchemaV1, + }, + 2: { + up: (state: Record) => ({ + ...stateSchemaByVersion[1].up(state), + count_mw_total: state.count_mw_total || 0, + count_mw_with_repeat_toggle_on: state.count_mw_with_repeat_toggle_on || 0, + count_mw_with_filter_alert_toggle_on: state.count_mw_with_filter_alert_toggle_on || 0, + count_alerts_total: state.count_alerts_total || 0, + count_alerts_by_rule_type: state.count_alerts_by_rule_type || {}, }), + schema: stateSchemaV2, }, }; -const latestTaskStateSchema = stateSchemaByVersion[1].schema; +const latestTaskStateSchema = stateSchemaByVersion[2].schema; export type LatestTaskStateSchema = TypeOf; export const emptyState: LatestTaskStateSchema = { diff --git a/x-pack/plugins/cases/public/components/custom_fields/index.test.tsx b/x-pack/plugins/cases/public/components/custom_fields/index.test.tsx index 26ee9b8476da6..fc6c774c20b0c 100644 --- a/x-pack/plugins/cases/public/components/custom_fields/index.test.tsx +++ b/x-pack/plugins/cases/public/components/custom_fields/index.test.tsx @@ -97,13 +97,12 @@ describe('CustomFields', () => { required: false, }); } + const customFields = [...customFieldsConfigurationMock, ...generatedMockCustomFields]; appMockRender.render(); - await userEvent.click(await screen.findByTestId('add-custom-field')); - expect(await screen.findByText(i18n.MAX_CUSTOM_FIELD_LIMIT(MAX_CUSTOM_FIELDS_PER_CASE))); - expect(await screen.findByTestId('add-custom-field')).toHaveAttribute('disabled'); + expect(screen.queryByTestId('add-custom-field')).not.toBeInTheDocument(); }); }); diff --git a/x-pack/plugins/cases/public/components/custom_fields/index.tsx b/x-pack/plugins/cases/public/components/custom_fields/index.tsx index 3c754d39a63fb..d749a7aba9bea 100644 --- a/x-pack/plugins/cases/public/components/custom_fields/index.tsx +++ b/x-pack/plugins/cases/public/components/custom_fields/index.tsx @@ -80,18 +80,9 @@ const CustomFieldsComponent: React.FC = ({ onDeleteCustomField={handleDeleteCustomField} onEditCustomField={onEditCustomField} /> - {error ? ( - - - - {i18n.MAX_CUSTOM_FIELD_LIMIT(MAX_CUSTOM_FIELDS_PER_CASE)} - - - - ) : null} ) : null} - + {!customFields.length ? ( @@ -102,18 +93,27 @@ const CustomFieldsComponent: React.FC = ({ ) : null} - - {i18n.ADD_CUSTOM_FIELD} - + {customFields.length < MAX_CUSTOM_FIELDS_PER_CASE ? ( + + {i18n.ADD_CUSTOM_FIELD} + + ) : ( + + + {i18n.MAX_CUSTOM_FIELD_LIMIT(MAX_CUSTOM_FIELDS_PER_CASE)} + + + )} + ) : null; diff --git a/x-pack/plugins/cases/public/components/templates/index.test.tsx b/x-pack/plugins/cases/public/components/templates/index.test.tsx index 1c7b6cc3ff0e6..7fcb563a54dde 100644 --- a/x-pack/plugins/cases/public/components/templates/index.test.tsx +++ b/x-pack/plugins/cases/public/components/templates/index.test.tsx @@ -130,9 +130,7 @@ describe('Templates', () => { appMockRender.render(); - await userEvent.click(await screen.findByTestId('add-template')); - expect(await screen.findByText(i18n.MAX_TEMPLATE_LIMIT(MAX_TEMPLATES_LENGTH))); - expect(await screen.findByTestId('add-template')).toHaveAttribute('disabled'); + expect(screen.queryByTestId('add-template')).not.toBeInTheDocument(); }); }); diff --git a/x-pack/plugins/cases/public/components/templates/index.tsx b/x-pack/plugins/cases/public/components/templates/index.tsx index 3be2bf92411a9..479101d2889ad 100644 --- a/x-pack/plugins/cases/public/components/templates/index.tsx +++ b/x-pack/plugins/cases/public/components/templates/index.tsx @@ -92,16 +92,9 @@ const TemplatesComponent: React.FC = ({ onEditTemplate={handleEditTemplate} onDeleteTemplate={handleDeleteTemplate} /> - {error ? ( - - - {i18n.MAX_TEMPLATE_LIMIT(MAX_TEMPLATES_LENGTH)} - - - ) : null} ) : null} - + {!templates.length ? ( @@ -113,16 +106,25 @@ const TemplatesComponent: React.FC = ({ {canAddTemplates ? ( - - {i18n.ADD_TEMPLATE} - + {templates.length < MAX_TEMPLATES_LENGTH ? ( + + {i18n.ADD_TEMPLATE} + + ) : ( + + + {i18n.MAX_TEMPLATE_LIMIT(MAX_TEMPLATES_LENGTH)} + + + )} + ) : null} diff --git a/x-pack/plugins/cloud_security_posture/common/constants.ts b/x-pack/plugins/cloud_security_posture/common/constants.ts index e5d95b882b2e7..d415d4cfcfc69 100644 --- a/x-pack/plugins/cloud_security_posture/common/constants.ts +++ b/x-pack/plugins/cloud_security_posture/common/constants.ts @@ -6,7 +6,7 @@ */ import { KSPM_POLICY_TEMPLATE, CSPM_POLICY_TEMPLATE } from '@kbn/cloud-security-posture-common'; -import type { VulnSeverity } from '@kbn/cloud-security-posture-common'; + import { AwsCredentialsTypeFieldMap, GcpCredentialsTypeFieldMap, PostureTypes } from './types_old'; export const CLOUD_SECURITY_INTERTAL_PREFIX_ROUTE_PATH = '/internal/cloud_security_posture/'; @@ -125,14 +125,6 @@ export const POSTURE_TYPES: { [x: string]: PostureTypes } = { [POSTURE_TYPE_ALL]: POSTURE_TYPE_ALL, }; -export const VULNERABILITIES_SEVERITY: Record = { - LOW: 'LOW', - MEDIUM: 'MEDIUM', - HIGH: 'HIGH', - CRITICAL: 'CRITICAL', - UNKNOWN: 'UNKNOWN', -}; - export const AWS_CREDENTIALS_TYPE_TO_FIELDS_MAP: AwsCredentialsTypeFieldMap = { assume_role: ['role_arn'], direct_access_keys: ['access_key_id', 'secret_access_key'], diff --git a/x-pack/plugins/cloud_security_posture/public/common/utils/get_vulnerability_colors.ts b/x-pack/plugins/cloud_security_posture/public/common/utils/get_vulnerability_colors.ts index fc63ac1131faa..cba51677dd58a 100644 --- a/x-pack/plugins/cloud_security_posture/public/common/utils/get_vulnerability_colors.ts +++ b/x-pack/plugins/cloud_security_posture/public/common/utils/get_vulnerability_colors.ts @@ -6,8 +6,6 @@ */ import { euiThemeVars } from '@kbn/ui-theme'; -import type { VulnSeverity } from '@kbn/cloud-security-posture-common'; -import { VULNERABILITIES_SEVERITY } from '../../../common/constants'; export const getCvsScoreColor = (score: number): string | undefined => { if (score <= 4) { @@ -20,18 +18,3 @@ export const getCvsScoreColor = (score: number): string | undefined => { return euiThemeVars.euiColorDanger; // critical severity } }; - -export const getSeverityStatusColor = (severity: VulnSeverity): string => { - switch (severity) { - case VULNERABILITIES_SEVERITY.LOW: - return euiThemeVars.euiColorVis0; - case VULNERABILITIES_SEVERITY.MEDIUM: - return euiThemeVars.euiColorVis5_behindText; - case VULNERABILITIES_SEVERITY.HIGH: - return euiThemeVars.euiColorVis9_behindText; - case VULNERABILITIES_SEVERITY.CRITICAL: - return euiThemeVars.euiColorDanger; - default: - return '#aaa'; - } -}; diff --git a/x-pack/plugins/cloud_security_posture/public/common/utils/get_vulnerabiltity_colors.test.ts b/x-pack/plugins/cloud_security_posture/public/common/utils/get_vulnerabiltity_colors.test.ts index e276e0eeeafce..5000e14a5afc6 100644 --- a/x-pack/plugins/cloud_security_posture/public/common/utils/get_vulnerabiltity_colors.test.ts +++ b/x-pack/plugins/cloud_security_posture/public/common/utils/get_vulnerabiltity_colors.test.ts @@ -6,7 +6,7 @@ */ import { euiThemeVars } from '@kbn/ui-theme'; -import { getCvsScoreColor, getSeverityStatusColor } from './get_vulnerability_colors'; +import { getCvsScoreColor } from './get_vulnerability_colors'; describe('getCvsScoreColor', () => { it('returns correct color for low severity score', () => { @@ -29,25 +29,3 @@ describe('getCvsScoreColor', () => { expect(getCvsScoreColor(-0.2)).toBe(euiThemeVars.euiColorVis0); }); }); - -describe('getSeverityStatusColor', () => { - it('should return the correct color for LOW severity', () => { - expect(getSeverityStatusColor('LOW')).toBe(euiThemeVars.euiColorVis0); - }); - - it('should return the correct color for MEDIUM severity', () => { - expect(getSeverityStatusColor('MEDIUM')).toBe(euiThemeVars.euiColorVis5_behindText); - }); - - it('should return the correct color for HIGH severity', () => { - expect(getSeverityStatusColor('HIGH')).toBe(euiThemeVars.euiColorVis9_behindText); - }); - - it('should return the correct color for CRITICAL severity', () => { - expect(getSeverityStatusColor('CRITICAL')).toBe(euiThemeVars.euiColorDanger); - }); - - it('should return #aaa for an unknown severity', () => { - expect(getSeverityStatusColor('UNKNOWN')).toBe('#aaa'); - }); -}); diff --git a/x-pack/plugins/cloud_security_posture/public/components/vulnerability_badges.tsx b/x-pack/plugins/cloud_security_posture/public/components/vulnerability_badges.tsx index cb4fbbad83a35..7d4095b4bd662 100644 --- a/x-pack/plugins/cloud_security_posture/public/components/vulnerability_badges.tsx +++ b/x-pack/plugins/cloud_security_posture/public/components/vulnerability_badges.tsx @@ -10,7 +10,8 @@ import React from 'react'; import { css } from '@emotion/react'; import { float } from '@elastic/elasticsearch/lib/api/typesWithBodyKey'; import type { VulnSeverity } from '@kbn/cloud-security-posture-common'; -import { getCvsScoreColor, getSeverityStatusColor } from '../common/utils/get_vulnerability_colors'; +import { getSeverityStatusColor } from '@kbn/cloud-security-posture'; +import { getCvsScoreColor } from '../common/utils/get_vulnerability_colors'; import { VULNERABILITIES_CVSS_SCORE_BADGE_SUBJ } from './test_subjects'; interface CVSScoreBadgeProps { diff --git a/x-pack/plugins/cloud_security_posture/public/components/vulnerability_severity_map.tsx b/x-pack/plugins/cloud_security_posture/public/components/vulnerability_severity_map.tsx index 74341095caac2..9046fcb265a86 100644 --- a/x-pack/plugins/cloud_security_posture/public/components/vulnerability_severity_map.tsx +++ b/x-pack/plugins/cloud_security_posture/public/components/vulnerability_severity_map.tsx @@ -17,7 +17,7 @@ import { import { PaletteColorStop } from '@elastic/eui/src/components/color_picker/color_palette_picker'; import type { VulnSeverity } from '@kbn/cloud-security-posture-common'; import { i18n } from '@kbn/i18n'; -import { getSeverityStatusColor } from '../common/utils/get_vulnerability_colors'; +import { getSeverityStatusColor } from '@kbn/cloud-security-posture'; import { SeverityStatusBadge } from './vulnerability_badges'; interface Props { diff --git a/x-pack/plugins/cloud_security_posture/public/pages/benchmarks/benchmarks.test.tsx b/x-pack/plugins/cloud_security_posture/public/pages/benchmarks/benchmarks.test.tsx index e11095bb622f0..4e52484dffbea 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/benchmarks/benchmarks.test.tsx +++ b/x-pack/plugins/cloud_security_posture/public/pages/benchmarks/benchmarks.test.tsx @@ -18,6 +18,7 @@ import { useCspSetupStatusApi } from '@kbn/cloud-security-posture/src/hooks/use_ import { useCspIntegrationLink } from '../../common/navigation/use_csp_integration_link'; import { ERROR_STATE_TEST_SUBJECT } from './benchmarks_table'; import { useLicenseManagementLocatorApi } from '../../common/api/use_license_management_locator_api'; +import { NO_FINDINGS_STATUS_TEST_SUBJ } from '../../components/test_subjects'; jest.mock('./use_csp_benchmark_integrations'); jest.mock('@kbn/cloud-security-posture/src/hooks/use_csp_setup_status_api'); @@ -85,6 +86,27 @@ describe('', () => { expect(screen.getByTestId(ERROR_STATE_TEST_SUBJECT)).toBeInTheDocument(); }); + it('renders unprivileged state ', () => { + (useCspSetupStatusApi as jest.Mock).mockImplementation(() => + createReactQueryResponse({ + status: 'success', + data: { + cspm: { status: 'unprivileged' }, + kspm: { status: 'unprivileged' }, + }, + }) + ); + + renderBenchmarks( + createReactQueryResponse({ + status: 'success', + data: { total: 1, items: [createCspBenchmarkIntegrationFixture()] }, + }) + ); + + expect(screen.getByTestId(NO_FINDINGS_STATUS_TEST_SUBJ.UNPRIVILEGED)).toBeInTheDocument(); + }); + it('renders the benchmarks table', () => { renderBenchmarks( createReactQueryResponse({ diff --git a/x-pack/plugins/cloud_security_posture/public/pages/benchmarks/benchmarks.tsx b/x-pack/plugins/cloud_security_posture/public/pages/benchmarks/benchmarks.tsx index dd6b8ce45318b..e3e4efc0db371 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/benchmarks/benchmarks.tsx +++ b/x-pack/plugins/cloud_security_posture/public/pages/benchmarks/benchmarks.tsx @@ -163,9 +163,14 @@ export const Benchmarks = () => { const getSetupStatus = useCspSetupStatusApi({ refetchInterval: NO_FINDINGS_STATUS_REFRESH_INTERVAL_MS, }); - const showConfigurationInstallPrompt = - getSetupStatus.data?.kspm?.status === 'not-installed' && - getSetupStatus.data?.cspm?.status === 'not-installed'; + + const kspmStatus = getSetupStatus.data?.kspm?.status; + const cspmStatus = getSetupStatus.data?.cspm?.status; + + const showNoFindingsStates = + (kspmStatus === 'not-installed' && cspmStatus === 'not-installed') || + cspmStatus === 'unprivileged' || + kspmStatus === 'unprivileged'; return ( @@ -182,7 +187,7 @@ export const Benchmarks = () => { bottomBorder /> - {showConfigurationInstallPrompt ? ( + {showNoFindingsStates ? ( ) : ( <> diff --git a/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/hooks/use_latest_vulnerabilities_grouping.tsx b/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/hooks/use_latest_vulnerabilities_grouping.tsx index f615ccdb4a293..516cbed0c3975 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/hooks/use_latest_vulnerabilities_grouping.tsx +++ b/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/hooks/use_latest_vulnerabilities_grouping.tsx @@ -14,7 +14,10 @@ import { parseGroupingQuery, } from '@kbn/grouping/src'; import { useMemo } from 'react'; -import { LATEST_VULNERABILITIES_RETENTION_POLICY } from '@kbn/cloud-security-posture-common'; +import { + LATEST_VULNERABILITIES_RETENTION_POLICY, + VULNERABILITIES_SEVERITY, +} from '@kbn/cloud-security-posture-common'; import { buildEsQuery, Filter } from '@kbn/es-query'; import { LOCAL_STORAGE_VULNERABILITIES_GROUPING_KEY, @@ -22,7 +25,6 @@ import { VULNERABILITY_FIELDS, } from '../../../common/constants'; import { useDataViewContext } from '../../../common/contexts/data_view_context'; -import { VULNERABILITIES_SEVERITY } from '../../../../common/constants'; import { VulnerabilitiesGroupingAggregation, VulnerabilitiesRootGroupingAggregation, diff --git a/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/utils/create_detection_rule_from_vulnerability.ts b/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/utils/create_detection_rule_from_vulnerability.ts index 7e817a3d56a15..a09f9130836b2 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/utils/create_detection_rule_from_vulnerability.ts +++ b/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/utils/create_detection_rule_from_vulnerability.ts @@ -7,12 +7,12 @@ import { HttpSetup } from '@kbn/core/public'; import { i18n } from '@kbn/i18n'; -import { LATEST_VULNERABILITIES_RETENTION_POLICY } from '@kbn/cloud-security-posture-common'; -import type { Vulnerability } from '@kbn/cloud-security-posture-common/schema/vulnerabilities/latest'; import { - VULNERABILITIES_INDEX_PATTERN, + LATEST_VULNERABILITIES_RETENTION_POLICY, VULNERABILITIES_SEVERITY, -} from '../../../../common/constants'; +} from '@kbn/cloud-security-posture-common'; +import type { Vulnerability } from '@kbn/cloud-security-posture-common/schema/vulnerabilities/latest'; +import { VULNERABILITIES_INDEX_PATTERN } from '../../../../common/constants'; import { createDetectionRule } from '../../../common/api/create_detection_rule'; const DEFAULT_RULE_RISK_SCORE = 0; diff --git a/x-pack/plugins/cloud_security_posture/public/pages/vulnerability_dashboard/vulnerability_statistics.tsx b/x-pack/plugins/cloud_security_posture/public/pages/vulnerability_dashboard/vulnerability_statistics.tsx index 6a82adcb4e05f..114f28ccfc271 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/vulnerability_dashboard/vulnerability_statistics.tsx +++ b/x-pack/plugins/cloud_security_posture/public/pages/vulnerability_dashboard/vulnerability_statistics.tsx @@ -8,11 +8,11 @@ import React, { useMemo } from 'react'; import { EuiFlexGroup, EuiFlexItem, EuiHealth } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; import { useNavigateVulnerabilities } from '@kbn/cloud-security-posture/src/hooks/use_navigate_findings'; +import { VULNERABILITIES_SEVERITY } from '@kbn/cloud-security-posture-common'; +import { getSeverityStatusColor } from '@kbn/cloud-security-posture'; import { VulnCounterCard, type VulnCounterCardProps } from '../../components/vuln_counter_card'; -import { VULNERABILITIES_SEVERITY } from '../../../common/constants'; import { useVulnerabilityDashboardApi } from '../../common/api/use_vulnerability_dashboard_api'; import { CompactFormattedNumber } from '../../components/compact_formatted_number'; -import { getSeverityStatusColor } from '../../common/utils/get_vulnerability_colors'; export const VulnerabilityStatistics = () => { const navToVulnerabilities = useNavigateVulnerabilities(); diff --git a/x-pack/plugins/cloud_security_posture/public/pages/vulnerability_dashboard/vulnerability_trend_graph.tsx b/x-pack/plugins/cloud_security_posture/public/pages/vulnerability_dashboard/vulnerability_trend_graph.tsx index ca29b18822fae..ff610b640cd3f 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/vulnerability_dashboard/vulnerability_trend_graph.tsx +++ b/x-pack/plugins/cloud_security_posture/public/pages/vulnerability_dashboard/vulnerability_trend_graph.tsx @@ -21,12 +21,12 @@ import { FormattedMessage } from '@kbn/i18n-react'; import { useNavigateVulnerabilities } from '@kbn/cloud-security-posture/src/hooks/use_navigate_findings'; import type { VulnSeverity } from '@kbn/cloud-security-posture-common'; +import { VULNERABILITIES_SEVERITY } from '@kbn/cloud-security-posture-common'; +import { getSeverityStatusColor } from '@kbn/cloud-security-posture'; import { truthy } from '../../../common/utils/helpers'; import { VulnStatsTrend } from '../../../common/types_old'; import { useVulnerabilityDashboardApi } from '../../common/api/use_vulnerability_dashboard_api'; -import { getSeverityStatusColor } from '../../common/utils/get_vulnerability_colors'; import { ChartPanel } from '../../components/chart_panel'; -import { VULNERABILITIES_SEVERITY } from '../../../common/constants'; import { useKibana } from '../../common/hooks/use_kibana'; const stackAccessors: VulnSeverity[] = [ diff --git a/x-pack/plugins/cloud_security_posture/server/routes/vulnerabilities_dashboard/get_vulnerabilities_statistics.ts b/x-pack/plugins/cloud_security_posture/server/routes/vulnerabilities_dashboard/get_vulnerabilities_statistics.ts index 905810f1efc01..e4c8bbaf1e6b1 100644 --- a/x-pack/plugins/cloud_security_posture/server/routes/vulnerabilities_dashboard/get_vulnerabilities_statistics.ts +++ b/x-pack/plugins/cloud_security_posture/server/routes/vulnerabilities_dashboard/get_vulnerabilities_statistics.ts @@ -7,8 +7,10 @@ import { SearchRequest } from '@elastic/elasticsearch/lib/api/types'; import { ElasticsearchClient } from '@kbn/core-elasticsearch-server'; -import { CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN } from '@kbn/cloud-security-posture-common'; -import { VULNERABILITIES_SEVERITY } from '../../../common/constants'; +import { + CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN, + VULNERABILITIES_SEVERITY, +} from '@kbn/cloud-security-posture-common'; export interface VulnerabilitiesStatisticsQueryResult { critical: { diff --git a/x-pack/plugins/cloud_security_posture/server/tasks/findings_stats_task.ts b/x-pack/plugins/cloud_security_posture/server/tasks/findings_stats_task.ts index 1f8614c6d4a5e..673ec5cb9f7a9 100644 --- a/x-pack/plugins/cloud_security_posture/server/tasks/findings_stats_task.ts +++ b/x-pack/plugins/cloud_security_posture/server/tasks/findings_stats_task.ts @@ -14,7 +14,10 @@ import { import type { SearchRequest } from '@elastic/elasticsearch/lib/api/types'; import { ElasticsearchClient } from '@kbn/core/server'; import { QueryDslQueryContainer } from '@kbn/data-views-plugin/common/types'; -import { CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN } from '@kbn/cloud-security-posture-common'; +import { + CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN, + VULNERABILITIES_SEVERITY, +} from '@kbn/cloud-security-posture-common'; import type { ISavedObjectsRepository, Logger } from '@kbn/core/server'; import { getMutedRulesFilterQuery } from '../routes/benchmark_rules/get_states/v1'; import { getSafePostureTypeRuntimeMapping } from '../../common/runtime_mappings/get_safe_posture_type_runtime_mapping'; @@ -25,7 +28,6 @@ import { CSPM_FINDINGS_STATS_INTERVAL, INTERNAL_CSP_SETTINGS_SAVED_OBJECT_TYPE, LATEST_FINDINGS_INDEX_DEFAULT_NS, - VULNERABILITIES_SEVERITY, VULN_MGMT_POLICY_TEMPLATE, } from '../../common/constants'; import { scheduleTaskSafe, removeTaskSafe } from '../lib/task_manager_util'; diff --git a/x-pack/plugins/enterprise_search/kibana.jsonc b/x-pack/plugins/enterprise_search/kibana.jsonc index 91221ef0ed95e..f631bd2dc53d1 100644 --- a/x-pack/plugins/enterprise_search/kibana.jsonc +++ b/x-pack/plugins/enterprise_search/kibana.jsonc @@ -7,9 +7,7 @@ "id": "enterpriseSearch", "server": true, "browser": true, - "configPath": [ - "enterpriseSearch" - ], + "configPath": ["enterpriseSearch"], "requiredPlugins": [ "data", "features", @@ -17,7 +15,7 @@ "logsShared", "logsDataAccess", "esUiShared", - "navigation", + "navigation" ], "optionalPlugins": [ "customIntegrations", @@ -31,7 +29,6 @@ "guidedOnboarding", "console", "searchConnectors", - "searchHomepage", "searchPlayground", "searchInferenceEndpoints", "embeddable", @@ -39,10 +36,8 @@ "charts", "cloud", "lens", - "share", + "share" ], - "requiredBundles": [ - "kibanaReact" - ] + "requiredBundles": ["kibanaReact"] } } diff --git a/x-pack/plugins/enterprise_search/public/applications/__mocks__/kea_logic/kibana_logic.mock.ts b/x-pack/plugins/enterprise_search/public/applications/__mocks__/kea_logic/kibana_logic.mock.ts index 5f4774be15b96..cca5523ded681 100644 --- a/x-pack/plugins/enterprise_search/public/applications/__mocks__/kea_logic/kibana_logic.mock.ts +++ b/x-pack/plugins/enterprise_search/public/applications/__mocks__/kea_logic/kibana_logic.mock.ts @@ -45,7 +45,6 @@ export const mockKibanaValues = { history: mockHistory, indexMappingComponent: null, isCloud: false, - isSearchHomepageEnabled: false, isSidebarEnabled: true, lens: { EmbeddableComponent: jest.fn(), @@ -65,7 +64,6 @@ export const mockKibanaValues = { hasWebCrawler: true, }, renderHeaderActions: jest.fn(), - searchHomepage: null, searchInferenceEndpoints: null, searchPlayground: searchPlaygroundMock.createStart(), security: securityMock.createStart(), diff --git a/x-pack/plugins/enterprise_search/public/applications/index.tsx b/x-pack/plugins/enterprise_search/public/applications/index.tsx index dab9c9a0b6049..eafa8827869d8 100644 --- a/x-pack/plugins/enterprise_search/public/applications/index.tsx +++ b/x-pack/plugins/enterprise_search/public/applications/index.tsx @@ -117,7 +117,6 @@ export const renderApp = ( guidedOnboarding, history, indexMappingComponent, - isSearchHomepageEnabled: plugins.searchHomepage?.isHomepageFeatureEnabled() ?? false, isSidebarEnabled, lens, ml, @@ -128,7 +127,6 @@ export const renderApp = ( params.setHeaderActionMenu( HeaderActions ? renderHeaderActions.bind(null, HeaderActions, store, params) : undefined ), - searchHomepage: plugins.searchHomepage, searchPlayground: plugins.searchPlayground, searchInferenceEndpoints: plugins.searchInferenceEndpoints, security, diff --git a/x-pack/plugins/enterprise_search/public/applications/search_homepage/components/layout/page_template.test.tsx b/x-pack/plugins/enterprise_search/public/applications/search_homepage/components/layout/page_template.test.tsx deleted file mode 100644 index c44cc39c5eb1d..0000000000000 --- a/x-pack/plugins/enterprise_search/public/applications/search_homepage/components/layout/page_template.test.tsx +++ /dev/null @@ -1,28 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import React from 'react'; - -import { TestHelper } from '../../../test_helpers/test_utils.test_helper'; - -import { SearchHomepagePageTemplate } from './page_template'; - -describe('SearchHomepagePageTemplate', () => { - beforeAll(() => { - TestHelper.prepare(); - }); - - it('renders as expected', async () => { - const { container } = TestHelper.render( - -
Test
- - ); - - expect(container.querySelector('.kbnSolutionNav__title')).toHaveTextContent('Search'); - }); -}); diff --git a/x-pack/plugins/enterprise_search/public/applications/search_homepage/components/layout/page_template.tsx b/x-pack/plugins/enterprise_search/public/applications/search_homepage/components/layout/page_template.tsx deleted file mode 100644 index 76f2e6e526239..0000000000000 --- a/x-pack/plugins/enterprise_search/public/applications/search_homepage/components/layout/page_template.tsx +++ /dev/null @@ -1,37 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import React from 'react'; - -import { SEARCH_PRODUCT_NAME } from '../../../../../common/constants'; -import { SetSearchChrome } from '../../../shared/kibana_chrome'; -import { EnterpriseSearchPageTemplateWrapper, PageTemplateProps } from '../../../shared/layout'; -import { useEnterpriseSearchNav } from '../../../shared/layout'; -import { SendEnterpriseSearchTelemetry } from '../../../shared/telemetry'; - -export const SearchHomepagePageTemplate: React.FC = ({ - children, - pageChrome, - pageViewTelemetry, - ...pageTemplateProps -}) => { - return ( - } - > - {pageViewTelemetry && ( - - )} - {children} - - ); -}; diff --git a/x-pack/plugins/enterprise_search/public/applications/search_homepage/components/search_homepage.tsx b/x-pack/plugins/enterprise_search/public/applications/search_homepage/components/search_homepage.tsx deleted file mode 100644 index a605010fcb00d..0000000000000 --- a/x-pack/plugins/enterprise_search/public/applications/search_homepage/components/search_homepage.tsx +++ /dev/null @@ -1,35 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import React from 'react'; - -import { useValues } from 'kea'; - -import { KibanaLogic } from '../../shared/kibana'; -import { SetSearchChrome } from '../../shared/kibana_chrome'; - -import { SearchHomepagePageTemplate } from './layout/page_template'; - -export const SearchHomepagePage = () => { - const { isSearchHomepageEnabled, searchHomepage } = useValues(KibanaLogic); - - if (!isSearchHomepageEnabled || !searchHomepage) { - return null; - } - - return ( - - - - - ); -}; diff --git a/x-pack/plugins/enterprise_search/public/applications/search_homepage/index.tsx b/x-pack/plugins/enterprise_search/public/applications/search_homepage/index.tsx deleted file mode 100644 index 43963f21d3b5d..0000000000000 --- a/x-pack/plugins/enterprise_search/public/applications/search_homepage/index.tsx +++ /dev/null @@ -1,42 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import React from 'react'; - -import { Routes, Route } from '@kbn/shared-ux-router'; - -import { isVersionMismatch } from '../../../common/is_version_mismatch'; -import type { InitialAppData } from '../../../common/types'; -import { VersionMismatchPage } from '../shared/version_mismatch'; - -import { SearchHomepagePage } from './components/search_homepage'; - -export const SearchHomepage: React.FC = (props) => { - const { enterpriseSearchVersion, kibanaVersion } = props; - const incompatibleVersions = isVersionMismatch(enterpriseSearchVersion, kibanaVersion); - - const showView = () => { - if (incompatibleVersions) { - return ( - - ); - } - - return ; - }; - - return ( - - - {showView()} - - - ); -}; diff --git a/x-pack/plugins/enterprise_search/public/applications/search_homepage/jest.config.js b/x-pack/plugins/enterprise_search/public/applications/search_homepage/jest.config.js deleted file mode 100644 index c18a3561afb65..0000000000000 --- a/x-pack/plugins/enterprise_search/public/applications/search_homepage/jest.config.js +++ /dev/null @@ -1,26 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -module.exports = { - preset: '@kbn/test', - rootDir: '../../../../../..', - roots: ['/x-pack/plugins/enterprise_search/public/applications/search_homepage'], - collectCoverage: true, - coverageReporters: ['text', 'html'], - collectCoverageFrom: [ - '/x-pack/plugins/enterprise_search/public/applications/**/*.{ts,tsx}', - '!/x-pack/plugins/enterprise_search/public/*.ts', - '!/x-pack/plugins/enterprise_search/server/*.ts', - '!/x-pack/plugins/enterprise_search/public/applications/test_helpers/**/*.{ts,tsx}', - ], - coverageDirectory: - '/target/kibana-coverage/jest/x-pack/plugins/enterprise_search/public/applications/search_homepage', - modulePathIgnorePatterns: [ - '/x-pack/plugins/enterprise_search/public/applications/app_search/cypress', - '/x-pack/plugins/enterprise_search/public/applications/workplace_search/cypress', - ], -}; diff --git a/x-pack/plugins/enterprise_search/public/applications/shared/kibana/kibana_logic.ts b/x-pack/plugins/enterprise_search/public/applications/shared/kibana/kibana_logic.ts index 939d92745006c..f74345a1c75c1 100644 --- a/x-pack/plugins/enterprise_search/public/applications/shared/kibana/kibana_logic.ts +++ b/x-pack/plugins/enterprise_search/public/applications/shared/kibana/kibana_logic.ts @@ -29,7 +29,6 @@ import { LensPublicStart } from '@kbn/lens-plugin/public'; import { MlPluginStart } from '@kbn/ml-plugin/public'; import { ELASTICSEARCH_URL_PLACEHOLDER } from '@kbn/search-api-panels/constants'; import { ConnectorDefinition } from '@kbn/search-connectors-plugin/public'; -import type { SearchHomepagePluginStart } from '@kbn/search-homepage/public'; import { SearchInferenceEndpointsPluginStart } from '@kbn/search-inference-endpoints/public'; import { SearchPlaygroundPluginStart } from '@kbn/search-playground/public'; import { AuthenticatedUser, SecurityPluginStart } from '@kbn/security-plugin/public'; @@ -59,7 +58,6 @@ export interface KibanaLogicProps { guidedOnboarding?: GuidedOnboardingPluginStart; history: ScopedHistory; indexMappingComponent?: React.FC; - isSearchHomepageEnabled: boolean; isSidebarEnabled: boolean; lens?: LensPublicStart; ml?: MlPluginStart; @@ -67,7 +65,6 @@ export interface KibanaLogicProps { productAccess: ProductAccess; productFeatures: ProductFeatures; renderHeaderActions(HeaderActions?: FC): void; - searchHomepage?: SearchHomepagePluginStart; searchInferenceEndpoints?: SearchInferenceEndpointsPluginStart; searchPlayground?: SearchPlaygroundPluginStart; security?: SecurityPluginStart; @@ -94,7 +91,6 @@ export interface KibanaValues { history: ScopedHistory; indexMappingComponent: React.FC | null; isCloud: boolean; - isSearchHomepageEnabled: boolean; isSidebarEnabled: boolean; lens: LensPublicStart | null; ml: MlPluginStart | null; @@ -102,7 +98,6 @@ export interface KibanaValues { productAccess: ProductAccess; productFeatures: ProductFeatures; renderHeaderActions(HeaderActions?: FC): void; - searchHomepage: SearchHomepagePluginStart | null; searchInferenceEndpoints: SearchInferenceEndpointsPluginStart | null; searchPlayground: SearchPlaygroundPluginStart | null; security: SecurityPluginStart | null; @@ -134,7 +129,6 @@ export const KibanaLogic = kea>({ guidedOnboarding: [props.guidedOnboarding || null, {}], history: [props.history, {}], indexMappingComponent: [props.indexMappingComponent || null, {}], - isSearchHomepageEnabled: [props.isSearchHomepageEnabled, {}], isSidebarEnabled: [props.isSidebarEnabled, {}], lens: [props.lens || null, {}], ml: [props.ml || null, {}], @@ -149,7 +143,6 @@ export const KibanaLogic = kea>({ productAccess: [props.productAccess, {}], productFeatures: [props.productFeatures, {}], renderHeaderActions: [props.renderHeaderActions, {}], - searchHomepage: [props.searchHomepage || null, {}], searchInferenceEndpoints: [props.searchInferenceEndpoints || null, {}], searchPlayground: [props.searchPlayground || null, {}], security: [props.security || null, {}], diff --git a/x-pack/plugins/enterprise_search/public/applications/shared/layout/nav.tsx b/x-pack/plugins/enterprise_search/public/applications/shared/layout/nav.tsx index 1c967c17c9c1e..3b3960a7a92ba 100644 --- a/x-pack/plugins/enterprise_search/public/applications/shared/layout/nav.tsx +++ b/x-pack/plugins/enterprise_search/public/applications/shared/layout/nav.tsx @@ -52,8 +52,7 @@ import { generateNavLink } from './nav_link_helpers'; * @returns The Enterprise Search navigation items */ export const useEnterpriseSearchNav = (alwaysReturn = false) => { - const { isSearchHomepageEnabled, searchHomepage, isSidebarEnabled, productAccess } = - useValues(KibanaLogic); + const { isSidebarEnabled, productAccess } = useValues(KibanaLogic); const { hasEnterpriseLicense } = useValues(LicensingLogic); @@ -74,10 +73,7 @@ export const useEnterpriseSearchNav = (alwaysReturn = false) => { ...generateNavLink({ shouldNotCreateHref: true, shouldShowActiveForSubroutes: true, - to: - isSearchHomepageEnabled && searchHomepage - ? searchHomepage.app.appRoute - : ENTERPRISE_SEARCH_OVERVIEW_PLUGIN.URL, + to: ENTERPRISE_SEARCH_OVERVIEW_PLUGIN.URL, }), }, { diff --git a/x-pack/plugins/enterprise_search/public/applications/test_helpers/test_utils.test_helper.tsx b/x-pack/plugins/enterprise_search/public/applications/test_helpers/test_utils.test_helper.tsx index 861152c024b65..d1729a50909ed 100644 --- a/x-pack/plugins/enterprise_search/public/applications/test_helpers/test_utils.test_helper.tsx +++ b/x-pack/plugins/enterprise_search/public/applications/test_helpers/test_utils.test_helper.tsx @@ -63,7 +63,6 @@ export const mockKibanaProps: KibanaLogicProps = { indexMappingComponent: () => { return <>; }, - isSearchHomepageEnabled: false, isSidebarEnabled: true, lens: { EmbeddableComponent: jest.fn(), @@ -86,7 +85,6 @@ export const mockKibanaProps: KibanaLogicProps = { hasWebCrawler: true, }, renderHeaderActions: jest.fn(), - searchHomepage: undefined, searchPlayground: searchPlaygroundMock.createStart(), security: securityMock.createStart(), setBreadcrumbs: jest.fn(), diff --git a/x-pack/plugins/enterprise_search/public/navigation_tree.ts b/x-pack/plugins/enterprise_search/public/navigation_tree.ts index 74db04a3141da..c893c56f372c7 100644 --- a/x-pack/plugins/enterprise_search/public/navigation_tree.ts +++ b/x-pack/plugins/enterprise_search/public/navigation_tree.ts @@ -69,14 +69,12 @@ const euiItemTypeToNodeDefinition = ({ export const getNavigationTreeDefinition = ({ dynamicItems$, - isSearchHomepageEnabled, }: { dynamicItems$: Observable; - isSearchHomepageEnabled: boolean; }): AddSolutionNavigationArg => { return { dataTestSubj: 'searchSideNav', - homePage: isSearchHomepageEnabled ? 'searchHomepage' : 'enterpriseSearch', + homePage: 'enterpriseSearch', icon, id: 'es', navigationTree$: dynamicItems$.pipe( @@ -88,7 +86,7 @@ export const getNavigationTreeDefinition = ({ breadcrumbStatus: 'hidden', children: [ { - link: isSearchHomepageEnabled ? 'searchHomepage' : 'enterpriseSearch', + link: 'enterpriseSearch', }, { getIsActive: ({ pathNameSerialized, prepend }) => { diff --git a/x-pack/plugins/enterprise_search/public/plugin.ts b/x-pack/plugins/enterprise_search/public/plugin.ts index 73dbe6885fdcc..a1558c4855aa7 100644 --- a/x-pack/plugins/enterprise_search/public/plugin.ts +++ b/x-pack/plugins/enterprise_search/public/plugin.ts @@ -32,10 +32,6 @@ import { MlPluginStart } from '@kbn/ml-plugin/public'; import type { NavigationPublicPluginStart } from '@kbn/navigation-plugin/public'; import { ELASTICSEARCH_URL_PLACEHOLDER } from '@kbn/search-api-panels/constants'; import { SearchConnectorsPluginStart } from '@kbn/search-connectors-plugin/public'; -import type { - SearchHomepagePluginSetup, - SearchHomepagePluginStart, -} from '@kbn/search-homepage/public'; import { SearchInferenceEndpointsPluginStart } from '@kbn/search-inference-endpoints/public'; import { SearchPlaygroundPluginStart } from '@kbn/search-playground/public'; import { SecurityPluginSetup, SecurityPluginStart } from '@kbn/security-plugin/public'; @@ -70,7 +66,6 @@ import { import { INFERENCE_ENDPOINTS_PATH } from './applications/enterprise_search_relevance/routes'; import { docLinks } from './applications/shared/doc_links'; -import { setBreadcrumbHomeUrl } from './applications/shared/kibana_chrome/breadcrumbs_home'; import type { DynamicSideNavItems } from './navigation_tree'; export interface ClientData extends InitialAppData { @@ -85,7 +80,6 @@ interface PluginsSetup { cloud?: CloudSetup; licensing: LicensingPluginStart; home?: HomePublicPluginSetup; - searchHomepage?: SearchHomepagePluginSetup; security?: SecurityPluginSetup; share?: SharePluginSetup; } @@ -102,7 +96,6 @@ export interface PluginsStart { ml?: MlPluginStart; navigation: NavigationPublicPluginStart; searchConnectors?: SearchConnectorsPluginStart; - searchHomepage?: SearchHomepagePluginStart; searchPlayground?: SearchPlaygroundPluginStart; searchInferenceEndpoints?: SearchInferenceEndpointsPluginStart; security?: SecurityPluginStart; @@ -264,56 +257,29 @@ export class EnterpriseSearchPlugin implements Plugin { } const { cloud, share } = plugins; - const useSearchHomepage = - plugins.searchHomepage && plugins.searchHomepage.isHomepageFeatureEnabled(); - - if (useSearchHomepage) { - const { app } = plugins.searchHomepage!; - core.application.register({ - ...app, - category: DEFAULT_APP_CATEGORIES.enterpriseSearch, - euiIconType: ENTERPRISE_SEARCH_OVERVIEW_PLUGIN.LOGO, - visibleIn: ['home', 'kibanaOverview', 'globalSearch', 'sideNav'], - mount: async (params: AppMountParameters) => { - const kibanaDeps = await this.getKibanaDeps(core, params, cloud); - const { chrome, http } = kibanaDeps.core; - chrome.docTitle.change(app.title); - - await this.getInitialData(http); - const pluginData = this.getPluginData(); - - const { renderApp } = await import('./applications'); - const { SearchHomepage } = await import('./applications/search_homepage'); - - return renderApp(SearchHomepage, kibanaDeps, pluginData); - }, - }); - setBreadcrumbHomeUrl(app.appRoute); - } else { - core.application.register({ - appRoute: ENTERPRISE_SEARCH_OVERVIEW_PLUGIN.URL, - category: DEFAULT_APP_CATEGORIES.enterpriseSearch, - euiIconType: ENTERPRISE_SEARCH_OVERVIEW_PLUGIN.LOGO, - id: ENTERPRISE_SEARCH_OVERVIEW_PLUGIN.ID, - mount: async (params: AppMountParameters) => { - const kibanaDeps = await this.getKibanaDeps(core, params, cloud); - const { chrome, http } = kibanaDeps.core; - chrome.docTitle.change(ENTERPRISE_SEARCH_OVERVIEW_PLUGIN.NAME); + core.application.register({ + appRoute: ENTERPRISE_SEARCH_OVERVIEW_PLUGIN.URL, + category: DEFAULT_APP_CATEGORIES.enterpriseSearch, + euiIconType: ENTERPRISE_SEARCH_OVERVIEW_PLUGIN.LOGO, + id: ENTERPRISE_SEARCH_OVERVIEW_PLUGIN.ID, + mount: async (params: AppMountParameters) => { + const kibanaDeps = await this.getKibanaDeps(core, params, cloud); + const { chrome, http } = kibanaDeps.core; + chrome.docTitle.change(ENTERPRISE_SEARCH_OVERVIEW_PLUGIN.NAME); - await this.getInitialData(http); - const pluginData = this.getPluginData(); + await this.getInitialData(http); + const pluginData = this.getPluginData(); - const { renderApp } = await import('./applications'); - const { EnterpriseSearchOverview } = await import( - './applications/enterprise_search_overview' - ); + const { renderApp } = await import('./applications'); + const { EnterpriseSearchOverview } = await import( + './applications/enterprise_search_overview' + ); - return renderApp(EnterpriseSearchOverview, kibanaDeps, pluginData); - }, - title: ENTERPRISE_SEARCH_OVERVIEW_PLUGIN.NAV_TITLE, - visibleIn: ['home', 'kibanaOverview', 'globalSearch', 'sideNav'], - }); - } + return renderApp(EnterpriseSearchOverview, kibanaDeps, pluginData); + }, + title: ENTERPRISE_SEARCH_OVERVIEW_PLUGIN.NAV_TITLE, + visibleIn: ['home', 'kibanaOverview', 'globalSearch', 'sideNav'], + }); core.application.register({ appRoute: ENTERPRISE_SEARCH_CONTENT_PLUGIN.URL, @@ -568,27 +534,14 @@ export class EnterpriseSearchPlugin implements Plugin { } if (plugins.home) { - if (useSearchHomepage) { - const { searchHomepage } = plugins; - - plugins.home.featureCatalogue.registerSolution({ - description: ENTERPRISE_SEARCH_OVERVIEW_PLUGIN.DESCRIPTION, - icon: 'logoEnterpriseSearch', - id: ENTERPRISE_SEARCH_OVERVIEW_PLUGIN.ID, - order: 100, - path: searchHomepage!.app.appRoute, - title: SEARCH_PRODUCT_NAME, - }); - } else { - plugins.home.featureCatalogue.registerSolution({ - description: ENTERPRISE_SEARCH_OVERVIEW_PLUGIN.DESCRIPTION, - icon: 'logoEnterpriseSearch', - id: ENTERPRISE_SEARCH_OVERVIEW_PLUGIN.ID, - order: 100, - path: ENTERPRISE_SEARCH_OVERVIEW_PLUGIN.URL, - title: SEARCH_PRODUCT_NAME, - }); - } + plugins.home.featureCatalogue.registerSolution({ + description: ENTERPRISE_SEARCH_OVERVIEW_PLUGIN.DESCRIPTION, + icon: 'logoEnterpriseSearch', + id: ENTERPRISE_SEARCH_OVERVIEW_PLUGIN.ID, + order: 100, + path: ENTERPRISE_SEARCH_OVERVIEW_PLUGIN.URL, + title: SEARCH_PRODUCT_NAME, + }); plugins.home.featureCatalogue.register({ category: 'data', @@ -658,7 +611,6 @@ export class EnterpriseSearchPlugin implements Plugin { return plugins.navigation.addSolutionNavigation( getNavigationTreeDefinition({ dynamicItems$: this.sideNavDynamicItems$, - isSearchHomepageEnabled: plugins.searchHomepage?.isHomepageFeatureEnabled() ?? false, }) ); }); diff --git a/x-pack/plugins/enterprise_search/tsconfig.json b/x-pack/plugins/enterprise_search/tsconfig.json index 841cebf28cf46..fa0751078c0f7 100644 --- a/x-pack/plugins/enterprise_search/tsconfig.json +++ b/x-pack/plugins/enterprise_search/tsconfig.json @@ -80,7 +80,6 @@ "@kbn/try-in-console", "@kbn/core-chrome-browser", "@kbn/navigation-plugin", - "@kbn/search-homepage", "@kbn/security-plugin-types-common", "@kbn/core-security-server", "@kbn/core-security-server-mocks" diff --git a/x-pack/plugins/fleet/common/openapi/README.md b/x-pack/plugins/fleet/common/openapi/README.md index 89431c194be8c..92977d6602761 100644 --- a/x-pack/plugins/fleet/common/openapi/README.md +++ b/x-pack/plugins/fleet/common/openapi/README.md @@ -1,39 +1,24 @@ # OpenAPI -The current self-contained spec file, available [as JSON](https://raw.githubusercontent.com/elastic/kibana/master/x-pack/plugins/fleet/common/openapi/bundled.json) or [as YAML](https://raw.githubusercontent.com/elastic/kibana/master/x-pack/plugins/fleet/common/openapi/bundled.yaml), can be used for online tools like those found at https://openapi.tools/. +There is a new way to generate openapi docs from the route definition in code. -For example, [click here to view the specification in the Swagger UI](https://petstore.swagger.io/?url=https://raw.githubusercontent.com/elastic/kibana/master/x-pack/plugins/fleet/common/openapi/bundled.json). +When adding a new route/modifying request/response parameters, make sure to add/update schema definitions when registering the route. +[Example](https://github.com/elastic/kibana/blob/5ea1ab0b8a21764aa54a5ef9650a0d8046f3f0a8/x-pack/plugins/fleet/server/routes/agent/index.ts#L96-L123) -A guide about the openApi specification can be found at [https://swagger.io/docs/specification/about/](https://swagger.io/docs/specification/about/). +Read more: https://docs.elastic.dev/kibana-dev-docs/genereating-oas-for-http-apis -Fleet API docs: https://www.elastic.co/guide/en/fleet/master/fleet-apis.html +To check the updated oas locally, run this script: -## The `openapi` folder - -- `entrypoint.yaml` is the overview file which links to the various files on disk. -- `bundled.{yaml,json}` is the resolved output of that entry & other files in a single file. Typically the best choice as input to tools. -- [Paths](paths/README.md): this defines each endpoint. A path can have one operation per http method. -- [Components](components/README.md): Reusable components like [`schemas`](https://github.com/OAI/OpenAPI-Specification/blob/master/versions/3.0.2.md#schemaObject), - [`responses`](https://github.com/OAI/OpenAPI-Specification/blob/master/versions/3.0.2.md#responseObject) - [`parameters`](https://github.com/OAI/OpenAPI-Specification/blob/master/versions/3.0.2.md#parameterObject) - -## Tools - -It is possible to validate the docs before bundling them with the following command: - -```shell -npx @redocly/cli lint entrypoint.yaml +``` +node scripts/capture_oas_snapshot --include-path /api/fleet --update ``` -Then generate the `bundled` files with the following: +Use `--include-path /api/fleet` to only generate fleet paths. -```shell -npx @redocly/openapi-cli bundle --ext yaml --output bundled.yaml entrypoint.yaml -npx @redocly/openapi-cli bundle --ext json --output bundled.json entrypoint.yaml -``` +Use `--no-serverless` to only generate for stateful. -Validate the resulting bundle via +Check the result in `oas_docs/bundle.json` and `oas_docs/bundle.serverless.json` -```shell -npx @redocly/cli lint bundled.json -``` +Check the result in Swagger UI by taking the raw file from the pr: https://petstore.swagger.io/?url=https://raw.githubusercontent.com/elastic/kibana/main/oas_docs/bundle.json + +Changes to the bundles don't have to be committed, it is auto-committed by CI in `capture_oas_snapshot.sh`. diff --git a/x-pack/plugins/fleet/common/openapi/bundled.json b/x-pack/plugins/fleet/common/openapi/bundled.json deleted file mode 100644 index 7ddd44baacf2d..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/bundled.json +++ /dev/null @@ -1,9583 +0,0 @@ -{ - "openapi": "3.0.0", - "tags": [ - { - "name": "Data streams" - }, - { - "name": "Elastic Agents" - }, - { - "name": "Elastic Agent actions" - }, - { - "name": "Elastic Agent binary download sources" - }, - { - "name": "Elastic Agent policies" - }, - { - "name": "Elastic Agent status" - }, - { - "name": "Elastic Package Manager (EPM)" - }, - { - "name": "Fleet enrollment API keys" - }, - { - "name": "Fleet internals" - }, - { - "name": "Fleet Server hosts" - }, - { - "name": "Fleet Kubernetes" - }, - { - "name": "Fleet outputs" - }, - { - "name": "Fleet package policies" - }, - { - "name": "Fleet proxies" - }, - { - "name": "Fleet service tokens" - }, - { - "name": "Fleet uninstall tokens" - } - ], - "info": { - "title": "Fleet", - "description": "OpenAPI schema for Fleet API endpoints", - "version": "0.2", - "contact": { - "name": "Fleet Team" - }, - "license": { - "name": "Elastic License 2.0", - "url": "https://www.elastic.co/licensing/elastic-license" - } - }, - "servers": [ - { - "url": "http://KIBANA_HOST:5601" - } - ], - "paths": { - "/api/fleet/health_check": { - "post": { - "summary": "Fleet Server health check", - "tags": [ - "Fleet internals" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "status": { - "type": "string" - }, - "id": { - "type": "string", - "description": "Fleet Server host id" - }, - "host": { - "type": "string", - "deprecated": true - } - } - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "fleet-server-health-check", - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - } - ], - "requestBody": { - "required": true, - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "host": { - "type": "string", - "deprecated": true - } - }, - "required": [ - "id" - ] - } - } - } - } - } - }, - "/api/fleet/setup": { - "post": { - "summary": "Initiate Fleet setup", - "tags": [ - "Fleet internals" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/fleet_setup_response" - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - }, - "500": { - "description": "Internal Server Error", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "message": { - "type": "string" - } - } - } - } - } - } - }, - "operationId": "setup", - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - } - ] - } - }, - "/api/fleet/settings": { - "get": { - "summary": "Get settings", - "tags": [ - "Fleet internals" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/fleet_settings_response" - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "get-settings" - }, - "put": { - "summary": "Update settings", - "tags": [ - "Fleet internals" - ], - "requestBody": { - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "fleet_server_hosts": { - "type": "array", - "description": "Protocol and path must be the same for each URL", - "items": { - "type": "string" - } - }, - "has_seen_add_data_notice": { - "type": "boolean" - }, - "additional_yaml_config": { - "type": "string" - } - } - } - } - } - }, - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/fleet_settings_response" - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "update-settings" - } - }, - "/api/fleet/service-tokens": { - "post": { - "summary": "Create service token", - "tags": [ - "Fleet service tokens" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "name": { - "type": "string" - }, - "value": { - "type": "string" - } - } - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "generate-service-token-deprecated", - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - } - ], - "deprecated": true - } - }, - "/api/fleet/service_tokens": { - "post": { - "summary": "Create service token", - "tags": [ - "Fleet service tokens" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "name": { - "type": "string" - }, - "value": { - "type": "string" - } - } - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "generate-service-token", - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - } - ] - } - }, - "/api/fleet/epm/verification_key_id": { - "get": { - "summary": "Get package signature verification key ID", - "tags": [ - "Elastic Package Manager (EPM)" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "body": { - "type": "object", - "properties": { - "id": { - "type": "string", - "nullable": true, - "description": "the key ID of the GPG key used to verify package signatures" - } - } - }, - "statusCode": { - "type": "number" - }, - "headers": { - "type": "object" - } - } - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "packages-get-verification-key-id" - }, - "parameters": [] - }, - "/api/fleet/epm/bulk_assets": { - "post": { - "summary": "Bulk get assets", - "tags": [ - "Elastic Package Manager (EPM)" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/get_bulk_assets_response" - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "bulk-get-assets", - "requestBody": { - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "assetIds": { - "type": "array", - "items": { - "type": "object", - "properties": { - "type": { - "type": "string" - }, - "id": { - "type": "string" - } - } - }, - "description": "list of items necessary to fetch assets" - } - }, - "required": [ - "assetIds" - ] - } - } - } - } - } - }, - "/api/fleet/epm/categories": { - "get": { - "summary": "List package categories", - "tags": [ - "Elastic Package Manager (EPM)" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/get_categories_response" - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "get-package-categories" - }, - "parameters": [ - { - "in": "query", - "name": "prerelease", - "schema": { - "type": "boolean", - "default": false - }, - "description": "Whether to include prerelease packages in categories count (e.g. beta, rc, preview)" - }, - { - "in": "query", - "name": "experimental", - "deprecated": true, - "schema": { - "type": "boolean", - "default": false - } - }, - { - "in": "query", - "name": "include_policy_templates", - "schema": { - "type": "boolean", - "default": false - } - } - ] - }, - "/api/fleet/epm/packages/limited": { - "get": { - "summary": "Get limited package list", - "tags": [ - "Elastic Package Manager (EPM)" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "items": { - "type": "array", - "items": { - "type": "string" - } - } - } - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "list-limited-packages" - }, - "parameters": [] - }, - "/api/fleet/epm/packages": { - "get": { - "summary": "List packages", - "tags": [ - "Elastic Package Manager (EPM)" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/get_packages_response" - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "list-all-packages", - "parameters": [ - { - "in": "query", - "name": "excludeInstallStatus", - "schema": { - "type": "boolean", - "default": false - }, - "description": "Whether to exclude the install status of each package. Enabling this option will opt in to caching for the response via `cache-control` headers. If you don't need up-to-date installation info for a package, and are querying for a list of available packages, providing this flag can improve performance substantially." - }, - { - "in": "query", - "name": "prerelease", - "schema": { - "type": "boolean", - "default": false - }, - "description": "Whether to return prerelease versions of packages (e.g. beta, rc, preview)" - }, - { - "in": "query", - "name": "experimental", - "deprecated": true, - "schema": { - "type": "boolean", - "default": false - } - }, - { - "in": "query", - "name": "category", - "schema": { - "type": "string" - } - } - ] - }, - "post": { - "summary": "Install by package by direct upload", - "tags": [ - "Elastic Package Manager (EPM)" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "items": { - "type": "array", - "items": { - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "type": { - "oneOf": [ - { - "$ref": "#/components/schemas/kibana_saved_object_type" - }, - { - "$ref": "#/components/schemas/elasticsearch_asset_type" - } - ] - } - }, - "required": [ - "id", - "type" - ] - } - }, - "_meta": { - "type": "object", - "properties": { - "install_source": { - "type": "string", - "enum": [ - "upload", - "registry", - "bundled" - ] - } - } - } - }, - "required": [ - "items" - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - }, - "429": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "install-package-by-upload", - "description": "", - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - }, - { - "in": "query", - "name": "ignoreMappingUpdateErrors", - "schema": { - "type": "boolean", - "default": false - }, - "description": "avoid erroring out on unexpected mapping update errors" - }, - { - "in": "query", - "name": "skipDataStreamRollover", - "schema": { - "type": "boolean", - "default": false - }, - "description": "Skip data stream rollover during index template mapping or settings update" - } - ], - "requestBody": { - "content": { - "application/zip": { - "schema": { - "type": "string", - "format": "binary" - } - }, - "application/gzip": { - "schema": { - "type": "string", - "format": "binary" - } - } - } - } - } - }, - "/api/fleet/epm/packages/_bulk": { - "post": { - "summary": "Bulk install packages", - "tags": [ - "Elastic Package Manager (EPM)" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/bulk_install_packages_response" - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "bulk-install-packages", - "parameters": [ - { - "in": "query", - "name": "prerelease", - "schema": { - "type": "boolean", - "default": false - }, - "description": "Whether to return prerelease versions of packages (e.g. beta, rc, preview)" - } - ], - "requestBody": { - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "packages": { - "type": "array", - "items": { - "oneOf": [ - { - "type": "string", - "description": "package name" - }, - { - "type": "object", - "properties": { - "name": { - "type": "string", - "description": "package name" - }, - "version": { - "type": "string", - "description": "package version" - } - } - } - ] - }, - "description": "list of packages to install" - }, - "force": { - "type": "boolean", - "description": "force install to ignore package verification errors" - } - }, - "required": [ - "packages" - ] - } - } - } - } - } - }, - "/api/fleet/epm/packages/{pkgkey}": { - "get": { - "summary": "Get package", - "tags": [ - "Elastic Package Manager (EPM)" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "allOf": [ - { - "properties": { - "response": { - "$ref": "#/components/schemas/package_info" - } - } - }, - { - "properties": { - "status": { - "type": "string", - "enum": [ - "installed", - "installing", - "install_failed", - "not_installed" - ] - }, - "savedObject": { - "type": "string" - } - }, - "required": [ - "status", - "savedObject" - ] - } - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "get-package-deprecated", - "security": [ - { - "basicAuth": [] - } - ], - "parameters": [ - { - "schema": { - "type": "string" - }, - "name": "pkgkey", - "in": "path", - "required": true - }, - { - "in": "query", - "name": "prerelease", - "schema": { - "type": "boolean", - "default": false - }, - "description": "Whether to return prerelease versions of packages (e.g. beta, rc, preview)" - } - ], - "deprecated": true - }, - "post": { - "summary": "Install package", - "tags": [ - "Elastic Package Manager (EPM)" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "response": { - "type": "array", - "items": { - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "type": { - "oneOf": [ - { - "$ref": "#/components/schemas/kibana_saved_object_type" - }, - { - "$ref": "#/components/schemas/elasticsearch_asset_type" - } - ] - } - }, - "required": [ - "id", - "type" - ] - } - } - }, - "required": [ - "response" - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "install-package-deprecated", - "description": "", - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - }, - { - "schema": { - "type": "string" - }, - "name": "pkgkey", - "in": "path", - "required": true - }, - { - "in": "query", - "name": "ignoreMappingUpdateErrors", - "schema": { - "type": "boolean", - "default": false - }, - "description": "avoid erroring out on unexpected mapping update errors" - }, - { - "in": "query", - "name": "skipDataStreamRollover", - "schema": { - "type": "boolean", - "default": false - }, - "description": "Skip data stream rollover during index template mapping or settings update" - } - ], - "requestBody": { - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "force": { - "type": "boolean" - } - } - } - } - } - }, - "deprecated": true - }, - "delete": { - "summary": "Delete ackage", - "tags": [ - "Elastic Package Manager (EPM)" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "response": { - "type": "array", - "items": { - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "type": { - "oneOf": [ - { - "$ref": "#/components/schemas/kibana_saved_object_type" - }, - { - "$ref": "#/components/schemas/elasticsearch_asset_type" - } - ] - } - }, - "required": [ - "id", - "type" - ] - } - } - }, - "required": [ - "response" - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "delete-package-deprecated", - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - }, - { - "schema": { - "type": "string" - }, - "name": "pkgkey", - "in": "path", - "required": true - } - ], - "requestBody": { - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "force": { - "type": "boolean" - } - } - } - } - } - }, - "deprecated": true - } - }, - "/api/fleet/epm/packages/{pkgName}/{pkgVersion}": { - "get": { - "summary": "Get package", - "tags": [ - "Elastic Package Manager (EPM)" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "allOf": [ - { - "properties": { - "item": { - "$ref": "#/components/schemas/package_info" - } - } - }, - { - "properties": { - "status": { - "type": "string", - "enum": [ - "installed", - "installing", - "install_failed", - "not_installed" - ] - }, - "savedObject": { - "type": "object", - "deprecated": true - }, - "latestVersion": { - "type": "string" - }, - "keepPoliciesUpToDate": { - "type": "boolean" - }, - "notice": { - "type": "string" - }, - "licensePath": { - "type": "string" - } - }, - "required": [ - "status", - "savedObject" - ] - } - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "get-package", - "security": [ - { - "basicAuth": [] - } - ] - }, - "parameters": [ - { - "schema": { - "type": "string" - }, - "name": "pkgName", - "in": "path", - "required": true - }, - { - "schema": { - "type": "string" - }, - "name": "pkgVersion", - "in": "path", - "required": true - }, - { - "schema": { - "type": "boolean" - }, - "name": "ignoreUnverified", - "description": "Ignore if the package is fails signature verification", - "in": "query" - }, - { - "schema": { - "type": "boolean" - }, - "name": "full", - "description": "Return all fields from the package manifest, not just those supported by the Elastic Package Registry", - "in": "query" - }, - { - "in": "query", - "name": "prerelease", - "schema": { - "type": "boolean", - "default": false - }, - "description": "Whether to return prerelease versions of packages (e.g. beta, rc, preview)" - } - ], - "post": { - "summary": "Install package", - "tags": [ - "Elastic Package Manager (EPM)" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "items": { - "type": "array", - "items": { - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "type": { - "oneOf": [ - { - "$ref": "#/components/schemas/kibana_saved_object_type" - }, - { - "$ref": "#/components/schemas/elasticsearch_asset_type" - } - ] - } - }, - "required": [ - "id", - "type" - ] - } - }, - "_meta": { - "type": "object", - "properties": { - "install_source": { - "type": "string", - "enum": [ - "registry", - "upload", - "bundled" - ] - } - } - } - }, - "required": [ - "items" - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "install-package", - "description": "", - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - }, - { - "in": "query", - "name": "ignoreMappingUpdateErrors", - "schema": { - "type": "boolean", - "default": false - }, - "description": "avoid erroring out on unexpected mapping update errors" - }, - { - "in": "query", - "name": "skipDataStreamRollover", - "schema": { - "type": "boolean", - "default": false - }, - "description": "Skip data stream rollover during index template mapping or settings update" - } - ], - "requestBody": { - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "force": { - "type": "boolean" - }, - "ignore_constraints": { - "type": "boolean" - } - } - } - } - } - } - }, - "put": { - "summary": "Update package settings", - "tags": [ - "Elastic Package Manager (EPM)" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "items": { - "type": "array", - "items": { - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "type": { - "oneOf": [ - { - "$ref": "#/components/schemas/kibana_saved_object_type" - }, - { - "$ref": "#/components/schemas/elasticsearch_asset_type" - } - ] - } - }, - "required": [ - "id", - "type" - ] - } - } - }, - "required": [ - "items" - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "update-package", - "description": "", - "requestBody": { - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "keepPoliciesUpToDate": { - "type": "boolean" - } - } - } - } - } - } - }, - "delete": { - "summary": "Delete package", - "tags": [ - "Elastic Package Manager (EPM)" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "items": { - "type": "array", - "items": { - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "type": { - "oneOf": [ - { - "$ref": "#/components/schemas/kibana_saved_object_type" - }, - { - "$ref": "#/components/schemas/elasticsearch_asset_type" - } - ] - } - }, - "required": [ - "id", - "type" - ] - } - } - }, - "required": [ - "items" - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "delete-package", - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - }, - { - "schema": { - "type": "boolean" - }, - "name": "force", - "description": "delete package even if policies used by agents", - "in": "query" - } - ], - "requestBody": { - "content": { - "application/json": { - "schema": { - "type": "object", - "deprecated": true, - "properties": { - "force": { - "type": "boolean" - } - } - } - } - } - } - } - }, - "/api/fleet/epm/packages/{pkgName}/{pkgVersion}/transforms/authorize": { - "post": { - "summary": "Authorize transforms", - "tags": [ - "Elastic Package Manager (EPM)" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "items": { - "type": "array", - "items": { - "type": "object", - "properties": { - "transformId": { - "type": "string" - }, - "success": { - "type": "boolean" - }, - "error": { - "type": "string" - } - }, - "required": [ - "transformId", - "error" - ] - } - } - }, - "required": [ - "items" - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "reauthorize-transforms", - "description": "", - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - }, - { - "schema": { - "type": "string" - }, - "name": "pkgName", - "in": "path", - "required": true - }, - { - "schema": { - "type": "string" - }, - "name": "pkgVersion", - "in": "path", - "required": true - }, - { - "in": "query", - "name": "prerelease", - "schema": { - "type": "boolean", - "default": false - }, - "description": "Whether to include prerelease packages in categories count (e.g. beta, rc, preview)" - } - ], - "requestBody": { - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "transforms": { - "type": "array", - "items": { - "type": "object", - "properties": { - "transformId": { - "type": "string" - } - } - } - } - } - } - } - } - } - } - }, - "/api/fleet/epm/packages/{pkgName}/{pkgVersion}/{filePath}": { - "get": { - "summary": "Get package file", - "tags": [ - "Elastic Package Manager (EPM)" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "body": { - "type": "object" - }, - "statusCode": { - "type": "number" - }, - "headers": { - "type": "object" - } - } - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "packages-get-file" - }, - "parameters": [ - { - "schema": { - "type": "string" - }, - "name": "pkgName", - "in": "path", - "required": true - }, - { - "schema": { - "type": "string" - }, - "name": "pkgVersion", - "in": "path", - "required": true - }, - { - "schema": { - "type": "string" - }, - "name": "filePath", - "in": "path", - "required": true - } - ] - }, - "/api/fleet/epm/packages/{pkgName}/stats": { - "get": { - "summary": "Get package stats", - "tags": [ - "Elastic Package Manager (EPM)" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "response": { - "$ref": "#/components/schemas/package_usage_stats" - } - }, - "required": [ - "response" - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "get-package-stats", - "security": [ - { - "basicAuth": [] - } - ] - }, - "parameters": [ - { - "schema": { - "type": "string" - }, - "name": "pkgName", - "in": "path", - "required": true - } - ] - }, - "/api/fleet/epm/templates/{pkgName}/{pkgVersion}/inputs": { - "get": { - "summary": "Get inputs template", - "tags": [ - "Elastic Package Manager (EPM)" - ], - "responses": { - "200": { - "description": "OK" - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "get-inputs-template", - "security": [ - { - "basicAuth": [] - } - ] - }, - "parameters": [ - { - "schema": { - "type": "string" - }, - "name": "pkgName", - "in": "path", - "required": true - }, - { - "schema": { - "type": "string" - }, - "name": "pkgVersion", - "in": "path", - "required": true - }, - { - "schema": { - "type": "string", - "enum": [ - "json", - "yaml", - "yml" - ] - }, - "name": "format", - "description": "Format of response - json or yaml", - "in": "query" - }, - { - "schema": { - "type": "boolean" - }, - "name": "prerelease", - "description": "Specify if version is prerelease", - "in": "query" - }, - { - "schema": { - "type": "boolean" - }, - "name": "ignoreUnverified", - "description": "Ignore if the package is fails signature verification", - "in": "query" - } - ] - }, - "/api/fleet/agents/setup": { - "get": { - "summary": "Get agent setup info", - "tags": [ - "Elastic Agents" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/fleet_status_response" - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "get-agents-setup-status", - "security": [ - { - "basicAuth": [] - } - ] - }, - "post": { - "summary": "Initiate agent setup", - "tags": [ - "Elastic Agents" - ], - "operationId": "setup-agents", - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/fleet_setup_response" - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "requestBody": { - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "admin_username": { - "type": "string" - }, - "admin_password": { - "type": "string" - } - }, - "required": [ - "admin_username", - "admin_password" - ] - } - } - } - }, - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - } - ] - } - }, - "/api/fleet/agent-status": { - "get": { - "summary": "Get agent status summary", - "tags": [ - "Elastic Agent status" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "error": { - "type": "integer" - }, - "events": { - "type": "integer" - }, - "inactive": { - "type": "integer" - }, - "offline": { - "type": "integer" - }, - "online": { - "type": "integer" - }, - "other": { - "type": "integer" - }, - "total": { - "type": "integer" - }, - "updating": { - "type": "integer" - } - }, - "required": [ - "error", - "events", - "inactive", - "offline", - "online", - "other", - "total", - "updating" - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "get-agent-status-deprecated", - "parameters": [ - { - "schema": { - "type": "string" - }, - "name": "policyId", - "in": "query", - "required": false - } - ], - "deprecated": true - } - }, - "/api/fleet/agent_status": { - "get": { - "summary": "Get agent status summary", - "tags": [ - "Elastic Agent status" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "error": { - "type": "integer" - }, - "events": { - "type": "integer" - }, - "inactive": { - "type": "integer" - }, - "unenrolled": { - "type": "integer" - }, - "offline": { - "type": "integer" - }, - "online": { - "type": "integer" - }, - "other": { - "type": "integer" - }, - "total": { - "type": "integer", - "deprecated": true - }, - "updating": { - "type": "integer" - }, - "all": { - "type": "integer" - }, - "active": { - "type": "integer" - } - }, - "required": [ - "active", - "all", - "error", - "events", - "inactive", - "offline", - "online", - "other", - "total", - "updating" - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "get-agent-status", - "parameters": [ - { - "schema": { - "type": "string" - }, - "name": "policyId", - "in": "query", - "required": false - }, - { - "schema": { - "type": "string" - }, - "name": "kuery", - "in": "query", - "required": false, - "deprecated": true - } - ] - } - }, - "/api/fleet/agent_status/data": { - "get": { - "summary": "Get incoming agent data", - "tags": [ - "Elastic Agent status" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "items": { - "type": "array", - "items": { - "type": "object", - "additionalProperties": { - "type": "object", - "properties": { - "data": { - "type": "boolean" - } - } - } - } - } - } - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "get-agent-data", - "parameters": [ - { - "schema": { - "type": "array", - "items": { - "type": "string" - } - }, - "name": "agentsIds", - "in": "query", - "required": true - } - ] - } - }, - "/api/fleet/agents": { - "get": { - "summary": "List agents", - "tags": [ - "Elastic Agents" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/get_agents_response" - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "get-agents", - "parameters": [ - { - "$ref": "#/components/parameters/page_size" - }, - { - "$ref": "#/components/parameters/page_index" - }, - { - "$ref": "#/components/parameters/kuery" - }, - { - "$ref": "#/components/parameters/show_inactive" - }, - { - "$ref": "#/components/parameters/show_upgradeable" - }, - { - "$ref": "#/components/parameters/sort_field" - }, - { - "$ref": "#/components/parameters/sort_order" - }, - { - "$ref": "#/components/parameters/with_metrics" - }, - { - "name": "getStatusSummary", - "in": "query", - "required": false, - "schema": { - "type": "boolean" - } - } - ], - "security": [ - { - "basicAuth": [] - } - ] - }, - "post": { - "summary": "List agents by action ids", - "tags": [ - "Elastic Agents" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/agent_get_by_actions" - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "get-agents-by-actions", - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - } - ], - "requestBody": { - "required": true, - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "actionIds": { - "type": "array", - "items": { - "type": "string" - } - } - }, - "required": [ - "policy_id" - ] - } - } - } - } - } - }, - "/api/fleet/agents/bulk_upgrade": { - "post": { - "summary": "Bulk upgrade agents", - "tags": [ - "Elastic Agents" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "actionId": { - "type": "string" - } - } - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "bulk-upgrade-agents", - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - } - ], - "requestBody": { - "required": true, - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/bulk_upgrade_agents" - }, - "example": { - "version": "8.4.0", - "source_uri": "https://artifacts.elastic.co/downloads/beats/elastic-agent", - "rollout_duration_seconds": 3600, - "agents": [ - "agent1", - "agent2" - ], - "start_time": "2022-08-03T14:00:00.000Z" - } - } - } - } - } - }, - "/api/fleet/agents/action_status": { - "get": { - "summary": "Get agent action status", - "tags": [ - "Elastic Agent actions" - ], - "parameters": [ - { - "$ref": "#/components/parameters/page_size" - }, - { - "$ref": "#/components/parameters/page_index" - }, - { - "schema": { - "type": "integer", - "default": 5 - }, - "in": "query", - "name": "errorSize" - } - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "items": { - "type": "array", - "items": { - "type": "object", - "properties": { - "actionId": { - "type": "string" - }, - "status": { - "type": "string", - "enum": [ - "COMPLETE", - "EXPIRED", - "CANCELLED", - "FAILED", - "IN_PROGRESS", - "ROLLOUT_PASSED" - ] - }, - "nbAgentsActioned": { - "type": "number", - "description": "number of agents actioned" - }, - "nbAgentsActionCreated": { - "type": "number", - "description": "number of agents included in action from kibana" - }, - "nbAgentsAck": { - "type": "number", - "description": "number of agents that acknowledged the action" - }, - "nbAgentsFailed": { - "type": "number", - "description": "number of agents that failed to execute the action" - }, - "version": { - "type": "string", - "description": "agent version number (UPGRADE action)" - }, - "startTime": { - "type": "string", - "description": "start time of action (scheduled actions)" - }, - "type": { - "type": "string", - "enum": [ - "POLICY_REASSIGN", - "UPGRADE", - "UNENROLL", - "FORCE_UNENROLL", - "UPDATE_TAGS", - "CANCEL", - "REQUEST_DIAGNOSTICS", - "SETTINGS", - "POLICY_CHANGE", - "INPUT_ACTION" - ] - }, - "expiration": { - "type": "string" - }, - "completionTime": { - "type": "string" - }, - "cancellationTime": { - "type": "string" - }, - "newPolicyId": { - "type": "string", - "description": "new policy id (POLICY_REASSIGN action)" - }, - "policyId": { - "type": "string", - "description": "policy id (POLICY_CHANGE action)" - }, - "revision": { - "type": "string", - "description": "new policy revision (POLICY_CHANGE action)" - }, - "creationTime": { - "type": "string", - "description": "creation time of action" - }, - "latestErrors": { - "type": "array", - "description": "latest errors that happened when the agents executed the action", - "items": { - "type": "object", - "properties": { - "agentId": { - "type": "string" - }, - "error": { - "type": "string" - }, - "timestamp": { - "type": "string" - } - } - } - } - }, - "required": [ - "actionId", - "complete", - "nbAgentsActioned", - "nbAgentsActionCreated", - "nbAgentsAck", - "nbAgentsFailed", - "status", - "creationTime", - "type" - ] - } - } - }, - "required": [ - "items" - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "agents-action-status" - } - }, - "/api/fleet/agents/{agentId}": { - "parameters": [ - { - "schema": { - "type": "string" - }, - "name": "agentId", - "in": "path", - "required": true - } - ], - "get": { - "summary": "Get agent by ID", - "tags": [ - "Elastic Agents" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "item": { - "$ref": "#/components/schemas/agent" - } - }, - "required": [ - "item" - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "get-agent", - "parameters": [ - { - "$ref": "#/components/parameters/with_metrics" - } - ] - }, - "put": { - "summary": "Update agent by ID", - "tags": [ - "Elastic Agents" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "item": { - "$ref": "#/components/schemas/agent" - } - }, - "required": [ - "item" - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "update-agent", - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - } - ], - "requestBody": { - "required": true, - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "user_provided_metadata": { - "type": "object" - }, - "tags": { - "type": "array", - "items": { - "type": "string" - } - } - } - } - } - } - } - }, - "delete": { - "summary": "Delete agent by ID", - "tags": [ - "Elastic Agents" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "action": { - "type": "string", - "enum": [ - "deleted" - ] - } - }, - "required": [ - "action" - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "delete-agent", - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - } - ] - } - }, - "/api/fleet/agents/{agentId}/actions": { - "parameters": [ - { - "schema": { - "type": "string" - }, - "name": "agentId", - "in": "path", - "required": true - } - ], - "post": { - "summary": "Create agent action", - "tags": [ - "Elastic Agent actions" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "body": { - "type": "array", - "items": { - "type": "number" - } - }, - "statusCode": { - "type": "number" - }, - "headers": { - "type": "string" - } - } - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "new-agent-action", - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - } - ], - "requestBody": { - "required": true, - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "action": { - "$ref": "#/components/schemas/agent_action" - } - } - } - } - } - } - } - }, - "/api/fleet/agents/actions/{actionId}/cancel": { - "parameters": [ - { - "schema": { - "type": "string" - }, - "name": "actionId", - "in": "path", - "required": true - } - ], - "post": { - "summary": "Cancel agent action", - "tags": [ - "Elastic Agent actions" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "item": { - "$ref": "#/components/schemas/agent_action" - } - } - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "agent-action-cancel", - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - } - ] - } - }, - "/api/fleet/agents/files/{fileId}/{fileName}": { - "parameters": [ - { - "schema": { - "type": "string" - }, - "name": "fileId", - "in": "path", - "required": true - }, - { - "schema": { - "type": "string" - }, - "name": "fileName", - "in": "path", - "required": true - } - ], - "get": { - "summary": "Get file uploaded by agent", - "tags": [ - "Elastic Agents" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "body": { - "type": "object", - "properties": { - "items": { - "type": "object", - "properties": { - "body": {}, - "headers": {} - } - } - } - } - } - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "get-agent-upload-file" - } - }, - "/api/fleet/agents/files/{fileId}": { - "parameters": [ - { - "schema": { - "type": "string" - }, - "name": "fileId", - "in": "path", - "required": true - } - ], - "delete": { - "summary": "Delete file uploaded by agent", - "tags": [ - "Elastic Agents" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "body": { - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "deleted": { - "type": "boolean" - } - } - } - } - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "delete-agent-upload-file" - } - }, - "/api/fleet/agents/{agentId}/reassign": { - "parameters": [ - { - "schema": { - "type": "string" - }, - "name": "agentId", - "in": "path", - "required": true - } - ], - "post": { - "summary": "Reassign agent", - "tags": [ - "Elastic Agents" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object" - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "reassign-agent", - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - } - ], - "requestBody": { - "required": true, - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "policy_id": { - "type": "string" - } - }, - "required": [ - "policy_id" - ] - } - } - } - } - }, - "put": { - "summary": "Reassign agent", - "tags": [ - "Elastic Agents" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object" - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "reassign-agent-deprecated", - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - } - ], - "requestBody": { - "required": true, - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "policy_id": { - "type": "string" - } - }, - "required": [ - "policy_id" - ] - } - } - } - }, - "deprecated": true - } - }, - "/api/fleet/agents/{agentId}/unenroll": { - "parameters": [ - { - "schema": { - "type": "string" - }, - "name": "agentId", - "in": "path", - "required": true - } - ], - "post": { - "summary": "Unenroll agent", - "tags": [ - "Elastic Agents" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object" - } - } - } - }, - "400": { - "description": "BAD REQUEST", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "error": { - "type": "string" - }, - "message": { - "type": "string" - }, - "statusCode": { - "type": "number", - "enum": [ - 400 - ] - } - } - } - } - } - } - }, - "operationId": "unenroll-agent", - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - } - ], - "requestBody": { - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "revoke": { - "type": "boolean" - }, - "force": { - "type": "boolean" - } - } - } - } - } - } - } - }, - "/api/fleet/agents/{agentId}/upgrade": { - "parameters": [ - { - "schema": { - "type": "string" - }, - "name": "agentId", - "in": "path", - "required": true - } - ], - "post": { - "summary": "Upgrade agent", - "tags": [ - "Elastic Agents" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/upgrade_agent" - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "upgrade-agent", - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - } - ], - "requestBody": { - "required": true, - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/upgrade_agent" - } - } - } - } - } - }, - "/api/fleet/agents/{agentId}/uploads": { - "parameters": [ - { - "schema": { - "type": "string" - }, - "name": "agentId", - "in": "path", - "required": true - } - ], - "get": { - "summary": "List agent uploads", - "tags": [ - "Elastic Agents" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "body": { - "type": "object", - "properties": { - "item": { - "type": "array", - "items": { - "$ref": "#/components/schemas/agent_diagnostics" - } - } - } - } - } - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "list-agent-uploads" - } - }, - "/api/fleet/agents/bulk_reassign": { - "post": { - "summary": "Bulk reassign agents", - "tags": [ - "Elastic Agents" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "actionId": { - "type": "string" - } - } - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "bulk-reassign-agents", - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - } - ], - "requestBody": { - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "policy_id": { - "type": "string", - "description": "new agent policy id" - }, - "agents": { - "oneOf": [ - { - "type": "string", - "description": "KQL query string, leave empty to action all agents" - }, - { - "type": "array", - "items": { - "type": "string" - }, - "description": "list of agent IDs" - } - ] - } - }, - "required": [ - "policy_id", - "agents" - ] - }, - "example": { - "policy_id": "policy_id", - "agents": "fleet-agents.policy_id : (\"policy1\" or \"policy2\")" - } - } - } - } - } - }, - "/api/fleet/agents/bulk_unenroll": { - "post": { - "summary": "Bulk unenroll agents", - "tags": [ - "Elastic Agents" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "actionId": { - "type": "string" - } - } - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "bulk-unenroll-agents", - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - } - ], - "requestBody": { - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "agents": { - "oneOf": [ - { - "type": "string", - "description": "KQL query string, leave empty to action all agents" - }, - { - "type": "array", - "items": { - "type": "string" - }, - "description": "list of agent IDs" - } - ] - }, - "revoke": { - "type": "boolean", - "description": "Revokes API keys of agents" - }, - "force": { - "type": "boolean", - "description": "Unenrolls hosted agents too" - }, - "includeInactive": { - "type": "boolean", - "description": "When passing agents by KQL query, unenrolls inactive agents too" - } - }, - "required": [ - "agents" - ] - }, - "example": { - "revoke": true, - "force": false, - "agents": [ - "agent1", - "agent2" - ] - } - } - } - } - } - }, - "/api/fleet/agents/bulk_update_agent_tags": { - "post": { - "summary": "Bulk update agent tags", - "tags": [ - "Elastic Agents" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "actionId": { - "type": "string" - } - } - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "bulk-update-agent-tags", - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - } - ], - "requestBody": { - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "agents": { - "oneOf": [ - { - "type": "string", - "description": "KQL query string, leave empty to action all agents" - }, - { - "type": "array", - "items": { - "type": "string" - }, - "description": "list of agent IDs" - } - ] - }, - "tagsToAdd": { - "type": "array", - "items": { - "type": "string" - } - }, - "tagsToRemove": { - "type": "array", - "items": { - "type": "string" - } - }, - "batchSize": { - "type": "number" - } - }, - "required": [ - "agents" - ] - }, - "example": { - "agents": [ - "agent1", - "agent2" - ], - "tagsToAdd": [ - "newTag" - ], - "tagsToRemove": [ - "existingTag" - ] - } - } - } - } - } - }, - "/api/fleet/agents/tags": { - "get": { - "summary": "List agent tags", - "tags": [ - "Elastic Agents" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/get_agent_tags_response" - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "get-agent-tags" - } - }, - "/api/fleet/agents/{agentId}/request_diagnostics": { - "parameters": [ - { - "schema": { - "type": "string" - }, - "name": "agentId", - "in": "path", - "required": true - } - ], - "post": { - "summary": "Request agent diagnostics", - "tags": [ - "Elastic Agents" - ], - "requestBody": { - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "additional_metrics": { - "type": "array", - "items": { - "oneOf": [ - { - "type": "string", - "enum": [ - "CPU" - ] - } - ] - } - } - } - } - } - } - }, - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "actionId": { - "type": "string" - } - } - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "request-diagnostics-agent", - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - } - ] - } - }, - "/api/fleet/agents/bulk_request_diagnostics": { - "post": { - "summary": "Bulk request diagnostics from agents", - "tags": [ - "Elastic Agents" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "actionId": { - "type": "string" - } - } - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "bulk-request-diagnostics", - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - } - ], - "requestBody": { - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "batchSize": { - "type": "number" - }, - "agents": { - "oneOf": [ - { - "type": "string", - "description": "KQL query string, leave empty to action all agents" - }, - { - "type": "array", - "items": { - "type": "string" - }, - "description": "list of agent IDs" - } - ] - }, - "additional_metrics": { - "type": "array", - "items": { - "oneOf": [ - { - "type": "string", - "enum": [ - "CPU" - ] - } - ] - } - } - }, - "required": [ - "agents" - ] - }, - "example": { - "agents": "fleet-agents.policy_id : (\"policy1\" or \"policy2\")" - } - } - } - } - } - }, - "/api/fleet/agent_policies": { - "get": { - "summary": "List agent policies", - "tags": [ - "Elastic Agent policies" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "items": { - "type": "array", - "items": { - "$ref": "#/components/schemas/agent_policy" - } - }, - "total": { - "type": "number" - }, - "page": { - "type": "number" - }, - "perPage": { - "type": "number" - } - }, - "required": [ - "items", - "total", - "page", - "perPage" - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "agent-policy-list", - "parameters": [ - { - "$ref": "#/components/parameters/page_size" - }, - { - "$ref": "#/components/parameters/page_index" - }, - { - "$ref": "#/components/parameters/kuery" - }, - { - "$ref": "#/components/parameters/format" - }, - { - "schema": { - "type": "boolean" - }, - "in": "query", - "name": "full", - "description": "When set to true, retrieve the related package policies for each agent policy." - }, - { - "schema": { - "type": "boolean" - }, - "in": "query", - "name": "noAgentCount", - "description": "When set to true, do not count how many agents are in the agent policy, this can improve performance if you are searching over a large number of agent policies. The \"agents\" property will always be 0 if set to true." - } - ], - "description": "" - }, - "post": { - "summary": "Create agent policy", - "tags": [ - "Elastic Agent policies" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "item": { - "$ref": "#/components/schemas/agent_policy" - } - } - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "create-agent-policy", - "requestBody": { - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/agent_policy_create_request" - } - } - } - }, - "security": [], - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - } - ] - } - }, - "/api/fleet/agent_policies/{agentPolicyId}": { - "parameters": [ - { - "schema": { - "type": "string" - }, - "name": "agentPolicyId", - "in": "path", - "required": true - }, - { - "$ref": "#/components/parameters/format" - } - ], - "get": { - "summary": "Get agent policy by ID", - "tags": [ - "Elastic Agent policies" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "item": { - "$ref": "#/components/schemas/agent_policy" - } - }, - "required": [ - "item" - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "agent-policy-info", - "description": "Get one agent policy", - "parameters": [] - }, - "put": { - "summary": "Update agent policy by ID", - "tags": [ - "Elastic Agent policies" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "item": { - "$ref": "#/components/schemas/agent_policy" - } - }, - "required": [ - "item" - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "update-agent-policy", - "requestBody": { - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/agent_policy_update_request" - } - } - } - }, - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - } - ] - } - }, - "/api/fleet/agent_policies/{agentPolicyId}/copy": { - "parameters": [ - { - "schema": { - "type": "string" - }, - "name": "agentPolicyId", - "in": "path", - "required": true - }, - { - "$ref": "#/components/parameters/format" - } - ], - "post": { - "summary": "Copy agent policy by ID", - "tags": [ - "Elastic Agent policies" - ], - "operationId": "agent-policy-copy", - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - } - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "item": { - "$ref": "#/components/schemas/agent_policy" - } - }, - "required": [ - "item" - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "requestBody": { - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "name": { - "type": "string" - }, - "description": { - "type": "string" - } - }, - "required": [ - "name" - ] - } - } - }, - "description": "" - } - } - }, - "/api/fleet/agent_policies/{agentPolicyId}/full": { - "get": { - "summary": "Get full agent policy by ID", - "tags": [ - "Elastic Agent policies" - ], - "operationId": "agent-policy-full", - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "item": { - "oneOf": [ - { - "type": "string" - }, - { - "$ref": "#/components/schemas/agent_policy_full" - } - ] - } - } - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - } - }, - "parameters": [ - { - "schema": { - "type": "string" - }, - "name": "agentPolicyId", - "in": "path", - "required": true - }, - { - "schema": { - "type": "string" - }, - "name": "download", - "in": "query", - "required": false - }, - { - "schema": { - "type": "string" - }, - "name": "standalone", - "in": "query", - "required": false - }, - { - "schema": { - "type": "string" - }, - "name": "kubernetes", - "in": "query", - "required": false - } - ] - }, - "/api/fleet/agent_policies/{agentPolicyId}/download": { - "get": { - "summary": "Download agent policy by ID", - "tags": [ - "Elastic Agent policies" - ], - "operationId": "agent-policy-download", - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "item": { - "type": "string" - } - } - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - } - }, - "parameters": [ - { - "schema": { - "type": "string" - }, - "name": "agentPolicyId", - "in": "path", - "required": true - }, - { - "schema": { - "type": "string" - }, - "name": "download", - "in": "query", - "required": false - }, - { - "schema": { - "type": "string" - }, - "name": "standalone", - "in": "query", - "required": false - }, - { - "schema": { - "type": "string" - }, - "name": "kubernetes", - "in": "query", - "required": false - } - ] - }, - "/api/fleet/agent_policies/_bulk_get": { - "post": { - "summary": "Bulk get agent policies", - "tags": [ - "Elastic Agent policies" - ], - "requestBody": { - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "ids": { - "type": "array", - "items": { - "type": "string" - }, - "description": "list of agent policy ids" - }, - "full": { - "type": "boolean", - "description": "get full policies with package policies populated" - }, - "ignoreMissing": { - "type": "boolean" - } - }, - "required": [ - "ids" - ] - } - } - } - }, - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "items": { - "type": "array", - "items": { - "$ref": "#/components/schemas/agent_policy" - } - } - }, - "required": [ - "items" - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "bulk-get-agent-policies", - "security": [], - "parameters": [ - { - "$ref": "#/components/parameters/format" - } - ] - } - }, - "/api/fleet/agent_policies/delete": { - "post": { - "summary": "Delete agent policy by ID", - "tags": [ - "Elastic Agent policies" - ], - "operationId": "delete-agent-policy", - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "success": { - "type": "boolean" - } - }, - "required": [ - "id", - "success" - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "requestBody": { - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "agentPolicyId": { - "type": "string" - }, - "force": { - "type": "boolean", - "description": "bypass validation checks that can prevent agent policy deletion" - } - }, - "required": [ - "agentPolicyId" - ] - } - } - } - }, - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - } - ] - }, - "parameters": [] - }, - "/api/fleet/data_streams": { - "get": { - "summary": "List data streams", - "tags": [ - "Data streams" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "data_streams": { - "type": "array", - "items": { - "$ref": "#/components/schemas/data_stream" - } - } - } - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "data-streams-list" - }, - "parameters": [] - }, - "/api/fleet/enrollment-api-keys": { - "get": { - "summary": "List enrollment API keys", - "tags": [ - "Fleet enrollment API keys" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "list": { - "type": "array", - "items": { - "$ref": "#/components/schemas/enrollment_api_key" - }, - "deprecated": true - }, - "items": { - "type": "array", - "items": { - "$ref": "#/components/schemas/enrollment_api_key" - } - }, - "page": { - "type": "number" - }, - "perPage": { - "type": "number" - }, - "total": { - "type": "number" - } - }, - "required": [ - "items", - "page", - "perPage", - "total" - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "get-enrollment-api-keys-deprecated", - "parameters": [], - "deprecated": true - }, - "post": { - "summary": "Create enrollment API key", - "tags": [ - "Fleet enrollment API keys" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "item": { - "$ref": "#/components/schemas/enrollment_api_key" - }, - "action": { - "type": "string", - "enum": [ - "created" - ] - } - } - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "create-enrollment-api-keys-deprecated", - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - } - ], - "deprecated": true - } - }, - "/api/fleet/enrollment-api-keys/{keyId}": { - "parameters": [ - { - "schema": { - "type": "string" - }, - "name": "keyId", - "in": "path", - "required": true - } - ], - "get": { - "summary": "Get enrollment API key by ID", - "tags": [ - "Fleet enrollment API keys" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "item": { - "$ref": "#/components/schemas/enrollment_api_key" - } - }, - "required": [ - "item" - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "get-enrollment-api-key-deprecated", - "deprecated": true - }, - "delete": { - "summary": "Delete enrollment API key by ID", - "tags": [ - "Fleet enrollment API keys" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "action": { - "type": "string", - "enum": [ - "deleted" - ] - } - }, - "required": [ - "action" - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "delete-enrollment-api-key-deprecated", - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - } - ], - "deprecated": true - } - }, - "/api/fleet/enrollment_api_keys": { - "get": { - "summary": "List enrollment API keys", - "tags": [ - "Fleet enrollment API keys" - ], - "parameters": [ - { - "$ref": "#/components/parameters/page_size" - }, - { - "$ref": "#/components/parameters/page_index" - }, - { - "$ref": "#/components/parameters/kuery" - } - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "list": { - "type": "array", - "items": { - "$ref": "#/components/schemas/enrollment_api_key" - }, - "deprecated": true - }, - "items": { - "type": "array", - "items": { - "$ref": "#/components/schemas/enrollment_api_key" - } - }, - "page": { - "type": "number" - }, - "perPage": { - "type": "number" - }, - "total": { - "type": "number" - } - }, - "required": [ - "items", - "page", - "perPage", - "total" - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "get-enrollment-api-keys" - }, - "post": { - "summary": "Create enrollment API key", - "tags": [ - "Fleet enrollment API keys" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "item": { - "$ref": "#/components/schemas/enrollment_api_key" - }, - "action": { - "type": "string", - "enum": [ - "created" - ] - } - } - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "requestBody": { - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "name": { - "type": "string", - "description": "The name of the enrollment API key. Must be unique." - }, - "policy_id": { - "type": "string", - "description": "The ID of the agent policy the Elastic Agent will be enrolled in." - } - }, - "required": [ - "policy_id" - ] - } - } - } - }, - "operationId": "create-enrollment-api-keys", - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - } - ] - } - }, - "/api/fleet/enrollment_api_keys/{keyId}": { - "parameters": [ - { - "schema": { - "type": "string" - }, - "name": "keyId", - "in": "path", - "required": true - } - ], - "get": { - "summary": "Get enrollment API key by ID", - "tags": [ - "Fleet enrollment API keys" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "item": { - "$ref": "#/components/schemas/enrollment_api_key" - } - }, - "required": [ - "item" - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "get-enrollment-api-key" - }, - "delete": { - "summary": "Revoke enrollment API key by ID by marking it as inactive", - "tags": [ - "Fleet enrollment API keys" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "action": { - "type": "string", - "enum": [ - "deleted" - ] - } - }, - "required": [ - "action" - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "delete-enrollment-api-key", - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - } - ] - } - }, - "/api/fleet/package_policies": { - "get": { - "summary": "List package policies", - "tags": [ - "Fleet package policies" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "items": { - "type": "array", - "items": { - "$ref": "#/components/schemas/package_policy" - } - }, - "total": { - "type": "number" - }, - "page": { - "type": "number" - }, - "perPage": { - "type": "number" - } - }, - "required": [ - "items" - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "get-package-policies", - "security": [], - "parameters": [ - { - "$ref": "#/components/parameters/page_size" - }, - { - "$ref": "#/components/parameters/page_index" - }, - { - "$ref": "#/components/parameters/kuery" - }, - { - "$ref": "#/components/parameters/format" - } - ] - }, - "parameters": [], - "post": { - "summary": "Create package policy", - "tags": [ - "Fleet package policies" - ], - "operationId": "create-package-policy", - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "item": { - "$ref": "#/components/schemas/package_policy" - } - }, - "required": [ - "item" - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - }, - "409": { - "$ref": "#/components/responses/error" - } - }, - "requestBody": { - "description": "You should use inputs as an object and not use the deprecated inputs array.", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/package_policy_request" - } - } - } - }, - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - }, - { - "$ref": "#/components/parameters/format" - } - ] - } - }, - "/api/fleet/package_policies/_bulk_get": { - "post": { - "summary": "Bulk get package policies", - "tags": [ - "Fleet package policies" - ], - "requestBody": { - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "ids": { - "type": "array", - "items": { - "type": "string" - }, - "description": "list of package policy ids" - }, - "ignoreMissing": { - "type": "boolean" - } - }, - "required": [ - "ids" - ] - } - } - } - }, - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "items": { - "type": "array", - "items": { - "$ref": "#/components/schemas/package_policy" - } - } - }, - "required": [ - "items" - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "bulk-get-package-policies", - "security": [], - "parameters": [ - { - "$ref": "#/components/parameters/format" - } - ] - } - }, - "/api/fleet/package_policies/delete": { - "post": { - "summary": "Delete package policy", - "tags": [ - "Fleet package policies" - ], - "operationId": "post-delete-package-policy", - "requestBody": { - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "packagePolicyIds": { - "type": "array", - "items": { - "type": "string" - } - }, - "force": { - "type": "boolean" - } - }, - "required": [ - "packagePolicyIds" - ] - } - } - } - }, - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "array", - "items": { - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "name": { - "type": "string" - }, - "success": { - "type": "boolean" - } - }, - "required": [ - "id", - "success" - ] - } - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - } - ] - } - }, - "/api/fleet/package_policies/upgrade": { - "post": { - "summary": "Upgrade package policy to a newer package version", - "tags": [ - "Fleet package policies" - ], - "operationId": "upgrade-package-policy", - "requestBody": { - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "packagePolicyIds": { - "type": "array", - "items": { - "type": "string" - } - } - }, - "required": [ - "packagePolicyIds" - ] - } - } - } - }, - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "array", - "items": { - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "name": { - "type": "string" - }, - "success": { - "type": "boolean" - } - }, - "required": [ - "id", - "success" - ] - } - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - }, - "409": { - "$ref": "#/components/responses/error" - } - } - } - }, - "/api/fleet/package_policies/upgrade/dryrun": { - "post": { - "summary": "Dry run package policy upgrade", - "tags": [ - "Fleet package policies" - ], - "operationId": "upgrade-package-policy-dry-run", - "requestBody": { - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "packagePolicyIds": { - "type": "array", - "items": { - "type": "string" - } - }, - "packageVersion": { - "type": "string" - } - }, - "required": [ - "packagePolicyIds" - ] - } - } - } - }, - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "array", - "items": { - "type": "object", - "properties": { - "hasErrors": { - "type": "boolean" - }, - "diff": { - "$ref": "#/components/schemas/upgrade_diff" - }, - "agent_diff": { - "$ref": "#/components/schemas/upgrade_agent_diff" - } - }, - "required": [ - "hasErrors" - ] - } - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - } - } - }, - "/api/fleet/package_policies/{packagePolicyId}": { - "parameters": [ - { - "schema": { - "type": "string" - }, - "name": "packagePolicyId", - "in": "path", - "required": true - } - ], - "get": { - "summary": "Get package policy by ID", - "tags": [ - "Fleet package policies" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "item": { - "$ref": "#/components/schemas/package_policy" - } - }, - "required": [ - "item" - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "get-package-policy", - "parameters": [ - { - "$ref": "#/components/parameters/format" - } - ] - }, - "put": { - "summary": "Update package policy by ID", - "tags": [ - "Fleet package policies" - ], - "operationId": "update-package-policy", - "requestBody": { - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/package_policy_request" - } - } - } - }, - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "item": { - "$ref": "#/components/schemas/package_policy" - } - }, - "required": [ - "item" - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - }, - { - "$ref": "#/components/parameters/format" - } - ] - }, - "delete": { - "summary": "Delete package policy by ID", - "tags": [ - "Fleet package policies" - ], - "operationId": "delete-package-policy", - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "id": { - "type": "string" - } - }, - "required": [ - "id" - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "parameters": [ - { - "schema": { - "type": "boolean" - }, - "name": "force", - "in": "query" - } - ] - } - }, - "/api/fleet/outputs": { - "get": { - "summary": "List outputs", - "tags": [ - "Fleet outputs" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "items": { - "type": "array", - "items": { - "$ref": "#/components/schemas/output_create_request" - } - }, - "total": { - "type": "integer" - }, - "page": { - "type": "integer" - }, - "perPage": { - "type": "integer" - } - } - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "get-outputs" - }, - "post": { - "summary": "Create output", - "tags": [ - "Fleet outputs" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "item": { - "$ref": "#/components/schemas/output_create_request" - } - } - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "requestBody": { - "required": true, - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/output_create_request" - } - } - } - }, - "operationId": "post-outputs" - } - }, - "/api/fleet/outputs/{outputId}": { - "get": { - "summary": "Get output by ID", - "tags": [ - "Fleet outputs" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "item": { - "$ref": "#/components/schemas/output_create_request" - } - } - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "get-output" - }, - "parameters": [ - { - "schema": { - "type": "string" - }, - "name": "outputId", - "in": "path", - "required": true - } - ], - "delete": { - "summary": "Delete output by ID", - "tags": [ - "Fleet outputs" - ], - "operationId": "delete-output", - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "id": { - "type": "string" - } - }, - "required": [ - "id" - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - } - ] - }, - "put": { - "summary": "Update output by ID", - "tags": [ - "Fleet outputs" - ], - "operationId": "update-output", - "requestBody": { - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/output_update_request" - } - } - } - }, - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "item": { - "$ref": "#/components/schemas/output_update_request" - } - } - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - } - ] - } - }, - "/api/fleet/outputs/{outputId}/health": { - "get": { - "summary": "Get latest output health", - "tags": [ - "Fleet outputs" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "state": { - "type": "string", - "description": "state of output, HEALTHY or DEGRADED" - }, - "message": { - "type": "string", - "description": "long message if unhealthy" - }, - "timestamp": { - "type": "string", - "description": "timestamp of reported state" - } - } - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "get-output-health" - }, - "parameters": [ - { - "schema": { - "type": "string" - }, - "name": "outputId", - "in": "path", - "required": true - } - ] - }, - "/api/fleet/logstash_api_keys": { - "post": { - "summary": "Generate Logstash API key", - "tags": [ - "Fleet outputs" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "api_key": { - "type": "string" - } - } - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "generate-logstash-api-key", - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - } - ] - } - }, - "/api/fleet/agent_download_sources": { - "get": { - "summary": "List agent binary download sources", - "tags": [ - "Elastic Agent binary download sources" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "items": { - "type": "array", - "items": { - "$ref": "#/components/schemas/download_sources" - } - }, - "total": { - "type": "integer" - }, - "page": { - "type": "integer" - }, - "perPage": { - "type": "integer" - } - } - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "get-download-sources" - }, - "post": { - "summary": "Create agent binary download source", - "tags": [ - "Elastic Agent binary download sources" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "item": { - "$ref": "#/components/schemas/download_sources" - } - } - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "requestBody": { - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "name": { - "type": "string" - }, - "is_default": { - "type": "boolean" - }, - "host": { - "type": "string" - } - }, - "required": [ - "name", - "host", - "is_default" - ] - } - } - } - }, - "operationId": "post-download-sources" - } - }, - "/api/fleet/agent_download_sources/{sourceId}": { - "get": { - "summary": "Get agent binary download source by ID", - "tags": [ - "Elastic Agent binary download sources" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "item": { - "$ref": "#/components/schemas/download_sources" - } - }, - "required": [ - "item" - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "get-one-download-source" - }, - "parameters": [ - { - "schema": { - "type": "string" - }, - "name": "sourceId", - "in": "path", - "required": true - } - ], - "delete": { - "summary": "Delete agent binary download source by ID", - "tags": [ - "Elastic Agent binary download sources" - ], - "operationId": "delete-download-source", - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "id": { - "type": "string" - } - }, - "required": [ - "id" - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - } - ] - }, - "put": { - "summary": "Update agent binary download source by ID", - "tags": [ - "Elastic Agent binary download sources" - ], - "operationId": "update-download-source", - "requestBody": { - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "name": { - "type": "string" - }, - "is_default": { - "type": "boolean" - }, - "host": { - "type": "string" - } - }, - "required": [ - "name", - "is_default", - "host" - ] - } - } - } - }, - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "item": { - "$ref": "#/components/schemas/download_sources" - } - }, - "required": [ - "item" - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - } - ] - } - }, - "/api/fleet/fleet_server_hosts": { - "get": { - "summary": "List Fleet Server hosts", - "tags": [ - "Fleet Server hosts" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "items": { - "type": "array", - "items": { - "$ref": "#/components/schemas/fleet_server_host" - } - }, - "total": { - "type": "integer" - }, - "page": { - "type": "integer" - }, - "perPage": { - "type": "integer" - } - } - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "get-fleet-server-hosts" - }, - "post": { - "summary": "Create Fleet Server host", - "tags": [ - "Fleet Server hosts" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "item": { - "$ref": "#/components/schemas/fleet_server_host" - } - } - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "requestBody": { - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "name": { - "type": "string" - }, - "is_default": { - "type": "boolean" - }, - "is_internal": { - "type": "boolean" - }, - "proxy_id": { - "description": "The ID of the proxy to use for this fleet server host. See the proxies API for more information.", - "type": "string" - }, - "host_urls": { - "type": "array", - "items": { - "type": "string" - } - } - }, - "required": [ - "name", - "host_urls" - ] - } - } - } - }, - "operationId": "post-fleet-server-hosts" - } - }, - "/api/fleet/fleet_server_hosts/{itemId}": { - "get": { - "summary": "Get Fleet Server host by ID", - "tags": [ - "Fleet Server hosts" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "item": { - "$ref": "#/components/schemas/fleet_server_host" - } - }, - "required": [ - "item" - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "get-one-fleet-server-hosts" - }, - "parameters": [ - { - "schema": { - "type": "string" - }, - "name": "itemId", - "in": "path", - "required": true - } - ], - "delete": { - "summary": "Delete Fleet Server host by ID", - "tags": [ - "Fleet Server hosts" - ], - "operationId": "delete-fleet-server-hosts", - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "id": { - "type": "string" - } - }, - "required": [ - "id" - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - } - ] - }, - "put": { - "summary": "Update Fleet Server host by ID", - "tags": [ - "Fleet Server hosts" - ], - "operationId": "update-fleet-server-hosts", - "requestBody": { - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "name": { - "type": "string" - }, - "is_default": { - "type": "boolean" - }, - "is_internal": { - "type": "boolean" - }, - "proxy_id": { - "description": "The ID of the proxy to use for this fleet server host. See the proxies API for more information.", - "type": "string", - "nullable": true - }, - "host_urls": { - "type": "array", - "items": { - "type": "string" - } - } - } - } - } - } - }, - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "item": { - "$ref": "#/components/schemas/fleet_server_host" - } - }, - "required": [ - "item" - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - } - ] - } - }, - "/api/fleet/proxies": { - "get": { - "summary": "List proxies", - "tags": [ - "Fleet proxies" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "items": { - "type": "array", - "items": { - "$ref": "#/components/schemas/proxies" - } - }, - "total": { - "type": "integer" - }, - "page": { - "type": "integer" - }, - "perPage": { - "type": "integer" - } - } - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "get-fleet-proxies" - }, - "post": { - "summary": "Create proxy", - "tags": [ - "Fleet proxies" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "item": { - "$ref": "#/components/schemas/proxies" - } - } - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "requestBody": { - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "name": { - "type": "string" - }, - "url": { - "type": "string" - }, - "proxy_headers": { - "type": "object" - }, - "certificate_authorities": { - "type": "string" - }, - "certificate": { - "type": "string" - }, - "certificate_key": { - "type": "string" - } - }, - "required": [ - "name", - "url" - ] - } - } - } - }, - "operationId": "post-fleet-proxies" - } - }, - "/api/fleet/proxies/{itemId}": { - "get": { - "summary": "Get proxy by ID", - "tags": [ - "Fleet proxies" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "item": { - "$ref": "#/components/schemas/proxies" - } - }, - "required": [ - "item" - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "get-one-fleet-proxies" - }, - "parameters": [ - { - "schema": { - "type": "string" - }, - "name": "itemId", - "in": "path", - "required": true - } - ], - "delete": { - "summary": "Delete proxy by ID", - "tags": [ - "Fleet proxies" - ], - "operationId": "delete-fleet-proxies", - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "id": { - "type": "string" - } - }, - "required": [ - "id" - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - } - ] - }, - "put": { - "summary": "Update proxy by ID", - "tags": [ - "Fleet proxies" - ], - "operationId": "update-fleet-proxies", - "requestBody": { - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "name": { - "type": "string" - }, - "url": { - "type": "string" - }, - "proxy_headers": { - "type": "object" - }, - "certificate_authorities": { - "type": "string" - }, - "certificate": { - "type": "string" - }, - "certificate_key": { - "type": "string" - } - } - } - } - } - }, - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "item": { - "$ref": "#/components/schemas/proxies" - } - }, - "required": [ - "item" - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "parameters": [ - { - "$ref": "#/components/parameters/kbn_xsrf" - } - ] - } - }, - "/api/fleet/kubernetes": { - "get": { - "summary": "Get full K8s agent manifest", - "tags": [ - "Fleet Kubernetes" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "item": { - "type": "string" - } - } - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "get-full-k8s-manifest", - "parameters": [ - { - "schema": { - "type": "boolean" - }, - "name": "download", - "in": "query", - "required": false - }, - { - "schema": { - "type": "string" - }, - "name": "fleetServer", - "in": "query", - "required": false - }, - { - "schema": { - "type": "string" - }, - "name": "enrolToken", - "in": "query", - "required": false - } - ] - } - }, - "/api/fleet/uninstall_tokens": { - "get": { - "summary": "List metadata for latest uninstall tokens per agent policy", - "tags": [ - "Fleet uninstall tokens" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "items": { - "type": "array", - "items": { - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "policy_id": { - "type": "string" - }, - "created_at": { - "type": "string" - } - }, - "required": [ - "id", - "policy_id", - "created_at" - ] - } - }, - "total": { - "type": "number" - }, - "page": { - "type": "number" - }, - "perPage": { - "type": "number" - } - }, - "required": [ - "items", - "total", - "page", - "perPage" - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "get-uninstall-tokens", - "parameters": [ - { - "name": "perPage", - "in": "query", - "description": "The number of items to return", - "required": false, - "schema": { - "type": "integer", - "default": 20, - "minimum": 5 - } - }, - { - "$ref": "#/components/parameters/page_index" - }, - { - "name": "policyId", - "in": "query", - "description": "Partial match filtering for policy IDs", - "required": false, - "schema": { - "type": "string" - } - } - ] - } - }, - "/api/fleet/uninstall_tokens/{uninstallTokenId}": { - "get": { - "summary": "Get one decrypted uninstall token by its ID", - "tags": [ - "Fleet uninstall tokens" - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "item": { - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "token": { - "type": "string" - }, - "policy_id": { - "type": "string" - }, - "created_at": { - "type": "string" - } - }, - "required": [ - "id", - "token", - "policy_id", - "created_at" - ] - } - }, - "required": [ - "item" - ] - } - } - } - }, - "400": { - "$ref": "#/components/responses/error" - } - }, - "operationId": "get-uninstall-token", - "parameters": [ - { - "name": "uninstallTokenId", - "in": "path", - "required": true, - "schema": { - "type": "string" - } - } - ] - } - } - }, - "components": { - "securitySchemes": { - "basicAuth": { - "type": "http", - "scheme": "basic" - }, - "Enrollment_API_Key": { - "name": "Authorization", - "type": "apiKey", - "in": "header", - "description": "e.g. Authorization: ApiKey base64EnrollmentApiKey" - }, - "Access_API_Key": { - "name": "Authorization", - "type": "apiKey", - "in": "header", - "description": "e.g. Authorization: ApiKey base64AccessApiKey" - } - }, - "parameters": { - "kbn_xsrf": { - "schema": { - "type": "string" - }, - "in": "header", - "name": "kbn-xsrf", - "required": true, - "description": "Kibana's anti Cross-Site Request Forgery token. Can be any string value." - }, - "page_size": { - "name": "perPage", - "in": "query", - "description": "The number of items to return", - "required": false, - "schema": { - "type": "integer", - "default": 20 - } - }, - "page_index": { - "name": "page", - "in": "query", - "required": false, - "schema": { - "type": "integer", - "default": 1 - } - }, - "kuery": { - "name": "kuery", - "in": "query", - "required": false, - "schema": { - "type": "string" - } - }, - "show_inactive": { - "name": "showInactive", - "in": "query", - "required": false, - "schema": { - "type": "boolean" - } - }, - "show_upgradeable": { - "name": "showUpgradeable", - "in": "query", - "required": false, - "schema": { - "type": "boolean" - } - }, - "sort_field": { - "name": "sortField", - "in": "query", - "required": false, - "schema": { - "type": "string", - "deprecated": true - } - }, - "sort_order": { - "name": "sortOrder", - "in": "query", - "required": false, - "schema": { - "type": "string", - "enum": [ - "asc", - "desc" - ] - } - }, - "with_metrics": { - "name": "withMetrics", - "in": "query", - "description": "Return agent metrics, false by default", - "required": false, - "schema": { - "type": "boolean" - } - }, - "format": { - "name": "format", - "in": "query", - "description": "Simplified or legacy format for package inputs", - "required": false, - "schema": { - "type": "string", - "enum": [ - "simplified", - "legacy" - ] - } - } - }, - "responses": { - "error": { - "description": "Generic Error", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "statusCode": { - "type": "number" - }, - "error": { - "type": "string" - }, - "message": { - "type": "string" - } - } - } - } - } - } - }, - "schemas": { - "fleet_setup_response": { - "title": "Fleet Setup response", - "type": "object", - "properties": { - "isInitialized": { - "type": "boolean" - }, - "nonFatalErrors": { - "type": "array", - "items": { - "type": "object", - "properties": { - "name": { - "type": "string" - }, - "message": { - "type": "string" - } - }, - "required": [ - "name", - "message" - ] - } - } - }, - "required": [ - "isInitialized", - "nonFatalErrors" - ] - }, - "settings": { - "title": "Settings", - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "has_seen_add_data_notice": { - "type": "boolean" - }, - "fleet_server_hosts": { - "deprecated": true, - "type": "array", - "items": { - "type": "string" - } - }, - "prerelease_integrations_enabled": { - "type": "boolean" - } - }, - "required": [ - "fleet_server_hosts", - "id" - ] - }, - "fleet_settings_response": { - "title": "Fleet settings response", - "type": "object", - "properties": { - "item": { - "$ref": "#/components/schemas/settings" - } - }, - "required": [ - "item" - ] - }, - "saved_object_type": { - "title": "Saved Object type", - "oneOf": [ - { - "type": "string", - "enum": [ - "dashboard", - "visualization", - "search", - "index_pattern", - "map", - "lens", - "security_rule", - "csp_rule_template", - "ml_module", - "tag", - "osquery_pack_asset", - "osquery_saved_query" - ] - }, - { - "type": "string", - "enum": [ - "index", - "component_template", - "ingest_pipeline", - "index_template", - "ilm_policy", - "transform", - "data_stream_ilm_policy", - "ml_model" - ] - } - ] - }, - "get_bulk_assets_response": { - "title": "Bulk get assets response", - "type": "object", - "deprecated": true, - "properties": { - "items": { - "type": "array", - "items": { - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "type": { - "$ref": "#/components/schemas/saved_object_type" - }, - "updatedAt": { - "type": "string" - }, - "attributes": { - "type": "object", - "properties": { - "title": { - "type": "string" - }, - "description": { - "type": "string" - } - } - }, - "appLink": { - "type": "string" - } - } - } - } - }, - "required": [ - "items" - ] - }, - "get_categories_response": { - "title": "Get categories response", - "type": "object", - "properties": { - "response": { - "type": "array", - "items": { - "type": "object", - "deprecated": true, - "properties": { - "id": { - "type": "string" - }, - "title": { - "type": "string" - }, - "count": { - "type": "number" - } - }, - "required": [ - "id", - "title", - "count" - ] - } - }, - "items": { - "type": "array", - "items": { - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "title": { - "type": "string" - }, - "count": { - "type": "number" - } - }, - "required": [ - "id", - "title", - "count" - ] - } - } - }, - "required": [ - "items" - ] - }, - "kibana_saved_object_type": { - "title": "Kibana saved object asset type", - "type": "string", - "enum": [ - "dashboard", - "visualization", - "search", - "index-pattern", - "map", - "lens", - "ml-module", - "security-rule", - "csp_rule_template" - ] - }, - "elasticsearch_asset_type": { - "title": "Elasticsearch asset type", - "type": "string", - "enum": [ - "component_template", - "ingest_pipeline", - "index_template", - "ilm_policy", - "transform", - "data_stream_ilm_policy" - ] - }, - "installation_info": { - "title": "Installation info object", - "type": "object", - "properties": { - "type": { - "type": "string" - }, - "created_at": { - "type": "string" - }, - "updated_at": { - "type": "string" - }, - "namespaces": { - "type": "array", - "items": { - "type": "string" - } - }, - "installed_kibana": { - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "type": { - "$ref": "#/components/schemas/kibana_saved_object_type" - } - } - }, - "installed_es": { - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "deferred": { - "type": "boolean" - }, - "type": { - "$ref": "#/components/schemas/elasticsearch_asset_type" - } - } - }, - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "install_status": { - "type": "string", - "enum": [ - "installed", - "installing", - "install_failed" - ] - }, - "install_source": { - "type": "string", - "enum": [ - "registry", - "upload", - "bundled" - ] - }, - "install_kibana_space_id": { - "type": "string" - }, - "install_format_schema_version": { - "type": "string" - }, - "latest_install_failed_attempts": { - "description": "Latest failed install errors", - "type": "array", - "items": { - "type": "object", - "properties": { - "created_at": { - "type": "string" - }, - "target_version": { - "type": "string" - }, - "error": { - "type": "object", - "properties": { - "name": { - "type": "string" - }, - "message": { - "type": "string" - }, - "stack": { - "type": "string" - } - } - } - } - } - }, - "latest_executed_state": { - "description": "Latest successfully executed state in package install state machine", - "type": "object", - "properties": { - "name": { - "type": "string", - "enum": [ - "create_restart_installation", - "install_kibana_assets", - "install_ilm_policies", - "install_ml_model", - "install_index_template_pipelines", - "remove_legacy_templates", - "update_current_write_indices", - "install_transforms", - "delete_previous_pipelines", - "save_archive_entries_from_assets_map", - "update_so" - ] - }, - "started_at": { - "type": "string" - }, - "error": { - "type": "string" - } - } - }, - "verification_status": { - "type": "string", - "enum": [ - "verified", - "unverified", - "unknown" - ] - }, - "verification_key_id": { - "type": "string", - "nullable": true - }, - "experimental_data_stream_features": { - "type": "array", - "properties": { - "data_stream": { - "type": "string" - }, - "features": { - "type": "object", - "properties": { - "synthetic_source": { - "type": "boolean", - "nullable": true - }, - "tsdb": { - "type": "boolean", - "nullable": true - }, - "doc_value_only_numeric": { - "type": "boolean", - "nullable": true - }, - "doc_value_only_other": { - "type": "boolean", - "nullable": true - } - } - } - } - } - }, - "required": [ - "installed_kibana", - "installed_es", - "name", - "version", - "install_status", - "install_version", - "install_started_at", - "install_source", - "verification_status", - "latest_install_failed_attempts" - ] - }, - "search_result": { - "title": "Search result", - "type": "object", - "properties": { - "description": { - "type": "string" - }, - "download": { - "type": "string" - }, - "icons": { - "type": "string" - }, - "name": { - "type": "string" - }, - "path": { - "type": "string" - }, - "title": { - "type": "string" - }, - "type": { - "type": "string" - }, - "version": { - "type": "string" - }, - "status": { - "type": "string" - }, - "installationInfo": { - "$ref": "#/components/schemas/installation_info" - }, - "savedObject": { - "type": "object", - "deprecated": true - } - }, - "required": [ - "description", - "download", - "icons", - "name", - "path", - "title", - "type", - "version", - "status" - ] - }, - "get_packages_response": { - "title": "Get Packages response", - "type": "object", - "properties": { - "response": { - "type": "array", - "deprecated": true, - "items": { - "$ref": "#/components/schemas/search_result" - } - }, - "items": { - "type": "array", - "items": { - "$ref": "#/components/schemas/search_result" - } - } - }, - "required": [ - "items" - ] - }, - "bulk_install_packages_response": { - "title": "Bulk install packages response", - "type": "object", - "properties": { - "response": { - "type": "array", - "deprecated": true, - "items": { - "type": "object", - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - } - } - } - }, - "items": { - "type": "array", - "items": { - "type": "object", - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - } - } - } - } - }, - "required": [ - "items" - ] - }, - "package_info": { - "title": "Package information", - "type": "object", - "properties": { - "name": { - "type": "string" - }, - "title": { - "type": "string" - }, - "version": { - "type": "string" - }, - "release": { - "type": "string", - "deprecated": true, - "description": "release label is deprecated, derive from the version instead (packages follow semver)", - "enum": [ - "experimental", - "beta", - "ga" - ] - }, - "source": { - "type": "object", - "properties": { - "license": { - "type": "string", - "enum": [ - "Apache-2.0", - "Elastic-2.0" - ] - } - } - }, - "readme": { - "type": "string" - }, - "description": { - "type": "string" - }, - "type": { - "type": "string" - }, - "categories": { - "type": "array", - "items": { - "type": "string" - } - }, - "conditions": { - "type": "object", - "properties": { - "kibana": { - "type": "object", - "properties": { - "versions": { - "type": "string" - } - } - }, - "elasticsearch": { - "type": "object", - "properties": { - "subscription": { - "type": "string", - "enum": [ - "basic", - "gold", - "platinum", - "enterprise" - ] - } - } - } - } - }, - "screenshots": { - "type": "array", - "items": { - "type": "object", - "properties": { - "src": { - "type": "string" - }, - "path": { - "type": "string" - }, - "title": { - "type": "string" - }, - "size": { - "type": "string" - }, - "type": { - "type": "string" - } - }, - "required": [ - "src", - "path" - ] - } - }, - "icons": { - "type": "array", - "items": { - "type": "string" - } - }, - "assets": { - "type": "array", - "items": { - "type": "string" - } - }, - "internal": { - "type": "boolean" - }, - "format_version": { - "type": "string" - }, - "data_streams": { - "type": "array", - "items": { - "type": "object", - "properties": { - "title": { - "type": "string" - }, - "name": { - "type": "string" - }, - "release": { - "type": "string" - }, - "ingeset_pipeline": { - "type": "string" - }, - "vars": { - "type": "array", - "items": { - "type": "object", - "properties": { - "name": { - "type": "string" - }, - "default": { - "type": "string" - } - }, - "required": [ - "name", - "default" - ] - } - }, - "type": { - "type": "string" - }, - "package": { - "type": "string" - } - }, - "required": [ - "title", - "name", - "release", - "ingeset_pipeline", - "type", - "package" - ] - } - }, - "download": { - "type": "string" - }, - "path": { - "type": "string" - }, - "elasticsearch": { - "type": "object", - "properties": { - "privileges": { - "type": "object", - "properties": { - "cluster": { - "type": "array", - "items": { - "type": "string" - } - } - } - } - } - } - }, - "required": [ - "name", - "title", - "version", - "description", - "type", - "categories", - "conditions", - "assets", - "format_version", - "download", - "path" - ] - }, - "package_usage_stats": { - "title": "Package usage stats", - "type": "object", - "properties": { - "agent_policy_count": { - "type": "integer" - } - }, - "required": [ - "agent_policy_count" - ] - }, - "fleet_status_response": { - "title": "Fleet status response", - "type": "object", - "properties": { - "isReady": { - "type": "boolean" - }, - "missing_requirements": { - "type": "array", - "items": { - "type": "string", - "enum": [ - "tls_required", - "api_keys", - "fleet_admin_user", - "fleet_server" - ] - } - }, - "missing_optional_features": { - "type": "array", - "items": { - "type": "string", - "enum": [ - "encrypted_saved_object_encryption_key_required" - ] - } - }, - "package_verification_key_id": { - "type": "string" - } - }, - "required": [ - "isReady", - "missing_requirements", - "missing_optional_features" - ] - }, - "agent_type": { - "type": "string", - "title": "Agent type", - "enum": [ - "PERMANENT", - "EPHEMERAL", - "TEMPORARY" - ] - }, - "agent_metadata": { - "title": "Agent metadata", - "type": "object" - }, - "agent_status": { - "type": "string", - "title": "Elastic Agent status", - "enum": [ - "offline", - "error", - "online", - "inactive", - "warning" - ] - }, - "agent_component_status": { - "title": "Agent component status", - "type": "string", - "enum": [ - "starting", - "configuring", - "healthy", - "degraded", - "failed", - "stopping", - "stopped" - ] - }, - "agent_component_unit_type": { - "title": "Agent component unit type", - "type": "string", - "enum": [ - "input", - "output" - ] - }, - "agent_component_unit": { - "title": "Agent component unit", - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "type": { - "$ref": "#/components/schemas/agent_component_unit_type" - }, - "status": { - "$ref": "#/components/schemas/agent_component_status" - }, - "message": { - "type": "string" - }, - "payload": { - "type": "object" - } - } - }, - "agent_component": { - "title": "Agent component", - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "type": { - "type": "string" - }, - "status": { - "$ref": "#/components/schemas/agent_component_status" - }, - "message": { - "type": "string" - }, - "units": { - "type": "array", - "items": { - "$ref": "#/components/schemas/agent_component_unit" - } - } - } - }, - "agent": { - "title": "Agent", - "type": "object", - "properties": { - "type": { - "$ref": "#/components/schemas/agent_type" - }, - "active": { - "type": "boolean" - }, - "enrolled_at": { - "type": "string" - }, - "unenrolled_at": { - "type": "string" - }, - "unenrollment_started_at": { - "type": "string" - }, - "access_api_key_id": { - "type": "string" - }, - "default_api_key_id": { - "type": "string" - }, - "policy_id": { - "type": "string" - }, - "policy_revision": { - "type": "number" - }, - "last_checkin": { - "type": "string" - }, - "user_provided_metadata": { - "$ref": "#/components/schemas/agent_metadata" - }, - "local_metadata": { - "$ref": "#/components/schemas/agent_metadata" - }, - "id": { - "type": "string" - }, - "access_api_key": { - "type": "string" - }, - "status": { - "$ref": "#/components/schemas/agent_status" - }, - "default_api_key": { - "type": "string" - }, - "components": { - "type": "array", - "items": { - "$ref": "#/components/schemas/agent_component" - } - }, - "metrics": { - "type": "object", - "properties": { - "cpu_avg": { - "type": "number", - "description": "Average agent CPU usage during the last 5 minutes, number between 0-1" - }, - "memory_size_byte_avg": { - "type": "number", - "description": "Average agent memory consumption during the last 5 minutes" - } - } - } - }, - "required": [ - "type", - "active", - "enrolled_at", - "id", - "status" - ] - }, - "get_agents_response": { - "title": "Get Agent response", - "type": "object", - "properties": { - "list": { - "type": "array", - "items": { - "$ref": "#/components/schemas/agent" - }, - "deprecated": true - }, - "items": { - "type": "array", - "items": { - "$ref": "#/components/schemas/agent" - } - }, - "total": { - "type": "number" - }, - "page": { - "type": "number" - }, - "perPage": { - "type": "number" - }, - "statusSummary": { - "type": "object", - "properties": { - "offline": { - "type": "number" - }, - "error": { - "type": "number" - }, - "online": { - "type": "number" - }, - "inactive": { - "type": "number" - }, - "enrolling": { - "type": "number" - }, - "unenrolling": { - "type": "number" - }, - "unenrolled": { - "type": "number" - }, - "updating": { - "type": "number" - }, - "degraded'": { - "type": "number" - } - } - } - }, - "required": [ - "items", - "total", - "page", - "perPage" - ] - }, - "agent_get_by_actions": { - "title": "Agents get by action ids", - "type": "array", - "items": { - "type": "array", - "items": { - "type": "string" - } - } - }, - "bulk_upgrade_agents": { - "title": "Bulk upgrade agents", - "type": "object", - "properties": { - "version": { - "type": "string", - "description": "version to upgrade to" - }, - "source_uri": { - "type": "string", - "description": "alternative upgrade binary download url" - }, - "rollout_duration_seconds": { - "type": "number", - "description": "rolling upgrade window duration in seconds" - }, - "start_time": { - "type": "string", - "description": "start time of upgrade in ISO 8601 format" - }, - "agents": { - "oneOf": [ - { - "type": "string", - "description": "KQL query string, leave empty to action all agents" - }, - { - "type": "array", - "items": { - "type": "string" - }, - "description": "list of agent IDs" - } - ] - }, - "force": { - "type": "boolean", - "description": "Force upgrade, skipping validation (should be used with caution)" - }, - "skipRateLimitCheck": { - "type": "boolean", - "description": "Skip rate limit check for upgrade" - } - }, - "required": [ - "agents", - "version" - ] - }, - "agent_action": { - "title": "Agent action", - "oneOf": [ - { - "properties": { - "data": { - "type": "string" - }, - "ack_data": { - "type": "string" - }, - "type": { - "type": "string", - "enum": [ - "UNENROLL", - "UPGRADE", - "POLICY_REASSIGN" - ] - } - } - }, - { - "properties": { - "type": { - "type": "string" - }, - "data": { - "type": "object", - "properties": { - "log_level": { - "type": "string", - "nullable": true, - "enum": [ - "debug", - "info", - "warning", - "error" - ] - } - } - } - } - } - ] - }, - "upgrade_agent": { - "title": "Upgrade agent", - "type": "object", - "properties": { - "version": { - "type": "string" - }, - "source_uri": { - "type": "string" - }, - "force": { - "type": "boolean", - "description": "Force upgrade, skipping validation (should be used with caution)" - }, - "skipRateLimitCheck": { - "type": "boolean", - "description": "Skip rate limit check for upgrade" - } - }, - "required": [ - "version" - ] - }, - "agent_diagnostics": { - "title": "Agent diagnostics", - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "name": { - "type": "string" - }, - "createTime": { - "type": "string" - }, - "filePath": { - "type": "string" - }, - "actionId": { - "type": "string" - }, - "status": { - "enum": [ - "READY", - "AWAITING_UPLOAD", - "DELETED", - "IN_PROGRESS" - ] - } - }, - "required": [ - "id", - "name", - "createTime", - "filePath", - "actionId", - "status" - ] - }, - "get_agent_tags_response": { - "title": "Get Agent Tags response", - "type": "object", - "properties": { - "items": { - "type": "array", - "items": { - "type": "string" - } - } - } - }, - "new_package_policy": { - "title": "New package policy", - "type": "object", - "description": "", - "properties": { - "enabled": { - "type": "boolean" - }, - "package": { - "type": "object", - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "title": { - "type": "string" - }, - "requires_root": { - "type": "boolean" - } - }, - "required": [ - "name", - "version" - ] - }, - "namespace": { - "type": "string" - }, - "output_id": { - "type": "string" - }, - "inputs": { - "type": "array", - "items": { - "type": "object", - "properties": { - "type": { - "type": "string" - }, - "enabled": { - "type": "boolean" - }, - "processors": { - "type": "array", - "items": { - "type": "string" - } - }, - "streams": { - "type": "array", - "items": {} - }, - "config": { - "type": "object" - }, - "vars": { - "type": "object" - } - }, - "required": [ - "type", - "enabled" - ] - } - }, - "policy_id": { - "type": "string", - "nullable": true, - "deprecated": true - }, - "policy_ids": { - "type": "array", - "items": { - "type": "string" - } - }, - "name": { - "type": "string" - }, - "description": { - "type": "string" - }, - "overrides": { - "type": "object" - } - }, - "required": [ - "inputs", - "name" - ] - }, - "package_policy": { - "title": "Package policy", - "allOf": [ - { - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "revision": { - "type": "number" - }, - "inputs": { - "oneOf": [ - { - "type": "array", - "items": {} - }, - { - "type": "object" - } - ] - } - }, - "required": [ - "id", - "revision" - ] - }, - { - "$ref": "#/components/schemas/new_package_policy" - } - ] - }, - "agent_policy": { - "title": "Agent Policy", - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "name": { - "type": "string" - }, - "namespace": { - "type": "string" - }, - "description": { - "type": "string" - }, - "monitoring_enabled": { - "type": "array", - "items": { - "type": "string", - "enum": [ - "metrics", - "logs" - ] - } - }, - "keep_monitoring_alive": { - "description": "When set to true, monitoring will be enabled but logs/metrics collection will be disabled", - "type": "boolean", - "nullable": true - }, - "data_output_id": { - "type": "string", - "nullable": true - }, - "monitoring_output_id": { - "type": "string", - "nullable": true - }, - "fleet_server_host_id": { - "type": "string", - "nullable": true - }, - "download_source_id": { - "type": "string", - "nullable": true - }, - "unenroll_timeout": { - "type": "integer" - }, - "inactivity_timeout": { - "type": "integer" - }, - "package_policies": { - "description": "This field is present only when retrieving a single agent policy, or when retrieving a list of agent policies with the ?full=true parameter", - "type": "array", - "items": { - "$ref": "#/components/schemas/package_policy" - } - }, - "updated_on": { - "type": "string", - "format": "date-time" - }, - "updated_by": { - "type": "string" - }, - "revision": { - "type": "number" - }, - "agents": { - "type": "number" - }, - "unprivileged_agents": { - "type": "number" - }, - "agent_features": { - "type": "array", - "items": { - "type": "object", - "properties": { - "name": { - "type": "string" - }, - "enabled": { - "type": "boolean" - } - }, - "required": [ - "name", - "enabled" - ] - } - }, - "is_protected": { - "description": "Indicates whether the agent policy has tamper protection enabled. Default false.", - "type": "boolean" - }, - "overrides": { - "type": "object", - "description": "Override settings that are defined in the agent policy. Input settings cannot be overridden. The override option should be used only in unusual circumstances and not as a routine procedure.", - "nullable": true - }, - "advanced_settings": { - "type": "object", - "description": "Advanced settings stored in the agent policy, e.g. agent_limits_go_max_procs", - "nullable": true - }, - "supports_agentless": { - "type": "boolean", - "description": "Indicates whether the agent policy supports agentless integrations. Only allowed in a serverless environment." - }, - "global_data_tags": { - "type": "array", - "items": { - "type": "object", - "additionalProperties": { - "oneOf": [ - { - "type": "string" - }, - { - "type": "number" - } - ] - }, - "description": "User defined data tags that are added to all of the inputs. The values can be strings or numbers." - } - }, - "monitoring_pprof_enabled": { - "type": "boolean" - }, - "monitoring_http": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean" - }, - "host": { - "type": "string" - }, - "port": { - "type": "number" - } - }, - "required": [ - "enabled" - ] - }, - "monitoring_diagnostics": { - "type": "object", - "properties": { - "limit": { - "type": "object", - "properties": { - "interval": { - "type": "string" - }, - "burst": { - "type": "number" - } - } - }, - "uploader": { - "type": "object", - "properties": { - "max_retries": { - "type": "number" - }, - "init_dur": { - "type": "string" - }, - "max_dur": { - "type": "string" - } - } - } - } - } - }, - "required": [ - "id", - "status", - "name", - "namespace" - ] - }, - "agent_policy_create_request": { - "title": "Create agent policy request", - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "name": { - "type": "string" - }, - "namespace": { - "type": "string" - }, - "description": { - "type": "string" - }, - "monitoring_enabled": { - "type": "array", - "items": { - "type": "string", - "enum": [ - "metrics", - "logs" - ] - } - }, - "data_output_id": { - "type": "string", - "nullable": true - }, - "monitoring_output_id": { - "type": "string", - "nullable": true - }, - "fleet_server_host_id": { - "type": "string", - "nullable": true - }, - "download_source_id": { - "type": "string", - "nullable": true - }, - "unenroll_timeout": { - "type": "integer" - }, - "inactivity_timeout": { - "type": "integer" - }, - "agent_features": { - "type": "array", - "items": { - "type": "object", - "properties": { - "name": { - "type": "string" - }, - "enabled": { - "type": "boolean" - } - }, - "required": [ - "name", - "enabled" - ] - } - }, - "is_protected": { - "type": "boolean" - }, - "force": { - "type": "boolean", - "description": "Force agent policy creation even if packages are not verified." - }, - "global_data_tags": { - "type": "array", - "items": { - "type": "object", - "additionalProperties": { - "oneOf": [ - { - "type": "string" - }, - { - "type": "number" - } - ] - }, - "description": "User defined data tags that are added to all of the inputs. The values can be strings or numbers." - } - } - }, - "required": [ - "name", - "namespace" - ] - }, - "agent_policy_update_request": { - "title": "Update agent policy request", - "type": "object", - "properties": { - "name": { - "type": "string" - }, - "namespace": { - "type": "string" - }, - "description": { - "type": "string" - }, - "monitoring_enabled": { - "type": "array", - "items": { - "type": "string", - "enum": [ - "metrics", - "logs" - ] - } - }, - "data_output_id": { - "type": "string", - "nullable": true - }, - "monitoring_output_id": { - "type": "string", - "nullable": true - }, - "fleet_server_host_id": { - "type": "string", - "nullable": true - }, - "download_source_id": { - "type": "string", - "nullable": true - }, - "unenroll_timeout": { - "type": "integer" - }, - "inactivity_timeout": { - "type": "integer" - }, - "agent_features": { - "type": "array", - "items": { - "type": "object", - "properties": { - "name": { - "type": "string" - }, - "enabled": { - "type": "boolean" - } - }, - "required": [ - "name", - "enabled" - ] - } - }, - "is_protected": { - "type": "boolean" - }, - "force": { - "type": "boolean", - "description": "Force agent policy creation even if packages are not verified." - }, - "global_data_tags": { - "type": "array", - "items": { - "type": "object", - "additionalProperties": { - "oneOf": [ - { - "type": "string" - }, - { - "type": "number" - } - ] - }, - "description": "User defined data tags that are added to all of the inputs. The values can be strings or numbers." - } - } - }, - "required": [ - "name", - "namespace" - ] - }, - "full_agent_policy_output": { - "title": "Full agent policy", - "type": "object", - "properties": { - "hosts": { - "type": "array", - "items": { - "type": "string" - } - }, - "ca_sha256": { - "type": "string", - "nullable": true - }, - "proxy_url": { - "type": "string" - }, - "proxy_headers": {}, - "type": {}, - "additionalProperties": { - "type": "object", - "properties": { - "text": {} - } - } - }, - "required": [ - "type", - "hosts", - "ca_sha256" - ] - }, - "full_agent_policy_output_permissions": { - "title": "Full agent policy output permissions", - "additionalProperties": { - "type": "object", - "properties": { - "packagePolicyName": { - "type": "string" - }, - "data": { - "type": "object", - "properties": { - "cluster": { - "type": "array", - "items": { - "type": "string" - } - }, - "indices": { - "type": "array", - "items": { - "type": "object", - "properties": { - "names": { - "type": "array", - "items": { - "type": "string" - } - }, - "privileges": { - "type": "array", - "items": { - "type": "string" - } - } - } - } - } - } - } - } - } - }, - "full_agent_policy": { - "title": "Full agent policy", - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "outputs": { - "type": "object", - "additionalProperties": { - "$ref": "#/components/schemas/full_agent_policy_output" - } - }, - "output_permissions": { - "type": "object", - "additionalProperties": { - "type": "object", - "properties": { - "output": { - "type": "integer" - }, - "data": { - "$ref": "#/components/schemas/full_agent_policy_output_permissions" - } - } - } - }, - "monitoring": { - "type": "object", - "properties": { - "namespace": { - "type": "string" - }, - "use_output": { - "type": "string" - }, - "enabled": { - "type": "boolean" - }, - "metrics": { - "type": "boolean" - }, - "logs": { - "type": "boolean" - }, - "traces": { - "type": "boolean" - }, - "pprof": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean" - } - }, - "required": [ - "enabled" - ] - }, - "http": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean" - }, - "host": { - "type": "string" - }, - "port": { - "type": "number" - } - }, - "required": [ - "enabled" - ] - }, - "diagnostics": { - "type": "object", - "properties": { - "limit": { - "type": "object", - "properties": { - "interval": { - "type": "string" - }, - "burst": { - "type": "number" - } - } - }, - "uploader": { - "type": "object", - "properties": { - "max_retries": { - "type": "number" - }, - "init_dur": { - "type": "string" - }, - "max_dur": { - "type": "string" - } - } - } - } - } - }, - "required": [ - "enabled", - "metrics", - "logs", - "traces" - ] - }, - "fleet": { - "oneOf": [ - { - "type": "object", - "properties": { - "hosts": { - "type": "array", - "items": { - "type": "string" - } - }, - "proxy_url": { - "type": "string" - }, - "proxy_headers": {}, - "ssl": { - "type": "object", - "properties": { - "verification_mode": { - "type": "string" - }, - "certificate": { - "type": "string" - }, - "key": { - "type": "string" - }, - "certificate_authorities": { - "type": "array", - "items": { - "type": "string" - } - }, - "renegotiation": { - "type": "string" - } - } - } - } - }, - { - "type": "object", - "properties": { - "kibana": { - "type": "object", - "properties": { - "hosts": { - "type": "array", - "items": { - "type": "string" - } - }, - "protocol": { - "type": "string" - }, - "path": { - "type": "string" - } - } - } - } - } - ] - }, - "inputs": { - "type": "string" - }, - "revision": { - "type": "number" - }, - "agent": { - "type": "string", - "nullable": true - }, - "secret_references": { - "type": "array", - "items": { - "type": "object", - "properties": { - "id": { - "type": "string" - } - } - } - } - }, - "required": [ - "id", - "outputs", - "inputs" - ] - }, - "agent_policy_full": { - "title": "Agent policy full response", - "type": "object", - "oneOf": [ - { - "type": "object", - "properties": { - "item": { - "type": "string" - } - } - }, - { - "type": "object", - "properties": { - "item": { - "$ref": "#/components/schemas/full_agent_policy" - } - } - } - ] - }, - "data_stream": { - "title": "Data stream", - "type": "object", - "properties": { - "index": { - "type": "string" - }, - "dataset": { - "type": "string" - }, - "namespace": { - "type": "string" - }, - "type": { - "type": "string" - }, - "package": { - "type": "string" - }, - "package_version": { - "type": "string" - }, - "last_activity_ms": { - "type": "number" - }, - "size_in_bytes": { - "type": "number" - }, - "size_in_bytes_formatted": { - "type": "string" - }, - "dashboard": { - "type": "array", - "items": { - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "title": { - "type": "string" - } - } - } - } - } - }, - "enrollment_api_key": { - "title": "Enrollment API key", - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "api_key_id": { - "type": "string", - "description": "The ID of the API key in the Security API." - }, - "api_key": { - "type": "string", - "description": "The enrollment API key (token) used for enrolling Elastic Agents." - }, - "name": { - "type": "string", - "description": "The name of the enrollment API key." - }, - "active": { - "type": "boolean", - "description": "When false, the enrollment API key is revoked and cannot be used for enrolling Elastic Agents." - }, - "policy_id": { - "type": "string", - "description": "The ID of the agent policy the Elastic Agent will be enrolled in." - }, - "created_at": { - "type": "string" - } - }, - "required": [ - "id", - "api_key_id", - "api_key", - "active", - "created_at" - ] - }, - "package_policy_request": { - "title": "Package Policy Request", - "type": "object", - "properties": { - "id": { - "type": "string", - "description": "Package policy unique identifier" - }, - "name": { - "type": "string", - "description": "Package policy name (should be unique)", - "example": "nginx-123" - }, - "description": { - "type": "string", - "description": "Package policy description", - "example": "my description" - }, - "namespace": { - "type": "string", - "description": "The package policy namespace. Leave blank to inherit the agent policy's namespace.", - "example": "customnamespace" - }, - "output_id": { - "type": "string", - "description": "Output ID to send package data to", - "example": "output-id", - "nullable": true - }, - "policy_id": { - "type": "string", - "description": "Agent policy ID where that package policy will be added", - "example": "agent-policy-id", - "deprecated": true, - "nullable": true - }, - "policy_ids": { - "type": "array", - "items": { - "type": "string" - }, - "description": "Agent policy IDs where that package policy will be added", - "example": [ - "agent-policy-id" - ] - }, - "package": { - "type": "object", - "properties": { - "name": { - "type": "string", - "description": "Package name", - "example": "nginx" - }, - "version": { - "type": "string", - "description": "Package version", - "example": "1.6.0" - } - }, - "required": [ - "name", - "version" - ] - }, - "vars": { - "type": "object", - "description": "Package root level variable (see integration documentation for more information)" - }, - "inputs": { - "type": "object", - "description": "Package policy inputs (see integration documentation to know what inputs are available)", - "example": { - "nginx-logfile": { - "enabled": true, - "streams": { - "nginx.access": { - "enabled": true, - "vars": { - "paths": [ - "/var/log/nginx/access.log*" - ], - "tags": [ - "nginx-access" - ], - "preserve_original_event": false, - "ignore_older": "72h" - } - } - } - } - }, - "additionalProperties": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "enable or disable that input, (default to true)" - }, - "vars": { - "type": "object", - "description": "Input level variable (see integration documentation for more information)" - }, - "streams": { - "type": "object", - "description": "Input streams (see integration documentation to know what streams are available)", - "additionalProperties": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "enable or disable that stream, (default to true)" - }, - "vars": { - "type": "object", - "description": "Stream level variable (see integration documentation for more information)" - } - } - } - } - } - } - }, - "overrides": { - "type": "object", - "properties": { - "inputs": { - "type": "object" - } - }, - "description": "Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.", - "nullable": true - }, - "force": { - "type": "boolean", - "description": "Force package policy creation even if package is not verified, or if the agent policy is managed." - } - }, - "required": [ - "name", - "package" - ] - }, - "upgrade_diff": { - "title": "Package policy Upgrade dryrun", - "type": "array", - "items": { - "allOf": [ - { - "$ref": "#/components/schemas/package_policy" - }, - { - "type": "object", - "allOf": [ - { - "$ref": "#/components/schemas/new_package_policy" - }, - { - "type": "object", - "properties": { - "errors": { - "type": "array", - "items": { - "type": "object", - "properties": { - "key": { - "type": "string" - }, - "message": { - "type": "string" - } - } - } - }, - "missingVars": { - "type": "array", - "items": { - "type": "string" - } - } - } - } - ] - } - ] - } - }, - "full_agent_policy_input_stream": { - "title": "Full agent policy input stream", - "allOf": [ - { - "type": "object", - "additionalProperties": true, - "properties": { - "id": { - "type": "string" - }, - "data_stream": { - "type": "object", - "properties": { - "dataset": { - "type": "string" - }, - "type": { - "type": "string" - } - }, - "required": [ - "dataset", - "type" - ] - } - }, - "required": [ - "id", - "data_stream" - ] - } - ] - }, - "full_agent_policy_input": { - "title": "Full agent policy input", - "allOf": [ - { - "type": "object", - "additionalProperties": true, - "properties": { - "id": { - "type": "string" - }, - "name": { - "type": "string" - }, - "revision": { - "type": "number" - }, - "type": { - "type": "string" - }, - "data_stream": { - "type": "object", - "properties": { - "namespace": { - "type": "string" - } - }, - "required": [ - "namespace" - ] - }, - "use_output": { - "type": "string" - }, - "meta": { - "type": "object", - "additionalProperties": true, - "properties": { - "package": { - "type": "object", - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - } - }, - "required": [ - "name", - "version" - ] - } - } - }, - "streams": { - "$ref": "#/components/schemas/full_agent_policy_input_stream" - } - }, - "required": [ - "id", - "name", - "revision", - "type", - "data_stream", - "use_output" - ] - } - ] - }, - "upgrade_agent_diff": { - "title": "Package policy Upgrade dryrun", - "type": "array", - "items": { - "type": "array", - "items": { - "$ref": "#/components/schemas/full_agent_policy_input" - } - } - }, - "output_create_request_elasticsearch": { - "title": "elasticsearch", - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "is_default": { - "type": "boolean" - }, - "is_default_monitoring": { - "type": "boolean" - }, - "is_internal": { - "type": "boolean" - }, - "name": { - "type": "string" - }, - "type": { - "type": "string", - "enum": [ - "elasticsearch" - ] - }, - "hosts": { - "type": "array", - "items": { - "type": "string" - } - }, - "ca_sha256": { - "type": "string" - }, - "ca_trusted_fingerprint": { - "type": "string" - }, - "config": { - "type": "object" - }, - "preset": { - "type": "string", - "enum": [ - "balanced", - "custom", - "throughput", - "scale", - "latency" - ] - }, - "config_yaml": { - "type": "string" - }, - "ssl": { - "type": "object", - "properties": { - "certificate_authorities": { - "type": "array", - "items": { - "type": "string" - } - }, - "certificate": { - "type": "string" - }, - "key": { - "type": "string" - } - } - }, - "proxy_id": { - "type": "string" - }, - "shipper": { - "type": "object", - "properties": { - "disk_queue_enabled": { - "type": "boolean" - }, - "disk_queue_path": { - "type": "string" - }, - "disk_queue_max_size": { - "type": "number" - }, - "disk_queue_encryption_enabled": { - "type": "boolean" - }, - "disk_queue_compression_enabled": { - "type": "boolean" - }, - "compression_level": { - "type": "number" - }, - "loadbalance": { - "type": "boolean" - } - } - } - }, - "required": [ - "name" - ] - }, - "output_create_request_kafka": { - "title": "kafka", - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "is_default": { - "type": "boolean" - }, - "is_default_monitoring": { - "type": "boolean" - }, - "is_internal": { - "type": "boolean" - }, - "name": { - "type": "string" - }, - "type": { - "type": "string", - "enum": [ - "kafka" - ] - }, - "hosts": { - "type": "array", - "items": { - "type": "string" - } - }, - "ca_sha256": { - "type": "string" - }, - "ca_trusted_fingerprint": { - "type": "string" - }, - "config": { - "type": "object" - }, - "config_yaml": { - "type": "string" - }, - "ssl": { - "type": "object", - "properties": { - "certificate_authorities": { - "type": "array", - "items": { - "type": "string" - } - }, - "certificate": { - "type": "string" - }, - "key": { - "type": "string" - }, - "verification_mode": { - "type": "string", - "enum": [ - "none", - "full", - "certificate", - "strict" - ] - } - } - }, - "proxy_id": { - "type": "string" - }, - "shipper": { - "type": "object", - "properties": { - "disk_queue_enabled": { - "type": "boolean" - }, - "disk_queue_path": { - "type": "string" - }, - "disk_queue_max_size": { - "type": "number" - }, - "disk_queue_encryption_enabled": { - "type": "boolean" - }, - "disk_queue_compression_enabled": { - "type": "boolean" - }, - "compression_level": { - "type": "number" - }, - "loadbalance": { - "type": "boolean" - } - } - }, - "version": { - "type": "string" - }, - "key": { - "type": "string" - }, - "compression": { - "type": "string" - }, - "compression_level": { - "type": "number" - }, - "client_id": { - "type": "string" - }, - "auth_type": { - "type": "string" - }, - "connection_type": { - "type": "string", - "enum": [ - "plaintext", - "encryption" - ] - }, - "username": { - "type": "string" - }, - "password": { - "type": "string" - }, - "sasl": { - "type": "object", - "properties": { - "mechanism": { - "type": "string" - } - } - }, - "partition": { - "type": "string" - }, - "random": { - "type": "object", - "properties": { - "group_events": { - "type": "number" - } - } - }, - "round_robin": { - "type": "object", - "properties": { - "group_events": { - "type": "number" - } - } - }, - "topic": { - "type": "string" - }, - "topics": { - "deprecated": true, - "description": "Use topic instead.", - "type": "array", - "items": { - "type": "object", - "properties": { - "topic": { - "type": "string" - }, - "when": { - "deprecated": true, - "description": "Deprecated, kafka output do not support conditionnal topics anymore.", - "type": "object", - "properties": { - "type": { - "type": "string" - }, - "condition": { - "type": "string" - } - } - } - } - } - }, - "headers": { - "type": "array", - "items": { - "type": "object", - "properties": { - "key": { - "type": "string" - }, - "value": { - "type": "string" - } - } - } - }, - "timeout": { - "type": "number" - }, - "broker_timeout": { - "type": "number" - }, - "required_acks": { - "type": "number" - }, - "secrets": { - "type": "object", - "properties": { - "password": { - "type": "string" - }, - "ssl": { - "type": "object", - "properties": { - "key": { - "type": "string" - } - } - } - } - } - }, - "required": [ - "name", - "type", - "topics", - "auth_type", - "hosts" - ] - }, - "output_create_request_logstash": { - "title": "logstash", - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "is_default": { - "type": "boolean" - }, - "is_default_monitoring": { - "type": "boolean" - }, - "is_internal": { - "type": "boolean" - }, - "name": { - "type": "string" - }, - "type": { - "type": "string", - "enum": [ - "logstash" - ] - }, - "hosts": { - "type": "array", - "items": { - "type": "string" - } - }, - "ca_sha256": { - "type": "string" - }, - "ca_trusted_fingerprint": { - "type": "string" - }, - "config": { - "type": "object" - }, - "config_yaml": { - "type": "string" - }, - "ssl": { - "type": "object", - "properties": { - "certificate_authorities": { - "type": "array", - "items": { - "type": "string" - } - }, - "certificate": { - "type": "string" - }, - "key": { - "type": "string" - } - } - }, - "proxy_id": { - "type": "string" - }, - "shipper": { - "type": "object", - "properties": { - "disk_queue_enabled": { - "type": "boolean" - }, - "disk_queue_path": { - "type": "string" - }, - "disk_queue_max_size": { - "type": "number" - }, - "disk_queue_encryption_enabled": { - "type": "boolean" - }, - "disk_queue_compression_enabled": { - "type": "boolean" - }, - "compression_level": { - "type": "number" - }, - "loadbalance": { - "type": "boolean" - } - } - }, - "secrets": { - "type": "object", - "properties": { - "ssl": { - "type": "object", - "properties": { - "key": { - "type": "string" - } - } - } - } - } - }, - "required": [ - "name", - "hosts", - "type" - ] - }, - "output_create_request_remote_elasticsearch": { - "title": "remote_elasticsearch", - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "is_default": { - "type": "boolean" - }, - "is_default_monitoring": { - "type": "boolean" - }, - "is_internal": { - "type": "boolean" - }, - "name": { - "type": "string" - }, - "type": { - "type": "string", - "enum": [ - "remote_elasticsearch" - ] - }, - "hosts": { - "type": "array", - "items": { - "type": "string" - } - }, - "service_token": { - "type": "string" - }, - "secrets": { - "type": "object", - "properties": { - "service_token": { - "type": "string" - } - } - } - }, - "required": [ - "name" - ] - }, - "output_create_request": { - "title": "Output", - "oneOf": [ - { - "$ref": "#/components/schemas/output_create_request_elasticsearch" - }, - { - "$ref": "#/components/schemas/output_create_request_kafka" - }, - { - "$ref": "#/components/schemas/output_create_request_logstash" - }, - { - "$ref": "#/components/schemas/output_create_request_remote_elasticsearch" - } - ], - "discriminator": { - "propertyName": "type", - "mapping": { - "elasticsearch": "#/components/schemas/output_create_request_elasticsearch", - "kafka": "#/components/schemas/output_create_request_kafka", - "logstash": "#/components/schemas/output_create_request_logstash", - "remote_elasticsearch": "#/components/schemas/output_create_request_remote_elasticsearch" - } - } - }, - "output_update_request_elasticsearch": { - "title": "elasticsearch", - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "is_default": { - "type": "boolean" - }, - "is_default_monitoring": { - "type": "boolean" - }, - "is_internal": { - "type": "boolean" - }, - "name": { - "type": "string" - }, - "type": { - "type": "string", - "enum": [ - "elasticsearch" - ] - }, - "hosts": { - "type": "array", - "items": { - "type": "string" - } - }, - "ca_sha256": { - "type": "string" - }, - "ca_trusted_fingerprint": { - "type": "string" - }, - "config": { - "type": "object" - }, - "preset": { - "type": "string", - "enum": [ - "balanced", - "custom", - "throughput", - "scale", - "latency" - ] - }, - "config_yaml": { - "type": "string" - }, - "ssl": { - "type": "object", - "properties": { - "certificate_authorities": { - "type": "array", - "items": { - "type": "string" - } - }, - "certificate": { - "type": "string" - }, - "key": { - "type": "string" - } - } - }, - "proxy_id": { - "type": "string" - }, - "shipper": { - "type": "object", - "properties": { - "disk_queue_enabled": { - "type": "boolean" - }, - "disk_queue_path": { - "type": "string" - }, - "disk_queue_max_size": { - "type": "number" - }, - "disk_queue_encryption_enabled": { - "type": "boolean" - }, - "disk_queue_compression_enabled": { - "type": "boolean" - }, - "compression_level": { - "type": "number" - }, - "loadbalance": { - "type": "boolean" - } - } - } - }, - "required": [ - "name", - "hosts", - "type" - ] - }, - "output_update_request_kafka": { - "title": "kafka", - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "is_default": { - "type": "boolean" - }, - "is_default_monitoring": { - "type": "boolean" - }, - "is_internal": { - "type": "boolean" - }, - "name": { - "type": "string" - }, - "type": { - "type": "string", - "enum": [ - "kafka" - ] - }, - "hosts": { - "type": "array", - "items": { - "type": "string" - } - }, - "ca_sha256": { - "type": "string" - }, - "ca_trusted_fingerprint": { - "type": "string" - }, - "config": { - "type": "object" - }, - "config_yaml": { - "type": "string" - }, - "ssl": { - "type": "object", - "properties": { - "certificate_authorities": { - "type": "array", - "items": { - "type": "string" - } - }, - "certificate": { - "type": "string" - }, - "key": { - "type": "string" - }, - "verification_mode": { - "type": "string", - "enum": [ - "none", - "full", - "certificate", - "strict" - ] - } - } - }, - "proxy_id": { - "type": "string" - }, - "shipper": { - "type": "object", - "properties": { - "disk_queue_enabled": { - "type": "boolean" - }, - "disk_queue_path": { - "type": "string" - }, - "disk_queue_max_size": { - "type": "number" - }, - "disk_queue_encryption_enabled": { - "type": "boolean" - }, - "disk_queue_compression_enabled": { - "type": "boolean" - }, - "compression_level": { - "type": "number" - }, - "loadbalance": { - "type": "boolean" - } - } - }, - "version": { - "type": "string" - }, - "key": { - "type": "string" - }, - "compression": { - "type": "string" - }, - "compression_level": { - "type": "number" - }, - "client_id": { - "type": "string" - }, - "auth_type": { - "type": "string" - }, - "connection_type": { - "type": "string", - "enum": [ - "plaintext", - "encryption" - ] - }, - "username": { - "type": "string" - }, - "password": { - "type": "string" - }, - "sasl": { - "type": "object", - "properties": { - "mechanism": { - "type": "string" - } - } - }, - "partition": { - "type": "string" - }, - "random": { - "type": "object", - "properties": { - "group_events": { - "type": "number" - } - } - }, - "round_robin": { - "type": "object", - "properties": { - "group_events": { - "type": "number" - } - } - }, - "topic": { - "type": "string" - }, - "topics": { - "deprecated": true, - "description": "Use topic instead.", - "type": "array", - "items": { - "type": "object", - "properties": { - "topic": { - "type": "string" - }, - "when": { - "deprecated": true, - "description": "Deprecated, kafka output do not support conditionnal topics anymore.", - "type": "object", - "properties": { - "type": { - "type": "string" - }, - "condition": { - "type": "string" - } - } - } - } - } - }, - "headers": { - "type": "array", - "items": { - "type": "object", - "properties": { - "key": { - "type": "string" - }, - "value": { - "type": "string" - } - } - } - }, - "timeout": { - "type": "number" - }, - "broker_timeout": { - "type": "number" - }, - "required_acks": { - "type": "number" - } - }, - "required": [ - "name" - ] - }, - "output_update_request_logstash": { - "title": "logstash", - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "is_default": { - "type": "boolean" - }, - "is_default_monitoring": { - "type": "boolean" - }, - "is_internal": { - "type": "boolean" - }, - "name": { - "type": "string" - }, - "type": { - "type": "string", - "enum": [ - "logstash" - ] - }, - "hosts": { - "type": "array", - "items": { - "type": "string" - } - }, - "ca_sha256": { - "type": "string" - }, - "ca_trusted_fingerprint": { - "type": "string" - }, - "config": { - "type": "object" - }, - "config_yaml": { - "type": "string" - }, - "ssl": { - "type": "object", - "properties": { - "certificate_authorities": { - "type": "array", - "items": { - "type": "string" - } - }, - "certificate": { - "type": "string" - }, - "key": { - "type": "string" - } - } - }, - "proxy_id": { - "type": "string" - }, - "shipper": { - "type": "object", - "properties": { - "disk_queue_enabled": { - "type": "boolean" - }, - "disk_queue_path": { - "type": "string" - }, - "disk_queue_max_size": { - "type": "number" - }, - "disk_queue_encryption_enabled": { - "type": "boolean" - }, - "disk_queue_compression_enabled": { - "type": "boolean" - }, - "compression_level": { - "type": "number" - }, - "loadbalance": { - "type": "boolean" - } - } - } - }, - "required": [ - "name" - ] - }, - "output_update_request": { - "title": "Output", - "oneOf": [ - { - "$ref": "#/components/schemas/output_update_request_elasticsearch" - }, - { - "$ref": "#/components/schemas/output_update_request_kafka" - }, - { - "$ref": "#/components/schemas/output_update_request_logstash" - } - ], - "discriminator": { - "propertyName": "type", - "mapping": { - "elasticsearch": "#/components/schemas/output_update_request_elasticsearch", - "kafka": "#/components/schemas/output_update_request_kafka", - "logstash": "#/components/schemas/output_update_request_logstash" - } - } - }, - "download_sources": { - "title": "Download Source", - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "is_default": { - "type": "boolean" - }, - "name": { - "type": "string" - }, - "host": { - "type": "string" - }, - "proxy_id": { - "description": "The ID of the proxy to use for this download source. See the proxies API for more information.", - "type": "string", - "nullable": true - } - }, - "required": [ - "is_default", - "name", - "host" - ] - }, - "fleet_server_host": { - "title": "Fleet Server Host", - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "name": { - "type": "string" - }, - "is_default": { - "type": "boolean" - }, - "is_internal": { - "type": "boolean" - }, - "is_preconfigured": { - "type": "boolean" - }, - "proxy_id": { - "type": "string" - }, - "host_urls": { - "type": "array", - "items": { - "type": "string" - } - } - }, - "required": [ - "fleet_server_hosts", - "id", - "is_default", - "is_preconfigured", - "host_urls" - ] - }, - "proxies": { - "title": "Fleet Proxy", - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "name": { - "type": "string" - }, - "url": { - "type": "string" - }, - "proxy_headers": { - "type": "object" - }, - "certificate_authorities": { - "type": "string" - }, - "certificate": { - "type": "string" - }, - "certificate_key": { - "type": "string" - } - }, - "required": [ - "name", - "url" - ] - } - } - }, - "security": [ - { - "basicAuth": [] - } - ] -} \ No newline at end of file diff --git a/x-pack/plugins/fleet/common/openapi/bundled.yaml b/x-pack/plugins/fleet/common/openapi/bundled.yaml deleted file mode 100644 index d60963068b8e5..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/bundled.yaml +++ /dev/null @@ -1,6209 +0,0 @@ -openapi: 3.0.0 -tags: - - name: Data streams - - name: Elastic Agents - - name: Elastic Agent actions - - name: Elastic Agent binary download sources - - name: Elastic Agent policies - - name: Elastic Agent status - - name: Elastic Package Manager (EPM) - - name: Fleet enrollment API keys - - name: Fleet internals - - name: Fleet Server hosts - - name: Fleet Kubernetes - - name: Fleet outputs - - name: Fleet package policies - - name: Fleet proxies - - name: Fleet service tokens - - name: Fleet uninstall tokens -info: - title: Fleet - description: OpenAPI schema for Fleet API endpoints - version: '0.2' - contact: - name: Fleet Team - license: - name: Elastic License 2.0 - url: https://www.elastic.co/licensing/elastic-license -servers: - - url: http://KIBANA_HOST:5601 -paths: - /api/fleet/health_check: - post: - summary: Fleet Server health check - tags: - - Fleet internals - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - status: - type: string - id: - type: string - description: Fleet Server host id - host: - type: string - deprecated: true - '400': - $ref: '#/components/responses/error' - operationId: fleet-server-health-check - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - requestBody: - required: true - content: - application/json: - schema: - type: object - properties: - id: - type: string - host: - type: string - deprecated: true - required: - - id - /api/fleet/setup: - post: - summary: Initiate Fleet setup - tags: - - Fleet internals - responses: - '200': - description: OK - content: - application/json: - schema: - $ref: '#/components/schemas/fleet_setup_response' - '400': - $ref: '#/components/responses/error' - '500': - description: Internal Server Error - content: - application/json: - schema: - type: object - properties: - message: - type: string - operationId: setup - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - /api/fleet/settings: - get: - summary: Get settings - tags: - - Fleet internals - responses: - '200': - description: OK - content: - application/json: - schema: - $ref: '#/components/schemas/fleet_settings_response' - '400': - $ref: '#/components/responses/error' - operationId: get-settings - put: - summary: Update settings - tags: - - Fleet internals - requestBody: - content: - application/json: - schema: - type: object - properties: - fleet_server_hosts: - type: array - description: Protocol and path must be the same for each URL - items: - type: string - has_seen_add_data_notice: - type: boolean - additional_yaml_config: - type: string - responses: - '200': - description: OK - content: - application/json: - schema: - $ref: '#/components/schemas/fleet_settings_response' - '400': - $ref: '#/components/responses/error' - operationId: update-settings - /api/fleet/service-tokens: - post: - summary: Create service token - tags: - - Fleet service tokens - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - name: - type: string - value: - type: string - '400': - $ref: '#/components/responses/error' - operationId: generate-service-token-deprecated - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - deprecated: true - /api/fleet/service_tokens: - post: - summary: Create service token - tags: - - Fleet service tokens - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - name: - type: string - value: - type: string - '400': - $ref: '#/components/responses/error' - operationId: generate-service-token - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - /api/fleet/epm/verification_key_id: - get: - summary: Get package signature verification key ID - tags: - - Elastic Package Manager (EPM) - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - body: - type: object - properties: - id: - type: string - nullable: true - description: >- - the key ID of the GPG key used to verify package - signatures - statusCode: - type: number - headers: - type: object - '400': - $ref: '#/components/responses/error' - operationId: packages-get-verification-key-id - parameters: [] - /api/fleet/epm/bulk_assets: - post: - summary: Bulk get assets - tags: - - Elastic Package Manager (EPM) - responses: - '200': - description: OK - content: - application/json: - schema: - $ref: '#/components/schemas/get_bulk_assets_response' - '400': - $ref: '#/components/responses/error' - operationId: bulk-get-assets - requestBody: - content: - application/json: - schema: - type: object - properties: - assetIds: - type: array - items: - type: object - properties: - type: - type: string - id: - type: string - description: list of items necessary to fetch assets - required: - - assetIds - /api/fleet/epm/categories: - get: - summary: List package categories - tags: - - Elastic Package Manager (EPM) - responses: - '200': - description: OK - content: - application/json: - schema: - $ref: '#/components/schemas/get_categories_response' - '400': - $ref: '#/components/responses/error' - operationId: get-package-categories - parameters: - - in: query - name: prerelease - schema: - type: boolean - default: false - description: >- - Whether to include prerelease packages in categories count (e.g. beta, - rc, preview) - - in: query - name: experimental - deprecated: true - schema: - type: boolean - default: false - - in: query - name: include_policy_templates - schema: - type: boolean - default: false - /api/fleet/epm/packages/limited: - get: - summary: Get limited package list - tags: - - Elastic Package Manager (EPM) - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - type: string - '400': - $ref: '#/components/responses/error' - operationId: list-limited-packages - parameters: [] - /api/fleet/epm/packages: - get: - summary: List packages - tags: - - Elastic Package Manager (EPM) - responses: - '200': - description: OK - content: - application/json: - schema: - $ref: '#/components/schemas/get_packages_response' - '400': - $ref: '#/components/responses/error' - operationId: list-all-packages - parameters: - - in: query - name: excludeInstallStatus - schema: - type: boolean - default: false - description: >- - Whether to exclude the install status of each package. Enabling this - option will opt in to caching for the response via `cache-control` - headers. If you don't need up-to-date installation info for a - package, and are querying for a list of available packages, - providing this flag can improve performance substantially. - - in: query - name: prerelease - schema: - type: boolean - default: false - description: >- - Whether to return prerelease versions of packages (e.g. beta, rc, - preview) - - in: query - name: experimental - deprecated: true - schema: - type: boolean - default: false - - in: query - name: category - schema: - type: string - post: - summary: Install by package by direct upload - tags: - - Elastic Package Manager (EPM) - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - type: object - properties: - id: - type: string - type: - oneOf: - - $ref: '#/components/schemas/kibana_saved_object_type' - - $ref: '#/components/schemas/elasticsearch_asset_type' - required: - - id - - type - _meta: - type: object - properties: - install_source: - type: string - enum: - - upload - - registry - - bundled - required: - - items - '400': - $ref: '#/components/responses/error' - '429': - $ref: '#/components/responses/error' - operationId: install-package-by-upload - description: '' - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - - in: query - name: ignoreMappingUpdateErrors - schema: - type: boolean - default: false - description: avoid erroring out on unexpected mapping update errors - - in: query - name: skipDataStreamRollover - schema: - type: boolean - default: false - description: >- - Skip data stream rollover during index template mapping or settings - update - requestBody: - content: - application/zip: - schema: - type: string - format: binary - application/gzip: - schema: - type: string - format: binary - /api/fleet/epm/packages/_bulk: - post: - summary: Bulk install packages - tags: - - Elastic Package Manager (EPM) - responses: - '200': - description: OK - content: - application/json: - schema: - $ref: '#/components/schemas/bulk_install_packages_response' - '400': - $ref: '#/components/responses/error' - operationId: bulk-install-packages - parameters: - - in: query - name: prerelease - schema: - type: boolean - default: false - description: >- - Whether to return prerelease versions of packages (e.g. beta, rc, - preview) - requestBody: - content: - application/json: - schema: - type: object - properties: - packages: - type: array - items: - oneOf: - - type: string - description: package name - - type: object - properties: - name: - type: string - description: package name - version: - type: string - description: package version - description: list of packages to install - force: - type: boolean - description: force install to ignore package verification errors - required: - - packages - /api/fleet/epm/packages/{pkgkey}: - get: - summary: Get package - tags: - - Elastic Package Manager (EPM) - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - allOf: - - properties: - response: - $ref: '#/components/schemas/package_info' - - properties: - status: - type: string - enum: - - installed - - installing - - install_failed - - not_installed - savedObject: - type: string - required: - - status - - savedObject - '400': - $ref: '#/components/responses/error' - operationId: get-package-deprecated - security: - - basicAuth: [] - parameters: - - schema: - type: string - name: pkgkey - in: path - required: true - - in: query - name: prerelease - schema: - type: boolean - default: false - description: >- - Whether to return prerelease versions of packages (e.g. beta, rc, - preview) - deprecated: true - post: - summary: Install package - tags: - - Elastic Package Manager (EPM) - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - response: - type: array - items: - type: object - properties: - id: - type: string - type: - oneOf: - - $ref: '#/components/schemas/kibana_saved_object_type' - - $ref: '#/components/schemas/elasticsearch_asset_type' - required: - - id - - type - required: - - response - '400': - $ref: '#/components/responses/error' - operationId: install-package-deprecated - description: '' - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - - schema: - type: string - name: pkgkey - in: path - required: true - - in: query - name: ignoreMappingUpdateErrors - schema: - type: boolean - default: false - description: avoid erroring out on unexpected mapping update errors - - in: query - name: skipDataStreamRollover - schema: - type: boolean - default: false - description: >- - Skip data stream rollover during index template mapping or settings - update - requestBody: - content: - application/json: - schema: - type: object - properties: - force: - type: boolean - deprecated: true - delete: - summary: Delete ackage - tags: - - Elastic Package Manager (EPM) - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - response: - type: array - items: - type: object - properties: - id: - type: string - type: - oneOf: - - $ref: '#/components/schemas/kibana_saved_object_type' - - $ref: '#/components/schemas/elasticsearch_asset_type' - required: - - id - - type - required: - - response - '400': - $ref: '#/components/responses/error' - operationId: delete-package-deprecated - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - - schema: - type: string - name: pkgkey - in: path - required: true - requestBody: - content: - application/json: - schema: - type: object - properties: - force: - type: boolean - deprecated: true - /api/fleet/epm/packages/{pkgName}/{pkgVersion}: - get: - summary: Get package - tags: - - Elastic Package Manager (EPM) - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - allOf: - - properties: - item: - $ref: '#/components/schemas/package_info' - - properties: - status: - type: string - enum: - - installed - - installing - - install_failed - - not_installed - savedObject: - type: object - deprecated: true - latestVersion: - type: string - keepPoliciesUpToDate: - type: boolean - notice: - type: string - licensePath: - type: string - required: - - status - - savedObject - '400': - $ref: '#/components/responses/error' - operationId: get-package - security: - - basicAuth: [] - parameters: - - schema: - type: string - name: pkgName - in: path - required: true - - schema: - type: string - name: pkgVersion - in: path - required: true - - schema: - type: boolean - name: ignoreUnverified - description: Ignore if the package is fails signature verification - in: query - - schema: - type: boolean - name: full - description: >- - Return all fields from the package manifest, not just those supported - by the Elastic Package Registry - in: query - - in: query - name: prerelease - schema: - type: boolean - default: false - description: >- - Whether to return prerelease versions of packages (e.g. beta, rc, - preview) - post: - summary: Install package - tags: - - Elastic Package Manager (EPM) - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - type: object - properties: - id: - type: string - type: - oneOf: - - $ref: '#/components/schemas/kibana_saved_object_type' - - $ref: '#/components/schemas/elasticsearch_asset_type' - required: - - id - - type - _meta: - type: object - properties: - install_source: - type: string - enum: - - registry - - upload - - bundled - required: - - items - '400': - $ref: '#/components/responses/error' - operationId: install-package - description: '' - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - - in: query - name: ignoreMappingUpdateErrors - schema: - type: boolean - default: false - description: avoid erroring out on unexpected mapping update errors - - in: query - name: skipDataStreamRollover - schema: - type: boolean - default: false - description: >- - Skip data stream rollover during index template mapping or settings - update - requestBody: - content: - application/json: - schema: - type: object - properties: - force: - type: boolean - ignore_constraints: - type: boolean - put: - summary: Update package settings - tags: - - Elastic Package Manager (EPM) - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - type: object - properties: - id: - type: string - type: - oneOf: - - $ref: '#/components/schemas/kibana_saved_object_type' - - $ref: '#/components/schemas/elasticsearch_asset_type' - required: - - id - - type - required: - - items - '400': - $ref: '#/components/responses/error' - operationId: update-package - description: '' - requestBody: - content: - application/json: - schema: - type: object - properties: - keepPoliciesUpToDate: - type: boolean - delete: - summary: Delete package - tags: - - Elastic Package Manager (EPM) - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - type: object - properties: - id: - type: string - type: - oneOf: - - $ref: '#/components/schemas/kibana_saved_object_type' - - $ref: '#/components/schemas/elasticsearch_asset_type' - required: - - id - - type - required: - - items - '400': - $ref: '#/components/responses/error' - operationId: delete-package - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - - schema: - type: boolean - name: force - description: delete package even if policies used by agents - in: query - requestBody: - content: - application/json: - schema: - type: object - deprecated: true - properties: - force: - type: boolean - /api/fleet/epm/packages/{pkgName}/{pkgVersion}/transforms/authorize: - post: - summary: Authorize transforms - tags: - - Elastic Package Manager (EPM) - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - type: object - properties: - transformId: - type: string - success: - type: boolean - error: - type: string - required: - - transformId - - error - required: - - items - '400': - $ref: '#/components/responses/error' - operationId: reauthorize-transforms - description: '' - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - - schema: - type: string - name: pkgName - in: path - required: true - - schema: - type: string - name: pkgVersion - in: path - required: true - - in: query - name: prerelease - schema: - type: boolean - default: false - description: >- - Whether to include prerelease packages in categories count (e.g. - beta, rc, preview) - requestBody: - content: - application/json: - schema: - type: object - properties: - transforms: - type: array - items: - type: object - properties: - transformId: - type: string - /api/fleet/epm/packages/{pkgName}/{pkgVersion}/{filePath}: - get: - summary: Get package file - tags: - - Elastic Package Manager (EPM) - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - body: - type: object - statusCode: - type: number - headers: - type: object - '400': - $ref: '#/components/responses/error' - operationId: packages-get-file - parameters: - - schema: - type: string - name: pkgName - in: path - required: true - - schema: - type: string - name: pkgVersion - in: path - required: true - - schema: - type: string - name: filePath - in: path - required: true - /api/fleet/epm/packages/{pkgName}/stats: - get: - summary: Get package stats - tags: - - Elastic Package Manager (EPM) - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - response: - $ref: '#/components/schemas/package_usage_stats' - required: - - response - '400': - $ref: '#/components/responses/error' - operationId: get-package-stats - security: - - basicAuth: [] - parameters: - - schema: - type: string - name: pkgName - in: path - required: true - /api/fleet/epm/templates/{pkgName}/{pkgVersion}/inputs: - get: - summary: Get inputs template - tags: - - Elastic Package Manager (EPM) - responses: - '200': - description: OK - '400': - $ref: '#/components/responses/error' - operationId: get-inputs-template - security: - - basicAuth: [] - parameters: - - schema: - type: string - name: pkgName - in: path - required: true - - schema: - type: string - name: pkgVersion - in: path - required: true - - schema: - type: string - enum: - - json - - yaml - - yml - name: format - description: Format of response - json or yaml - in: query - - schema: - type: boolean - name: prerelease - description: Specify if version is prerelease - in: query - - schema: - type: boolean - name: ignoreUnverified - description: Ignore if the package is fails signature verification - in: query - /api/fleet/agents/setup: - get: - summary: Get agent setup info - tags: - - Elastic Agents - responses: - '200': - description: OK - content: - application/json: - schema: - $ref: '#/components/schemas/fleet_status_response' - '400': - $ref: '#/components/responses/error' - operationId: get-agents-setup-status - security: - - basicAuth: [] - post: - summary: Initiate agent setup - tags: - - Elastic Agents - operationId: setup-agents - responses: - '200': - description: OK - content: - application/json: - schema: - $ref: '#/components/schemas/fleet_setup_response' - '400': - $ref: '#/components/responses/error' - requestBody: - content: - application/json: - schema: - type: object - properties: - admin_username: - type: string - admin_password: - type: string - required: - - admin_username - - admin_password - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - /api/fleet/agent-status: - get: - summary: Get agent status summary - tags: - - Elastic Agent status - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - error: - type: integer - events: - type: integer - inactive: - type: integer - offline: - type: integer - online: - type: integer - other: - type: integer - total: - type: integer - updating: - type: integer - required: - - error - - events - - inactive - - offline - - online - - other - - total - - updating - '400': - $ref: '#/components/responses/error' - operationId: get-agent-status-deprecated - parameters: - - schema: - type: string - name: policyId - in: query - required: false - deprecated: true - /api/fleet/agent_status: - get: - summary: Get agent status summary - tags: - - Elastic Agent status - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - error: - type: integer - events: - type: integer - inactive: - type: integer - unenrolled: - type: integer - offline: - type: integer - online: - type: integer - other: - type: integer - total: - type: integer - deprecated: true - updating: - type: integer - all: - type: integer - active: - type: integer - required: - - active - - all - - error - - events - - inactive - - offline - - online - - other - - total - - updating - '400': - $ref: '#/components/responses/error' - operationId: get-agent-status - parameters: - - schema: - type: string - name: policyId - in: query - required: false - - schema: - type: string - name: kuery - in: query - required: false - deprecated: true - /api/fleet/agent_status/data: - get: - summary: Get incoming agent data - tags: - - Elastic Agent status - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - type: object - additionalProperties: - type: object - properties: - data: - type: boolean - '400': - $ref: '#/components/responses/error' - operationId: get-agent-data - parameters: - - schema: - type: array - items: - type: string - name: agentsIds - in: query - required: true - /api/fleet/agents: - get: - summary: List agents - tags: - - Elastic Agents - responses: - '200': - description: OK - content: - application/json: - schema: - $ref: '#/components/schemas/get_agents_response' - '400': - $ref: '#/components/responses/error' - operationId: get-agents - parameters: - - $ref: '#/components/parameters/page_size' - - $ref: '#/components/parameters/page_index' - - $ref: '#/components/parameters/kuery' - - $ref: '#/components/parameters/show_inactive' - - $ref: '#/components/parameters/show_upgradeable' - - $ref: '#/components/parameters/sort_field' - - $ref: '#/components/parameters/sort_order' - - $ref: '#/components/parameters/with_metrics' - - name: getStatusSummary - in: query - required: false - schema: - type: boolean - security: - - basicAuth: [] - post: - summary: List agents by action ids - tags: - - Elastic Agents - responses: - '200': - description: OK - content: - application/json: - schema: - $ref: '#/components/schemas/agent_get_by_actions' - '400': - $ref: '#/components/responses/error' - operationId: get-agents-by-actions - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - requestBody: - required: true - content: - application/json: - schema: - type: object - properties: - actionIds: - type: array - items: - type: string - required: - - policy_id - /api/fleet/agents/bulk_upgrade: - post: - summary: Bulk upgrade agents - tags: - - Elastic Agents - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - actionId: - type: string - '400': - $ref: '#/components/responses/error' - operationId: bulk-upgrade-agents - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - requestBody: - required: true - content: - application/json: - schema: - $ref: '#/components/schemas/bulk_upgrade_agents' - example: - version: 8.4.0 - source_uri: https://artifacts.elastic.co/downloads/beats/elastic-agent - rollout_duration_seconds: 3600 - agents: - - agent1 - - agent2 - start_time: '2022-08-03T14:00:00.000Z' - /api/fleet/agents/action_status: - get: - summary: Get agent action status - tags: - - Elastic Agent actions - parameters: - - $ref: '#/components/parameters/page_size' - - $ref: '#/components/parameters/page_index' - - schema: - type: integer - default: 5 - in: query - name: errorSize - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - type: object - properties: - actionId: - type: string - status: - type: string - enum: - - COMPLETE - - EXPIRED - - CANCELLED - - FAILED - - IN_PROGRESS - - ROLLOUT_PASSED - nbAgentsActioned: - type: number - description: number of agents actioned - nbAgentsActionCreated: - type: number - description: number of agents included in action from kibana - nbAgentsAck: - type: number - description: number of agents that acknowledged the action - nbAgentsFailed: - type: number - description: number of agents that failed to execute the action - version: - type: string - description: agent version number (UPGRADE action) - startTime: - type: string - description: start time of action (scheduled actions) - type: - type: string - enum: - - POLICY_REASSIGN - - UPGRADE - - UNENROLL - - FORCE_UNENROLL - - UPDATE_TAGS - - CANCEL - - REQUEST_DIAGNOSTICS - - SETTINGS - - POLICY_CHANGE - - INPUT_ACTION - expiration: - type: string - completionTime: - type: string - cancellationTime: - type: string - newPolicyId: - type: string - description: new policy id (POLICY_REASSIGN action) - policyId: - type: string - description: policy id (POLICY_CHANGE action) - revision: - type: string - description: new policy revision (POLICY_CHANGE action) - creationTime: - type: string - description: creation time of action - latestErrors: - type: array - description: >- - latest errors that happened when the agents executed - the action - items: - type: object - properties: - agentId: - type: string - error: - type: string - timestamp: - type: string - required: - - actionId - - complete - - nbAgentsActioned - - nbAgentsActionCreated - - nbAgentsAck - - nbAgentsFailed - - status - - creationTime - - type - required: - - items - '400': - $ref: '#/components/responses/error' - operationId: agents-action-status - /api/fleet/agents/{agentId}: - parameters: - - schema: - type: string - name: agentId - in: path - required: true - get: - summary: Get agent by ID - tags: - - Elastic Agents - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: '#/components/schemas/agent' - required: - - item - '400': - $ref: '#/components/responses/error' - operationId: get-agent - parameters: - - $ref: '#/components/parameters/with_metrics' - put: - summary: Update agent by ID - tags: - - Elastic Agents - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: '#/components/schemas/agent' - required: - - item - '400': - $ref: '#/components/responses/error' - operationId: update-agent - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - requestBody: - required: true - content: - application/json: - schema: - type: object - properties: - user_provided_metadata: - type: object - tags: - type: array - items: - type: string - delete: - summary: Delete agent by ID - tags: - - Elastic Agents - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - action: - type: string - enum: - - deleted - required: - - action - '400': - $ref: '#/components/responses/error' - operationId: delete-agent - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - /api/fleet/agents/{agentId}/actions: - parameters: - - schema: - type: string - name: agentId - in: path - required: true - post: - summary: Create agent action - tags: - - Elastic Agent actions - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - body: - type: array - items: - type: number - statusCode: - type: number - headers: - type: string - '400': - $ref: '#/components/responses/error' - operationId: new-agent-action - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - requestBody: - required: true - content: - application/json: - schema: - type: object - properties: - action: - $ref: '#/components/schemas/agent_action' - /api/fleet/agents/actions/{actionId}/cancel: - parameters: - - schema: - type: string - name: actionId - in: path - required: true - post: - summary: Cancel agent action - tags: - - Elastic Agent actions - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: '#/components/schemas/agent_action' - '400': - $ref: '#/components/responses/error' - operationId: agent-action-cancel - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - /api/fleet/agents/files/{fileId}/{fileName}: - parameters: - - schema: - type: string - name: fileId - in: path - required: true - - schema: - type: string - name: fileName - in: path - required: true - get: - summary: Get file uploaded by agent - tags: - - Elastic Agents - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - body: - type: object - properties: - items: - type: object - properties: - body: {} - headers: {} - '400': - $ref: '#/components/responses/error' - operationId: get-agent-upload-file - /api/fleet/agents/files/{fileId}: - parameters: - - schema: - type: string - name: fileId - in: path - required: true - delete: - summary: Delete file uploaded by agent - tags: - - Elastic Agents - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - body: - type: object - properties: - id: - type: string - deleted: - type: boolean - '400': - $ref: '#/components/responses/error' - operationId: delete-agent-upload-file - /api/fleet/agents/{agentId}/reassign: - parameters: - - schema: - type: string - name: agentId - in: path - required: true - post: - summary: Reassign agent - tags: - - Elastic Agents - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - '400': - $ref: '#/components/responses/error' - operationId: reassign-agent - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - requestBody: - required: true - content: - application/json: - schema: - type: object - properties: - policy_id: - type: string - required: - - policy_id - put: - summary: Reassign agent - tags: - - Elastic Agents - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - '400': - $ref: '#/components/responses/error' - operationId: reassign-agent-deprecated - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - requestBody: - required: true - content: - application/json: - schema: - type: object - properties: - policy_id: - type: string - required: - - policy_id - deprecated: true - /api/fleet/agents/{agentId}/unenroll: - parameters: - - schema: - type: string - name: agentId - in: path - required: true - post: - summary: Unenroll agent - tags: - - Elastic Agents - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - '400': - description: BAD REQUEST - content: - application/json: - schema: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - enum: - - 400 - operationId: unenroll-agent - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - requestBody: - content: - application/json: - schema: - type: object - properties: - revoke: - type: boolean - force: - type: boolean - /api/fleet/agents/{agentId}/upgrade: - parameters: - - schema: - type: string - name: agentId - in: path - required: true - post: - summary: Upgrade agent - tags: - - Elastic Agents - responses: - '200': - description: OK - content: - application/json: - schema: - $ref: '#/components/schemas/upgrade_agent' - '400': - $ref: '#/components/responses/error' - operationId: upgrade-agent - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - requestBody: - required: true - content: - application/json: - schema: - $ref: '#/components/schemas/upgrade_agent' - /api/fleet/agents/{agentId}/uploads: - parameters: - - schema: - type: string - name: agentId - in: path - required: true - get: - summary: List agent uploads - tags: - - Elastic Agents - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - body: - type: object - properties: - item: - type: array - items: - $ref: '#/components/schemas/agent_diagnostics' - '400': - $ref: '#/components/responses/error' - operationId: list-agent-uploads - /api/fleet/agents/bulk_reassign: - post: - summary: Bulk reassign agents - tags: - - Elastic Agents - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - actionId: - type: string - '400': - $ref: '#/components/responses/error' - operationId: bulk-reassign-agents - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - requestBody: - content: - application/json: - schema: - type: object - properties: - policy_id: - type: string - description: new agent policy id - agents: - oneOf: - - type: string - description: KQL query string, leave empty to action all agents - - type: array - items: - type: string - description: list of agent IDs - required: - - policy_id - - agents - example: - policy_id: policy_id - agents: 'fleet-agents.policy_id : ("policy1" or "policy2")' - /api/fleet/agents/bulk_unenroll: - post: - summary: Bulk unenroll agents - tags: - - Elastic Agents - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - actionId: - type: string - '400': - $ref: '#/components/responses/error' - operationId: bulk-unenroll-agents - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - requestBody: - content: - application/json: - schema: - type: object - properties: - agents: - oneOf: - - type: string - description: KQL query string, leave empty to action all agents - - type: array - items: - type: string - description: list of agent IDs - revoke: - type: boolean - description: Revokes API keys of agents - force: - type: boolean - description: Unenrolls hosted agents too - includeInactive: - type: boolean - description: >- - When passing agents by KQL query, unenrolls inactive agents - too - required: - - agents - example: - revoke: true - force: false - agents: - - agent1 - - agent2 - /api/fleet/agents/bulk_update_agent_tags: - post: - summary: Bulk update agent tags - tags: - - Elastic Agents - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - actionId: - type: string - '400': - $ref: '#/components/responses/error' - operationId: bulk-update-agent-tags - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - requestBody: - content: - application/json: - schema: - type: object - properties: - agents: - oneOf: - - type: string - description: KQL query string, leave empty to action all agents - - type: array - items: - type: string - description: list of agent IDs - tagsToAdd: - type: array - items: - type: string - tagsToRemove: - type: array - items: - type: string - batchSize: - type: number - required: - - agents - example: - agents: - - agent1 - - agent2 - tagsToAdd: - - newTag - tagsToRemove: - - existingTag - /api/fleet/agents/tags: - get: - summary: List agent tags - tags: - - Elastic Agents - responses: - '200': - description: OK - content: - application/json: - schema: - $ref: '#/components/schemas/get_agent_tags_response' - '400': - $ref: '#/components/responses/error' - operationId: get-agent-tags - /api/fleet/agents/{agentId}/request_diagnostics: - parameters: - - schema: - type: string - name: agentId - in: path - required: true - post: - summary: Request agent diagnostics - tags: - - Elastic Agents - requestBody: - content: - application/json: - schema: - type: object - properties: - additional_metrics: - type: array - items: - oneOf: - - type: string - enum: - - CPU - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - actionId: - type: string - '400': - $ref: '#/components/responses/error' - operationId: request-diagnostics-agent - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - /api/fleet/agents/bulk_request_diagnostics: - post: - summary: Bulk request diagnostics from agents - tags: - - Elastic Agents - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - actionId: - type: string - '400': - $ref: '#/components/responses/error' - operationId: bulk-request-diagnostics - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - requestBody: - content: - application/json: - schema: - type: object - properties: - batchSize: - type: number - agents: - oneOf: - - type: string - description: KQL query string, leave empty to action all agents - - type: array - items: - type: string - description: list of agent IDs - additional_metrics: - type: array - items: - oneOf: - - type: string - enum: - - CPU - required: - - agents - example: - agents: 'fleet-agents.policy_id : ("policy1" or "policy2")' - /api/fleet/agent_policies: - get: - summary: List agent policies - tags: - - Elastic Agent policies - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - $ref: '#/components/schemas/agent_policy' - total: - type: number - page: - type: number - perPage: - type: number - required: - - items - - total - - page - - perPage - '400': - $ref: '#/components/responses/error' - operationId: agent-policy-list - parameters: - - $ref: '#/components/parameters/page_size' - - $ref: '#/components/parameters/page_index' - - $ref: '#/components/parameters/kuery' - - $ref: '#/components/parameters/format' - - schema: - type: boolean - in: query - name: full - description: >- - When set to true, retrieve the related package policies for each - agent policy. - - schema: - type: boolean - in: query - name: noAgentCount - description: >- - When set to true, do not count how many agents are in the agent - policy, this can improve performance if you are searching over a - large number of agent policies. The "agents" property will always be - 0 if set to true. - description: '' - post: - summary: Create agent policy - tags: - - Elastic Agent policies - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: '#/components/schemas/agent_policy' - '400': - $ref: '#/components/responses/error' - operationId: create-agent-policy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/agent_policy_create_request' - security: [] - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - /api/fleet/agent_policies/{agentPolicyId}: - parameters: - - schema: - type: string - name: agentPolicyId - in: path - required: true - - $ref: '#/components/parameters/format' - get: - summary: Get agent policy by ID - tags: - - Elastic Agent policies - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: '#/components/schemas/agent_policy' - required: - - item - '400': - $ref: '#/components/responses/error' - operationId: agent-policy-info - description: Get one agent policy - parameters: [] - put: - summary: Update agent policy by ID - tags: - - Elastic Agent policies - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: '#/components/schemas/agent_policy' - required: - - item - '400': - $ref: '#/components/responses/error' - operationId: update-agent-policy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/agent_policy_update_request' - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - /api/fleet/agent_policies/{agentPolicyId}/copy: - parameters: - - schema: - type: string - name: agentPolicyId - in: path - required: true - - $ref: '#/components/parameters/format' - post: - summary: Copy agent policy by ID - tags: - - Elastic Agent policies - operationId: agent-policy-copy - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: '#/components/schemas/agent_policy' - required: - - item - '400': - $ref: '#/components/responses/error' - requestBody: - content: - application/json: - schema: - type: object - properties: - name: - type: string - description: - type: string - required: - - name - description: '' - /api/fleet/agent_policies/{agentPolicyId}/full: - get: - summary: Get full agent policy by ID - tags: - - Elastic Agent policies - operationId: agent-policy-full - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - oneOf: - - type: string - - $ref: '#/components/schemas/agent_policy_full' - '400': - $ref: '#/components/responses/error' - parameters: - - schema: - type: string - name: agentPolicyId - in: path - required: true - - schema: - type: string - name: download - in: query - required: false - - schema: - type: string - name: standalone - in: query - required: false - - schema: - type: string - name: kubernetes - in: query - required: false - /api/fleet/agent_policies/{agentPolicyId}/download: - get: - summary: Download agent policy by ID - tags: - - Elastic Agent policies - operationId: agent-policy-download - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - type: string - '400': - $ref: '#/components/responses/error' - parameters: - - schema: - type: string - name: agentPolicyId - in: path - required: true - - schema: - type: string - name: download - in: query - required: false - - schema: - type: string - name: standalone - in: query - required: false - - schema: - type: string - name: kubernetes - in: query - required: false - /api/fleet/agent_policies/_bulk_get: - post: - summary: Bulk get agent policies - tags: - - Elastic Agent policies - requestBody: - content: - application/json: - schema: - type: object - properties: - ids: - type: array - items: - type: string - description: list of agent policy ids - full: - type: boolean - description: get full policies with package policies populated - ignoreMissing: - type: boolean - required: - - ids - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - $ref: '#/components/schemas/agent_policy' - required: - - items - '400': - $ref: '#/components/responses/error' - operationId: bulk-get-agent-policies - security: [] - parameters: - - $ref: '#/components/parameters/format' - /api/fleet/agent_policies/delete: - post: - summary: Delete agent policy by ID - tags: - - Elastic Agent policies - operationId: delete-agent-policy - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - id: - type: string - success: - type: boolean - required: - - id - - success - '400': - $ref: '#/components/responses/error' - requestBody: - content: - application/json: - schema: - type: object - properties: - agentPolicyId: - type: string - force: - type: boolean - description: >- - bypass validation checks that can prevent agent policy - deletion - required: - - agentPolicyId - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - parameters: [] - /api/fleet/data_streams: - get: - summary: List data streams - tags: - - Data streams - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - data_streams: - type: array - items: - $ref: '#/components/schemas/data_stream' - '400': - $ref: '#/components/responses/error' - operationId: data-streams-list - parameters: [] - /api/fleet/enrollment-api-keys: - get: - summary: List enrollment API keys - tags: - - Fleet enrollment API keys - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - list: - type: array - items: - $ref: '#/components/schemas/enrollment_api_key' - deprecated: true - items: - type: array - items: - $ref: '#/components/schemas/enrollment_api_key' - page: - type: number - perPage: - type: number - total: - type: number - required: - - items - - page - - perPage - - total - '400': - $ref: '#/components/responses/error' - operationId: get-enrollment-api-keys-deprecated - parameters: [] - deprecated: true - post: - summary: Create enrollment API key - tags: - - Fleet enrollment API keys - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: '#/components/schemas/enrollment_api_key' - action: - type: string - enum: - - created - '400': - $ref: '#/components/responses/error' - operationId: create-enrollment-api-keys-deprecated - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - deprecated: true - /api/fleet/enrollment-api-keys/{keyId}: - parameters: - - schema: - type: string - name: keyId - in: path - required: true - get: - summary: Get enrollment API key by ID - tags: - - Fleet enrollment API keys - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: '#/components/schemas/enrollment_api_key' - required: - - item - '400': - $ref: '#/components/responses/error' - operationId: get-enrollment-api-key-deprecated - deprecated: true - delete: - summary: Delete enrollment API key by ID - tags: - - Fleet enrollment API keys - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - action: - type: string - enum: - - deleted - required: - - action - '400': - $ref: '#/components/responses/error' - operationId: delete-enrollment-api-key-deprecated - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - deprecated: true - /api/fleet/enrollment_api_keys: - get: - summary: List enrollment API keys - tags: - - Fleet enrollment API keys - parameters: - - $ref: '#/components/parameters/page_size' - - $ref: '#/components/parameters/page_index' - - $ref: '#/components/parameters/kuery' - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - list: - type: array - items: - $ref: '#/components/schemas/enrollment_api_key' - deprecated: true - items: - type: array - items: - $ref: '#/components/schemas/enrollment_api_key' - page: - type: number - perPage: - type: number - total: - type: number - required: - - items - - page - - perPage - - total - '400': - $ref: '#/components/responses/error' - operationId: get-enrollment-api-keys - post: - summary: Create enrollment API key - tags: - - Fleet enrollment API keys - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: '#/components/schemas/enrollment_api_key' - action: - type: string - enum: - - created - '400': - $ref: '#/components/responses/error' - requestBody: - content: - application/json: - schema: - type: object - properties: - name: - type: string - description: The name of the enrollment API key. Must be unique. - policy_id: - type: string - description: >- - The ID of the agent policy the Elastic Agent will be - enrolled in. - required: - - policy_id - operationId: create-enrollment-api-keys - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - /api/fleet/enrollment_api_keys/{keyId}: - parameters: - - schema: - type: string - name: keyId - in: path - required: true - get: - summary: Get enrollment API key by ID - tags: - - Fleet enrollment API keys - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: '#/components/schemas/enrollment_api_key' - required: - - item - '400': - $ref: '#/components/responses/error' - operationId: get-enrollment-api-key - delete: - summary: Revoke enrollment API key by ID by marking it as inactive - tags: - - Fleet enrollment API keys - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - action: - type: string - enum: - - deleted - required: - - action - '400': - $ref: '#/components/responses/error' - operationId: delete-enrollment-api-key - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - /api/fleet/package_policies: - get: - summary: List package policies - tags: - - Fleet package policies - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - $ref: '#/components/schemas/package_policy' - total: - type: number - page: - type: number - perPage: - type: number - required: - - items - '400': - $ref: '#/components/responses/error' - operationId: get-package-policies - security: [] - parameters: - - $ref: '#/components/parameters/page_size' - - $ref: '#/components/parameters/page_index' - - $ref: '#/components/parameters/kuery' - - $ref: '#/components/parameters/format' - parameters: [] - post: - summary: Create package policy - tags: - - Fleet package policies - operationId: create-package-policy - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: '#/components/schemas/package_policy' - required: - - item - '400': - $ref: '#/components/responses/error' - '409': - $ref: '#/components/responses/error' - requestBody: - description: >- - You should use inputs as an object and not use the deprecated inputs - array. - content: - application/json: - schema: - $ref: '#/components/schemas/package_policy_request' - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - - $ref: '#/components/parameters/format' - /api/fleet/package_policies/_bulk_get: - post: - summary: Bulk get package policies - tags: - - Fleet package policies - requestBody: - content: - application/json: - schema: - type: object - properties: - ids: - type: array - items: - type: string - description: list of package policy ids - ignoreMissing: - type: boolean - required: - - ids - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - $ref: '#/components/schemas/package_policy' - required: - - items - '400': - $ref: '#/components/responses/error' - operationId: bulk-get-package-policies - security: [] - parameters: - - $ref: '#/components/parameters/format' - /api/fleet/package_policies/delete: - post: - summary: Delete package policy - tags: - - Fleet package policies - operationId: post-delete-package-policy - requestBody: - content: - application/json: - schema: - type: object - properties: - packagePolicyIds: - type: array - items: - type: string - force: - type: boolean - required: - - packagePolicyIds - responses: - '200': - description: OK - content: - application/json: - schema: - type: array - items: - type: object - properties: - id: - type: string - name: - type: string - success: - type: boolean - required: - - id - - success - '400': - $ref: '#/components/responses/error' - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - /api/fleet/package_policies/upgrade: - post: - summary: Upgrade package policy to a newer package version - tags: - - Fleet package policies - operationId: upgrade-package-policy - requestBody: - content: - application/json: - schema: - type: object - properties: - packagePolicyIds: - type: array - items: - type: string - required: - - packagePolicyIds - responses: - '200': - description: OK - content: - application/json: - schema: - type: array - items: - type: object - properties: - id: - type: string - name: - type: string - success: - type: boolean - required: - - id - - success - '400': - $ref: '#/components/responses/error' - '409': - $ref: '#/components/responses/error' - /api/fleet/package_policies/upgrade/dryrun: - post: - summary: Dry run package policy upgrade - tags: - - Fleet package policies - operationId: upgrade-package-policy-dry-run - requestBody: - content: - application/json: - schema: - type: object - properties: - packagePolicyIds: - type: array - items: - type: string - packageVersion: - type: string - required: - - packagePolicyIds - responses: - '200': - description: OK - content: - application/json: - schema: - type: array - items: - type: object - properties: - hasErrors: - type: boolean - diff: - $ref: '#/components/schemas/upgrade_diff' - agent_diff: - $ref: '#/components/schemas/upgrade_agent_diff' - required: - - hasErrors - '400': - $ref: '#/components/responses/error' - /api/fleet/package_policies/{packagePolicyId}: - parameters: - - schema: - type: string - name: packagePolicyId - in: path - required: true - get: - summary: Get package policy by ID - tags: - - Fleet package policies - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: '#/components/schemas/package_policy' - required: - - item - '400': - $ref: '#/components/responses/error' - operationId: get-package-policy - parameters: - - $ref: '#/components/parameters/format' - put: - summary: Update package policy by ID - tags: - - Fleet package policies - operationId: update-package-policy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/package_policy_request' - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: '#/components/schemas/package_policy' - required: - - item - '400': - $ref: '#/components/responses/error' - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - - $ref: '#/components/parameters/format' - delete: - summary: Delete package policy by ID - tags: - - Fleet package policies - operationId: delete-package-policy - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - id: - type: string - required: - - id - '400': - $ref: '#/components/responses/error' - parameters: - - schema: - type: boolean - name: force - in: query - /api/fleet/outputs: - get: - summary: List outputs - tags: - - Fleet outputs - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - $ref: '#/components/schemas/output_create_request' - total: - type: integer - page: - type: integer - perPage: - type: integer - '400': - $ref: '#/components/responses/error' - operationId: get-outputs - post: - summary: Create output - tags: - - Fleet outputs - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: '#/components/schemas/output_create_request' - '400': - $ref: '#/components/responses/error' - requestBody: - required: true - content: - application/json: - schema: - $ref: '#/components/schemas/output_create_request' - operationId: post-outputs - /api/fleet/outputs/{outputId}: - get: - summary: Get output by ID - tags: - - Fleet outputs - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: '#/components/schemas/output_create_request' - '400': - $ref: '#/components/responses/error' - operationId: get-output - parameters: - - schema: - type: string - name: outputId - in: path - required: true - delete: - summary: Delete output by ID - tags: - - Fleet outputs - operationId: delete-output - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - id: - type: string - required: - - id - '400': - $ref: '#/components/responses/error' - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - put: - summary: Update output by ID - tags: - - Fleet outputs - operationId: update-output - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/output_update_request' - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: '#/components/schemas/output_update_request' - '400': - $ref: '#/components/responses/error' - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - /api/fleet/outputs/{outputId}/health: - get: - summary: Get latest output health - tags: - - Fleet outputs - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - state: - type: string - description: state of output, HEALTHY or DEGRADED - message: - type: string - description: long message if unhealthy - timestamp: - type: string - description: timestamp of reported state - '400': - $ref: '#/components/responses/error' - operationId: get-output-health - parameters: - - schema: - type: string - name: outputId - in: path - required: true - /api/fleet/logstash_api_keys: - post: - summary: Generate Logstash API key - tags: - - Fleet outputs - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - api_key: - type: string - '400': - $ref: '#/components/responses/error' - operationId: generate-logstash-api-key - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - /api/fleet/agent_download_sources: - get: - summary: List agent binary download sources - tags: - - Elastic Agent binary download sources - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - $ref: '#/components/schemas/download_sources' - total: - type: integer - page: - type: integer - perPage: - type: integer - '400': - $ref: '#/components/responses/error' - operationId: get-download-sources - post: - summary: Create agent binary download source - tags: - - Elastic Agent binary download sources - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: '#/components/schemas/download_sources' - '400': - $ref: '#/components/responses/error' - requestBody: - content: - application/json: - schema: - type: object - properties: - id: - type: string - name: - type: string - is_default: - type: boolean - host: - type: string - required: - - name - - host - - is_default - operationId: post-download-sources - /api/fleet/agent_download_sources/{sourceId}: - get: - summary: Get agent binary download source by ID - tags: - - Elastic Agent binary download sources - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: '#/components/schemas/download_sources' - required: - - item - '400': - $ref: '#/components/responses/error' - operationId: get-one-download-source - parameters: - - schema: - type: string - name: sourceId - in: path - required: true - delete: - summary: Delete agent binary download source by ID - tags: - - Elastic Agent binary download sources - operationId: delete-download-source - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - id: - type: string - required: - - id - '400': - $ref: '#/components/responses/error' - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - put: - summary: Update agent binary download source by ID - tags: - - Elastic Agent binary download sources - operationId: update-download-source - requestBody: - content: - application/json: - schema: - type: object - properties: - name: - type: string - is_default: - type: boolean - host: - type: string - required: - - name - - is_default - - host - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: '#/components/schemas/download_sources' - required: - - item - '400': - $ref: '#/components/responses/error' - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - /api/fleet/fleet_server_hosts: - get: - summary: List Fleet Server hosts - tags: - - Fleet Server hosts - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - $ref: '#/components/schemas/fleet_server_host' - total: - type: integer - page: - type: integer - perPage: - type: integer - '400': - $ref: '#/components/responses/error' - operationId: get-fleet-server-hosts - post: - summary: Create Fleet Server host - tags: - - Fleet Server hosts - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: '#/components/schemas/fleet_server_host' - '400': - $ref: '#/components/responses/error' - requestBody: - content: - application/json: - schema: - type: object - properties: - id: - type: string - name: - type: string - is_default: - type: boolean - is_internal: - type: boolean - proxy_id: - description: >- - The ID of the proxy to use for this fleet server host. See - the proxies API for more information. - type: string - host_urls: - type: array - items: - type: string - required: - - name - - host_urls - operationId: post-fleet-server-hosts - /api/fleet/fleet_server_hosts/{itemId}: - get: - summary: Get Fleet Server host by ID - tags: - - Fleet Server hosts - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: '#/components/schemas/fleet_server_host' - required: - - item - '400': - $ref: '#/components/responses/error' - operationId: get-one-fleet-server-hosts - parameters: - - schema: - type: string - name: itemId - in: path - required: true - delete: - summary: Delete Fleet Server host by ID - tags: - - Fleet Server hosts - operationId: delete-fleet-server-hosts - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - id: - type: string - required: - - id - '400': - $ref: '#/components/responses/error' - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - put: - summary: Update Fleet Server host by ID - tags: - - Fleet Server hosts - operationId: update-fleet-server-hosts - requestBody: - content: - application/json: - schema: - type: object - properties: - name: - type: string - is_default: - type: boolean - is_internal: - type: boolean - proxy_id: - description: >- - The ID of the proxy to use for this fleet server host. See - the proxies API for more information. - type: string - nullable: true - host_urls: - type: array - items: - type: string - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: '#/components/schemas/fleet_server_host' - required: - - item - '400': - $ref: '#/components/responses/error' - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - /api/fleet/proxies: - get: - summary: List proxies - tags: - - Fleet proxies - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - $ref: '#/components/schemas/proxies' - total: - type: integer - page: - type: integer - perPage: - type: integer - '400': - $ref: '#/components/responses/error' - operationId: get-fleet-proxies - post: - summary: Create proxy - tags: - - Fleet proxies - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: '#/components/schemas/proxies' - '400': - $ref: '#/components/responses/error' - requestBody: - content: - application/json: - schema: - type: object - properties: - id: - type: string - name: - type: string - url: - type: string - proxy_headers: - type: object - certificate_authorities: - type: string - certificate: - type: string - certificate_key: - type: string - required: - - name - - url - operationId: post-fleet-proxies - /api/fleet/proxies/{itemId}: - get: - summary: Get proxy by ID - tags: - - Fleet proxies - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: '#/components/schemas/proxies' - required: - - item - '400': - $ref: '#/components/responses/error' - operationId: get-one-fleet-proxies - parameters: - - schema: - type: string - name: itemId - in: path - required: true - delete: - summary: Delete proxy by ID - tags: - - Fleet proxies - operationId: delete-fleet-proxies - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - id: - type: string - required: - - id - '400': - $ref: '#/components/responses/error' - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - put: - summary: Update proxy by ID - tags: - - Fleet proxies - operationId: update-fleet-proxies - requestBody: - content: - application/json: - schema: - type: object - properties: - name: - type: string - url: - type: string - proxy_headers: - type: object - certificate_authorities: - type: string - certificate: - type: string - certificate_key: - type: string - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: '#/components/schemas/proxies' - required: - - item - '400': - $ref: '#/components/responses/error' - parameters: - - $ref: '#/components/parameters/kbn_xsrf' - /api/fleet/kubernetes: - get: - summary: Get full K8s agent manifest - tags: - - Fleet Kubernetes - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - type: string - '400': - $ref: '#/components/responses/error' - operationId: get-full-k8s-manifest - parameters: - - schema: - type: boolean - name: download - in: query - required: false - - schema: - type: string - name: fleetServer - in: query - required: false - - schema: - type: string - name: enrolToken - in: query - required: false - /api/fleet/uninstall_tokens: - get: - summary: List metadata for latest uninstall tokens per agent policy - tags: - - Fleet uninstall tokens - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - type: object - properties: - id: - type: string - policy_id: - type: string - created_at: - type: string - required: - - id - - policy_id - - created_at - total: - type: number - page: - type: number - perPage: - type: number - required: - - items - - total - - page - - perPage - '400': - $ref: '#/components/responses/error' - operationId: get-uninstall-tokens - parameters: - - name: perPage - in: query - description: The number of items to return - required: false - schema: - type: integer - default: 20 - minimum: 5 - - $ref: '#/components/parameters/page_index' - - name: policyId - in: query - description: Partial match filtering for policy IDs - required: false - schema: - type: string - /api/fleet/uninstall_tokens/{uninstallTokenId}: - get: - summary: Get one decrypted uninstall token by its ID - tags: - - Fleet uninstall tokens - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - type: object - properties: - id: - type: string - token: - type: string - policy_id: - type: string - created_at: - type: string - required: - - id - - token - - policy_id - - created_at - required: - - item - '400': - $ref: '#/components/responses/error' - operationId: get-uninstall-token - parameters: - - name: uninstallTokenId - in: path - required: true - schema: - type: string -components: - securitySchemes: - basicAuth: - type: http - scheme: basic - Enrollment_API_Key: - name: Authorization - type: apiKey - in: header - description: 'e.g. Authorization: ApiKey base64EnrollmentApiKey' - Access_API_Key: - name: Authorization - type: apiKey - in: header - description: 'e.g. Authorization: ApiKey base64AccessApiKey' - parameters: - kbn_xsrf: - schema: - type: string - in: header - name: kbn-xsrf - required: true - description: Kibana's anti Cross-Site Request Forgery token. Can be any string value. - page_size: - name: perPage - in: query - description: The number of items to return - required: false - schema: - type: integer - default: 20 - page_index: - name: page - in: query - required: false - schema: - type: integer - default: 1 - kuery: - name: kuery - in: query - required: false - schema: - type: string - show_inactive: - name: showInactive - in: query - required: false - schema: - type: boolean - show_upgradeable: - name: showUpgradeable - in: query - required: false - schema: - type: boolean - sort_field: - name: sortField - in: query - required: false - schema: - type: string - deprecated: true - sort_order: - name: sortOrder - in: query - required: false - schema: - type: string - enum: - - asc - - desc - with_metrics: - name: withMetrics - in: query - description: Return agent metrics, false by default - required: false - schema: - type: boolean - format: - name: format - in: query - description: Simplified or legacy format for package inputs - required: false - schema: - type: string - enum: - - simplified - - legacy - responses: - error: - description: Generic Error - content: - application/json: - schema: - type: object - properties: - statusCode: - type: number - error: - type: string - message: - type: string - schemas: - fleet_setup_response: - title: Fleet Setup response - type: object - properties: - isInitialized: - type: boolean - nonFatalErrors: - type: array - items: - type: object - properties: - name: - type: string - message: - type: string - required: - - name - - message - required: - - isInitialized - - nonFatalErrors - settings: - title: Settings - type: object - properties: - id: - type: string - has_seen_add_data_notice: - type: boolean - fleet_server_hosts: - deprecated: true - type: array - items: - type: string - prerelease_integrations_enabled: - type: boolean - required: - - fleet_server_hosts - - id - fleet_settings_response: - title: Fleet settings response - type: object - properties: - item: - $ref: '#/components/schemas/settings' - required: - - item - saved_object_type: - title: Saved Object type - oneOf: - - type: string - enum: - - dashboard - - visualization - - search - - index_pattern - - map - - lens - - security_rule - - csp_rule_template - - ml_module - - tag - - osquery_pack_asset - - osquery_saved_query - - type: string - enum: - - index - - component_template - - ingest_pipeline - - index_template - - ilm_policy - - transform - - data_stream_ilm_policy - - ml_model - get_bulk_assets_response: - title: Bulk get assets response - type: object - deprecated: true - properties: - items: - type: array - items: - type: object - properties: - id: - type: string - type: - $ref: '#/components/schemas/saved_object_type' - updatedAt: - type: string - attributes: - type: object - properties: - title: - type: string - description: - type: string - appLink: - type: string - required: - - items - get_categories_response: - title: Get categories response - type: object - properties: - response: - type: array - items: - type: object - deprecated: true - properties: - id: - type: string - title: - type: string - count: - type: number - required: - - id - - title - - count - items: - type: array - items: - type: object - properties: - id: - type: string - title: - type: string - count: - type: number - required: - - id - - title - - count - required: - - items - kibana_saved_object_type: - title: Kibana saved object asset type - type: string - enum: - - dashboard - - visualization - - search - - index-pattern - - map - - lens - - ml-module - - security-rule - - csp_rule_template - elasticsearch_asset_type: - title: Elasticsearch asset type - type: string - enum: - - component_template - - ingest_pipeline - - index_template - - ilm_policy - - transform - - data_stream_ilm_policy - installation_info: - title: Installation info object - type: object - properties: - type: - type: string - created_at: - type: string - updated_at: - type: string - namespaces: - type: array - items: - type: string - installed_kibana: - type: object - properties: - id: - type: string - type: - $ref: '#/components/schemas/kibana_saved_object_type' - installed_es: - type: object - properties: - id: - type: string - deferred: - type: boolean - type: - $ref: '#/components/schemas/elasticsearch_asset_type' - name: - type: string - version: - type: string - install_status: - type: string - enum: - - installed - - installing - - install_failed - install_source: - type: string - enum: - - registry - - upload - - bundled - install_kibana_space_id: - type: string - install_format_schema_version: - type: string - latest_install_failed_attempts: - description: Latest failed install errors - type: array - items: - type: object - properties: - created_at: - type: string - target_version: - type: string - error: - type: object - properties: - name: - type: string - message: - type: string - stack: - type: string - latest_executed_state: - description: Latest successfully executed state in package install state machine - type: object - properties: - name: - type: string - enum: - - create_restart_installation - - install_kibana_assets - - install_ilm_policies - - install_ml_model - - install_index_template_pipelines - - remove_legacy_templates - - update_current_write_indices - - install_transforms - - delete_previous_pipelines - - save_archive_entries_from_assets_map - - update_so - started_at: - type: string - error: - type: string - verification_status: - type: string - enum: - - verified - - unverified - - unknown - verification_key_id: - type: string - nullable: true - experimental_data_stream_features: - type: array - properties: - data_stream: - type: string - features: - type: object - properties: - synthetic_source: - type: boolean - nullable: true - tsdb: - type: boolean - nullable: true - doc_value_only_numeric: - type: boolean - nullable: true - doc_value_only_other: - type: boolean - nullable: true - required: - - installed_kibana - - installed_es - - name - - version - - install_status - - install_version - - install_started_at - - install_source - - verification_status - - latest_install_failed_attempts - search_result: - title: Search result - type: object - properties: - description: - type: string - download: - type: string - icons: - type: string - name: - type: string - path: - type: string - title: - type: string - type: - type: string - version: - type: string - status: - type: string - installationInfo: - $ref: '#/components/schemas/installation_info' - savedObject: - type: object - deprecated: true - required: - - description - - download - - icons - - name - - path - - title - - type - - version - - status - get_packages_response: - title: Get Packages response - type: object - properties: - response: - type: array - deprecated: true - items: - $ref: '#/components/schemas/search_result' - items: - type: array - items: - $ref: '#/components/schemas/search_result' - required: - - items - bulk_install_packages_response: - title: Bulk install packages response - type: object - properties: - response: - type: array - deprecated: true - items: - type: object - properties: - name: - type: string - version: - type: string - items: - type: array - items: - type: object - properties: - name: - type: string - version: - type: string - required: - - items - package_info: - title: Package information - type: object - properties: - name: - type: string - title: - type: string - version: - type: string - release: - type: string - deprecated: true - description: >- - release label is deprecated, derive from the version instead - (packages follow semver) - enum: - - experimental - - beta - - ga - source: - type: object - properties: - license: - type: string - enum: - - Apache-2.0 - - Elastic-2.0 - readme: - type: string - description: - type: string - type: - type: string - categories: - type: array - items: - type: string - conditions: - type: object - properties: - kibana: - type: object - properties: - versions: - type: string - elasticsearch: - type: object - properties: - subscription: - type: string - enum: - - basic - - gold - - platinum - - enterprise - screenshots: - type: array - items: - type: object - properties: - src: - type: string - path: - type: string - title: - type: string - size: - type: string - type: - type: string - required: - - src - - path - icons: - type: array - items: - type: string - assets: - type: array - items: - type: string - internal: - type: boolean - format_version: - type: string - data_streams: - type: array - items: - type: object - properties: - title: - type: string - name: - type: string - release: - type: string - ingeset_pipeline: - type: string - vars: - type: array - items: - type: object - properties: - name: - type: string - default: - type: string - required: - - name - - default - type: - type: string - package: - type: string - required: - - title - - name - - release - - ingeset_pipeline - - type - - package - download: - type: string - path: - type: string - elasticsearch: - type: object - properties: - privileges: - type: object - properties: - cluster: - type: array - items: - type: string - required: - - name - - title - - version - - description - - type - - categories - - conditions - - assets - - format_version - - download - - path - package_usage_stats: - title: Package usage stats - type: object - properties: - agent_policy_count: - type: integer - required: - - agent_policy_count - fleet_status_response: - title: Fleet status response - type: object - properties: - isReady: - type: boolean - missing_requirements: - type: array - items: - type: string - enum: - - tls_required - - api_keys - - fleet_admin_user - - fleet_server - missing_optional_features: - type: array - items: - type: string - enum: - - encrypted_saved_object_encryption_key_required - package_verification_key_id: - type: string - required: - - isReady - - missing_requirements - - missing_optional_features - agent_type: - type: string - title: Agent type - enum: - - PERMANENT - - EPHEMERAL - - TEMPORARY - agent_metadata: - title: Agent metadata - type: object - agent_status: - type: string - title: Elastic Agent status - enum: - - offline - - error - - online - - inactive - - warning - agent_component_status: - title: Agent component status - type: string - enum: - - starting - - configuring - - healthy - - degraded - - failed - - stopping - - stopped - agent_component_unit_type: - title: Agent component unit type - type: string - enum: - - input - - output - agent_component_unit: - title: Agent component unit - type: object - properties: - id: - type: string - type: - $ref: '#/components/schemas/agent_component_unit_type' - status: - $ref: '#/components/schemas/agent_component_status' - message: - type: string - payload: - type: object - agent_component: - title: Agent component - type: object - properties: - id: - type: string - type: - type: string - status: - $ref: '#/components/schemas/agent_component_status' - message: - type: string - units: - type: array - items: - $ref: '#/components/schemas/agent_component_unit' - agent: - title: Agent - type: object - properties: - type: - $ref: '#/components/schemas/agent_type' - active: - type: boolean - enrolled_at: - type: string - unenrolled_at: - type: string - unenrollment_started_at: - type: string - access_api_key_id: - type: string - default_api_key_id: - type: string - policy_id: - type: string - policy_revision: - type: number - last_checkin: - type: string - user_provided_metadata: - $ref: '#/components/schemas/agent_metadata' - local_metadata: - $ref: '#/components/schemas/agent_metadata' - id: - type: string - access_api_key: - type: string - status: - $ref: '#/components/schemas/agent_status' - default_api_key: - type: string - components: - type: array - items: - $ref: '#/components/schemas/agent_component' - metrics: - type: object - properties: - cpu_avg: - type: number - description: >- - Average agent CPU usage during the last 5 minutes, number - between 0-1 - memory_size_byte_avg: - type: number - description: Average agent memory consumption during the last 5 minutes - required: - - type - - active - - enrolled_at - - id - - status - get_agents_response: - title: Get Agent response - type: object - properties: - list: - type: array - items: - $ref: '#/components/schemas/agent' - deprecated: true - items: - type: array - items: - $ref: '#/components/schemas/agent' - total: - type: number - page: - type: number - perPage: - type: number - statusSummary: - type: object - properties: - offline: - type: number - error: - type: number - online: - type: number - inactive: - type: number - enrolling: - type: number - unenrolling: - type: number - unenrolled: - type: number - updating: - type: number - degraded': - type: number - required: - - items - - total - - page - - perPage - agent_get_by_actions: - title: Agents get by action ids - type: array - items: - type: array - items: - type: string - bulk_upgrade_agents: - title: Bulk upgrade agents - type: object - properties: - version: - type: string - description: version to upgrade to - source_uri: - type: string - description: alternative upgrade binary download url - rollout_duration_seconds: - type: number - description: rolling upgrade window duration in seconds - start_time: - type: string - description: start time of upgrade in ISO 8601 format - agents: - oneOf: - - type: string - description: KQL query string, leave empty to action all agents - - type: array - items: - type: string - description: list of agent IDs - force: - type: boolean - description: Force upgrade, skipping validation (should be used with caution) - skipRateLimitCheck: - type: boolean - description: Skip rate limit check for upgrade - required: - - agents - - version - agent_action: - title: Agent action - oneOf: - - properties: - data: - type: string - ack_data: - type: string - type: - type: string - enum: - - UNENROLL - - UPGRADE - - POLICY_REASSIGN - - properties: - type: - type: string - data: - type: object - properties: - log_level: - type: string - nullable: true - enum: - - debug - - info - - warning - - error - upgrade_agent: - title: Upgrade agent - type: object - properties: - version: - type: string - source_uri: - type: string - force: - type: boolean - description: Force upgrade, skipping validation (should be used with caution) - skipRateLimitCheck: - type: boolean - description: Skip rate limit check for upgrade - required: - - version - agent_diagnostics: - title: Agent diagnostics - type: object - properties: - id: - type: string - name: - type: string - createTime: - type: string - filePath: - type: string - actionId: - type: string - status: - enum: - - READY - - AWAITING_UPLOAD - - DELETED - - IN_PROGRESS - required: - - id - - name - - createTime - - filePath - - actionId - - status - get_agent_tags_response: - title: Get Agent Tags response - type: object - properties: - items: - type: array - items: - type: string - new_package_policy: - title: New package policy - type: object - description: '' - properties: - enabled: - type: boolean - package: - type: object - properties: - name: - type: string - version: - type: string - title: - type: string - requires_root: - type: boolean - required: - - name - - version - namespace: - type: string - output_id: - type: string - inputs: - type: array - items: - type: object - properties: - type: - type: string - enabled: - type: boolean - processors: - type: array - items: - type: string - streams: - type: array - items: {} - config: - type: object - vars: - type: object - required: - - type - - enabled - policy_id: - type: string - nullable: true - deprecated: true - policy_ids: - type: array - items: - type: string - name: - type: string - description: - type: string - overrides: - type: object - required: - - inputs - - name - package_policy: - title: Package policy - allOf: - - type: object - properties: - id: - type: string - revision: - type: number - inputs: - oneOf: - - type: array - items: {} - - type: object - required: - - id - - revision - - $ref: '#/components/schemas/new_package_policy' - agent_policy: - title: Agent Policy - type: object - properties: - id: - type: string - name: - type: string - namespace: - type: string - description: - type: string - monitoring_enabled: - type: array - items: - type: string - enum: - - metrics - - logs - keep_monitoring_alive: - description: >- - When set to true, monitoring will be enabled but logs/metrics - collection will be disabled - type: boolean - nullable: true - data_output_id: - type: string - nullable: true - monitoring_output_id: - type: string - nullable: true - fleet_server_host_id: - type: string - nullable: true - download_source_id: - type: string - nullable: true - unenroll_timeout: - type: integer - inactivity_timeout: - type: integer - package_policies: - description: >- - This field is present only when retrieving a single agent policy, or - when retrieving a list of agent policies with the ?full=true - parameter - type: array - items: - $ref: '#/components/schemas/package_policy' - updated_on: - type: string - format: date-time - updated_by: - type: string - revision: - type: number - agents: - type: number - unprivileged_agents: - type: number - agent_features: - type: array - items: - type: object - properties: - name: - type: string - enabled: - type: boolean - required: - - name - - enabled - is_protected: - description: >- - Indicates whether the agent policy has tamper protection enabled. - Default false. - type: boolean - overrides: - type: object - description: >- - Override settings that are defined in the agent policy. Input - settings cannot be overridden. The override option should be used - only in unusual circumstances and not as a routine procedure. - nullable: true - advanced_settings: - type: object - description: >- - Advanced settings stored in the agent policy, e.g. - agent_limits_go_max_procs - nullable: true - supports_agentless: - type: boolean - description: >- - Indicates whether the agent policy supports agentless integrations. - Only allowed in a serverless environment. - global_data_tags: - type: array - items: - type: object - additionalProperties: - oneOf: - - type: string - - type: number - description: >- - User defined data tags that are added to all of the inputs. The - values can be strings or numbers. - monitoring_pprof_enabled: - type: boolean - monitoring_http: - type: object - properties: - enabled: - type: boolean - host: - type: string - port: - type: number - required: - - enabled - monitoring_diagnostics: - type: object - properties: - limit: - type: object - properties: - interval: - type: string - burst: - type: number - uploader: - type: object - properties: - max_retries: - type: number - init_dur: - type: string - max_dur: - type: string - required: - - id - - status - - name - - namespace - agent_policy_create_request: - title: Create agent policy request - type: object - properties: - id: - type: string - name: - type: string - namespace: - type: string - description: - type: string - monitoring_enabled: - type: array - items: - type: string - enum: - - metrics - - logs - data_output_id: - type: string - nullable: true - monitoring_output_id: - type: string - nullable: true - fleet_server_host_id: - type: string - nullable: true - download_source_id: - type: string - nullable: true - unenroll_timeout: - type: integer - inactivity_timeout: - type: integer - agent_features: - type: array - items: - type: object - properties: - name: - type: string - enabled: - type: boolean - required: - - name - - enabled - is_protected: - type: boolean - force: - type: boolean - description: Force agent policy creation even if packages are not verified. - global_data_tags: - type: array - items: - type: object - additionalProperties: - oneOf: - - type: string - - type: number - description: >- - User defined data tags that are added to all of the inputs. The - values can be strings or numbers. - required: - - name - - namespace - agent_policy_update_request: - title: Update agent policy request - type: object - properties: - name: - type: string - namespace: - type: string - description: - type: string - monitoring_enabled: - type: array - items: - type: string - enum: - - metrics - - logs - data_output_id: - type: string - nullable: true - monitoring_output_id: - type: string - nullable: true - fleet_server_host_id: - type: string - nullable: true - download_source_id: - type: string - nullable: true - unenroll_timeout: - type: integer - inactivity_timeout: - type: integer - agent_features: - type: array - items: - type: object - properties: - name: - type: string - enabled: - type: boolean - required: - - name - - enabled - is_protected: - type: boolean - force: - type: boolean - description: Force agent policy creation even if packages are not verified. - global_data_tags: - type: array - items: - type: object - additionalProperties: - oneOf: - - type: string - - type: number - description: >- - User defined data tags that are added to all of the inputs. The - values can be strings or numbers. - required: - - name - - namespace - full_agent_policy_output: - title: Full agent policy - type: object - properties: - hosts: - type: array - items: - type: string - ca_sha256: - type: string - nullable: true - proxy_url: - type: string - proxy_headers: {} - type: {} - additionalProperties: - type: object - properties: - text: {} - required: - - type - - hosts - - ca_sha256 - full_agent_policy_output_permissions: - title: Full agent policy output permissions - additionalProperties: - type: object - properties: - packagePolicyName: - type: string - data: - type: object - properties: - cluster: - type: array - items: - type: string - indices: - type: array - items: - type: object - properties: - names: - type: array - items: - type: string - privileges: - type: array - items: - type: string - full_agent_policy: - title: Full agent policy - type: object - properties: - id: - type: string - outputs: - type: object - additionalProperties: - $ref: '#/components/schemas/full_agent_policy_output' - output_permissions: - type: object - additionalProperties: - type: object - properties: - output: - type: integer - data: - $ref: '#/components/schemas/full_agent_policy_output_permissions' - monitoring: - type: object - properties: - namespace: - type: string - use_output: - type: string - enabled: - type: boolean - metrics: - type: boolean - logs: - type: boolean - traces: - type: boolean - pprof: - type: object - properties: - enabled: - type: boolean - required: - - enabled - http: - type: object - properties: - enabled: - type: boolean - host: - type: string - port: - type: number - required: - - enabled - diagnostics: - type: object - properties: - limit: - type: object - properties: - interval: - type: string - burst: - type: number - uploader: - type: object - properties: - max_retries: - type: number - init_dur: - type: string - max_dur: - type: string - required: - - enabled - - metrics - - logs - - traces - fleet: - oneOf: - - type: object - properties: - hosts: - type: array - items: - type: string - proxy_url: - type: string - proxy_headers: {} - ssl: - type: object - properties: - verification_mode: - type: string - certificate: - type: string - key: - type: string - certificate_authorities: - type: array - items: - type: string - renegotiation: - type: string - - type: object - properties: - kibana: - type: object - properties: - hosts: - type: array - items: - type: string - protocol: - type: string - path: - type: string - inputs: - type: string - revision: - type: number - agent: - type: string - nullable: true - secret_references: - type: array - items: - type: object - properties: - id: - type: string - required: - - id - - outputs - - inputs - agent_policy_full: - title: Agent policy full response - type: object - oneOf: - - type: object - properties: - item: - type: string - - type: object - properties: - item: - $ref: '#/components/schemas/full_agent_policy' - data_stream: - title: Data stream - type: object - properties: - index: - type: string - dataset: - type: string - namespace: - type: string - type: - type: string - package: - type: string - package_version: - type: string - last_activity_ms: - type: number - size_in_bytes: - type: number - size_in_bytes_formatted: - type: string - dashboard: - type: array - items: - type: object - properties: - id: - type: string - title: - type: string - enrollment_api_key: - title: Enrollment API key - type: object - properties: - id: - type: string - api_key_id: - type: string - description: The ID of the API key in the Security API. - api_key: - type: string - description: The enrollment API key (token) used for enrolling Elastic Agents. - name: - type: string - description: The name of the enrollment API key. - active: - type: boolean - description: >- - When false, the enrollment API key is revoked and cannot be used for - enrolling Elastic Agents. - policy_id: - type: string - description: The ID of the agent policy the Elastic Agent will be enrolled in. - created_at: - type: string - required: - - id - - api_key_id - - api_key - - active - - created_at - package_policy_request: - title: Package Policy Request - type: object - properties: - id: - type: string - description: Package policy unique identifier - name: - type: string - description: Package policy name (should be unique) - example: nginx-123 - description: - type: string - description: Package policy description - example: my description - namespace: - type: string - description: >- - The package policy namespace. Leave blank to inherit the agent - policy's namespace. - example: customnamespace - output_id: - type: string - description: Output ID to send package data to - example: output-id - nullable: true - policy_id: - type: string - description: Agent policy ID where that package policy will be added - example: agent-policy-id - deprecated: true - nullable: true - policy_ids: - type: array - items: - type: string - description: Agent policy IDs where that package policy will be added - example: - - agent-policy-id - package: - type: object - properties: - name: - type: string - description: Package name - example: nginx - version: - type: string - description: Package version - example: 1.6.0 - required: - - name - - version - vars: - type: object - description: >- - Package root level variable (see integration documentation for more - information) - inputs: - type: object - description: >- - Package policy inputs (see integration documentation to know what - inputs are available) - example: - nginx-logfile: - enabled: true - streams: - nginx.access: - enabled: true - vars: - paths: - - /var/log/nginx/access.log* - tags: - - nginx-access - preserve_original_event: false - ignore_older: 72h - additionalProperties: - type: object - properties: - enabled: - type: boolean - description: enable or disable that input, (default to true) - vars: - type: object - description: >- - Input level variable (see integration documentation for more - information) - streams: - type: object - description: >- - Input streams (see integration documentation to know what - streams are available) - additionalProperties: - type: object - properties: - enabled: - type: boolean - description: enable or disable that stream, (default to true) - vars: - type: object - description: >- - Stream level variable (see integration documentation for - more information) - overrides: - type: object - properties: - inputs: - type: object - description: >- - Override settings that are defined in the package policy. The - override option should be used only in unusual circumstances and not - as a routine procedure. - nullable: true - force: - type: boolean - description: >- - Force package policy creation even if package is not verified, or if - the agent policy is managed. - required: - - name - - package - upgrade_diff: - title: Package policy Upgrade dryrun - type: array - items: - allOf: - - $ref: '#/components/schemas/package_policy' - - type: object - allOf: - - $ref: '#/components/schemas/new_package_policy' - - type: object - properties: - errors: - type: array - items: - type: object - properties: - key: - type: string - message: - type: string - missingVars: - type: array - items: - type: string - full_agent_policy_input_stream: - title: Full agent policy input stream - allOf: - - type: object - additionalProperties: true - properties: - id: - type: string - data_stream: - type: object - properties: - dataset: - type: string - type: - type: string - required: - - dataset - - type - required: - - id - - data_stream - full_agent_policy_input: - title: Full agent policy input - allOf: - - type: object - additionalProperties: true - properties: - id: - type: string - name: - type: string - revision: - type: number - type: - type: string - data_stream: - type: object - properties: - namespace: - type: string - required: - - namespace - use_output: - type: string - meta: - type: object - additionalProperties: true - properties: - package: - type: object - properties: - name: - type: string - version: - type: string - required: - - name - - version - streams: - $ref: '#/components/schemas/full_agent_policy_input_stream' - required: - - id - - name - - revision - - type - - data_stream - - use_output - upgrade_agent_diff: - title: Package policy Upgrade dryrun - type: array - items: - type: array - items: - $ref: '#/components/schemas/full_agent_policy_input' - output_create_request_elasticsearch: - title: elasticsearch - type: object - properties: - id: - type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: - type: boolean - name: - type: string - type: - type: string - enum: - - elasticsearch - hosts: - type: array - items: - type: string - ca_sha256: - type: string - ca_trusted_fingerprint: - type: string - config: - type: object - preset: - type: string - enum: - - balanced - - custom - - throughput - - scale - - latency - config_yaml: - type: string - ssl: - type: object - properties: - certificate_authorities: - type: array - items: - type: string - certificate: - type: string - key: - type: string - proxy_id: - type: string - shipper: - type: object - properties: - disk_queue_enabled: - type: boolean - disk_queue_path: - type: string - disk_queue_max_size: - type: number - disk_queue_encryption_enabled: - type: boolean - disk_queue_compression_enabled: - type: boolean - compression_level: - type: number - loadbalance: - type: boolean - required: - - name - output_create_request_kafka: - title: kafka - type: object - properties: - id: - type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: - type: boolean - name: - type: string - type: - type: string - enum: - - kafka - hosts: - type: array - items: - type: string - ca_sha256: - type: string - ca_trusted_fingerprint: - type: string - config: - type: object - config_yaml: - type: string - ssl: - type: object - properties: - certificate_authorities: - type: array - items: - type: string - certificate: - type: string - key: - type: string - verification_mode: - type: string - enum: - - none - - full - - certificate - - strict - proxy_id: - type: string - shipper: - type: object - properties: - disk_queue_enabled: - type: boolean - disk_queue_path: - type: string - disk_queue_max_size: - type: number - disk_queue_encryption_enabled: - type: boolean - disk_queue_compression_enabled: - type: boolean - compression_level: - type: number - loadbalance: - type: boolean - version: - type: string - key: - type: string - compression: - type: string - compression_level: - type: number - client_id: - type: string - auth_type: - type: string - connection_type: - type: string - enum: - - plaintext - - encryption - username: - type: string - password: - type: string - sasl: - type: object - properties: - mechanism: - type: string - partition: - type: string - random: - type: object - properties: - group_events: - type: number - round_robin: - type: object - properties: - group_events: - type: number - topic: - type: string - topics: - deprecated: true - description: Use topic instead. - type: array - items: - type: object - properties: - topic: - type: string - when: - deprecated: true - description: >- - Deprecated, kafka output do not support conditionnal topics - anymore. - type: object - properties: - type: - type: string - condition: - type: string - headers: - type: array - items: - type: object - properties: - key: - type: string - value: - type: string - timeout: - type: number - broker_timeout: - type: number - required_acks: - type: number - secrets: - type: object - properties: - password: - type: string - ssl: - type: object - properties: - key: - type: string - required: - - name - - type - - topics - - auth_type - - hosts - output_create_request_logstash: - title: logstash - type: object - properties: - id: - type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: - type: boolean - name: - type: string - type: - type: string - enum: - - logstash - hosts: - type: array - items: - type: string - ca_sha256: - type: string - ca_trusted_fingerprint: - type: string - config: - type: object - config_yaml: - type: string - ssl: - type: object - properties: - certificate_authorities: - type: array - items: - type: string - certificate: - type: string - key: - type: string - proxy_id: - type: string - shipper: - type: object - properties: - disk_queue_enabled: - type: boolean - disk_queue_path: - type: string - disk_queue_max_size: - type: number - disk_queue_encryption_enabled: - type: boolean - disk_queue_compression_enabled: - type: boolean - compression_level: - type: number - loadbalance: - type: boolean - secrets: - type: object - properties: - ssl: - type: object - properties: - key: - type: string - required: - - name - - hosts - - type - output_create_request_remote_elasticsearch: - title: remote_elasticsearch - type: object - properties: - id: - type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: - type: boolean - name: - type: string - type: - type: string - enum: - - remote_elasticsearch - hosts: - type: array - items: - type: string - service_token: - type: string - secrets: - type: object - properties: - service_token: - type: string - required: - - name - output_create_request: - title: Output - oneOf: - - $ref: '#/components/schemas/output_create_request_elasticsearch' - - $ref: '#/components/schemas/output_create_request_kafka' - - $ref: '#/components/schemas/output_create_request_logstash' - - $ref: '#/components/schemas/output_create_request_remote_elasticsearch' - discriminator: - propertyName: type - mapping: - elasticsearch: '#/components/schemas/output_create_request_elasticsearch' - kafka: '#/components/schemas/output_create_request_kafka' - logstash: '#/components/schemas/output_create_request_logstash' - remote_elasticsearch: '#/components/schemas/output_create_request_remote_elasticsearch' - output_update_request_elasticsearch: - title: elasticsearch - type: object - properties: - id: - type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: - type: boolean - name: - type: string - type: - type: string - enum: - - elasticsearch - hosts: - type: array - items: - type: string - ca_sha256: - type: string - ca_trusted_fingerprint: - type: string - config: - type: object - preset: - type: string - enum: - - balanced - - custom - - throughput - - scale - - latency - config_yaml: - type: string - ssl: - type: object - properties: - certificate_authorities: - type: array - items: - type: string - certificate: - type: string - key: - type: string - proxy_id: - type: string - shipper: - type: object - properties: - disk_queue_enabled: - type: boolean - disk_queue_path: - type: string - disk_queue_max_size: - type: number - disk_queue_encryption_enabled: - type: boolean - disk_queue_compression_enabled: - type: boolean - compression_level: - type: number - loadbalance: - type: boolean - required: - - name - - hosts - - type - output_update_request_kafka: - title: kafka - type: object - properties: - id: - type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: - type: boolean - name: - type: string - type: - type: string - enum: - - kafka - hosts: - type: array - items: - type: string - ca_sha256: - type: string - ca_trusted_fingerprint: - type: string - config: - type: object - config_yaml: - type: string - ssl: - type: object - properties: - certificate_authorities: - type: array - items: - type: string - certificate: - type: string - key: - type: string - verification_mode: - type: string - enum: - - none - - full - - certificate - - strict - proxy_id: - type: string - shipper: - type: object - properties: - disk_queue_enabled: - type: boolean - disk_queue_path: - type: string - disk_queue_max_size: - type: number - disk_queue_encryption_enabled: - type: boolean - disk_queue_compression_enabled: - type: boolean - compression_level: - type: number - loadbalance: - type: boolean - version: - type: string - key: - type: string - compression: - type: string - compression_level: - type: number - client_id: - type: string - auth_type: - type: string - connection_type: - type: string - enum: - - plaintext - - encryption - username: - type: string - password: - type: string - sasl: - type: object - properties: - mechanism: - type: string - partition: - type: string - random: - type: object - properties: - group_events: - type: number - round_robin: - type: object - properties: - group_events: - type: number - topic: - type: string - topics: - deprecated: true - description: Use topic instead. - type: array - items: - type: object - properties: - topic: - type: string - when: - deprecated: true - description: >- - Deprecated, kafka output do not support conditionnal topics - anymore. - type: object - properties: - type: - type: string - condition: - type: string - headers: - type: array - items: - type: object - properties: - key: - type: string - value: - type: string - timeout: - type: number - broker_timeout: - type: number - required_acks: - type: number - required: - - name - output_update_request_logstash: - title: logstash - type: object - properties: - id: - type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: - type: boolean - name: - type: string - type: - type: string - enum: - - logstash - hosts: - type: array - items: - type: string - ca_sha256: - type: string - ca_trusted_fingerprint: - type: string - config: - type: object - config_yaml: - type: string - ssl: - type: object - properties: - certificate_authorities: - type: array - items: - type: string - certificate: - type: string - key: - type: string - proxy_id: - type: string - shipper: - type: object - properties: - disk_queue_enabled: - type: boolean - disk_queue_path: - type: string - disk_queue_max_size: - type: number - disk_queue_encryption_enabled: - type: boolean - disk_queue_compression_enabled: - type: boolean - compression_level: - type: number - loadbalance: - type: boolean - required: - - name - output_update_request: - title: Output - oneOf: - - $ref: '#/components/schemas/output_update_request_elasticsearch' - - $ref: '#/components/schemas/output_update_request_kafka' - - $ref: '#/components/schemas/output_update_request_logstash' - discriminator: - propertyName: type - mapping: - elasticsearch: '#/components/schemas/output_update_request_elasticsearch' - kafka: '#/components/schemas/output_update_request_kafka' - logstash: '#/components/schemas/output_update_request_logstash' - download_sources: - title: Download Source - type: object - properties: - id: - type: string - is_default: - type: boolean - name: - type: string - host: - type: string - proxy_id: - description: >- - The ID of the proxy to use for this download source. See the proxies - API for more information. - type: string - nullable: true - required: - - is_default - - name - - host - fleet_server_host: - title: Fleet Server Host - type: object - properties: - id: - type: string - name: - type: string - is_default: - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - proxy_id: - type: string - host_urls: - type: array - items: - type: string - required: - - fleet_server_hosts - - id - - is_default - - is_preconfigured - - host_urls - proxies: - title: Fleet Proxy - type: object - properties: - id: - type: string - name: - type: string - url: - type: string - proxy_headers: - type: object - certificate_authorities: - type: string - certificate: - type: string - certificate_key: - type: string - required: - - name - - url -security: - - basicAuth: [] diff --git a/x-pack/plugins/fleet/common/openapi/components/README.md b/x-pack/plugins/fleet/common/openapi/components/README.md deleted file mode 100644 index 1579c2d2b6eb5..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/README.md +++ /dev/null @@ -1,13 +0,0 @@ -Reusable components -=========== - -* Created the following folders for the various OpenAPI component types: - - `schemas` - reusable [Schema Objects](https://github.com/OAI/OpenAPI-Specification/blob/master/versions/3.0.2.md#schemaObject) - - `responses` - reusable [Response Objects](https://github.com/OAI/OpenAPI-Specification/blob/master/versions/3.0.2.md#responseObject) - - `parameters` - reusable [Parameter Objects](https://github.com/OAI/OpenAPI-Specification/blob/master/versions/3.0.2.md#parameterObject) - - `examples` - reusable [Example Objects](https://github.com/OAI/OpenAPI-Specification/blob/master/versions/3.0.2.md#exampleObject) - - `headers` - reusable [Header Objects](https://github.com/OAI/OpenAPI-Specification/blob/master/versions/3.0.2.md#headerObject) - - `request_bodies` - reusable [Request Body Objects](https://github.com/OAI/OpenAPI-Specification/blob/master/versions/3.0.2.md#requestBodyObject) - - `links` - reusable [Link Objects](https://github.com/OAI/OpenAPI-Specification/blob/master/versions/3.0.2.md#linkObject) - - `callbacks` - reusable [Callback Objects](https://github.com/OAI/OpenAPI-Specification/blob/master/versions/3.0.2.md#callbackObject) - - `security_schemes` - reusable [Security Scheme Objects](https://github.com/OAI/OpenAPI-Specification/blob/master/versions/3.0.2.md#securitySchemeObject) diff --git a/x-pack/plugins/fleet/common/openapi/components/headers/kbn_xsrf.yaml b/x-pack/plugins/fleet/common/openapi/components/headers/kbn_xsrf.yaml deleted file mode 100644 index 60cfcf67567aa..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/headers/kbn_xsrf.yaml +++ /dev/null @@ -1,6 +0,0 @@ -schema: - type: string -in: header -name: kbn-xsrf -required: true -description: Kibana's anti Cross-Site Request Forgery token. Can be any string value. diff --git a/x-pack/plugins/fleet/common/openapi/components/parameters/format.yaml b/x-pack/plugins/fleet/common/openapi/components/parameters/format.yaml deleted file mode 100644 index 1a48987cc97d2..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/parameters/format.yaml +++ /dev/null @@ -1,8 +0,0 @@ -name: format -in: query -description: Simplified or legacy format for package inputs -required: false -schema: - type: string - enum: ['simplified', 'legacy'] - \ No newline at end of file diff --git a/x-pack/plugins/fleet/common/openapi/components/parameters/kuery.yaml b/x-pack/plugins/fleet/common/openapi/components/parameters/kuery.yaml deleted file mode 100644 index b96ffd54d37ce..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/parameters/kuery.yaml +++ /dev/null @@ -1,5 +0,0 @@ -name: kuery -in: query -required: false -schema: - type: string diff --git a/x-pack/plugins/fleet/common/openapi/components/parameters/page_index.yaml b/x-pack/plugins/fleet/common/openapi/components/parameters/page_index.yaml deleted file mode 100644 index 908c19583045b..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/parameters/page_index.yaml +++ /dev/null @@ -1,6 +0,0 @@ -name: page -in: query -required: false -schema: - type: integer - default: 1 diff --git a/x-pack/plugins/fleet/common/openapi/components/parameters/page_size.yaml b/x-pack/plugins/fleet/common/openapi/components/parameters/page_size.yaml deleted file mode 100644 index f304281e072c9..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/parameters/page_size.yaml +++ /dev/null @@ -1,7 +0,0 @@ -name: perPage -in: query -description: The number of items to return -required: false -schema: - type: integer - default: 20 diff --git a/x-pack/plugins/fleet/common/openapi/components/parameters/show_inactive.yaml b/x-pack/plugins/fleet/common/openapi/components/parameters/show_inactive.yaml deleted file mode 100644 index 7720f1f7f7c91..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/parameters/show_inactive.yaml +++ /dev/null @@ -1,5 +0,0 @@ -name: showInactive -in: query -required: false -schema: - type: boolean diff --git a/x-pack/plugins/fleet/common/openapi/components/parameters/show_upgradeable.yaml b/x-pack/plugins/fleet/common/openapi/components/parameters/show_upgradeable.yaml deleted file mode 100644 index d92b4689ee764..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/parameters/show_upgradeable.yaml +++ /dev/null @@ -1,5 +0,0 @@ -name: showUpgradeable -in: query -required: false -schema: - type: boolean diff --git a/x-pack/plugins/fleet/common/openapi/components/parameters/sort_field.yaml b/x-pack/plugins/fleet/common/openapi/components/parameters/sort_field.yaml deleted file mode 100644 index e167920f710b1..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/parameters/sort_field.yaml +++ /dev/null @@ -1,6 +0,0 @@ -name: sortField -in: query -required: false -schema: - type: string - deprecated: true diff --git a/x-pack/plugins/fleet/common/openapi/components/parameters/sort_order.yaml b/x-pack/plugins/fleet/common/openapi/components/parameters/sort_order.yaml deleted file mode 100644 index e68a67d3c41ae..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/parameters/sort_order.yaml +++ /dev/null @@ -1,6 +0,0 @@ -name: sortOrder -in: query -required: false -schema: - type: string - enum: [asc, desc] diff --git a/x-pack/plugins/fleet/common/openapi/components/parameters/with_metrics.yaml b/x-pack/plugins/fleet/common/openapi/components/parameters/with_metrics.yaml deleted file mode 100644 index 2c0723c45b398..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/parameters/with_metrics.yaml +++ /dev/null @@ -1,6 +0,0 @@ -name: withMetrics -in: query -description: Return agent metrics, false by default -required: false -schema: - type: boolean diff --git a/x-pack/plugins/fleet/common/openapi/components/responses/error.yaml b/x-pack/plugins/fleet/common/openapi/components/responses/error.yaml deleted file mode 100644 index 0f0c54f1c3d38..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/responses/error.yaml +++ /dev/null @@ -1,12 +0,0 @@ -description: Generic Error -content: - application/json: - schema: - type: object - properties: - statusCode: - type: number - error: - type: string - message: - type: string diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/agent.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/agent.yaml deleted file mode 100644 index 515919319fdbe..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/agent.yaml +++ /dev/null @@ -1,55 +0,0 @@ -title: Agent -type: object -properties: - type: - $ref: ./agent_type.yaml - active: - type: boolean - enrolled_at: - type: string - unenrolled_at: - type: string - unenrollment_started_at: - type: string - access_api_key_id: - type: string - default_api_key_id: - type: string - policy_id: - type: string - policy_revision: - type: number - last_checkin: - type: string - user_provided_metadata: - $ref: ./agent_metadata.yaml - local_metadata: - $ref: ./agent_metadata.yaml - id: - type: string - access_api_key: - type: string - status: - $ref: ./agent_status.yaml - default_api_key: - type: string - components: - type: array - items: - $ref: ./agent_component.yaml - metrics: - type: object - properties: - cpu_avg: - type: number - description: Average agent CPU usage during the last 5 minutes, number between 0-1 - memory_size_byte_avg: - type: number - description: Average agent memory consumption during the last 5 minutes - -required: - - type - - active - - enrolled_at - - id - - status diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/agent_action.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/agent_action.yaml deleted file mode 100644 index ae8734939c373..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/agent_action.yaml +++ /dev/null @@ -1,27 +0,0 @@ -title: Agent action -oneOf: - - properties: - data: - type: string - ack_data: - type: string - type: - type: string - enum: - - UNENROLL - - UPGRADE - - POLICY_REASSIGN - - properties: - type: - type: string - data: - type: object - properties: - log_level: - type: string - nullable: true - enum: - - debug - - info - - warning - - error diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/agent_component.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/agent_component.yaml deleted file mode 100644 index 13b24f35b0544..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/agent_component.yaml +++ /dev/null @@ -1,15 +0,0 @@ -title: Agent component -type: object -properties: - id: - type: string - type: - type: string - status: - $ref: ./agent_component_status.yaml - message: - type: string - units: - type: array - items: - $ref: ./agent_component_unit.yaml diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/agent_component_status.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/agent_component_status.yaml deleted file mode 100644 index 9c7a1facf2f79..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/agent_component_status.yaml +++ /dev/null @@ -1,10 +0,0 @@ -title: Agent component status -type: string -enum: - - starting - - configuring - - healthy - - degraded - - failed - - stopping - - stopped diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/agent_component_unit.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/agent_component_unit.yaml deleted file mode 100644 index 8224a0696d483..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/agent_component_unit.yaml +++ /dev/null @@ -1,13 +0,0 @@ -title: Agent component unit -type: object -properties: - id: - type: string - type: - $ref: ./agent_component_unit_type.yaml - status: - $ref: ./agent_component_status.yaml - message: - type: string - payload: - type: object diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/agent_component_unit_type.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/agent_component_unit_type.yaml deleted file mode 100644 index edeaa4240cfff..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/agent_component_unit_type.yaml +++ /dev/null @@ -1,5 +0,0 @@ -title: Agent component unit type -type: string -enum: - - input - - output diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/agent_diagnostics.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/agent_diagnostics.yaml deleted file mode 100644 index c0d18f01794aa..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/agent_diagnostics.yaml +++ /dev/null @@ -1,27 +0,0 @@ - -title: Agent diagnostics -type: object -properties: - id: - type: string - name: - type: string - createTime: - type: string - filePath: - type: string - actionId: - type: string - status: - enum: - - READY - - AWAITING_UPLOAD - - DELETED - - IN_PROGRESS -required: - - id - - name - - createTime - - filePath - - actionId - - status diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/agent_get_by_actions.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/agent_get_by_actions.yaml deleted file mode 100644 index eb9e3dd24418f..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/agent_get_by_actions.yaml +++ /dev/null @@ -1,6 +0,0 @@ -title: Agents get by action ids -type: array -items: - type: array - items: - type: string \ No newline at end of file diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/agent_metadata.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/agent_metadata.yaml deleted file mode 100644 index 5ec2d745dd14c..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/agent_metadata.yaml +++ /dev/null @@ -1,2 +0,0 @@ -title: Agent metadata -type: object diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/agent_policy.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/agent_policy.yaml deleted file mode 100644 index 59f30f863c243..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/agent_policy.yaml +++ /dev/null @@ -1,126 +0,0 @@ -title: Agent Policy -type: object -properties: - id: - type: string - name: - type: string - namespace: - type: string - description: - type: string - monitoring_enabled: - type: array - items: - type: string - enum: - - metrics - - logs - keep_monitoring_alive: - description: When set to true, monitoring will be enabled but logs/metrics collection will be disabled - type: boolean - nullable: true - data_output_id: - type: string - nullable: true - monitoring_output_id: - type: string - nullable: true - fleet_server_host_id: - type: string - nullable: true - download_source_id: - type: string - nullable: true - unenroll_timeout: - type: integer - inactivity_timeout: - type: integer - package_policies: - description: This field is present only when retrieving a single agent policy, or when retrieving a list of agent policies with the ?full=true parameter - type: array - items: - $ref: ./package_policy.yaml - updated_on: - type: string - format: date-time - updated_by: - type: string - revision: - type: number - agents: - type: number - unprivileged_agents: - type: number - agent_features: - type: array - items: - type: object - properties: - name: - type: string - enabled: - type: boolean - required: - - name - - enabled - is_protected: - description: Indicates whether the agent policy has tamper protection enabled. Default false. - type: boolean - overrides: - type: object - description: Override settings that are defined in the agent policy. Input settings cannot be overridden. The override option should be used only in unusual circumstances and not as a routine procedure. - nullable: true - advanced_settings: - type: object - description: Advanced settings stored in the agent policy, e.g. agent_limits_go_max_procs - nullable: true - supports_agentless: - type: boolean - description: Indicates whether the agent policy supports agentless integrations. Only allowed in a serverless environment. - global_data_tags: - type: array - items: - type: object - additionalProperties: - oneOf: - - type: string - - type: number - description: User defined data tags that are added to all of the inputs. The values can be strings or numbers. - monitoring_pprof_enabled: - type: boolean - monitoring_http: - type: object - properties: - enabled: - type: boolean - host: - type: string - port: - type: number - required: - - enabled - monitoring_diagnostics: - type: object - properties: - limit: - type: object - properties: - interval: - type: string - burst: - type: number - uploader: - type: object - properties: - max_retries: - type: number - init_dur: - type: string - max_dur: - type: string -required: - - id - - status - - name - - namespace diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/agent_policy_create_request.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/agent_policy_create_request.yaml deleted file mode 100644 index 1d39b911b3007..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/agent_policy_create_request.yaml +++ /dev/null @@ -1,63 +0,0 @@ -title: Create agent policy request -type: object -properties: - id: - type: string - name: - type: string - namespace: - type: string - description: - type: string - monitoring_enabled: - type: array - items: - type: string - enum: - - metrics - - logs - data_output_id: - type: string - nullable: true - monitoring_output_id: - type: string - nullable: true - fleet_server_host_id: - type: string - nullable: true - download_source_id: - type: string - nullable: true - unenroll_timeout: - type: integer - inactivity_timeout: - type: integer - agent_features: - type: array - items: - type: object - properties: - name: - type: string - enabled: - type: boolean - required: - - name - - enabled - is_protected: - type: boolean - force: - type: boolean - description: Force agent policy creation even if packages are not verified. - global_data_tags: - type: array - items: - type: object - additionalProperties: - oneOf: - - type: string - - type: number - description: User defined data tags that are added to all of the inputs. The values can be strings or numbers. -required: - - name - - namespace diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/agent_policy_full.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/agent_policy_full.yaml deleted file mode 100644 index 9d0b0cf37f575..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/agent_policy_full.yaml +++ /dev/null @@ -1,11 +0,0 @@ -title: Agent policy full response -type: object -oneOf: - - type: object - properties: - item: - type: string - - type: object - properties: - item: - $ref: ./full_agent_policy.yaml diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/agent_policy_update_request.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/agent_policy_update_request.yaml deleted file mode 100644 index 1d1dbd45037ae..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/agent_policy_update_request.yaml +++ /dev/null @@ -1,61 +0,0 @@ -title: Update agent policy request -type: object -properties: - name: - type: string - namespace: - type: string - description: - type: string - monitoring_enabled: - type: array - items: - type: string - enum: - - metrics - - logs - data_output_id: - type: string - nullable: true - monitoring_output_id: - type: string - nullable: true - fleet_server_host_id: - type: string - nullable: true - download_source_id: - type: string - nullable: true - unenroll_timeout: - type: integer - inactivity_timeout: - type: integer - agent_features: - type: array - items: - type: object - properties: - name: - type: string - enabled: - type: boolean - required: - - name - - enabled - is_protected: - type: boolean - force: - type: boolean - description: Force agent policy creation even if packages are not verified. - global_data_tags: - type: array - items: - type: object - additionalProperties: - oneOf: - - type: string - - type: number - description: User defined data tags that are added to all of the inputs. The values can be strings or numbers. -required: - - name - - namespace diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/agent_status.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/agent_status.yaml deleted file mode 100644 index 14eacb2162b04..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/agent_status.yaml +++ /dev/null @@ -1,8 +0,0 @@ -type: string -title: Elastic Agent status -enum: - - offline - - error - - online - - inactive - - warning diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/agent_type.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/agent_type.yaml deleted file mode 100644 index 421babbb1d5e4..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/agent_type.yaml +++ /dev/null @@ -1,6 +0,0 @@ -type: string -title: Agent type -enum: - - PERMANENT - - EPHEMERAL - - TEMPORARY diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/bulk_install_packages_response.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/bulk_install_packages_response.yaml deleted file mode 100644 index 434230e369a2c..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/bulk_install_packages_response.yaml +++ /dev/null @@ -1,24 +0,0 @@ -title: Bulk install packages response -type: object -properties: - response: - type: array - deprecated: true - items: - type: object - properties: - name: - type: string - version: - type: string - items: - type: array - items: - type: object - properties: - name: - type: string - version: - type: string -required: - - items diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/bulk_upgrade_agents.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/bulk_upgrade_agents.yaml deleted file mode 100644 index a212ccb7f2571..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/bulk_upgrade_agents.yaml +++ /dev/null @@ -1,32 +0,0 @@ -title: Bulk upgrade agents -type: object -properties: - version: - type: string - description: version to upgrade to - source_uri: - type: string - description: alternative upgrade binary download url - rollout_duration_seconds: - type: number - description: rolling upgrade window duration in seconds - start_time: - type: string - description: start time of upgrade in ISO 8601 format - agents: - oneOf: - - type: string - description: KQL query string, leave empty to action all agents - - type: array - items: - type: string - description: list of agent IDs - force: - type: boolean - description: Force upgrade, skipping validation (should be used with caution) - skipRateLimitCheck: - type: boolean - description: Skip rate limit check for upgrade -required: - - agents - - version diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/data_stream.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/data_stream.yaml deleted file mode 100644 index 8cee31f95f845..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/data_stream.yaml +++ /dev/null @@ -1,30 +0,0 @@ -title: Data stream -type: object -properties: - index: - type: string - dataset: - type: string - namespace: - type: string - type: - type: string - package: - type: string - package_version: - type: string - last_activity_ms: - type: number - size_in_bytes: - type: number - size_in_bytes_formatted: - type: string - dashboard: - type: array - items: - type: object - properties: - id: - type: string - title: - type: string diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/download_sources.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/download_sources.yaml deleted file mode 100644 index 76a87283aab55..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/download_sources.yaml +++ /dev/null @@ -1,19 +0,0 @@ -title: Download Source -type: object -properties: - id: - type: string - is_default: - type: boolean - name: - type: string - host: - type: string - proxy_id: - description: The ID of the proxy to use for this download source. See the proxies API for more information. - type: string - nullable: true -required: - - is_default - - name - - host diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/elasticsearch_asset_type.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/elasticsearch_asset_type.yaml deleted file mode 100644 index 19b3328d78346..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/elasticsearch_asset_type.yaml +++ /dev/null @@ -1,9 +0,0 @@ -title: Elasticsearch asset type -type: string -enum: - - component_template - - ingest_pipeline - - index_template - - ilm_policy - - transform - - data_stream_ilm_policy diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/enrollment_api_key.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/enrollment_api_key.yaml deleted file mode 100644 index e1ce2243dc29f..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/enrollment_api_key.yaml +++ /dev/null @@ -1,28 +0,0 @@ -title: Enrollment API key -type: object -properties: - id: - type: string - api_key_id: - type: string - description: The ID of the API key in the Security API. - api_key: - type: string - description: The enrollment API key (token) used for enrolling Elastic Agents. - name: - type: string - description: The name of the enrollment API key. - active: - type: boolean - description: When false, the enrollment API key is revoked and cannot be used for enrolling Elastic Agents. - policy_id: - type: string - description: The ID of the agent policy the Elastic Agent will be enrolled in. - created_at: - type: string -required: - - id - - api_key_id - - api_key - - active - - created_at diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/fleet_server_host.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/fleet_server_host.yaml deleted file mode 100644 index 4bc977ec47706..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/fleet_server_host.yaml +++ /dev/null @@ -1,25 +0,0 @@ -title: Fleet Server Host -type: object -properties: - id: - type: string - name: - type: string - is_default: - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - proxy_id: - type: string - host_urls: - type: array - items: - type: string -required: - - fleet_server_hosts - - id - - is_default - - is_preconfigured - - host_urls diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/fleet_settings_enrollment_response.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/fleet_settings_enrollment_response.yaml deleted file mode 100644 index 8de00dae5c9ea..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/fleet_settings_enrollment_response.yaml +++ /dev/null @@ -1,54 +0,0 @@ -title: Fleet settings response -type: object -properties: - fleet_server: - type: object - properties: - policies: - type: array - items: - type: object - properties: - id: - type: string - name: - type: string - is_managed: - type: boolean - is_default_fleet_server: - type: boolean - has_fleet_server: - type: boolean - fleet_server_host_id: - type: string - download_source_id: - type: string - space_ids: - type: array - items: - type: string - data_output_id: - type: string - required: - - id - - name - - is_managed - has_active: - type: boolean - host: - $ref: ./fleet_server_host.yaml - host_proxy: - $ref: ./proxies.yaml - es_output: - $ref: ./output_create_request_elasticsearch.yaml - es_output_proxy: - $ref: ./proxies.yaml - required: - - agent_policies - - has_active - download_source: - $ref: ./download_sources.yaml - download_source_proxy: - $ref: ./proxies.yaml -required: - - fleet_server diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/fleet_settings_response.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/fleet_settings_response.yaml deleted file mode 100644 index bb25cb54e599f..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/fleet_settings_response.yaml +++ /dev/null @@ -1,7 +0,0 @@ -title: Fleet settings response -type: object -properties: - item: - $ref: ./settings.yaml -required: - - item diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/fleet_setup_response.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/fleet_setup_response.yaml deleted file mode 100644 index 3022c394b1433..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/fleet_setup_response.yaml +++ /dev/null @@ -1,20 +0,0 @@ -title: Fleet Setup response -type: object -properties: - isInitialized: - type: boolean - nonFatalErrors: - type: array - items: - type: object - properties: - name: - type: string - message: - type: string - required: - - name - - message -required: - - isInitialized - - nonFatalErrors diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/fleet_status_response.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/fleet_status_response.yaml deleted file mode 100644 index 8bb00fdce58d3..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/fleet_status_response.yaml +++ /dev/null @@ -1,26 +0,0 @@ -title: Fleet status response -type: object -properties: - isReady: - type: boolean - missing_requirements: - type: array - items: - type: string - enum: - - 'tls_required' - - 'api_keys' - - 'fleet_admin_user' - - 'fleet_server' - missing_optional_features: - type: array - items: - type: string - enum: - - 'encrypted_saved_object_encryption_key_required' - package_verification_key_id: - type: string -required: - - isReady - - missing_requirements - - missing_optional_features diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/full_agent_policy.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/full_agent_policy.yaml deleted file mode 100644 index c901a60f59e43..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/full_agent_policy.yaml +++ /dev/null @@ -1,132 +0,0 @@ -title: Full agent policy -type: object -properties: - id: - type: string - outputs: - type: object - additionalProperties: - $ref: ./full_agent_policy_output.yaml - output_permissions: - type: object - additionalProperties: - type: object - properties: - output: - type: integer - data: - $ref: ./full_agent_policy_output_permissions.yaml - monitoring: - type: object - properties: - namespace: - type: string - use_output: - type: string - enabled: - type: boolean - metrics: - type: boolean - logs: - type: boolean - traces: - type: boolean - pprof: - type: object - properties: - enabled: - type: boolean - required: - - enabled - http: - type: object - properties: - enabled: - type: boolean - host: - type: string - port: - type: number - required: - - enabled - diagnostics: - type: object - properties: - limit: - type: object - properties: - interval: - type: string - burst: - type: number - uploader: - type: object - properties: - max_retries: - type: number - init_dur: - type: string - max_dur: - type: string - required: - - enabled - - metrics - - logs - - traces - fleet: - oneOf: - - type: object - properties: - hosts: - type: array - items: - type: string - proxy_url: - type: string - proxy_headers: {} - ssl: - type: object - properties: - verification_mode: - type: string - certificate: - type: string - key: - type: string - certificate_authorities: - type: array - items: - type: string - renegotiation: - type: string - - type: object - properties: - kibana: - type: object - properties: - hosts: - type: array - items: - type: string - protocol: - type: string - path: - type: string - inputs: - type: string - revision: - type: number - agent: - type: string - nullable: true - secret_references: - type: array - items: - type: object - properties: - id: - type: string -required: - - id - - outputs - - inputs diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/full_agent_policy_input.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/full_agent_policy_input.yaml deleted file mode 100644 index 6fc95923bef22..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/full_agent_policy_input.yaml +++ /dev/null @@ -1,45 +0,0 @@ -title: Full agent policy input -allOf: - - type: object - additionalProperties: true - properties: - id: - type: string - name: - type: string - revision: - type: number - type: - type: string - data_stream: - type: object - properties: - namespace: - type: string - required: - - namespace - use_output: - type: string - meta: - type: object - additionalProperties: true - properties: - package: - type: object - properties: - name: - type: string - version: - type: string - required: - - name - - version - streams: - $ref: ./full_agent_policy_input_stream.yaml - required: - - id - - name - - revision - - type - - data_stream - - use_output diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/full_agent_policy_input_stream.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/full_agent_policy_input_stream.yaml deleted file mode 100644 index f0d51bbe03cac..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/full_agent_policy_input_stream.yaml +++ /dev/null @@ -1,20 +0,0 @@ -title: Full agent policy input stream -allOf: - - type: object - additionalProperties: true - properties: - id: - type: string - data_stream: - type: object - properties: - dataset: - type: string - type: - type: string - required: - - dataset - - type - required: - - id - - data_stream diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/full_agent_policy_output.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/full_agent_policy_output.yaml deleted file mode 100644 index 2399ec4f8bc1c..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/full_agent_policy_output.yaml +++ /dev/null @@ -1,22 +0,0 @@ -title: Full agent policy -type: object -properties: - hosts: - type: array - items: - type: string - ca_sha256: - type: string - nullable: true - proxy_url: - type: string - proxy_headers: {} - type: {} - additionalProperties: - type: object - properties: - text: {} -required: - - type - - hosts - - ca_sha256 diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/full_agent_policy_output_permissions.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/full_agent_policy_output_permissions.yaml deleted file mode 100644 index e3089eba6984f..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/full_agent_policy_output_permissions.yaml +++ /dev/null @@ -1,28 +0,0 @@ -title: Full agent policy output permissions -additionalProperties: - type: object - properties: - packagePolicyName: - type: string - data: - type: object - properties: - cluster: - type: array - items: - type: string - indices: - type: array - items: - type: object - properties: - names: - type: array - items: - type: string - privileges: - type: array - items: - type: string - - diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/get_agent_tags_response.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/get_agent_tags_response.yaml deleted file mode 100644 index 38a3c3e63c0f2..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/get_agent_tags_response.yaml +++ /dev/null @@ -1,7 +0,0 @@ -title: Get Agent Tags response -type: object -properties: - items: - type: array - items: - type: string diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/get_agents_response.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/get_agents_response.yaml deleted file mode 100644 index 71416b6d4fe7a..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/get_agents_response.yaml +++ /dev/null @@ -1,44 +0,0 @@ -title: Get Agent response -type: object -properties: - list: - type: array - items: - $ref: ./agent.yaml - deprecated: true - items: - type: array - items: - $ref: ./agent.yaml - total: - type: number - page: - type: number - perPage: - type: number - statusSummary: - type: object - properties: - offline: - type: number - error: - type: number - online : - type: number - inactive : - type: number - enrolling: - type: number - unenrolling: - type: number - unenrolled : - type: number - updating : - type: number - degraded': - type: number -required: - - items - - total - - page - - perPage diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/get_bulk_assets_response.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/get_bulk_assets_response.yaml deleted file mode 100644 index 6ec41325cf6e7..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/get_bulk_assets_response.yaml +++ /dev/null @@ -1,26 +0,0 @@ -title: Bulk get assets response -type: object -deprecated: true -properties: - items: - type: array - items: - type: object - properties: - id: - type: string - type: - $ref: ./saved_object_type.yaml - updatedAt: - type: string - attributes: - type: object - properties: - title: - type: string - description: - type: string - appLink: - type: string -required: - - items diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/get_categories_response.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/get_categories_response.yaml deleted file mode 100644 index dab381898fd9d..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/get_categories_response.yaml +++ /dev/null @@ -1,36 +0,0 @@ -title: Get categories response -type: object -properties: - response: - type: array - items: - type: object - deprecated: true - properties: - id: - type: string - title: - type: string - count: - type: number - required: - - id - - title - - count - items: - type: array - items: - type: object - properties: - id: - type: string - title: - type: string - count: - type: number - required: - - id - - title - - count -required: - - items diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/get_packages_response.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/get_packages_response.yaml deleted file mode 100644 index 01f2c0881c9e3..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/get_packages_response.yaml +++ /dev/null @@ -1,14 +0,0 @@ -title: Get Packages response -type: object -properties: - response: - type: array - deprecated: true - items: - $ref: ./search_result.yaml - items: - type: array - items: - $ref: ./search_result.yaml -required: - - items diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/install_result.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/install_result.yaml deleted file mode 100644 index 30ae981919294..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/install_result.yaml +++ /dev/null @@ -1,29 +0,0 @@ -title: Install Result -type: object -properties: - assets: - type: array - items: [] - status: - type: string - enum: - - installed - - already_installed - error: - type: object - properties: - name: - type: string - message: - type: string - stack: - type: string - installType: - type: array - items: - type: string - enum: - - metrics - - logs - required: - - installType diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/installation_info.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/installation_info.yaml deleted file mode 100644 index b8d82bc669d04..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/installation_info.yaml +++ /dev/null @@ -1,130 +0,0 @@ -title: Installation info object -type: object -properties: - type: - type: string - created_at: - type: string - updated_at: - type: string - namespaces: - type: array - items: - type: string - installed_kibana: - type: object - properties: - id: - type: string - type: - $ref: ./kibana_saved_object_type.yaml - installed_es: - type: object - properties: - id: - type: string - deferred: - type: boolean - type: - $ref: ./elasticsearch_asset_type.yaml - name: - type: string - version: - type: string - install_status: - type: string - enum: - - installed - - installing - - install_failed - install_source: - type: string - enum: - - registry - - upload - - bundled - install_kibana_space_id: - type: string - install_format_schema_version: - type: string - latest_install_failed_attempts: - description: Latest failed install errors - type: array - items: - type: object - properties: - created_at: - type: string - target_version: - type: string - error: - type: object - properties: - name: - type: string - message: - type: string - stack: - type: string - latest_executed_state: - description: Latest successfully executed state in package install state machine - type: object - properties: - name: - type: string - enum: - - create_restart_installation - - install_kibana_assets - - install_ilm_policies - - install_ml_model - - install_index_template_pipelines - - remove_legacy_templates - - update_current_write_indices - - install_transforms - - delete_previous_pipelines - - save_archive_entries_from_assets_map - - update_so - started_at: - type: string - error: - type: string - verification_status: - type: string - enum: - - verified - - unverified - - unknown - verification_key_id: - type: string - nullable: true - experimental_data_stream_features: - type: array - properties: - data_stream: - type: string - features: - type: object - properties: - synthetic_source: - type: boolean - nullable: true - tsdb: - type: boolean - nullable: true - doc_value_only_numeric: - type: boolean - nullable: true - doc_value_only_other: - type: boolean - nullable: true -required: - - installed_kibana - - installed_es - - name - - version - - install_status - - install_version - - install_started_at - - install_source - - verification_status - - latest_install_failed_attempts diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/kibana_saved_object_type.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/kibana_saved_object_type.yaml deleted file mode 100644 index 1a7d29311e4fe..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/kibana_saved_object_type.yaml +++ /dev/null @@ -1,12 +0,0 @@ -title: Kibana saved object asset type -type: string -enum: - - dashboard - - visualization - - search - - index-pattern - - map - - lens - - ml-module - - security-rule - - csp_rule_template diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/new_package_policy.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/new_package_policy.yaml deleted file mode 100644 index ef22c197c5b40..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/new_package_policy.yaml +++ /dev/null @@ -1,64 +0,0 @@ -title: New package policy -type: object -description: '' -properties: - enabled: - type: boolean - package: - type: object - properties: - name: - type: string - version: - type: string - title: - type: string - requires_root: - type: boolean - required: - - name - - version - namespace: - type: string - output_id: - type: string - inputs: - type: array - items: - type: object - properties: - type: - type: string - enabled: - type: boolean - processors: - type: array - items: - type: string - streams: - type: array - items: {} - config: - type: object - vars: - type: object - required: - - type - - enabled - policy_id: - type: string - nullable: true - deprecated: true - policy_ids: - type: array - items: - type: string - name: - type: string - description: - type: string - overrides: - type: object -required: - - inputs - - name diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/output_create_request.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/output_create_request.yaml deleted file mode 100644 index 9fc0ad6d24590..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/output_create_request.yaml +++ /dev/null @@ -1,13 +0,0 @@ -title: Output -oneOf: - - $ref: './output_create_request_elasticsearch.yaml' - - $ref: './output_create_request_kafka.yaml' - - $ref: './output_create_request_logstash.yaml' - - $ref: './output_create_request_remote_elasticsearch.yaml' -discriminator: - propertyName: type - mapping: - elasticsearch: './output_create_request_elasticsearch.yaml' - kafka: './output_create_request_kafka.yaml' - logstash: './output_create_request_logstash.yaml' - remote_elasticsearch: './output_create_request_remote_elasticsearch.yaml' diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/output_create_request_elasticsearch.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/output_create_request_elasticsearch.yaml deleted file mode 100644 index 0cee8b3875f8d..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/output_create_request_elasticsearch.yaml +++ /dev/null @@ -1,63 +0,0 @@ -title: elasticsearch -type: object -properties: - id: - type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: - type: boolean - name: - type: string - type: - type: string - enum: ['elasticsearch'] - hosts: - type: array - items: - type: string - ca_sha256: - type: string - ca_trusted_fingerprint: - type: string - config: - type: object - preset: - type: string - enum: ['balanced', 'custom', 'throughput', 'scale', 'latency'] - config_yaml: - type: string - ssl: - type: object - properties: - certificate_authorities: - type: array - items: - type: string - certificate: - type: string - key: - type: string - proxy_id: - type: string - shipper: - type: object - properties: - disk_queue_enabled: - type: boolean - disk_queue_path: - type: string - disk_queue_max_size: - type: number - disk_queue_encryption_enabled: - type: boolean - disk_queue_compression_enabled: - type: boolean - compression_level: - type: number - loadbalance: - type: boolean -required: - - name diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/output_create_request_kafka.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/output_create_request_kafka.yaml deleted file mode 100644 index 14e3f9dde4063..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/output_create_request_kafka.yaml +++ /dev/null @@ -1,149 +0,0 @@ -title: kafka -type: object -properties: - id: - type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: - type: boolean - name: - type: string - type: - type: string - enum: ['kafka'] - hosts: - type: array - items: - type: string - ca_sha256: - type: string - ca_trusted_fingerprint: - type: string - config: - type: object - config_yaml: - type: string - ssl: - type: object - properties: - certificate_authorities: - type: array - items: - type: string - certificate: - type: string - key: - type: string - verification_mode: - type: string - enum: ['none', 'full', 'certificate', 'strict'] - proxy_id: - type: string - shipper: - type: object - properties: - disk_queue_enabled: - type: boolean - disk_queue_path: - type: string - disk_queue_max_size: - type: number - disk_queue_encryption_enabled: - type: boolean - disk_queue_compression_enabled: - type: boolean - compression_level: - type: number - loadbalance: - type: boolean - version: - type: string - key: - type: string - compression: - type: string - compression_level: - type: number - client_id: - type: string - auth_type: - type: string - connection_type: - type: string - enum: ['plaintext', 'encryption'] - username: - type: string - password: - type: string - sasl: - type: object - properties: - mechanism: - type: string - partition: - type: string - random: - type: object - properties: - group_events: - type: number - round_robin: - type: object - properties: - group_events: - type: number - topic: - type: string - topics: - deprecated: true - description: Use topic instead. - type: array - items: - type: object - properties: - topic: - type: string - when: - deprecated: true - description: Deprecated, kafka output do not support conditionnal topics anymore. - type: object - properties: - type: - type: string - condition: - type: string - headers: - type: array - items: - type: object - properties: - key: - type: string - value: - type: string - timeout: - type: number - broker_timeout: - type: number - required_acks: - type: number - secrets: - type: object - properties: - password: - type: string - ssl: - type: object - properties: - key: - type: string - -required: - - name - - type - - topics - - auth_type - - hosts diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/output_create_request_logstash.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/output_create_request_logstash.yaml deleted file mode 100644 index b91a1473b8a6e..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/output_create_request_logstash.yaml +++ /dev/null @@ -1,70 +0,0 @@ -title: logstash -type: object -properties: - id: - type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: - type: boolean - name: - type: string - type: - type: string - enum: ['logstash'] - hosts: - type: array - items: - type: string - ca_sha256: - type: string - ca_trusted_fingerprint: - type: string - config: - type: object - config_yaml: - type: string - ssl: - type: object - properties: - certificate_authorities: - type: array - items: - type: string - certificate: - type: string - key: - type: string - proxy_id: - type: string - shipper: - type: object - properties: - disk_queue_enabled: - type: boolean - disk_queue_path: - type: string - disk_queue_max_size: - type: number - disk_queue_encryption_enabled: - type: boolean - disk_queue_compression_enabled: - type: boolean - compression_level: - type: number - loadbalance: - type: boolean - secrets: - type: object - properties: - ssl: - type: object - properties: - key: - type: string -required: - - name - - hosts - - type diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/output_create_request_remote_elasticsearch.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/output_create_request_remote_elasticsearch.yaml deleted file mode 100644 index d05318820cda6..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/output_create_request_remote_elasticsearch.yaml +++ /dev/null @@ -1,29 +0,0 @@ -title: remote_elasticsearch -type: object -properties: - id: - type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: - type: boolean - name: - type: string - type: - type: string - enum: ['remote_elasticsearch'] - hosts: - type: array - items: - type: string - service_token: - type: string - secrets: - type: object - properties: - service_token: - type: string -required: - - name diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/output_update_request.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/output_update_request.yaml deleted file mode 100644 index 9b2add84bbc40..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/output_update_request.yaml +++ /dev/null @@ -1,11 +0,0 @@ -title: Output -oneOf: - - $ref: './output_update_request_elasticsearch.yaml' - - $ref: './output_update_request_kafka.yaml' - - $ref: './output_update_request_logstash.yaml' -discriminator: - propertyName: type - mapping: - elasticsearch: './output_update_request_elasticsearch.yaml' - kafka: './output_update_request_kafka.yaml' - logstash: './output_update_request_logstash.yaml' diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/output_update_request_elasticsearch.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/output_update_request_elasticsearch.yaml deleted file mode 100644 index b44cadd767dc4..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/output_update_request_elasticsearch.yaml +++ /dev/null @@ -1,65 +0,0 @@ -title: elasticsearch -type: object -properties: - id: - type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: - type: boolean - name: - type: string - type: - type: string - enum: ['elasticsearch'] - hosts: - type: array - items: - type: string - ca_sha256: - type: string - ca_trusted_fingerprint: - type: string - config: - type: object - preset: - type: string - enum: ['balanced', 'custom', 'throughput', 'scale', 'latency'] - config_yaml: - type: string - ssl: - type: object - properties: - certificate_authorities: - type: array - items: - type: string - certificate: - type: string - key: - type: string - proxy_id: - type: string - shipper: - type: object - properties: - disk_queue_enabled: - type: boolean - disk_queue_path: - type: string - disk_queue_max_size: - type: number - disk_queue_encryption_enabled: - type: boolean - disk_queue_compression_enabled: - type: boolean - compression_level: - type: number - loadbalance: - type: boolean -required: - - name - - hosts - - type diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/output_update_request_kafka.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/output_update_request_kafka.yaml deleted file mode 100644 index 2b52722923b56..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/output_update_request_kafka.yaml +++ /dev/null @@ -1,134 +0,0 @@ -title: kafka -type: object -properties: - id: - type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: - type: boolean - name: - type: string - type: - type: string - enum: ['kafka'] - hosts: - type: array - items: - type: string - ca_sha256: - type: string - ca_trusted_fingerprint: - type: string - config: - type: object - config_yaml: - type: string - ssl: - type: object - properties: - certificate_authorities: - type: array - items: - type: string - certificate: - type: string - key: - type: string - verification_mode: - type: string - enum: ['none', 'full', 'certificate', 'strict'] - proxy_id: - type: string - shipper: - type: object - properties: - disk_queue_enabled: - type: boolean - disk_queue_path: - type: string - disk_queue_max_size: - type: number - disk_queue_encryption_enabled: - type: boolean - disk_queue_compression_enabled: - type: boolean - compression_level: - type: number - loadbalance: - type: boolean - version: - type: string - key: - type: string - compression: - type: string - compression_level: - type: number - client_id: - type: string - auth_type: - type: string - connection_type: - type: string - enum: ['plaintext', 'encryption'] - username: - type: string - password: - type: string - sasl: - type: object - properties: - mechanism: - type: string - partition: - type: string - random: - type: object - properties: - group_events: - type: number - round_robin: - type: object - properties: - group_events: - type: number - topic: - type: string - topics: - deprecated: true - description: Use topic instead. - type: array - items: - type: object - properties: - topic: - type: string - when: - deprecated: true - description: Deprecated, kafka output do not support conditionnal topics anymore. - type: object - properties: - type: - type: string - condition: - type: string - headers: - type: array - items: - type: object - properties: - key: - type: string - value: - type: string - timeout: - type: number - broker_timeout: - type: number - required_acks: - type: number -required: - - name diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/output_update_request_logstash.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/output_update_request_logstash.yaml deleted file mode 100644 index 842d1c3c27867..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/output_update_request_logstash.yaml +++ /dev/null @@ -1,60 +0,0 @@ -title: logstash -type: object -properties: - id: - type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: - type: boolean - name: - type: string - type: - type: string - enum: ['logstash'] - hosts: - type: array - items: - type: string - ca_sha256: - type: string - ca_trusted_fingerprint: - type: string - config: - type: object - config_yaml: - type: string - ssl: - type: object - properties: - certificate_authorities: - type: array - items: - type: string - certificate: - type: string - key: - type: string - proxy_id: - type: string - shipper: - type: object - properties: - disk_queue_enabled: - type: boolean - disk_queue_path: - type: string - disk_queue_max_size: - type: number - disk_queue_encryption_enabled: - type: boolean - disk_queue_compression_enabled: - type: boolean - compression_level: - type: number - loadbalance: - type: boolean -required: - - name diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/package_info.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/package_info.yaml deleted file mode 100644 index 17f70e274ed52..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/package_info.yaml +++ /dev/null @@ -1,145 +0,0 @@ -title: Package information -type: object -properties: - name: - type: string - title: - type: string - version: - type: string - release: - type: string - deprecated: true - description: release label is deprecated, derive from the version instead (packages follow semver) - enum: - - experimental - - beta - - ga - source: - type: object - properties: - license: - type: string - enum: - - Apache-2.0 - - Elastic-2.0 - readme: - type: string - description: - type: string - type: - type: string - categories: - type: array - items: - type: string - conditions: - type: object - properties: - kibana: - type: object - properties: - versions: - type: string - elasticsearch: - type: object - properties: - subscription: - type: string - enum: - - basic - - gold - - platinum - - enterprise - screenshots: - type: array - items: - type: object - properties: - src: - type: string - path: - type: string - title: - type: string - size: - type: string - type: - type: string - required: - - src - - path - icons: - type: array - items: - type: string - assets: - type: array - items: - type: string - internal: - type: boolean - format_version: - type: string - data_streams: - type: array - items: - type: object - properties: - title: - type: string - name: - type: string - release: - type: string - ingeset_pipeline: - type: string - vars: - type: array - items: - type: object - properties: - name: - type: string - default: - type: string - required: - - name - - default - type: - type: string - package: - type: string - required: - - title - - name - - release - - ingeset_pipeline - - type - - package - download: - type: string - path: - type: string - elasticsearch: - type: object - properties: - privileges: - type: object - properties: - cluster: - type: array - items: - type: string -required: - - name - - title - - version - - description - - type - - categories - - conditions - - assets - - format_version - - download - - path diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/package_policy.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/package_policy.yaml deleted file mode 100644 index 1f3f44d585d06..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/package_policy.yaml +++ /dev/null @@ -1,17 +0,0 @@ -title: Package policy -allOf: - - type: object - properties: - id: - type: string - revision: - type: number - inputs: - oneOf: - - type: array - items: {} - - type: object - required: - - id - - revision - - $ref: ./new_package_policy.yaml diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/package_policy_request.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/package_policy_request.yaml deleted file mode 100644 index 871bc8b6d1ae8..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/package_policy_request.yaml +++ /dev/null @@ -1,102 +0,0 @@ -title: Package Policy Request -type: object -properties: - id: - type: string - description: Package policy unique identifier - name: - type: string - description: Package policy name (should be unique) - example: nginx-123 - description: - type: string - description: Package policy description - example: 'my description' - namespace: - type: string - description: The package policy namespace. Leave blank to inherit the agent policy's namespace. - example: 'customnamespace' - output_id: - type: string - description: Output ID to send package data to - example: 'output-id' - nullable: true - policy_id: - type: string - description: Agent policy ID where that package policy will be added - example: 'agent-policy-id' - deprecated: true - nullable: true - policy_ids: - type: array - items: - type: string - description: Agent policy IDs where that package policy will be added - example: ['agent-policy-id'] - package: - type: object - properties: - name: - type: string - description: Package name - example: 'nginx' - version: - type: string - description: Package version - example: '1.6.0' - required: - - name - - version - vars: - type: object - description: Package root level variable (see integration documentation for more information) - inputs: - type: object - description: Package policy inputs (see integration documentation to know what inputs are available) - example: - nginx-logfile: - enabled: true - streams: - nginx.access: - enabled: true - vars: - paths: - - '/var/log/nginx/access.log*' - tags: - - nginx-access - preserve_original_event: false - ignore_older: 72h - additionalProperties: - type: object - properties: - enabled: - type: boolean - description: enable or disable that input, (default to true) - vars: - type: object - description: Input level variable (see integration documentation for more information) - streams: - type: object - description: Input streams (see integration documentation to know what streams are available) - additionalProperties: - type: object - properties: - enabled: - type: boolean - description: enable or disable that stream, (default to true) - vars: - type: object - description: Stream level variable (see integration documentation for more information) - overrides: - type: object - properties: - inputs: - type: object - description: Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure. - nullable: true - force: - type: boolean - description: Force package policy creation even if package is not verified, or if the agent policy is managed. -required: - - name - - package diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/package_usage_stats.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/package_usage_stats.yaml deleted file mode 100644 index 55977e2141a63..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/package_usage_stats.yaml +++ /dev/null @@ -1,7 +0,0 @@ -title: Package usage stats -type: object -properties: - agent_policy_count: - type: integer -required: - - agent_policy_count diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/proxies.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/proxies.yaml deleted file mode 100644 index 527f727c6d1a2..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/proxies.yaml +++ /dev/null @@ -1,20 +0,0 @@ -title: Fleet Proxy -type: object -properties: - id: - type: string - name: - type: string - url: - type: string - proxy_headers: - type: object - certificate_authorities: - type: string - certificate: - type: string - certificate_key: - type: string -required: - - name - - url diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/saved_object_type.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/saved_object_type.yaml deleted file mode 100644 index df8708b9b4723..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/saved_object_type.yaml +++ /dev/null @@ -1,26 +0,0 @@ -title: Saved Object type -oneOf: - - type: string - enum: - - dashboard - - visualization - - search - - index_pattern - - map - - lens - - security_rule - - csp_rule_template - - ml_module - - tag - - osquery_pack_asset - - osquery_saved_query - - type: string - enum: - - index - - component_template - - ingest_pipeline - - index_template - - ilm_policy - - transform - - data_stream_ilm_policy - - ml_model diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/search_result.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/search_result.yaml deleted file mode 100644 index bc285a8ae9b29..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/search_result.yaml +++ /dev/null @@ -1,36 +0,0 @@ -title: Search result -type: object -properties: - description: - type: string - download: - type: string - icons: - type: string - name: - type: string - path: - type: string - title: - type: string - type: - type: string - version: - type: string - status: - type: string - installationInfo: - $ref: ./installation_info.yaml - savedObject: - type: object - deprecated: true -required: - - description - - download - - icons - - name - - path - - title - - type - - version - - status diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/settings.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/settings.yaml deleted file mode 100644 index bd078039d7f76..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/settings.yaml +++ /dev/null @@ -1,17 +0,0 @@ -title: Settings -type: object -properties: - id: - type: string - has_seen_add_data_notice: - type: boolean - fleet_server_hosts: - deprecated: true - type: array - items: - type: string - prerelease_integrations_enabled: - type: boolean -required: - - fleet_server_hosts - - id diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/update_package_policy.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/update_package_policy.yaml deleted file mode 100644 index f06a2c9ea49f3..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/update_package_policy.yaml +++ /dev/null @@ -1,61 +0,0 @@ -title: Update package policy -type: object -description: '' -properties: - version: - type: string - enabled: - type: boolean - package: - type: object - properties: - name: - type: string - version: - type: string - title: - type: string - required: - - name - - title - - version - namespace: - type: string - output_id: - type: string - inputs: - type: array - items: - type: object - properties: - type: - type: string - enabled: - type: boolean - processors: - type: array - items: - type: string - streams: - type: array - items: {} - config: - type: object - vars: - type: object - required: - - type - - enabled - - streams - policy_id: - type: string - name: - type: string - description: - type: string - force: - type: boolean -required: - - name - - policy_id - - enabled diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/upgrade_agent.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/upgrade_agent.yaml deleted file mode 100644 index 4c29b01f6e24a..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/upgrade_agent.yaml +++ /dev/null @@ -1,15 +0,0 @@ -title: Upgrade agent -type: object -properties: - version: - type: string - source_uri: - type: string - force: - type: boolean - description: Force upgrade, skipping validation (should be used with caution) - skipRateLimitCheck: - type: boolean - description: Skip rate limit check for upgrade -required: - - version diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/upgrade_agent_diff.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/upgrade_agent_diff.yaml deleted file mode 100644 index efed1601137e3..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/upgrade_agent_diff.yaml +++ /dev/null @@ -1,6 +0,0 @@ -title: Package policy Upgrade dryrun -type: array -items: - type: array - items: - $ref: ./full_agent_policy_input.yaml \ No newline at end of file diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/upgrade_diff.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/upgrade_diff.yaml deleted file mode 100644 index e77ccf128b333..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/upgrade_diff.yaml +++ /dev/null @@ -1,23 +0,0 @@ -title: Package policy Upgrade dryrun -type: array -items: - allOf: - - $ref: ./package_policy.yaml - - type: object - allOf: - - $ref: ./new_package_policy.yaml - - type: object - properties: - errors: - type: array - items: - type: object - properties: - key: - type: string - message: - type: string - missingVars: - type: array - items: - type: string diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/upgrade_managed_package_policies.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/upgrade_managed_package_policies.yaml deleted file mode 100644 index 3f4c0f10c872a..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/upgrade_managed_package_policies.yaml +++ /dev/null @@ -1,12 +0,0 @@ -title: Upgrade managed package policies result -type: object -properties: - packagePolicyId: - type: string - diff: - # type: - errors: - type: any - required: - - packagePolicyId - - errors diff --git a/x-pack/plugins/fleet/common/openapi/entrypoint.yaml b/x-pack/plugins/fleet/common/openapi/entrypoint.yaml deleted file mode 100644 index 0e2f59d80ae11..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/entrypoint.yaml +++ /dev/null @@ -1,217 +0,0 @@ -openapi: 3.0.0 -tags: - - name: Data streams - - name: Elastic Agents - - name: Elastic Agent actions - - name: Elastic Agent binary download sources - - name: Elastic Agent policies - - name: Elastic Agent status - - name: Elastic Package Manager (EPM) - - name: Fleet enrollment API keys - - name: Fleet internals - - name: Fleet Server hosts - - name: Fleet Kubernetes - - name: Fleet outputs - - name: Fleet package policies - - name: Fleet proxies - - name: Fleet service tokens - - name: Fleet uninstall tokens -info: - title: Fleet - description: OpenAPI schema for Fleet API endpoints - version: '0.2' - contact: - name: Fleet Team - license: - name: Elastic License 2.0 - url: https://www.elastic.co/licensing/elastic-license -servers: - - url: 'http://KIBANA_HOST:5601' -paths: - # Fleet internals - /api/fleet/health_check: - $ref: paths/health_check.yaml - /api/fleet/setup: - $ref: paths/setup.yaml - /api/fleet/settings: - $ref: paths/settings.yaml - # /internal/fleet/settings/enrollment: - # servers: - # - url: 'http://KIBANA_HOST:5601/internal/fleet' - # description: Used for Fleet internals and not supported - # $ref: paths/settings_enrollment.yaml - /api/fleet/service-tokens: - $ref: paths/service_tokens_deprecated.yaml - /api/fleet/service_tokens: - $ref: paths/service_tokens.yaml - - # EPM / integrations endpoints - /api/fleet/epm/verification_key_id: - $ref: paths/epm@verification_key_id.yaml - /api/fleet/epm/bulk_assets: - $ref: paths/epm@bulk_assets.yaml - /api/fleet/epm/categories: - $ref: paths/epm@categories.yaml - /api/fleet/epm/packages/limited: - $ref: paths/epm@limited_list.yaml - /api/fleet/epm/packages: - $ref: paths/epm@packages.yaml - /api/fleet/epm/packages/_bulk: - $ref: paths/epm@packages_bulk.yaml - '/api/fleet/epm/packages/{pkgkey}': - $ref: 'paths/epm@packages@{pkgkey}_deprecated.yaml' - '/api/fleet/epm/packages/{pkgName}/{pkgVersion}': - $ref: 'paths/epm@packages@{pkg_name}@{pkg_version}.yaml' - '/api/fleet/epm/packages/{pkgName}/{pkgVersion}/transforms/authorize': - $ref: 'paths/epm@packages@{pkg_name}@{pkg_version}@transforms@authorize.yaml' - '/api/fleet/epm/packages/{pkgName}/{pkgVersion}/{filePath}': - $ref: paths/epm@get_file.yaml - '/api/fleet/epm/packages/{pkgName}/stats': - $ref: 'paths/epm@packages@{pkg_name}@stats.yaml' - '/api/fleet/epm/templates/{pkgName}/{pkgVersion}/inputs': - $ref: 'paths/epm@templates@{pkg_name}@{pkg_version}@inputs.yaml' - - # Agent endpoints - /api/fleet/agents/setup: - $ref: paths/agents@setup.yaml - /api/fleet/agent-status: - $ref: paths/agent_status_deprecated.yaml - /api/fleet/agent_status: - $ref: paths/agent_status.yaml - /api/fleet/agent_status/data: - $ref: paths/agent_status@data.yaml - /api/fleet/agents: - $ref: paths/agents.yaml - /api/fleet/agents/bulk_upgrade: - $ref: paths/agents@bulk_upgrade.yaml - /api/fleet/agents/action_status: - $ref: paths/agents@action_status.yaml - '/api/fleet/agents/{agentId}': - $ref: 'paths/agents@{agent_id}.yaml' - '/api/fleet/agents/{agentId}/actions': - $ref: 'paths/agents@{agent_id}@actions.yaml' - '/api/fleet/agents/actions/{actionId}/cancel': - $ref: 'paths/agents@actions@{action_id}@cancel.yaml' - '/api/fleet/agents/files/{fileId}/{fileName}': - $ref: 'paths/agents@files@{file_id}@{file_name}.yaml' - '/api/fleet/agents/files/{fileId}': - $ref: 'paths/agents@files@{file_id}.yaml' - '/api/fleet/agents/{agentId}/reassign': - $ref: 'paths/agents@{agent_id}@reassign.yaml' - '/api/fleet/agents/{agentId}/unenroll': - $ref: 'paths/agents@{agent_id}@unenroll.yaml' - '/api/fleet/agents/{agentId}/upgrade': - $ref: 'paths/agents@{agent_id}@upgrade.yaml' - '/api/fleet/agents/{agentId}/uploads': - $ref: 'paths/agents@{agent_id}@uploads.yaml' - '/api/fleet/agents/bulk_reassign': - $ref: 'paths/agents@bulk_reassign.yaml' - '/api/fleet/agents/bulk_unenroll': - $ref: 'paths/agents@bulk_unenroll.yaml' - '/api/fleet/agents/bulk_update_agent_tags': - $ref: 'paths/agents@bulk_update_tags.yaml' - /api/fleet/agents/tags: - $ref: paths/agent_tags.yaml - '/api/fleet/agents/{agentId}/request_diagnostics': - $ref: 'paths/agents@{agent_id}@request_diagnostics.yaml' - /api/fleet/agents/bulk_request_diagnostics: - $ref: 'paths/agents@bulk_request_diagnostics.yaml' - - # Agent policies endpoints - /api/fleet/agent_policies: - $ref: paths/agent_policies.yaml - '/api/fleet/agent_policies/{agentPolicyId}': - $ref: 'paths/agent_policies@{agent_policy_id}.yaml' - '/api/fleet/agent_policies/{agentPolicyId}/copy': - $ref: 'paths/agent_policies@{agent_policy_id}@copy.yaml' - '/api/fleet/agent_policies/{agentPolicyId}/full': - $ref: 'paths/agent_policies@{agent_policy_id}@full.yaml' - '/api/fleet/agent_policies/{agentPolicyId}/download': - $ref: 'paths/agent_policies@{agent_policy_id}@download.yaml' - /api/fleet/agent_policies/_bulk_get: - $ref: paths/agent_policies@_bulk_get.yaml - /api/fleet/agent_policies/delete: - $ref: paths/agent_policies@delete.yaml - - # Data streams endpoints - /api/fleet/data_streams: - $ref: paths/data_streams.yaml - - # Enrollment endpoints - /api/fleet/enrollment-api-keys: - $ref: paths/enrollment_api_keys_deprecated.yaml - '/api/fleet/enrollment-api-keys/{keyId}': - $ref: 'paths/enrollment_api_keys@{key_id}_deprecated.yaml' - /api/fleet/enrollment_api_keys: - $ref: paths/enrollment_api_keys.yaml - '/api/fleet/enrollment_api_keys/{keyId}': - $ref: 'paths/enrollment_api_keys@{key_id}.yaml' - - # Package policies endpoints - /api/fleet/package_policies: - $ref: paths/package_policies.yaml - /api/fleet/package_policies/_bulk_get: - $ref: paths/package_policies@_bulk_get.yaml - /api/fleet/package_policies/delete: - $ref: paths/package_policies@delete.yaml - /api/fleet/package_policies/upgrade: - $ref: paths/package_policies@upgrade.yaml - /api/fleet/package_policies/upgrade/dryrun: - $ref: paths/package_policies@upgrade_dryrun.yaml - '/api/fleet/package_policies/{packagePolicyId}': - $ref: 'paths/package_policies@{package_policy_id}.yaml' - - # Outputs - /api/fleet/outputs: - $ref: paths/outputs.yaml - '/api/fleet/outputs/{outputId}': - $ref: paths/outputs@{output_id}.yaml - '/api/fleet/outputs/{outputId}/health': - $ref: paths/output_health@{output_id}.yaml - /api/fleet/logstash_api_keys: - $ref: paths/logstash_api_keys.yaml - - # Agent binary download sources - /api/fleet/agent_download_sources: - $ref: paths/agent_download_sources.yaml - '/api/fleet/agent_download_sources/{sourceId}': - $ref: paths/agent_download_sources@{source_id}.yaml - - # Fleet server hosts - /api/fleet/fleet_server_hosts: - $ref: paths/fleet_server_hosts.yaml - '/api/fleet/fleet_server_hosts/{itemId}': - $ref: paths/fleet_server_hosts@{item_id}.yaml - - # Fleet proxies - /api/fleet/proxies: - $ref: paths/proxies.yaml - '/api/fleet/proxies/{itemId}': - $ref: paths/proxies@{item_id}.yaml - - # K8s - /api/fleet/kubernetes: - $ref: paths/kubernetes.yaml - - # Uninstall tokens - /api/fleet/uninstall_tokens: - $ref: paths/uninstall_tokens.yaml - '/api/fleet/uninstall_tokens/{uninstallTokenId}': - $ref: paths/uninstall_tokens@{uninstall_token_id}.yaml -components: - securitySchemes: - basicAuth: - type: http - scheme: basic - Enrollment_API_Key: - name: Authorization - type: apiKey - in: header - description: 'e.g. Authorization: ApiKey base64EnrollmentApiKey' - Access_API_Key: - name: Authorization - type: apiKey - in: header - description: 'e.g. Authorization: ApiKey base64AccessApiKey' -security: - - basicAuth: [] diff --git a/x-pack/plugins/fleet/common/openapi/paths/README.md b/x-pack/plugins/fleet/common/openapi/paths/README.md deleted file mode 100644 index e5bd80632c7ee..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/README.md +++ /dev/null @@ -1,127 +0,0 @@ -Paths -===== - -Organize our path definitions within this folder. We will reference our paths from our main `openapi.json` entrypoint file. - -It may help us to adopt some conventions: - -* path separator token (e.g. `@`) or subfolders -* path parameter (e.g. `{example}`) -* file-per-path or file-per-operation - -There are different benefits and drawbacks to each decision. - -We can adopt any organization we wish. We have some tips for organizing paths based on common practices. - -## Each path in a separate file - -Use a predefined "path separator" and keep all of our path files in the top level of the `paths` folder. - -``` -paths/ -├── README.md -├── agent_policies.yaml -├── agent_policies@delete.yaml -├── agent_policies@{agent_policy_id}.yaml -├── agent_policies@{agent_policy_id}@copy.yaml -├── agent_status.yaml -├── agents.yaml -├── agents@bulk_upgrade.yaml -├── agents@enroll.yaml -├── agents@setup.yaml -├── agents@{agent_id}.yaml -├── agents@{agent_id}@unenroll.yaml -├── agents@{agent_id}@upgrade.yaml -├── enrollment_api_keys.yaml -├── enrollment_api_keys@{key_id}.yaml -├── epm@categories.yaml -├── epm@packages.yaml -├── epm@packages@{pkgkey}.yaml -├── install@{os_type}.yaml -├── package_policies.yaml -├── package_policies@{package_policy_id}.yaml -└── setup.yaml -``` - -Redocly recommends using the `@` character for this case. - -In addition, Redocly recommends placing path parameters within `{}` curly braces if we adopt this style. - -#### Motivations - -* Quickly see a list of all paths. Many people think in terms of the "number" of "endpoints" (paths), and not the "number" of "operations" (paths * http methods). - -* Only the "file-per-path" option is semantically correct with the OpenAPI Specification 3.0.2. However, Redocly's openapi-cli will build valid bundles for any of the other options too. - - -#### Drawbacks - -* This may require multiple definitions per http method within a single file. -* It requires settling on a path separator (that is allowed to be used in filenames) and sticking to that convention. - -## Each operation in a separate file - -We may also place each operation in a separate file. - -In this case, if we want all paths at the top-level, we can concatenate the http method to the path name. Similar to the above option, we can - -### Files at top-level of `paths` - -We may name our files with some concatenation for the http method. For example, following a convention such as: `-.json`. - -#### Motivations - -* Quickly see all operations without needing to navigate subfolders. - -#### Drawbacks - -* Adopting an unusual path separator convention, instead of using subfolders. - -### Use subfolders to mirror API path structure - -Example: -``` -GET /customers - -/paths/customers/get.json -``` - -In this case, the path id defined within subfolders which mirror the API URL structure. - -Example with path parameter: -``` -GET /customers/{id} - -/paths/customers/{id}/get.json -``` - -#### Motivations - -It matches the URL structure. - -It is pretty easy to reference: - -```json -paths: - '/customers/{id}': - get: - $ref: ./paths/customers/{id}/get.json - put: - $ref: ./paths/customers/{id}/put.json -``` - -#### Drawbacks - -If we have a lot of nested folders, it may be confusing to reference our schemas. - -Example -``` -file: /paths/customers/{id}/timeline/{messageId}/get.json - -# excerpt of file - headers: - Rate-Limit-Remaining: - $ref: ../../../../../components/headers/Rate-Limit-Remaining.json - -``` -Notice the `../../../../../` in the ref which requires some attention to formulate correctly. While openapi-cli has a linter which suggests possible refs when there is a mistake, this is still a net drawback for APIs with deep paths. diff --git a/x-pack/plugins/fleet/common/openapi/paths/agent_download_sources.yaml b/x-pack/plugins/fleet/common/openapi/paths/agent_download_sources.yaml deleted file mode 100644 index 8b6857727a0d7..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/agent_download_sources.yaml +++ /dev/null @@ -1,60 +0,0 @@ -get: - summary: List agent binary download sources - tags: - - Elastic Agent binary download sources - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - $ref: ../components/schemas/download_sources.yaml - total: - type: integer - page: - type: integer - perPage: - type: integer - '400': - $ref: ../components/responses/error.yaml - operationId: get-download-sources -post: - summary: Create agent binary download source - tags: - - Elastic Agent binary download sources - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: ../components/schemas/download_sources.yaml - '400': - $ref: ../components/responses/error.yaml - requestBody: - content: - application/json: - schema: - type: object - properties: - id: - type: string - name: - type: string - is_default: - type: boolean - host: - type: string - required: - - name - - host - - is_default - operationId: post-download-sources diff --git a/x-pack/plugins/fleet/common/openapi/paths/agent_download_sources@{source_id}.yaml b/x-pack/plugins/fleet/common/openapi/paths/agent_download_sources@{source_id}.yaml deleted file mode 100644 index 1c10656883686..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/agent_download_sources@{source_id}.yaml +++ /dev/null @@ -1,83 +0,0 @@ -get: - summary: Get agent binary download source by ID - tags: - - Elastic Agent binary download sources - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: ../components/schemas/download_sources.yaml - required: - - item - '400': - $ref: ../components/responses/error.yaml - operationId: get-one-download-source -parameters: - - schema: - type: string - name: sourceId - in: path - required: true -delete: - summary: Delete agent binary download source by ID - tags: - - Elastic Agent binary download sources - operationId: delete-download-source - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - id: - type: string - required: - - id - '400': - $ref: ../components/responses/error.yaml - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml -put: - summary: Update agent binary download source by ID - tags: - - Elastic Agent binary download sources - operationId: update-download-source - requestBody: - content: - application/json: - schema: - type: object - properties: - name: - type: string - is_default: - type: boolean - host: - type: string - required: - - name - - is_default - - host - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: ../components/schemas/download_sources.yaml - required: - - item - '400': - $ref: ../components/responses/error.yaml - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml diff --git a/x-pack/plugins/fleet/common/openapi/paths/agent_policies.yaml b/x-pack/plugins/fleet/common/openapi/paths/agent_policies.yaml deleted file mode 100644 index 7c690e7b01822..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/agent_policies.yaml +++ /dev/null @@ -1,72 +0,0 @@ -get: - summary: List agent policies - tags: - - Elastic Agent policies - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - $ref: ../components/schemas/agent_policy.yaml - total: - type: number - page: - type: number - perPage: - type: number - required: - - items - - total - - page - - perPage - '400': - $ref: ../components/responses/error.yaml - operationId: agent-policy-list - parameters: - - $ref: ../components/parameters/page_size.yaml - - $ref: ../components/parameters/page_index.yaml - - $ref: ../components/parameters/kuery.yaml - - $ref: ../components/parameters/format.yaml - - schema: - type: boolean - in: query - name: full - description: When set to true, retrieve the related package policies for each agent policy. - - schema: - type: boolean - in: query - name: noAgentCount - description: When set to true, do not count how many agents are in the agent policy, this can improve performance if you are searching over a large number of agent policies. The "agents" property will always be 0 if set to true. - - description: '' -post: - summary: Create agent policy - tags: - - Elastic Agent policies - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: ../components/schemas/agent_policy.yaml - '400': - $ref: ../components/responses/error.yaml - operationId: create-agent-policy - requestBody: - content: - application/json: - schema: - $ref: ../components/schemas/agent_policy_create_request.yaml - security: [] - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml diff --git a/x-pack/plugins/fleet/common/openapi/paths/agent_policies@_bulk_get.yaml b/x-pack/plugins/fleet/common/openapi/paths/agent_policies@_bulk_get.yaml deleted file mode 100644 index 42918463f84a3..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/agent_policies@_bulk_get.yaml +++ /dev/null @@ -1,42 +0,0 @@ -post: - summary: Bulk get agent policies - tags: - - Elastic Agent policies - requestBody: - content: - application/json: - schema: - type: object - properties: - ids: - type: array - items: - type: string - description: list of agent policy ids - full: - type: boolean - description: get full policies with package policies populated - ignoreMissing: - type: boolean - required: - - ids - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - $ref: ../components/schemas/agent_policy.yaml - required: - - items - '400': - $ref: ../components/responses/error.yaml - operationId: bulk-get-agent-policies - security: [] - parameters: - - $ref: ../components/parameters/format.yaml diff --git a/x-pack/plugins/fleet/common/openapi/paths/agent_policies@delete.yaml b/x-pack/plugins/fleet/common/openapi/paths/agent_policies@delete.yaml deleted file mode 100644 index 6a4ae2488c3e4..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/agent_policies@delete.yaml +++ /dev/null @@ -1,38 +0,0 @@ -post: - summary: Delete agent policy by ID - tags: - - Elastic Agent policies - operationId: delete-agent-policy - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - id: - type: string - success: - type: boolean - required: - - id - - success - '400': - $ref: ../components/responses/error.yaml - requestBody: - content: - application/json: - schema: - type: object - properties: - agentPolicyId: - type: string - force: - type: boolean - description: bypass validation checks that can prevent agent policy deletion - required: - - agentPolicyId - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml -parameters: [] diff --git a/x-pack/plugins/fleet/common/openapi/paths/agent_policies@{agent_policy_id}.yaml b/x-pack/plugins/fleet/common/openapi/paths/agent_policies@{agent_policy_id}.yaml deleted file mode 100644 index d496d159ccdbd..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/agent_policies@{agent_policy_id}.yaml +++ /dev/null @@ -1,54 +0,0 @@ -parameters: - - schema: - type: string - name: agentPolicyId - in: path - required: true - - $ref: ../components/parameters/format.yaml -get: - summary: Get agent policy by ID - tags: - - Elastic Agent policies - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: ../components/schemas/agent_policy.yaml - required: - - item - '400': - $ref: ../components/responses/error.yaml - operationId: agent-policy-info - description: Get one agent policy - parameters: [] -put: - summary: Update agent policy by ID - tags: - - Elastic Agent policies - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: ../components/schemas/agent_policy.yaml - required: - - item - '400': - $ref: ../components/responses/error.yaml - operationId: update-agent-policy - requestBody: - content: - application/json: - schema: - $ref: ../components/schemas/agent_policy_update_request.yaml - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml diff --git a/x-pack/plugins/fleet/common/openapi/paths/agent_policies@{agent_policy_id}@copy.yaml b/x-pack/plugins/fleet/common/openapi/paths/agent_policies@{agent_policy_id}@copy.yaml deleted file mode 100644 index 72cada1ed87b0..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/agent_policies@{agent_policy_id}@copy.yaml +++ /dev/null @@ -1,41 +0,0 @@ -parameters: - - schema: - type: string - name: agentPolicyId - in: path - required: true - - $ref: ../components/parameters/format.yaml -post: - summary: Copy agent policy by ID - tags: - - Elastic Agent policies - operationId: agent-policy-copy - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: ../components/schemas/agent_policy.yaml - required: - - item - '400': - $ref: ../components/responses/error.yaml - requestBody: - content: - application/json: - schema: - type: object - properties: - name: - type: string - description: - type: string - required: - - name - description: '' diff --git a/x-pack/plugins/fleet/common/openapi/paths/agent_policies@{agent_policy_id}@download.yaml b/x-pack/plugins/fleet/common/openapi/paths/agent_policies@{agent_policy_id}@download.yaml deleted file mode 100644 index 69cc96d572be9..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/agent_policies@{agent_policy_id}@download.yaml +++ /dev/null @@ -1,38 +0,0 @@ -get: - summary: Download agent policy by ID - tags: - - Elastic Agent policies - operationId: agent-policy-download - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - type: string - '400': - $ref: ../components/responses/error.yaml -parameters: - - schema: - type: string - name: agentPolicyId - in: path - required: true - - schema: - type: string - name: download - in: query - required: false - - schema: - type: string - name: standalone - in: query - required: false - - schema: - type: string - name: kubernetes - in: query - required: false diff --git a/x-pack/plugins/fleet/common/openapi/paths/agent_policies@{agent_policy_id}@full.yaml b/x-pack/plugins/fleet/common/openapi/paths/agent_policies@{agent_policy_id}@full.yaml deleted file mode 100644 index ea3f6ac5923a6..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/agent_policies@{agent_policy_id}@full.yaml +++ /dev/null @@ -1,40 +0,0 @@ -get: - summary: Get full agent policy by ID - tags: - - Elastic Agent policies - operationId: agent-policy-full - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - oneOf: - - type: string - - $ref: ../components/schemas/agent_policy_full.yaml - '400': - $ref: ../components/responses/error.yaml -parameters: - - schema: - type: string - name: agentPolicyId - in: path - required: true - - schema: - type: string - name: download - in: query - required: false - - schema: - type: string - name: standalone - in: query - required: false - - schema: - type: string - name: kubernetes - in: query - required: false diff --git a/x-pack/plugins/fleet/common/openapi/paths/agent_status.yaml b/x-pack/plugins/fleet/common/openapi/paths/agent_status.yaml deleted file mode 100644 index eecff760d035a..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/agent_status.yaml +++ /dev/null @@ -1,61 +0,0 @@ -get: - summary: Get agent status summary - tags: - - Elastic Agent status - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - error: - type: integer - events: - type: integer - inactive: - type: integer - unenrolled: - type: integer - offline: - type: integer - online: - type: integer - other: - type: integer - total: - type: integer - deprecated: true - updating: - type: integer - all: - type: integer - active: - type: integer - required: - - active - - all - - error - - events - - inactive - - offline - - online - - other - - total - - updating - '400': - $ref: ../components/responses/error.yaml - operationId: get-agent-status - parameters: - - schema: - type: string - name: policyId - in: query - required: false - - schema: - type: string - name: kuery - in: query - required: false - deprecated: true diff --git a/x-pack/plugins/fleet/common/openapi/paths/agent_status@data.yaml b/x-pack/plugins/fleet/common/openapi/paths/agent_status@data.yaml deleted file mode 100644 index ebf255fa22394..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/agent_status@data.yaml +++ /dev/null @@ -1,32 +0,0 @@ -get: - summary: Get incoming agent data - tags: - - Elastic Agent status - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - type: object - additionalProperties: - type: object - properties: - data: - type: boolean - '400': - $ref: ../components/responses/error.yaml - operationId: get-agent-data - parameters: - - schema: - type: array - items: - type: string - name: agentsIds - in: query - required: true diff --git a/x-pack/plugins/fleet/common/openapi/paths/agent_status_deprecated.yaml b/x-pack/plugins/fleet/common/openapi/paths/agent_status_deprecated.yaml deleted file mode 100644 index 8ebc02a06d3d5..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/agent_status_deprecated.yaml +++ /dev/null @@ -1,47 +0,0 @@ -get: - summary: Get agent status summary - tags: - - Elastic Agent status - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - error: - type: integer - events: - type: integer - inactive: - type: integer - offline: - type: integer - online: - type: integer - other: - type: integer - total: - type: integer - updating: - type: integer - required: - - error - - events - - inactive - - offline - - online - - other - - total - - updating - '400': - $ref: ../components/responses/error.yaml - operationId: get-agent-status-deprecated - parameters: - - schema: - type: string - name: policyId - in: query - required: false - deprecated: true diff --git a/x-pack/plugins/fleet/common/openapi/paths/agent_tags.yaml b/x-pack/plugins/fleet/common/openapi/paths/agent_tags.yaml deleted file mode 100644 index 5961e0a3e0974..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/agent_tags.yaml +++ /dev/null @@ -1,14 +0,0 @@ -get: - summary: List agent tags - tags: - - Elastic Agents - responses: - '200': - description: OK - content: - application/json: - schema: - $ref: ../components/schemas/get_agent_tags_response.yaml - '400': - $ref: ../components/responses/error.yaml - operationId: get-agent-tags diff --git a/x-pack/plugins/fleet/common/openapi/paths/agents.yaml b/x-pack/plugins/fleet/common/openapi/paths/agents.yaml deleted file mode 100644 index 224c15b2ec5d0..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/agents.yaml +++ /dev/null @@ -1,59 +0,0 @@ -get: - summary: List agents - tags: - - Elastic Agents - responses: - '200': - description: OK - content: - application/json: - schema: - $ref: ../components/schemas/get_agents_response.yaml - '400': - $ref: ../components/responses/error.yaml - operationId: get-agents - parameters: - - $ref: ../components/parameters/page_size.yaml - - $ref: ../components/parameters/page_index.yaml - - $ref: ../components/parameters/kuery.yaml - - $ref: ../components/parameters/show_inactive.yaml - - $ref: ../components/parameters/show_upgradeable.yaml - - $ref: ../components/parameters/sort_field.yaml - - $ref: ../components/parameters/sort_order.yaml - - $ref: ../components/parameters/with_metrics.yaml - - name: getStatusSummary - in: query - required: false - schema: - type: boolean - security: - - basicAuth: [] -post: - summary: List agents by action ids - tags: - - Elastic Agents - responses: - '200': - description: OK - content: - application/json: - schema: - $ref: ../components/schemas/agent_get_by_actions.yaml - '400': - $ref: ../components/responses/error.yaml - operationId: get-agents-by-actions - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml - requestBody: - required: true - content: - application/json: - schema: - type: object - properties: - actionIds: - type: array - items: - type: string - required: - - policy_id diff --git a/x-pack/plugins/fleet/common/openapi/paths/agents@action_status.yaml b/x-pack/plugins/fleet/common/openapi/paths/agents@action_status.yaml deleted file mode 100644 index c55d924564cf3..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/agents@action_status.yaml +++ /dev/null @@ -1,112 +0,0 @@ -get: - summary: Get agent action status - tags: - - Elastic Agent actions - parameters: - - $ref: ../components/parameters/page_size.yaml - - $ref: ../components/parameters/page_index.yaml - - schema: - type: integer - default: 5 - in: query - name: errorSize - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - type: object - properties: - actionId: - type: string - status: - type: string - enum: - - COMPLETE - - EXPIRED - - CANCELLED - - FAILED - - IN_PROGRESS - - ROLLOUT_PASSED - nbAgentsActioned: - type: number - description: number of agents actioned - nbAgentsActionCreated: - type: number - description: number of agents included in action from kibana - nbAgentsAck: - type: number - description: number of agents that acknowledged the action - nbAgentsFailed: - type: number - description: number of agents that failed to execute the action - version: - type: string - description: agent version number (UPGRADE action) - startTime: - type: string - description: start time of action (scheduled actions) - type: - type: string - enum: - - POLICY_REASSIGN - - UPGRADE - - UNENROLL - - FORCE_UNENROLL - - UPDATE_TAGS - - CANCEL - - REQUEST_DIAGNOSTICS - - SETTINGS - - POLICY_CHANGE - - INPUT_ACTION - expiration: - type: string - completionTime: - type: string - cancellationTime: - type: string - newPolicyId: - type: string - description: new policy id (POLICY_REASSIGN action) - policyId: - type: string - description: policy id (POLICY_CHANGE action) - revision: - type: string - description: new policy revision (POLICY_CHANGE action) - creationTime: - type: string - description: creation time of action - latestErrors: - type: array - description: latest errors that happened when the agents executed the action - items: - type: object - properties: - agentId: - type: string - error: - type: string - timestamp: - type: string - required: - - actionId - - complete - - nbAgentsActioned - - nbAgentsActionCreated - - nbAgentsAck - - nbAgentsFailed - - status - - creationTime - - type - required: - - items - '400': - $ref: ../components/responses/error.yaml - operationId: agents-action-status diff --git a/x-pack/plugins/fleet/common/openapi/paths/agents@actions@{action_id}@cancel.yaml b/x-pack/plugins/fleet/common/openapi/paths/agents@actions@{action_id}@cancel.yaml deleted file mode 100644 index d9ee5127e4b09..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/agents@actions@{action_id}@cancel.yaml +++ /dev/null @@ -1,25 +0,0 @@ -parameters: - - schema: - type: string - name: actionId - in: path - required: true -post: - summary: Cancel agent action - tags: - - Elastic Agent actions - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: ../components/schemas/agent_action.yaml - '400': - $ref: ../components/responses/error.yaml - operationId: agent-action-cancel - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml diff --git a/x-pack/plugins/fleet/common/openapi/paths/agents@bulk_reassign.yaml b/x-pack/plugins/fleet/common/openapi/paths/agents@bulk_reassign.yaml deleted file mode 100644 index 7876e51ea341c..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/agents@bulk_reassign.yaml +++ /dev/null @@ -1,42 +0,0 @@ -post: - summary: Bulk reassign agents - tags: - - Elastic Agents - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - actionId: - type: string - '400': - $ref: ../components/responses/error.yaml - operationId: bulk-reassign-agents - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml - requestBody: - content: - application/json: - schema: - type: object - properties: - policy_id: - type: string - description: new agent policy id - agents: - oneOf: - - type: string - description: KQL query string, leave empty to action all agents - - type: array - items: - type: string - description: list of agent IDs - required: - - policy_id - - agents - example: - policy_id: policy_id - agents: 'fleet-agents.policy_id : ("policy1" or "policy2")' diff --git a/x-pack/plugins/fleet/common/openapi/paths/agents@bulk_request_diagnostics.yaml b/x-pack/plugins/fleet/common/openapi/paths/agents@bulk_request_diagnostics.yaml deleted file mode 100644 index 8d8e03539650d..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/agents@bulk_request_diagnostics.yaml +++ /dev/null @@ -1,46 +0,0 @@ -post: - summary: Bulk request diagnostics from agents - tags: - - Elastic Agents - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - actionId: - type: string - '400': - $ref: ../components/responses/error.yaml - operationId: bulk-request-diagnostics - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml - requestBody: - content: - application/json: - schema: - type: object - properties: - batchSize: - type: number - agents: - oneOf: - - type: string - description: KQL query string, leave empty to action all agents - - type: array - items: - type: string - description: list of agent IDs - additional_metrics: - type: array - items: - oneOf: - - type: string - enum: - - "CPU" - required: - - agents - example: - agents: 'fleet-agents.policy_id : ("policy1" or "policy2")' diff --git a/x-pack/plugins/fleet/common/openapi/paths/agents@bulk_unenroll.yaml b/x-pack/plugins/fleet/common/openapi/paths/agents@bulk_unenroll.yaml deleted file mode 100644 index b0e40b1f70408..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/agents@bulk_unenroll.yaml +++ /dev/null @@ -1,48 +0,0 @@ -post: - summary: Bulk unenroll agents - tags: - - Elastic Agents - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - actionId: - type: string - '400': - $ref: ../components/responses/error.yaml - operationId: bulk-unenroll-agents - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml - requestBody: - content: - application/json: - schema: - type: object - properties: - agents: - oneOf: - - type: string - description: KQL query string, leave empty to action all agents - - type: array - items: - type: string - description: list of agent IDs - revoke: - type: boolean - description: Revokes API keys of agents - force: - type: boolean - description: Unenrolls hosted agents too - includeInactive: - type: boolean - description: When passing agents by KQL query, unenrolls inactive agents too - required: - - agents - example: - revoke: true - force: false - agents: [agent1, agent2] diff --git a/x-pack/plugins/fleet/common/openapi/paths/agents@bulk_update_tags.yaml b/x-pack/plugins/fleet/common/openapi/paths/agents@bulk_update_tags.yaml deleted file mode 100644 index 075068d1faa41..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/agents@bulk_update_tags.yaml +++ /dev/null @@ -1,49 +0,0 @@ -post: - summary: Bulk update agent tags - tags: - - Elastic Agents - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - actionId: - type: string - '400': - $ref: ../components/responses/error.yaml - operationId: bulk-update-agent-tags - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml - requestBody: - content: - application/json: - schema: - type: object - properties: - agents: - oneOf: - - type: string - description: KQL query string, leave empty to action all agents - - type: array - items: - type: string - description: list of agent IDs - tagsToAdd: - type: array - items: - type: string - tagsToRemove: - type: array - items: - type: string - batchSize: - type: number - required: - - agents - example: - agents: [agent1, agent2] - tagsToAdd: [newTag] - tagsToRemove: [existingTag] diff --git a/x-pack/plugins/fleet/common/openapi/paths/agents@bulk_upgrade.yaml b/x-pack/plugins/fleet/common/openapi/paths/agents@bulk_upgrade.yaml deleted file mode 100644 index 5bb61e7f841b9..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/agents@bulk_upgrade.yaml +++ /dev/null @@ -1,31 +0,0 @@ -post: - summary: Bulk upgrade agents - tags: - - Elastic Agents - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - actionId: - type: string - '400': - $ref: ../components/responses/error.yaml - operationId: bulk-upgrade-agents - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml - requestBody: - required: true - content: - application/json: - schema: - $ref: ../components/schemas/bulk_upgrade_agents.yaml - example: - version: 8.4.0 - source_uri: https://artifacts.elastic.co/downloads/beats/elastic-agent - rollout_duration_seconds: 3600 - agents: [agent1, agent2] - start_time: 2022-08-03T14:00:00.000Z diff --git a/x-pack/plugins/fleet/common/openapi/paths/agents@current_upgrades.yaml b/x-pack/plugins/fleet/common/openapi/paths/agents@current_upgrades.yaml deleted file mode 100644 index bae7b2ababf08..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/agents@current_upgrades.yaml +++ /dev/null @@ -1,41 +0,0 @@ -get: - summary: List current bulk upgrade operations - tags: - - Elastic Agents - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - type: object - properties: - actionId: - type: string - complete: - type: boolean - nbAgents: - type: number - nbAgentsAck: - type: number - version: - type: string - startTime: - type: string - required: - - actionId - - complete - - nbAgents - - nbAgentsAck - - version - - startTime - required: - - items - '400': - $ref: ../components/responses/error.yaml - operationId: agents-current-upgrades diff --git a/x-pack/plugins/fleet/common/openapi/paths/agents@files@{file_id}.yaml b/x-pack/plugins/fleet/common/openapi/paths/agents@files@{file_id}.yaml deleted file mode 100644 index 85448279111aa..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/agents@files@{file_id}.yaml +++ /dev/null @@ -1,28 +0,0 @@ -parameters: - - schema: - type: string - name: fileId - in: path - required: true -delete: - summary: Delete file uploaded by agent - tags: - - Elastic Agents - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - body: - type: object - properties: - id: - type: string - deleted: - type: boolean - '400': - $ref: ../components/responses/error.yaml - operationId: delete-agent-upload-file diff --git a/x-pack/plugins/fleet/common/openapi/paths/agents@files@{file_id}@{file_name}.yaml b/x-pack/plugins/fleet/common/openapi/paths/agents@files@{file_id}@{file_name}.yaml deleted file mode 100644 index 057fae5672007..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/agents@files@{file_id}@{file_name}.yaml +++ /dev/null @@ -1,34 +0,0 @@ -parameters: - - schema: - type: string - name: fileId - in: path - required: true - - schema: - type: string - name: fileName - in: path - required: true -get: - summary: Get file uploaded by agent - tags: - - Elastic Agents - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - body: - type: object - properties: - items: - type: object - properties: - body: {} - headers: {} - '400': - $ref: ../components/responses/error.yaml - operationId: get-agent-upload-file diff --git a/x-pack/plugins/fleet/common/openapi/paths/agents@setup.yaml b/x-pack/plugins/fleet/common/openapi/paths/agents@setup.yaml deleted file mode 100644 index 1a623eb9cf3c3..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/agents@setup.yaml +++ /dev/null @@ -1,45 +0,0 @@ -get: - summary: Get agent setup info - tags: - - Elastic Agents - responses: - '200': - description: OK - content: - application/json: - schema: - $ref: ../components/schemas/fleet_status_response.yaml - '400': - $ref: ../components/responses/error.yaml - operationId: get-agents-setup-status - security: - - basicAuth: [] -post: - summary: Initiate agent setup - tags: - - Elastic Agents - operationId: setup-agents - responses: - '200': - description: OK - content: - application/json: - schema: - $ref: ../components/schemas/fleet_setup_response.yaml - '400': - $ref: ../components/responses/error.yaml - requestBody: - content: - application/json: - schema: - type: object - properties: - admin_username: - type: string - admin_password: - type: string - required: - - admin_username - - admin_password - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml diff --git a/x-pack/plugins/fleet/common/openapi/paths/agents@{agent_id}.yaml b/x-pack/plugins/fleet/common/openapi/paths/agents@{agent_id}.yaml deleted file mode 100644 index 108ea113c8e5e..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/agents@{agent_id}.yaml +++ /dev/null @@ -1,84 +0,0 @@ -parameters: - - schema: - type: string - name: agentId - in: path - required: true -get: - summary: Get agent by ID - tags: - - Elastic Agents - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: ../components/schemas/agent.yaml - required: - - item - '400': - $ref: ../components/responses/error.yaml - operationId: get-agent - parameters: - - $ref: ../components/parameters/with_metrics.yaml -put: - summary: Update agent by ID - tags: - - Elastic Agents - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: ../components/schemas/agent.yaml - required: - - item - '400': - $ref: ../components/responses/error.yaml - operationId: update-agent - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml - requestBody: - required: true - content: - application/json: - schema: - type: object - properties: - user_provided_metadata: - type: object - tags: - type: array - items: - type: string -delete: - summary: Delete agent by ID - tags: - - Elastic Agents - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - action: - type: string - enum: - - deleted - required: - - action - '400': - $ref: ../components/responses/error.yaml - operationId: delete-agent - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml diff --git a/x-pack/plugins/fleet/common/openapi/paths/agents@{agent_id}@actions.yaml b/x-pack/plugins/fleet/common/openapi/paths/agents@{agent_id}@actions.yaml deleted file mode 100644 index 4443bb4573985..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/agents@{agent_id}@actions.yaml +++ /dev/null @@ -1,40 +0,0 @@ -parameters: - - schema: - type: string - name: agentId - in: path - required: true -post: - summary: Create agent action - tags: - - Elastic Agent actions - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - body: - type: array - items: - type: number - statusCode: - type: number - headers: - type: string - '400': - $ref: ../components/responses/error.yaml - operationId: new-agent-action - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml - requestBody: - required: true - content: - application/json: - schema: - type: object - properties: - action: - $ref: ../components/schemas/agent_action.yaml diff --git a/x-pack/plugins/fleet/common/openapi/paths/agents@{agent_id}@reassign.yaml b/x-pack/plugins/fleet/common/openapi/paths/agents@{agent_id}@reassign.yaml deleted file mode 100644 index 3f6ce412fc51e..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/agents@{agent_id}@reassign.yaml +++ /dev/null @@ -1,61 +0,0 @@ -parameters: - - schema: - type: string - name: agentId - in: path - required: true -post: - summary: Reassign agent - tags: - - Elastic Agents - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - '400': - $ref: ../components/responses/error.yaml - operationId: reassign-agent - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml - requestBody: - required: true - content: - application/json: - schema: - type: object - properties: - policy_id: - type: string - required: - - policy_id -put: - summary: Reassign agent - tags: - - Elastic Agents - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - '400': - $ref: ../components/responses/error.yaml - operationId: reassign-agent-deprecated - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml - requestBody: - required: true - content: - application/json: - schema: - type: object - properties: - policy_id: - type: string - required: - - policy_id - deprecated: true diff --git a/x-pack/plugins/fleet/common/openapi/paths/agents@{agent_id}@request_diagnostics.yaml b/x-pack/plugins/fleet/common/openapi/paths/agents@{agent_id}@request_diagnostics.yaml deleted file mode 100644 index 4ecfe08e5b783..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/agents@{agent_id}@request_diagnostics.yaml +++ /dev/null @@ -1,38 +0,0 @@ -parameters: - - schema: - type: string - name: agentId - in: path - required: true -post: - summary: Request agent diagnostics - tags: - - Elastic Agents - requestBody: - content: - application/json: - schema: - type: object - properties: - additional_metrics: - type: array - items: - oneOf: - - type: string - enum: - - "CPU" - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - actionId: - type: string - '400': - $ref: ../components/responses/error.yaml - operationId: request-diagnostics-agent - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml diff --git a/x-pack/plugins/fleet/common/openapi/paths/agents@{agent_id}@unenroll.yaml b/x-pack/plugins/fleet/common/openapi/paths/agents@{agent_id}@unenroll.yaml deleted file mode 100644 index 8a44b0219ed8a..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/agents@{agent_id}@unenroll.yaml +++ /dev/null @@ -1,45 +0,0 @@ -parameters: - - schema: - type: string - name: agentId - in: path - required: true -post: - summary: Unenroll agent - tags: - - Elastic Agents - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - '400': - description: BAD REQUEST - content: - application/json: - schema: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - enum: - - 400 - operationId: unenroll-agent - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml - requestBody: - content: - application/json: - schema: - type: object - properties: - revoke: - type: boolean - force: - type: boolean diff --git a/x-pack/plugins/fleet/common/openapi/paths/agents@{agent_id}@upgrade.yaml b/x-pack/plugins/fleet/common/openapi/paths/agents@{agent_id}@upgrade.yaml deleted file mode 100644 index eb23e39018f2e..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/agents@{agent_id}@upgrade.yaml +++ /dev/null @@ -1,28 +0,0 @@ -parameters: - - schema: - type: string - name: agentId - in: path - required: true -post: - summary: Upgrade agent - tags: - - Elastic Agents - responses: - '200': - description: OK - content: - application/json: - schema: - $ref: ../components/schemas/upgrade_agent.yaml - '400': - $ref: ../components/responses/error.yaml - operationId: upgrade-agent - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml - requestBody: - required: true - content: - application/json: - schema: - $ref: ../components/schemas/upgrade_agent.yaml diff --git a/x-pack/plugins/fleet/common/openapi/paths/agents@{agent_id}@uploads.yaml b/x-pack/plugins/fleet/common/openapi/paths/agents@{agent_id}@uploads.yaml deleted file mode 100644 index 1e751bc338c52..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/agents@{agent_id}@uploads.yaml +++ /dev/null @@ -1,28 +0,0 @@ -parameters: - - schema: - type: string - name: agentId - in: path - required: true -get: - summary: List agent uploads - tags: - - Elastic Agents - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - body: - type: object - properties: - item: - type: array - items: - $ref: ../components/schemas/agent_diagnostics.yaml - '400': - $ref: ../components/responses/error.yaml - operationId: list-agent-uploads diff --git a/x-pack/plugins/fleet/common/openapi/paths/data_streams.yaml b/x-pack/plugins/fleet/common/openapi/paths/data_streams.yaml deleted file mode 100644 index bb8c667ba933e..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/data_streams.yaml +++ /dev/null @@ -1,20 +0,0 @@ -get: - summary: List data streams - tags: - - Data streams - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - data_streams: - type: array - items: - $ref: ../components/schemas/data_stream.yaml - '400': - $ref: ../components/responses/error.yaml - operationId: data-streams-list -parameters: [] diff --git a/x-pack/plugins/fleet/common/openapi/paths/enrollment_api_keys.yaml b/x-pack/plugins/fleet/common/openapi/paths/enrollment_api_keys.yaml deleted file mode 100644 index 7da2e9374353b..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/enrollment_api_keys.yaml +++ /dev/null @@ -1,76 +0,0 @@ -get: - summary: List enrollment API keys - tags: - - Fleet enrollment API keys - parameters: - - $ref: ../components/parameters/page_size.yaml - - $ref: ../components/parameters/page_index.yaml - - $ref: ../components/parameters/kuery.yaml - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - list: - type: array - items: - $ref: ../components/schemas/enrollment_api_key.yaml - deprecated: true - items: - type: array - items: - $ref: ../components/schemas/enrollment_api_key.yaml - page: - type: number - perPage: - type: number - total: - type: number - required: - - items - - page - - perPage - - total - '400': - $ref: ../components/responses/error.yaml - operationId: get-enrollment-api-keys -post: - summary: Create enrollment API key - tags: - - Fleet enrollment API keys - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: ../components/schemas/enrollment_api_key.yaml - action: - type: string - enum: - - created - '400': - $ref: ../components/responses/error.yaml - requestBody: - content: - application/json: - schema: - type: object - properties: - name: - type: string - description: The name of the enrollment API key. Must be unique. - policy_id: - type: string - description: The ID of the agent policy the Elastic Agent will be enrolled in. - required: - - policy_id - operationId: create-enrollment-api-keys - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml diff --git a/x-pack/plugins/fleet/common/openapi/paths/enrollment_api_keys@{key_id}.yaml b/x-pack/plugins/fleet/common/openapi/paths/enrollment_api_keys@{key_id}.yaml deleted file mode 100644 index f0f8be73d8666..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/enrollment_api_keys@{key_id}.yaml +++ /dev/null @@ -1,48 +0,0 @@ -parameters: - - schema: - type: string - name: keyId - in: path - required: true -get: - summary: Get enrollment API key by ID - tags: - - Fleet enrollment API keys - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: ../components/schemas/enrollment_api_key.yaml - required: - - item - '400': - $ref: ../components/responses/error.yaml - operationId: get-enrollment-api-key -delete: - summary: Revoke enrollment API key by ID by marking it as inactive - tags: - - Fleet enrollment API keys - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - action: - type: string - enum: - - deleted - required: - - action - '400': - $ref: ../components/responses/error.yaml - operationId: delete-enrollment-api-key - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml diff --git a/x-pack/plugins/fleet/common/openapi/paths/enrollment_api_keys@{key_id}_deprecated.yaml b/x-pack/plugins/fleet/common/openapi/paths/enrollment_api_keys@{key_id}_deprecated.yaml deleted file mode 100644 index ff3a6e8962557..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/enrollment_api_keys@{key_id}_deprecated.yaml +++ /dev/null @@ -1,50 +0,0 @@ -parameters: - - schema: - type: string - name: keyId - in: path - required: true -get: - summary: Get enrollment API key by ID - tags: - - Fleet enrollment API keys - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: ../components/schemas/enrollment_api_key.yaml - required: - - item - '400': - $ref: ../components/responses/error.yaml - operationId: get-enrollment-api-key-deprecated - deprecated: true -delete: - summary: Delete enrollment API key by ID - tags: - - Fleet enrollment API keys - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - action: - type: string - enum: - - deleted - required: - - action - '400': - $ref: ../components/responses/error.yaml - operationId: delete-enrollment-api-key-deprecated - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml - deprecated: true diff --git a/x-pack/plugins/fleet/common/openapi/paths/enrollment_api_keys_deprecated.yaml b/x-pack/plugins/fleet/common/openapi/paths/enrollment_api_keys_deprecated.yaml deleted file mode 100644 index 9ac906cb1dc0f..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/enrollment_api_keys_deprecated.yaml +++ /dev/null @@ -1,61 +0,0 @@ -get: - summary: List enrollment API keys - tags: - - Fleet enrollment API keys - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - list: - type: array - items: - $ref: ../components/schemas/enrollment_api_key.yaml - deprecated: true - items: - type: array - items: - $ref: ../components/schemas/enrollment_api_key.yaml - page: - type: number - perPage: - type: number - total: - type: number - required: - - items - - page - - perPage - - total - '400': - $ref: ../components/responses/error.yaml - operationId: get-enrollment-api-keys-deprecated - parameters: [] - deprecated: true -post: - summary: Create enrollment API key - tags: - - Fleet enrollment API keys - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: ../components/schemas/enrollment_api_key.yaml - action: - type: string - enum: - - created - '400': - $ref: ../components/responses/error.yaml - operationId: create-enrollment-api-keys-deprecated - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml - deprecated: true diff --git a/x-pack/plugins/fleet/common/openapi/paths/epm@bulk_assets.yaml b/x-pack/plugins/fleet/common/openapi/paths/epm@bulk_assets.yaml deleted file mode 100644 index a870d8842d7e7..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/epm@bulk_assets.yaml +++ /dev/null @@ -1,32 +0,0 @@ -post: - summary: Bulk get assets - tags: - - Elastic Package Manager (EPM) - responses: - '200': - description: OK - content: - application/json: - schema: - $ref: ../components/schemas/get_bulk_assets_response.yaml - '400': - $ref: ../components/responses/error.yaml - operationId: bulk-get-assets - requestBody: - content: - application/json: - schema: - type: object - properties: - assetIds: - type: array - items: - type: object - properties: - type: - type: string - id: - type: string - description: list of items necessary to fetch assets - required: - - assetIds diff --git a/x-pack/plugins/fleet/common/openapi/paths/epm@categories.yaml b/x-pack/plugins/fleet/common/openapi/paths/epm@categories.yaml deleted file mode 100644 index e733f780abe04..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/epm@categories.yaml +++ /dev/null @@ -1,33 +0,0 @@ -get: - summary: List package categories - tags: - - Elastic Package Manager (EPM) - responses: - '200': - description: OK - content: - application/json: - schema: - $ref: ../components/schemas/get_categories_response.yaml - '400': - $ref: ../components/responses/error.yaml - operationId: get-package-categories -parameters: - - in: query - name: prerelease - schema: - type: boolean - default: false - description: >- - Whether to include prerelease packages in categories count (e.g. beta, rc, preview) - - in: query - name: experimental - deprecated: true - schema: - type: boolean - default: false - - in: query - name: include_policy_templates - schema: - type: boolean - default: false diff --git a/x-pack/plugins/fleet/common/openapi/paths/epm@get_file.yaml b/x-pack/plugins/fleet/common/openapi/paths/epm@get_file.yaml deleted file mode 100644 index b85b72938feda..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/epm@get_file.yaml +++ /dev/null @@ -1,37 +0,0 @@ -get: - summary: Get package file - tags: - - Elastic Package Manager (EPM) - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - body: - type: object - statusCode: - type: number - headers: - type: object - '400': - $ref: ../components/responses/error.yaml - operationId: packages-get-file -parameters: - - schema: - type: string - name: pkgName - in: path - required: true - - schema: - type: string - name: pkgVersion - in: path - required: true - - schema: - type: string - name: filePath - in: path - required: true diff --git a/x-pack/plugins/fleet/common/openapi/paths/epm@limited_list.yaml b/x-pack/plugins/fleet/common/openapi/paths/epm@limited_list.yaml deleted file mode 100644 index a54c45782d3ae..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/epm@limited_list.yaml +++ /dev/null @@ -1,20 +0,0 @@ -get: - summary: Get limited package list - tags: - - Elastic Package Manager (EPM) - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - type: string - '400': - $ref: ../components/responses/error.yaml - operationId: list-limited-packages -parameters: [] diff --git a/x-pack/plugins/fleet/common/openapi/paths/epm@packages.yaml b/x-pack/plugins/fleet/common/openapi/paths/epm@packages.yaml deleted file mode 100644 index 7eaf0b6584915..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/epm@packages.yaml +++ /dev/null @@ -1,109 +0,0 @@ -get: - summary: List packages - tags: - - Elastic Package Manager (EPM) - responses: - '200': - description: OK - content: - application/json: - schema: - $ref: ../components/schemas/get_packages_response.yaml - '400': - $ref: ../components/responses/error.yaml - operationId: list-all-packages - parameters: - - in: query - name: excludeInstallStatus - schema: - type: boolean - default: false - description: >- - Whether to exclude the install status of each package. Enabling this option will opt in to - caching for the response via `cache-control` headers. If you don't need up-to-date installation - info for a package, and are querying for a list of available packages, providing this flag can - improve performance substantially. - - in: query - name: prerelease - schema: - type: boolean - default: false - description: >- - Whether to return prerelease versions of packages (e.g. beta, rc, preview) - - in: query - name: experimental - deprecated: true - schema: - type: boolean - default: false - - in: query - name: category - schema: - type: string -post: - summary: Install by package by direct upload - tags: - - Elastic Package Manager (EPM) - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - type: object - properties: - id: - type: string - type: - oneOf: - - $ref: ../components/schemas/kibana_saved_object_type.yaml - - $ref: ../components/schemas/elasticsearch_asset_type.yaml - required: - - id - - type - _meta: - type: object - properties: - install_source: - type: string - enum: - - upload - - registry - - bundled - required: - - items - '400': - $ref: ../components/responses/error.yaml - '429': - $ref: ../components/responses/error.yaml - operationId: install-package-by-upload - description: '' - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml - - in: query - name: ignoreMappingUpdateErrors - schema: - type: boolean - default: false - description: avoid erroring out on unexpected mapping update errors - - in: query - name: skipDataStreamRollover - schema: - type: boolean - default: false - description: Skip data stream rollover during index template mapping or settings update - requestBody: - content: - application/zip: - schema: - type: string - format: binary - application/gzip: - schema: - type: string - format: binary diff --git a/x-pack/plugins/fleet/common/openapi/paths/epm@packages@{pkg_name}@stats.yaml b/x-pack/plugins/fleet/common/openapi/paths/epm@packages@{pkg_name}@stats.yaml deleted file mode 100644 index f90a275cd19b6..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/epm@packages@{pkg_name}@stats.yaml +++ /dev/null @@ -1,27 +0,0 @@ -get: - summary: Get package stats - tags: - - Elastic Package Manager (EPM) - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - response: - $ref: ../components/schemas/package_usage_stats.yaml - required: - - response - '400': - $ref: ../components/responses/error.yaml - operationId: get-package-stats - security: - - basicAuth: [] -parameters: - - schema: - type: string - name: pkgName - in: path - required: true diff --git a/x-pack/plugins/fleet/common/openapi/paths/epm@packages@{pkg_name}@{pkg_version}.yaml b/x-pack/plugins/fleet/common/openapi/paths/epm@packages@{pkg_name}@{pkg_version}.yaml deleted file mode 100644 index 6956cbb9d8575..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/epm@packages@{pkg_name}@{pkg_version}.yaml +++ /dev/null @@ -1,222 +0,0 @@ -get: - summary: Get package - tags: - - Elastic Package Manager (EPM) - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - allOf: - - properties: - item: - $ref: ../components/schemas/package_info.yaml - - properties: - status: - type: string - enum: - - installed - - installing - - install_failed - - not_installed - savedObject: - type: object - deprecated: true - latestVersion: - type: string - keepPoliciesUpToDate: - type: boolean - notice: - type: string - licensePath: - type: string - required: - - status - - savedObject - '400': - $ref: ../components/responses/error.yaml - operationId: get-package - security: - - basicAuth: [] -parameters: - - schema: - type: string - name: pkgName - in: path - required: true - - schema: - type: string - name: pkgVersion - in: path - required: true - - schema: - type: boolean - name: ignoreUnverified - description: 'Ignore if the package is fails signature verification' - in: query - - schema: - type: boolean - name: full - description: 'Return all fields from the package manifest, not just those supported by the Elastic Package Registry' - in: query - - in: query - name: prerelease - schema: - type: boolean - default: false - description: >- - Whether to return prerelease versions of packages (e.g. beta, rc, preview) -post: - summary: Install package - tags: - - Elastic Package Manager (EPM) - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - type: object - properties: - id: - type: string - type: - oneOf: - - $ref: ../components/schemas/kibana_saved_object_type.yaml - - $ref: ../components/schemas/elasticsearch_asset_type.yaml - required: - - id - - type - _meta: - type: object - properties: - install_source: - type: string - enum: - - registry - - upload - - bundled - required: - - items - '400': - $ref: ../components/responses/error.yaml - operationId: install-package - description: '' - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml - - in: query - name: ignoreMappingUpdateErrors - schema: - type: boolean - default: false - description: avoid erroring out on unexpected mapping update errors - - in: query - name: skipDataStreamRollover - schema: - type: boolean - default: false - description: Skip data stream rollover during index template mapping or settings update - requestBody: - content: - application/json: - schema: - type: object - properties: - force: - type: boolean - ignore_constraints: - type: boolean -put: - summary: Update package settings - tags: - - Elastic Package Manager (EPM) - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - type: object - properties: - id: - type: string - type: - oneOf: - - $ref: ../components/schemas/kibana_saved_object_type.yaml - - $ref: ../components/schemas/elasticsearch_asset_type.yaml - required: - - id - - type - required: - - items - '400': - $ref: ../components/responses/error.yaml - operationId: update-package - description: '' - requestBody: - content: - application/json: - schema: - type: object - properties: - keepPoliciesUpToDate: - type: boolean -delete: - summary: Delete package - tags: - - Elastic Package Manager (EPM) - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - type: object - properties: - id: - type: string - type: - oneOf: - - $ref: ../components/schemas/kibana_saved_object_type.yaml - - $ref: ../components/schemas/elasticsearch_asset_type.yaml - required: - - id - - type - required: - - items - '400': - $ref: ../components/responses/error.yaml - operationId: delete-package - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml - - schema: - type: boolean - name: force - description: delete package even if policies used by agents - in: query - requestBody: - content: - application/json: - schema: - type: object - deprecated: true - properties: - force: - type: boolean diff --git a/x-pack/plugins/fleet/common/openapi/paths/epm@packages@{pkg_name}@{pkg_version}@transforms@authorize.yaml b/x-pack/plugins/fleet/common/openapi/paths/epm@packages@{pkg_name}@{pkg_version}@transforms@authorize.yaml deleted file mode 100644 index 718e6e594c008..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/epm@packages@{pkg_name}@{pkg_version}@transforms@authorize.yaml +++ /dev/null @@ -1,64 +0,0 @@ -post: - summary: Authorize transforms - tags: - - Elastic Package Manager (EPM) - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - type: object - properties: - transformId: - type: string - success: - type: boolean - error: - type: string - required: - - transformId - - error - required: - - items - '400': - $ref: ../components/responses/error.yaml - operationId: reauthorize-transforms - description: '' - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml - - schema: - type: string - name: pkgName - in: path - required: true - - schema: - type: string - name: pkgVersion - in: path - required: true - - in: query - name: prerelease - schema: - type: boolean - default: false - description: >- - Whether to include prerelease packages in categories count (e.g. beta, rc, preview) - requestBody: - content: - application/json: - schema: - type: object - properties: - transforms: - type: array - items: - type: object - properties: - transformId: - type: string diff --git a/x-pack/plugins/fleet/common/openapi/paths/epm@packages@{pkgkey}_deprecated.yaml b/x-pack/plugins/fleet/common/openapi/paths/epm@packages@{pkgkey}_deprecated.yaml deleted file mode 100644 index fcc83566443a8..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/epm@packages@{pkgkey}_deprecated.yaml +++ /dev/null @@ -1,154 +0,0 @@ -get: - summary: Get package - tags: - - Elastic Package Manager (EPM) - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - allOf: - - properties: - response: - $ref: ../components/schemas/package_info.yaml - - properties: - status: - type: string - enum: - - installed - - installing - - install_failed - - not_installed - savedObject: - type: string - required: - - status - - savedObject - '400': - $ref: ../components/responses/error.yaml - operationId: get-package-deprecated - security: - - basicAuth: [] - parameters: - - schema: - type: string - name: pkgkey - in: path - required: true - - in: query - name: prerelease - schema: - type: boolean - default: false - description: >- - Whether to return prerelease versions of packages (e.g. beta, rc, preview) - deprecated: true -post: - summary: Install package - tags: - - Elastic Package Manager (EPM) - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - response: - type: array - items: - type: object - properties: - id: - type: string - type: - oneOf: - - $ref: ../components/schemas/kibana_saved_object_type.yaml - - $ref: ../components/schemas/elasticsearch_asset_type.yaml - required: - - id - - type - required: - - response - '400': - $ref: ../components/responses/error.yaml - operationId: install-package-deprecated - description: '' - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml - - schema: - type: string - name: pkgkey - in: path - required: true - - in: query - name: ignoreMappingUpdateErrors - schema: - type: boolean - default: false - description: avoid erroring out on unexpected mapping update errors - - in: query - name: skipDataStreamRollover - schema: - type: boolean - default: false - description: Skip data stream rollover during index template mapping or settings update - requestBody: - content: - application/json: - schema: - type: object - properties: - force: - type: boolean - deprecated: true -delete: - summary: Delete ackage - tags: - - Elastic Package Manager (EPM) - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - response: - type: array - items: - type: object - properties: - id: - type: string - type: - oneOf: - - $ref: ../components/schemas/kibana_saved_object_type.yaml - - $ref: ../components/schemas/elasticsearch_asset_type.yaml - required: - - id - - type - required: - - response - '400': - $ref: ../components/responses/error.yaml - operationId: delete-package-deprecated - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml - - schema: - type: string - name: pkgkey - in: path - required: true - requestBody: - content: - application/json: - schema: - type: object - properties: - force: - type: boolean - deprecated: true diff --git a/x-pack/plugins/fleet/common/openapi/paths/epm@packages_bulk.yaml b/x-pack/plugins/fleet/common/openapi/paths/epm@packages_bulk.yaml deleted file mode 100644 index 7a3b3f293cf87..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/epm@packages_bulk.yaml +++ /dev/null @@ -1,48 +0,0 @@ -post: - summary: Bulk install packages - tags: - - Elastic Package Manager (EPM) - responses: - '200': - description: OK - content: - application/json: - schema: - $ref: ../components/schemas/bulk_install_packages_response.yaml - '400': - $ref: ../components/responses/error.yaml - operationId: bulk-install-packages - parameters: - - in: query - name: prerelease - schema: - type: boolean - default: false - description: >- - Whether to return prerelease versions of packages (e.g. beta, rc, preview) - requestBody: - content: - application/json: - schema: - type: object - properties: - packages: - type: array - items: - oneOf: - - type: string - description: package name - - type: object - properties: - name: - type: string - description: package name - version: - type: string - description: package version - description: list of packages to install - force: - type: boolean - description: force install to ignore package verification errors - required: - - packages diff --git a/x-pack/plugins/fleet/common/openapi/paths/epm@templates@{pkg_name}@{pkg_version}@inputs.yaml b/x-pack/plugins/fleet/common/openapi/paths/epm@templates@{pkg_name}@{pkg_version}@inputs.yaml deleted file mode 100644 index 8e2913e9ae331..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/epm@templates@{pkg_name}@{pkg_version}@inputs.yaml +++ /dev/null @@ -1,42 +0,0 @@ -get: - summary: Get inputs template - tags: - - Elastic Package Manager (EPM) - responses: - '400': - $ref: ../components/responses/error.yaml - '200': - description: OK - operationId: get-inputs-template - security: - - basicAuth: [] -parameters: - - schema: - type: string - name: pkgName - in: path - required: true - - schema: - type: string - name: pkgVersion - in: path - required: true - - schema: - type: string - enum: - - json - - yaml - - yml - name: format - description: 'Format of response - json or yaml' - in: query - - schema: - type: boolean - name: prerelease - description: 'Specify if version is prerelease' - in: query - - schema: - type: boolean - name: ignoreUnverified - description: 'Ignore if the package is fails signature verification' - in: query diff --git a/x-pack/plugins/fleet/common/openapi/paths/epm@verification_key_id.yaml b/x-pack/plugins/fleet/common/openapi/paths/epm@verification_key_id.yaml deleted file mode 100644 index 24de03ab52cd8..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/epm@verification_key_id.yaml +++ /dev/null @@ -1,27 +0,0 @@ -get: - summary: Get package signature verification key ID - tags: - - Elastic Package Manager (EPM) - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - body: - type: object - properties: - id: - type: string - nullable: true - description: the key ID of the GPG key used to verify package signatures - statusCode: - type: number - headers: - type: object - '400': - $ref: ../components/responses/error.yaml - operationId: packages-get-verification-key-id -parameters: [] diff --git a/x-pack/plugins/fleet/common/openapi/paths/fleet_server_hosts.yaml b/x-pack/plugins/fleet/common/openapi/paths/fleet_server_hosts.yaml deleted file mode 100644 index 907e7468751a3..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/fleet_server_hosts.yaml +++ /dev/null @@ -1,66 +0,0 @@ -get: - summary: List Fleet Server hosts - tags: - - Fleet Server hosts - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - $ref: ../components/schemas/fleet_server_host.yaml - total: - type: integer - page: - type: integer - perPage: - type: integer - '400': - $ref: ../components/responses/error.yaml - operationId: get-fleet-server-hosts -post: - summary: Create Fleet Server host - tags: - - Fleet Server hosts - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: ../components/schemas/fleet_server_host.yaml - '400': - $ref: ../components/responses/error.yaml - requestBody: - content: - application/json: - schema: - type: object - properties: - id: - type: string - name: - type: string - is_default: - type: boolean - is_internal: - type: boolean - proxy_id: - description: The ID of the proxy to use for this fleet server host. See the proxies API for more information. - type: string - host_urls: - type: array - items: - type: string - required: - - name - - host_urls - operationId: post-fleet-server-hosts diff --git a/x-pack/plugins/fleet/common/openapi/paths/fleet_server_hosts@{item_id}.yaml b/x-pack/plugins/fleet/common/openapi/paths/fleet_server_hosts@{item_id}.yaml deleted file mode 100644 index 69c3635b87277..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/fleet_server_hosts@{item_id}.yaml +++ /dev/null @@ -1,87 +0,0 @@ -get: - summary: Get Fleet Server host by ID - tags: - - Fleet Server hosts - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: ../components/schemas/fleet_server_host.yaml - required: - - item - '400': - $ref: ../components/responses/error.yaml - operationId: get-one-fleet-server-hosts -parameters: - - schema: - type: string - name: itemId - in: path - required: true -delete: - summary: Delete Fleet Server host by ID - tags: - - Fleet Server hosts - operationId: delete-fleet-server-hosts - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - id: - type: string - required: - - id - '400': - $ref: ../components/responses/error.yaml - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml -put: - summary: Update Fleet Server host by ID - tags: - - Fleet Server hosts - operationId: update-fleet-server-hosts - requestBody: - content: - application/json: - schema: - type: object - properties: - name: - type: string - is_default: - type: boolean - is_internal: - type: boolean - proxy_id: - description: The ID of the proxy to use for this fleet server host. See the proxies API for more information. - type: string - nullable: true - host_urls: - type: array - items: - type: string - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: ../components/schemas/fleet_server_host.yaml - required: - - item - '400': - $ref: ../components/responses/error.yaml - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml diff --git a/x-pack/plugins/fleet/common/openapi/paths/health_check.yaml b/x-pack/plugins/fleet/common/openapi/paths/health_check.yaml deleted file mode 100644 index 9428e53a46f28..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/health_check.yaml +++ /dev/null @@ -1,39 +0,0 @@ -post: - summary: Fleet Server health check - tags: - - Fleet internals - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - status: - type: string - id: - type: string - description: Fleet Server host id - host: - type: string - deprecated: true - '400': - $ref: ../components/responses/error.yaml - operationId: fleet-server-health-check - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml - requestBody: - required: true - content: - application/json: - schema: - type: object - properties: - id: - type: string - host: - type: string - deprecated: true - required: - - id diff --git a/x-pack/plugins/fleet/common/openapi/paths/kubernetes.yaml b/x-pack/plugins/fleet/common/openapi/paths/kubernetes.yaml deleted file mode 100644 index ccd20bbb8dd7b..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/kubernetes.yaml +++ /dev/null @@ -1,33 +0,0 @@ -get: - summary: Get full K8s agent manifest - tags: - - Fleet Kubernetes - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - type: string - '400': - $ref: ../components/responses/error.yaml - operationId: get-full-k8s-manifest - parameters: - - schema: - type: boolean - name: download - in: query - required: false - - schema: - type: string - name: fleetServer - in: query - required: false - - schema: - type: string - name: enrolToken - in: query - required: false diff --git a/x-pack/plugins/fleet/common/openapi/paths/logstash_api_keys.yaml b/x-pack/plugins/fleet/common/openapi/paths/logstash_api_keys.yaml deleted file mode 100644 index 3fcec0937916f..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/logstash_api_keys.yaml +++ /dev/null @@ -1,19 +0,0 @@ -post: - summary: Generate Logstash API key - tags: - - Fleet outputs - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - api_key: - type: string - '400': - $ref: ../components/responses/error.yaml - operationId: generate-logstash-api-key - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml diff --git a/x-pack/plugins/fleet/common/openapi/paths/output_health@{output_id}.yaml b/x-pack/plugins/fleet/common/openapi/paths/output_health@{output_id}.yaml deleted file mode 100644 index 9b7dbb1888963..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/output_health@{output_id}.yaml +++ /dev/null @@ -1,31 +0,0 @@ -get: - summary: Get latest output health - tags: - - Fleet outputs - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - state: - type: string - description: state of output, HEALTHY or DEGRADED - message: - type: string - description: long message if unhealthy - timestamp: - type: string - description: timestamp of reported state - '400': - $ref: ../components/responses/error.yaml - operationId: get-output-health -parameters: - - schema: - type: string - name: outputId - in: path - required: true - diff --git a/x-pack/plugins/fleet/common/openapi/paths/outputs.yaml b/x-pack/plugins/fleet/common/openapi/paths/outputs.yaml deleted file mode 100644 index 39d527d6e1bb4..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/outputs.yaml +++ /dev/null @@ -1,48 +0,0 @@ -get: - summary: List outputs - tags: - - Fleet outputs - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - $ref: ../components/schemas/output_create_request.yaml - total: - type: integer - page: - type: integer - perPage: - type: integer - '400': - $ref: ../components/responses/error.yaml - operationId: get-outputs -post: - summary: Create output - tags: - - Fleet outputs - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: ../components/schemas/output_create_request.yaml - '400': - $ref: ../components/responses/error.yaml - requestBody: - required: true - content: - application/json: - schema: - $ref: ../components/schemas/output_create_request.yaml - operationId: post-outputs diff --git a/x-pack/plugins/fleet/common/openapi/paths/outputs@{output_id}.yaml b/x-pack/plugins/fleet/common/openapi/paths/outputs@{output_id}.yaml deleted file mode 100644 index c10d93a8483dd..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/outputs@{output_id}.yaml +++ /dev/null @@ -1,68 +0,0 @@ -get: - summary: Get output by ID - tags: - - Fleet outputs - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: ../components/schemas/output_create_request.yaml - '400': - $ref: ../components/responses/error.yaml - operationId: get-output -parameters: - - schema: - type: string - name: outputId - in: path - required: true -delete: - summary: Delete output by ID - tags: - - Fleet outputs - operationId: delete-output - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - id: - type: string - required: - - id - '400': - $ref: ../components/responses/error.yaml - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml -put: - summary: Update output by ID - tags: - - Fleet outputs - operationId: update-output - requestBody: - content: - application/json: - schema: - $ref: ../components/schemas/output_update_request.yaml - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: ../components/schemas/output_update_request.yaml - '400': - $ref: ../components/responses/error.yaml - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml diff --git a/x-pack/plugins/fleet/common/openapi/paths/package_policies.yaml b/x-pack/plugins/fleet/common/openapi/paths/package_policies.yaml deleted file mode 100644 index e7f54ab25c193..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/package_policies.yaml +++ /dev/null @@ -1,64 +0,0 @@ -get: - summary: List package policies - tags: - - Fleet package policies - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - $ref: ../components/schemas/package_policy.yaml - total: - type: number - page: - type: number - perPage: - type: number - required: - - items - '400': - $ref: ../components/responses/error.yaml - operationId: get-package-policies - security: [] - parameters: - - $ref: ../components/parameters/page_size.yaml - - $ref: ../components/parameters/page_index.yaml - - $ref: ../components/parameters/kuery.yaml - - $ref: ../components/parameters/format.yaml -parameters: [] -post: - summary: Create package policy - tags: - - Fleet package policies - operationId: create-package-policy - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: ../components/schemas/package_policy.yaml - required: - - item - '400': - $ref: ../components/responses/error.yaml - '409': - $ref: ../components/responses/error.yaml - requestBody: - description: You should use inputs as an object and not use the deprecated inputs array. - content: - application/json: - schema: - $ref: ../components/schemas/package_policy_request.yaml - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml - - $ref: ../components/parameters/format.yaml diff --git a/x-pack/plugins/fleet/common/openapi/paths/package_policies@_bulk_get.yaml b/x-pack/plugins/fleet/common/openapi/paths/package_policies@_bulk_get.yaml deleted file mode 100644 index 7ce575c740fc2..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/package_policies@_bulk_get.yaml +++ /dev/null @@ -1,39 +0,0 @@ -post: - summary: Bulk get package policies - tags: - - Fleet package policies - requestBody: - content: - application/json: - schema: - type: object - properties: - ids: - type: array - items: - type: string - description: list of package policy ids - ignoreMissing: - type: boolean - required: - - ids - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - $ref: ../components/schemas/package_policy.yaml - required: - - items - '400': - $ref: ../components/responses/error.yaml - operationId: bulk-get-package-policies - security: [] - parameters: - - $ref: ../components/parameters/format.yaml diff --git a/x-pack/plugins/fleet/common/openapi/paths/package_policies@delete.yaml b/x-pack/plugins/fleet/common/openapi/paths/package_policies@delete.yaml deleted file mode 100644 index 789e8fb94b15b..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/package_policies@delete.yaml +++ /dev/null @@ -1,42 +0,0 @@ -post: - summary: Delete package policy - tags: - - Fleet package policies - operationId: post-delete-package-policy - requestBody: - content: - application/json: - schema: - type: object - properties: - packagePolicyIds: - type: array - items: - type: string - force: - type: boolean - required: - - packagePolicyIds - responses: - '200': - description: OK - content: - application/json: - schema: - type: array - items: - type: object - properties: - id: - type: string - name: - type: string - success: - type: boolean - required: - - id - - success - '400': - $ref: ../components/responses/error.yaml - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml diff --git a/x-pack/plugins/fleet/common/openapi/paths/package_policies@upgrade.yaml b/x-pack/plugins/fleet/common/openapi/paths/package_policies@upgrade.yaml deleted file mode 100644 index b9efafda38dce..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/package_policies@upgrade.yaml +++ /dev/null @@ -1,40 +0,0 @@ -post: - summary: Upgrade package policy to a newer package version - tags: - - Fleet package policies - operationId: upgrade-package-policy - requestBody: - content: - application/json: - schema: - type: object - properties: - packagePolicyIds: - type: array - items: - type: string - required: - - packagePolicyIds - responses: - '200': - description: OK - content: - application/json: - schema: - type: array - items: - type: object - properties: - id: - type: string - name: - type: string - success: - type: boolean - required: - - id - - success - '400': - $ref: ../components/responses/error.yaml - '409': - $ref: ../components/responses/error.yaml diff --git a/x-pack/plugins/fleet/common/openapi/paths/package_policies@upgrade_dryrun.yaml b/x-pack/plugins/fleet/common/openapi/paths/package_policies@upgrade_dryrun.yaml deleted file mode 100644 index a6899cc927900..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/package_policies@upgrade_dryrun.yaml +++ /dev/null @@ -1,39 +0,0 @@ -post: - summary: Dry run package policy upgrade - tags: - - Fleet package policies - operationId: upgrade-package-policy-dry-run - requestBody: - content: - application/json: - schema: - type: object - properties: - packagePolicyIds: - type: array - items: - type: string - packageVersion: - type: string - required: - - packagePolicyIds - responses: - '200': - description: OK - content: - application/json: - schema: - type: array - items: - type: object - properties: - hasErrors: - type: boolean - diff: - $ref: ../components/schemas/upgrade_diff.yaml - agent_diff: - $ref: ../components/schemas/upgrade_agent_diff.yaml - required: - - hasErrors - '400': - $ref: ../components/responses/error.yaml diff --git a/x-pack/plugins/fleet/common/openapi/paths/package_policies@{package_policy_id}.yaml b/x-pack/plugins/fleet/common/openapi/paths/package_policies@{package_policy_id}.yaml deleted file mode 100644 index 0db4c7a5b8437..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/package_policies@{package_policy_id}.yaml +++ /dev/null @@ -1,78 +0,0 @@ -parameters: - - schema: - type: string - name: packagePolicyId - in: path - required: true -get: - summary: Get package policy by ID - tags: - - Fleet package policies - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: ../components/schemas/package_policy.yaml - required: - - item - '400': - $ref: ../components/responses/error.yaml - operationId: get-package-policy - parameters: - - $ref: ../components/parameters/format.yaml -put: - summary: Update package policy by ID - tags: - - Fleet package policies - operationId: update-package-policy - requestBody: - content: - application/json: - schema: - $ref: ../components/schemas/package_policy_request.yaml - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: ../components/schemas/package_policy.yaml - required: - - item - '400': - $ref: ../components/responses/error.yaml - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml - - $ref: ../components/parameters/format.yaml -delete: - summary: Delete package policy by ID - tags: - - Fleet package policies - operationId: delete-package-policy - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - id: - type: string - required: - - id - '400': - $ref: ../components/responses/error.yaml - parameters: - - schema: - type: boolean - name: force - in: query diff --git a/x-pack/plugins/fleet/common/openapi/paths/proxies.yaml b/x-pack/plugins/fleet/common/openapi/paths/proxies.yaml deleted file mode 100644 index e787fba82d782..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/proxies.yaml +++ /dev/null @@ -1,65 +0,0 @@ -get: - summary: List proxies - tags: - - Fleet proxies - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - $ref: ../components/schemas/proxies.yaml - total: - type: integer - page: - type: integer - perPage: - type: integer - '400': - $ref: ../components/responses/error.yaml - operationId: get-fleet-proxies -post: - summary: Create proxy - tags: - - Fleet proxies - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: ../components/schemas/proxies.yaml - '400': - $ref: ../components/responses/error.yaml - requestBody: - content: - application/json: - schema: - type: object - properties: - id: - type: string - name: - type: string - url: - type: string - proxy_headers: - type: object - certificate_authorities: - type: string - certificate: - type: string - certificate_key: - type: string - required: - - name - - url - operationId: post-fleet-proxies diff --git a/x-pack/plugins/fleet/common/openapi/paths/proxies@{item_id}.yaml b/x-pack/plugins/fleet/common/openapi/paths/proxies@{item_id}.yaml deleted file mode 100644 index 037adb73bbbf3..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/proxies@{item_id}.yaml +++ /dev/null @@ -1,85 +0,0 @@ -get: - summary: Get proxy by ID - tags: - - Fleet proxies - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: ../components/schemas/proxies.yaml - required: - - item - '400': - $ref: ../components/responses/error.yaml - operationId: get-one-fleet-proxies -parameters: - - schema: - type: string - name: itemId - in: path - required: true -delete: - summary: Delete proxy by ID - tags: - - Fleet proxies - operationId: delete-fleet-proxies - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - id: - type: string - required: - - id - '400': - $ref: ../components/responses/error.yaml - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml -put: - summary: Update proxy by ID - tags: - - Fleet proxies - operationId: update-fleet-proxies - requestBody: - content: - application/json: - schema: - type: object - properties: - name: - type: string - url: - type: string - proxy_headers: - type: object - certificate_authorities: - type: string - certificate: - type: string - certificate_key: - type: string - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - $ref: ../components/schemas/proxies.yaml - required: - - item - '400': - $ref: ../components/responses/error.yaml - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml diff --git a/x-pack/plugins/fleet/common/openapi/paths/service_tokens.yaml b/x-pack/plugins/fleet/common/openapi/paths/service_tokens.yaml deleted file mode 100644 index 8a3c1c94e5b5e..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/service_tokens.yaml +++ /dev/null @@ -1,21 +0,0 @@ -post: - summary: Create service token - tags: - - Fleet service tokens - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - name: - type: string - value: - type: string - '400': - $ref: ../components/responses/error.yaml - operationId: generate-service-token - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml diff --git a/x-pack/plugins/fleet/common/openapi/paths/service_tokens_deprecated.yaml b/x-pack/plugins/fleet/common/openapi/paths/service_tokens_deprecated.yaml deleted file mode 100644 index 9690278f24f5a..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/service_tokens_deprecated.yaml +++ /dev/null @@ -1,22 +0,0 @@ -post: - summary: Create service token - tags: - - Fleet service tokens - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - name: - type: string - value: - type: string - '400': - $ref: ../components/responses/error.yaml - operationId: generate-service-token-deprecated - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml - deprecated: true diff --git a/x-pack/plugins/fleet/common/openapi/paths/settings.yaml b/x-pack/plugins/fleet/common/openapi/paths/settings.yaml deleted file mode 100644 index 4e3d1b3af4bb7..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/settings.yaml +++ /dev/null @@ -1,43 +0,0 @@ -get: - summary: Get settings - tags: - - Fleet internals - responses: - '200': - description: OK - content: - application/json: - schema: - $ref: ../components/schemas/fleet_settings_response.yaml - '400': - $ref: ../components/responses/error.yaml - operationId: get-settings -put: - summary: Update settings - tags: - - Fleet internals - requestBody: - content: - application/json: - schema: - type: object - properties: - fleet_server_hosts: - type: array - description: Protocol and path must be the same for each URL - items: - type: string - has_seen_add_data_notice: - type: boolean - additional_yaml_config: - type: string - responses: - '200': - description: OK - content: - application/json: - schema: - $ref: ../components/schemas/fleet_settings_response.yaml - '400': - $ref: ../components/responses/error.yaml - operationId: update-settings diff --git a/x-pack/plugins/fleet/common/openapi/paths/settings_enrollment.yaml b/x-pack/plugins/fleet/common/openapi/paths/settings_enrollment.yaml deleted file mode 100644 index 5f0961281dd05..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/settings_enrollment.yaml +++ /dev/null @@ -1,22 +0,0 @@ -get: - summary: Get enrollment settings - tags: - - Fleet internals - parameters: - - in: query - name: agentPolicyId - required: false - schema: - type: string - description: >- - An agent policy ID to scope the enrollment settings to. For example, that policy's Fleet Server host, its proxy, download location, etc. If not provided, the default Fleet Server policy is used (if any). - responses: - '200': - description: OK - content: - application/json: - schema: - $ref: ../components/schemas/fleet_settings_enrollment_response.yaml - '400': - $ref: ../components/responses/error.yaml - operationId: get-enrollment-settings \ No newline at end of file diff --git a/x-pack/plugins/fleet/common/openapi/paths/setup.yaml b/x-pack/plugins/fleet/common/openapi/paths/setup.yaml deleted file mode 100644 index 1f1a3cd035665..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/setup.yaml +++ /dev/null @@ -1,25 +0,0 @@ -post: - summary: Initiate Fleet setup - tags: - - Fleet internals - responses: - '200': - description: OK - content: - application/json: - schema: - $ref: ../components/schemas/fleet_setup_response.yaml - '500': - description: Internal Server Error - content: - application/json: - schema: - type: object - properties: - message: - type: string - '400': - $ref: ../components/responses/error.yaml - operationId: setup - parameters: - - $ref: ../components/headers/kbn_xsrf.yaml diff --git a/x-pack/plugins/fleet/common/openapi/paths/uninstall_tokens.yaml b/x-pack/plugins/fleet/common/openapi/paths/uninstall_tokens.yaml deleted file mode 100644 index bee6157175777..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/uninstall_tokens.yaml +++ /dev/null @@ -1,57 +0,0 @@ -get: - summary: List metadata for latest uninstall tokens per agent policy - tags: - - Fleet uninstall tokens - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - type: object - properties: - id: - type: string - policy_id: - type: string - created_at: - type: string - required: - - id - - policy_id - - created_at - total: - type: number - page: - type: number - perPage: - type: number - required: - - items - - total - - page - - perPage - '400': - $ref: ../components/responses/error.yaml - operationId: get-uninstall-tokens - parameters: - - name: perPage - in: query - description: The number of items to return - required: false - schema: - type: integer - default: 20 - minimum: 5 - - $ref: ../components/parameters/page_index.yaml - - name: policyId - in: query - description: Partial match filtering for policy IDs - required: false - schema: - type: string diff --git a/x-pack/plugins/fleet/common/openapi/paths/uninstall_tokens@{uninstall_token_id}.yaml b/x-pack/plugins/fleet/common/openapi/paths/uninstall_tokens@{uninstall_token_id}.yaml deleted file mode 100644 index 7cae06ba6be2d..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/paths/uninstall_tokens@{uninstall_token_id}.yaml +++ /dev/null @@ -1,39 +0,0 @@ -get: - summary: Get one decrypted uninstall token by its ID - tags: - - Fleet uninstall tokens - responses: - '200': - description: OK - content: - application/json: - schema: - type: object - properties: - item: - type: object - properties: - id: - type: string - token: - type: string - policy_id: - type: string - created_at: - type: string - required: - - id - - token - - policy_id - - created_at - required: - - item - '400': - $ref: ../components/responses/error.yaml - operationId: get-uninstall-token - parameters: - - name: uninstallTokenId - in: path - required: true - schema: - type: string diff --git a/x-pack/plugins/fleet/common/openapi/validate_docs.test.ts b/x-pack/plugins/fleet/common/openapi/validate_docs.test.ts deleted file mode 100644 index 4aba217962dc7..0000000000000 --- a/x-pack/plugins/fleet/common/openapi/validate_docs.test.ts +++ /dev/null @@ -1,27 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ -import SwaggerParser from '@apidevtools/swagger-parser'; - -// Validate the entrypoint.yaml file, sothe generated bundle will be correct. -// https://github.com/APIDevTools/swagger-parser - -const validateDocs = async (entrypointFile: string) => { - try { - await SwaggerParser.validate(entrypointFile); - return 'Entrypoint is valid'; - } catch (err) { - return err; - } -}; - -describe('openApi', () => { - it('Checks that entrypoint.yaml is valid', async () => { - expect(await validateDocs('x-pack/plugins/fleet/common/openapi/entrypoint.yaml')).toEqual( - 'Entrypoint is valid' - ); - }); -}); diff --git a/x-pack/plugins/fleet/common/types/rest_spec/epm.ts b/x-pack/plugins/fleet/common/types/rest_spec/epm.ts index 4af01c1b14c92..e8dee14e40b30 100644 --- a/x-pack/plugins/fleet/common/types/rest_spec/epm.ts +++ b/x-pack/plugins/fleet/common/types/rest_spec/epm.ts @@ -196,6 +196,9 @@ export interface DeletePackageRequest { pkgName: string; pkgVersion: string; }; + query: { + force?: boolean; + }; } export interface DeletePackageResponse { diff --git a/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/components/agent_policy_advanced_fields/index.tsx b/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/components/agent_policy_advanced_fields/index.tsx index 841bd756d8687..1497b1bb0589e 100644 --- a/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/components/agent_policy_advanced_fields/index.tsx +++ b/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/components/agent_policy_advanced_fields/index.tsx @@ -28,6 +28,8 @@ import { import { FormattedMessage } from '@kbn/i18n-react'; import { i18n } from '@kbn/i18n'; +import { MissingPrivilegesToolTip } from '../../../../../../components/missing_privileges_tooltip'; + import { LEGACY_AGENT_POLICY_SAVED_OBJECT_TYPE, dataTypes, @@ -42,6 +44,7 @@ import { useUIExtension, useLink, useFleetStatus, + useAuthz, } from '../../../../hooks'; import { AgentPolicyPackageBadge } from '../../../../components'; @@ -59,7 +62,6 @@ import { DEFAULT_SELECT_VALUE, useFleetServerHostsOptions, } from './hooks'; - import { CustomFields } from './custom_fields'; import { SpaceSelector } from './space_selector'; import { AgentPolicyAdvancedMonitoringOptions } from './advanced_monitoring'; @@ -87,6 +89,7 @@ export const AgentPolicyAdvancedOptionsContent: React.FunctionComponent = 'endpoint-agent-tamper-protection' ); const config = useConfig(); + const authz = useAuthz(); const maxAgentPoliciesWithInactivityTimeout = config.developer?.maxAgentPoliciesWithInactivityTimeout ?? DEFAULT_MAX_AGENT_POLICIES_WITH_INACTIVITY_TIMEOUT; @@ -179,22 +182,40 @@ export const AgentPolicyAdvancedOptionsContent: React.FunctionComponent = {agentPolicy.id && ( <> - { - setIsUninstallCommandFlyoutOpen(true); - }} - disabled={!agentPolicy.is_protected || !policyHasElasticDefend} - data-test-subj="uninstallCommandLink" + - {i18n.translate('xpack.fleet.agentPolicyForm.tamperingUninstallLink', { - defaultMessage: 'Get uninstall command', - })} - + { + setIsUninstallCommandFlyoutOpen(true); + }} + disabled={ + !agentPolicy.is_protected || !policyHasElasticDefend || !authz.fleet.allAgents + } + data-test-subj="uninstallCommandLink" + > + {i18n.translate('xpack.fleet.agentPolicyForm.tamperingUninstallLink', { + defaultMessage: 'Get uninstall command', + })} + + )} ), - [agentPolicy.id, agentPolicy.is_protected, policyHasElasticDefend, updateAgentPolicy, disabled] + [ + agentPolicy.id, + agentPolicy.is_protected, + policyHasElasticDefend, + updateAgentPolicy, + disabled, + authz.fleet.allAgents, + ] ); const AgentTamperProtectionSection = useMemo(() => { diff --git a/x-pack/plugins/fleet/public/applications/fleet/sections/debug/components/integration_debugger.tsx b/x-pack/plugins/fleet/public/applications/fleet/sections/debug/components/integration_debugger.tsx index 30fc1b84964f3..3e8a4e758fe8a 100644 --- a/x-pack/plugins/fleet/public/applications/fleet/sections/debug/components/integration_debugger.tsx +++ b/x-pack/plugins/fleet/public/applications/fleet/sections/debug/components/integration_debugger.tsx @@ -61,7 +61,13 @@ export const IntegrationDebugger: React.FunctionComponent = () => { const integrations = useQuery(['debug-integrations'], fetchInstalledIntegrations); const uninstallMutation = useMutation(async (integration: PackageListItem) => { - const response = await sendRemovePackage(integration.name, integration.version, true); + const response = await sendRemovePackage( + { + pkgName: integration.name, + pkgVersion: integration.version, + }, + { force: true } + ); if (response.error) { notifications.toasts.addError(response.error, { @@ -92,7 +98,13 @@ export const IntegrationDebugger: React.FunctionComponent = () => { }); const reinstallMutation = useMutation(async (integration: PackageListItem) => { - const uninstallResponse = await sendRemovePackage(integration.name, integration.version, true); + const uninstallResponse = await sendRemovePackage( + { + pkgName: integration.name, + pkgVersion: integration.version, + }, + { force: true } + ); if (uninstallResponse.error) { notifications.toasts.addError(uninstallResponse.error, { diff --git a/x-pack/plugins/fleet/public/applications/fleet/sections/settings/components/logstash_instructions/index.tsx b/x-pack/plugins/fleet/public/applications/fleet/sections/settings/components/logstash_instructions/index.tsx index 675aa6cdfd28c..b03d4cb700530 100644 --- a/x-pack/plugins/fleet/public/applications/fleet/sections/settings/components/logstash_instructions/index.tsx +++ b/x-pack/plugins/fleet/public/applications/fleet/sections/settings/components/logstash_instructions/index.tsx @@ -21,7 +21,8 @@ import type { EuiCallOutProps } from '@elastic/eui'; import { FormattedMessage } from '@kbn/i18n-react'; import { i18n } from '@kbn/i18n'; -import { useStartServices } from '../../../../hooks'; +import { useStartServices, useAuthz } from '../../../../hooks'; +import { MissingPrivilegesToolTip } from '../../../../../../components/missing_privileges_tooltip'; import { getLogstashPipeline, LOGSTASH_CONFIG_PIPELINES } from './helpers'; import { useLogstashApiKey } from './hooks'; @@ -64,7 +65,8 @@ export const LogstashInstructions = () => { const CollapsibleCallout: React.FunctionComponent = ({ children, ...props }) => { const [isOpen, setIsOpen] = useState(false); - + const authz = useAuthz(); + const hasAllSettings = authz.fleet.allSettings; return ( @@ -76,12 +78,17 @@ const CollapsibleCallout: React.FunctionComponent = ({ children /> ) : ( - setIsOpen(true)} fill={true}> - - + + setIsOpen(true)} fill={true} disabled={!hasAllSettings}> + + + )} {isOpen && ( <> @@ -96,6 +103,8 @@ const CollapsibleCallout: React.FunctionComponent = ({ children const LogstashInstructionSteps = () => { const { docLinks } = useStartServices(); const logstashApiKey = useLogstashApiKey(); + const authz = useAuthz(); + const hasAllSettings = authz.fleet.allSettings; const steps = useMemo( () => [ @@ -120,6 +129,7 @@ const LogstashInstructionSteps = () => { onClick={copy} iconType="copyClipboard" color="text" + disabled={!hasAllSettings} aria-label={i18n.translate( 'xpack.fleet.settings.logstashInstructions.copyApiKeyButtonLabel', { @@ -136,6 +146,7 @@ const LogstashInstructionSteps = () => { { ), }, ], - [logstashApiKey, docLinks] + [logstashApiKey, docLinks, hasAllSettings] ); return ( diff --git a/x-pack/plugins/fleet/public/applications/integrations/hooks/use_package_install.tsx b/x-pack/plugins/fleet/public/applications/integrations/hooks/use_package_install.tsx index f60e887e25fbb..579a711a36398 100644 --- a/x-pack/plugins/fleet/public/applications/integrations/hooks/use_package_install.tsx +++ b/x-pack/plugins/fleet/public/applications/integrations/hooks/use_package_install.tsx @@ -199,7 +199,7 @@ function usePackageInstall({ startServices }: { startServices: StartServices }) }: Pick & { redirectToVersion: string }) => { setPackageInstallStatus({ name, status: InstallStatus.uninstalling, version }); - const res = await sendRemovePackage(name, version); + const res = await sendRemovePackage({ pkgName: name, pkgVersion: version }); if (res.error) { setPackageInstallStatus({ name, status: InstallStatus.installed, version }); notifications.toasts.addWarning({ diff --git a/x-pack/plugins/fleet/public/components/missing_privileges_tooltip.tsx b/x-pack/plugins/fleet/public/components/missing_privileges_tooltip.tsx new file mode 100644 index 0000000000000..bf93a5defa9c7 --- /dev/null +++ b/x-pack/plugins/fleet/public/components/missing_privileges_tooltip.tsx @@ -0,0 +1,33 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ +import React from 'react'; +import { EuiToolTip, type EuiToolTipProps } from '@elastic/eui'; +import { i18n } from '@kbn/i18n'; + +export const MissingPrivilegesToolTip: React.FC<{ + children: React.ReactElement; + missingPrivilege?: string; + position?: EuiToolTipProps['position']; +}> = ({ children, missingPrivilege, position }) => { + if (!missingPrivilege) { + return children; + } + return ( + + {children} + + ); +}; diff --git a/x-pack/plugins/fleet/public/hooks/use_request/epm.ts b/x-pack/plugins/fleet/public/hooks/use_request/epm.ts index c7d40e84abdd0..d339463beaf17 100644 --- a/x-pack/plugins/fleet/public/hooks/use_request/epm.ts +++ b/x-pack/plugins/fleet/public/hooks/use_request/epm.ts @@ -20,6 +20,7 @@ import type { GetLimitedPackagesResponse, GetInfoResponse, InstallPackageResponse, + DeletePackageRequest, DeletePackageResponse, UpdatePackageRequest, UpdatePackageResponse, @@ -270,16 +271,17 @@ export const sendBulkInstallPackages = ( }); }; -export const sendRemovePackage = (pkgName: string, pkgVersion: string, force: boolean = false) => { +export function sendRemovePackage( + { pkgName, pkgVersion }: DeletePackageRequest['params'], + query?: DeletePackageRequest['query'] +) { return sendRequest({ path: epmRouteService.getRemovePath(pkgName, pkgVersion), method: 'delete', version: API_VERSIONS.public.v1, - body: { - force, - }, + query, }); -}; +} export const sendRequestReauthorizeTransforms = ( pkgName: string, diff --git a/x-pack/plugins/fleet/public/types/index.ts b/x-pack/plugins/fleet/public/types/index.ts index a340b7311fdbe..099df2ce5a34f 100644 --- a/x-pack/plugins/fleet/public/types/index.ts +++ b/x-pack/plugins/fleet/public/types/index.ts @@ -120,6 +120,7 @@ export type { GetLimitedPackagesResponse, GetInfoResponse, InstallPackageResponse, + DeletePackageRequest, DeletePackageResponse, InstallationStatus, Installable, diff --git a/x-pack/plugins/fleet/server/routes/agent/index.ts b/x-pack/plugins/fleet/server/routes/agent/index.ts index fec9e098970eb..f3b6e28a90f37 100644 --- a/x-pack/plugins/fleet/server/routes/agent/index.ts +++ b/x-pack/plugins/fleet/server/routes/agent/index.ts @@ -101,7 +101,7 @@ export const registerAPIRoutes = (router: FleetAuthzRouter, config: FleetConfigT }, description: `Get agent by ID`, options: { - tags: ['oas_tag:Elastic Agents'], + tags: ['oas-tag:Elastic Agents'], }, }) .addVersion( @@ -131,7 +131,7 @@ export const registerAPIRoutes = (router: FleetAuthzRouter, config: FleetConfigT }, description: `Update agent by ID`, options: { - tags: ['oas_tag:Elastic Agents'], + tags: ['oas-tag:Elastic Agents'], }, }) .addVersion( @@ -161,7 +161,7 @@ export const registerAPIRoutes = (router: FleetAuthzRouter, config: FleetConfigT }, description: `Bulk update agent tags`, options: { - tags: ['oas_tag:Elastic Agents'], + tags: ['oas-tag:Elastic Agent actions'], }, }) .addVersion( @@ -191,7 +191,7 @@ export const registerAPIRoutes = (router: FleetAuthzRouter, config: FleetConfigT }, description: `Delete agent by ID`, options: { - tags: ['oas_tag:Elastic Agents'], + tags: ['oas-tag:Elastic Agents'], }, }) .addVersion( @@ -222,7 +222,7 @@ export const registerAPIRoutes = (router: FleetAuthzRouter, config: FleetConfigT }, description: `List agents`, options: { - tags: ['oas_tag:Elastic Agents'], + tags: ['oas-tag:Elastic Agents'], }, }) .addVersion( @@ -252,7 +252,7 @@ export const registerAPIRoutes = (router: FleetAuthzRouter, config: FleetConfigT }, description: `List agent tags`, options: { - tags: ['oas_tag:Elastic Agents'], + tags: ['oas-tag:Elastic Agents'], }, }) .addVersion( @@ -282,7 +282,7 @@ export const registerAPIRoutes = (router: FleetAuthzRouter, config: FleetConfigT }, description: `Create agent action`, options: { - tags: ['oas_tag:Elastic Agent actions'], + tags: ['oas-tag:Elastic Agent actions'], }, }) .addVersion( @@ -316,7 +316,7 @@ export const registerAPIRoutes = (router: FleetAuthzRouter, config: FleetConfigT }, description: `Cancel agent action`, options: { - tags: ['oas_tag:Elastic Agent actions'], + tags: ['oas-tag:Elastic Agent actions'], }, }) .addVersion( @@ -351,7 +351,7 @@ export const registerAPIRoutes = (router: FleetAuthzRouter, config: FleetConfigT }, description: `List agents by action ids`, options: { - tags: ['oas_tag:Elastic Agents'], + tags: ['oas-tag:Elastic Agents'], }, }) .addVersion( @@ -380,7 +380,7 @@ export const registerAPIRoutes = (router: FleetAuthzRouter, config: FleetConfigT }, description: `Unenroll agent`, options: { - tags: ['oas_tag:Elastic Agents'], + tags: ['oas-tag:Elastic Agent actions'], }, }) .addVersion( @@ -391,13 +391,13 @@ export const registerAPIRoutes = (router: FleetAuthzRouter, config: FleetConfigT postAgentUnenrollHandler ); - // mark as deprecated router.versioned .put({ path: AGENT_API_ROUTES.REASSIGN_PATTERN, fleetAuthz: { fleet: { allAgents: true }, }, + deprecated: true, }) .addVersion( { @@ -415,13 +415,23 @@ export const registerAPIRoutes = (router: FleetAuthzRouter, config: FleetConfigT }, description: `Reassign agent`, options: { - tags: ['oas_tag:Elastic Agents'], + tags: ['oas-tag:Elastic Agent actions'], }, }) .addVersion( { version: API_VERSIONS.public.v1, - validate: { request: PostAgentReassignRequestSchema, response: {} }, + validate: { + request: PostAgentReassignRequestSchema, + response: { + 200: { + body: () => schema.object({}), + }, + 400: { + body: genericErrorResponse, + }, + }, + }, }, postAgentReassignHandler ); @@ -434,7 +444,7 @@ export const registerAPIRoutes = (router: FleetAuthzRouter, config: FleetConfigT }, description: `Request agent diagnostics`, options: { - tags: ['oas_tag:Elastic Agents'], + tags: ['oas-tag:Elastic Agent actions'], }, }) .addVersion( @@ -463,7 +473,7 @@ export const registerAPIRoutes = (router: FleetAuthzRouter, config: FleetConfigT }, description: `Bulk request diagnostics from agents`, options: { - tags: ['oas_tag:Elastic Agents'], + tags: ['oas-tag:Elastic Agent actions'], }, }) .addVersion( @@ -492,7 +502,7 @@ export const registerAPIRoutes = (router: FleetAuthzRouter, config: FleetConfigT }, description: `List agent uploads`, options: { - tags: ['oas_tag:Elastic Agents'], + tags: ['oas-tag:Elastic Agents'], }, }) .addVersion( @@ -521,7 +531,7 @@ export const registerAPIRoutes = (router: FleetAuthzRouter, config: FleetConfigT }, description: `Get file uploaded by agent`, options: { - tags: ['oas_tag:Elastic Agents'], + tags: ['oas-tag:Elastic Agents'], }, }) .addVersion( @@ -550,7 +560,7 @@ export const registerAPIRoutes = (router: FleetAuthzRouter, config: FleetConfigT }, description: `Delete file uploaded by agent`, options: { - tags: ['oas_tag:Elastic Agents'], + tags: ['oas-tag:Elastic Agents'], }, }) .addVersion( @@ -582,7 +592,7 @@ export const registerAPIRoutes = (router: FleetAuthzRouter, config: FleetConfigT ).granted, description: `Get agent status summary`, options: { - tags: ['oas_tag:Elastic Agent status'], + tags: ['oas-tag:Elastic Agent status'], }, }) .addVersion( @@ -608,6 +618,7 @@ export const registerAPIRoutes = (router: FleetAuthzRouter, config: FleetConfigT fleetAuthz: { fleet: { readAgents: true }, }, + deprecated: true, }) .addVersion( { @@ -625,7 +636,7 @@ export const registerAPIRoutes = (router: FleetAuthzRouter, config: FleetConfigT }, description: `Get incoming agent data`, options: { - tags: ['oas_tag:Elastic Agents'], + tags: ['oas-tag:Elastic Agents'], }, }) .addVersion( @@ -655,13 +666,23 @@ export const registerAPIRoutes = (router: FleetAuthzRouter, config: FleetConfigT }, description: `Upgrade agent`, options: { - tags: ['oas_tag:Elastic Agents'], + tags: ['oas-tag:Elastic Agent actions'], }, }) .addVersion( { version: API_VERSIONS.public.v1, - validate: { request: PostAgentUpgradeRequestSchema, response: {} }, + validate: { + request: PostAgentUpgradeRequestSchema, + response: { + 200: { + body: () => schema.object({}), + }, + 400: { + body: genericErrorResponse, + }, + }, + }, }, postAgentUpgradeHandler ); @@ -674,7 +695,7 @@ export const registerAPIRoutes = (router: FleetAuthzRouter, config: FleetConfigT }, description: `Bulk upgrade agents`, options: { - tags: ['oas_tag:Elastic Agents'], + tags: ['oas-tag:Elastic Agent actions'], }, }) .addVersion( @@ -704,7 +725,7 @@ export const registerAPIRoutes = (router: FleetAuthzRouter, config: FleetConfigT }, description: `Get agent action status`, options: { - tags: ['oas_tag:Elastic Agents'], + tags: ['oas-tag:Elastic Agent actions'], }, }) .addVersion( @@ -734,7 +755,7 @@ export const registerAPIRoutes = (router: FleetAuthzRouter, config: FleetConfigT }, description: `Bulk reassign agents`, options: { - tags: ['oas_tag:Elastic Agents'], + tags: ['oas-tag:Elastic Agent actions'], }, }) .addVersion( @@ -764,7 +785,7 @@ export const registerAPIRoutes = (router: FleetAuthzRouter, config: FleetConfigT }, description: `Bulk unenroll agents`, options: { - tags: ['oas_tag:Elastic Agents'], + tags: ['oas-tag:Elastic Agent actions'], }, }) .addVersion( @@ -794,7 +815,7 @@ export const registerAPIRoutes = (router: FleetAuthzRouter, config: FleetConfigT }, description: `Get available agent versions`, options: { - tags: ['oas_tag:Elastic Agents'], + tags: ['oas-tag:Elastic Agents'], }, }) .addVersion( diff --git a/x-pack/plugins/fleet/server/routes/agent_policy/index.ts b/x-pack/plugins/fleet/server/routes/agent_policy/index.ts index b6f88e3929949..2ed7079deceec 100644 --- a/x-pack/plugins/fleet/server/routes/agent_policy/index.ts +++ b/x-pack/plugins/fleet/server/routes/agent_policy/index.ts @@ -60,7 +60,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { }, description: `List agent policies`, options: { - tags: ['oas_tag:Elastic Agent policies'], + tags: ['oas-tag:Elastic Agent policies'], }, }) .addVersion( @@ -91,7 +91,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { }, description: `Bulk get agent policies`, options: { - tags: ['oas_tag:Elastic Agent policies'], + tags: ['oas-tag:Elastic Agent policies'], }, }) .addVersion( @@ -122,7 +122,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { }, description: `Get an agent policy by ID`, options: { - tags: ['oas_tag:Elastic Agent policies'], + tags: ['oas-tag:Elastic Agent policies'], }, }) .addVersion( @@ -152,7 +152,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { }, description: `Create an agent policy`, options: { - tags: ['oas_tag:Elastic Agent policies'], + tags: ['oas-tag:Elastic Agent policies'], }, }) .addVersion( @@ -182,7 +182,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { }, description: `Update an agent policy by ID`, options: { - tags: ['oas_tag:Elastic Agent policies'], + tags: ['oas-tag:Elastic Agent policies'], }, }) .addVersion( @@ -212,7 +212,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { }, description: `Copy an agent policy by ID`, options: { - tags: ['oas_tag:Elastic Agent policies'], + tags: ['oas-tag:Elastic Agent policies'], }, }) .addVersion( @@ -242,7 +242,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { }, description: `Delete agent policy by ID`, options: { - tags: ['oas_tag:Elastic Agent policies'], + tags: ['oas-tag:Elastic Agent policies'], }, }) .addVersion( @@ -272,7 +272,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { }, description: `Get a full agent policy by ID`, options: { - tags: ['oas_tag:Elastic Agent policies'], + tags: ['oas-tag:Elastic Agent policies'], }, }) .addVersion( @@ -303,7 +303,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { enableQueryVersion: true, description: `Download an agent policy by ID`, options: { - tags: ['oas_tag:Elastic Agent policies'], + tags: ['oas-tag:Elastic Agent policies'], }, }) .addVersion( @@ -336,7 +336,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { }, description: `Get full K8s agent manifest`, options: { - tags: ['oas_tag:Elastic Agent policies'], + tags: ['oas-tag:Elastic Agent policies'], }, }) .addVersion( @@ -367,7 +367,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { enableQueryVersion: true, description: ``, options: { - tags: ['oas_tag:Elastic Agent policies'], + tags: ['oas-tag:Elastic Agent policies'], }, }) .addVersion( diff --git a/x-pack/plugins/fleet/server/routes/app/index.ts b/x-pack/plugins/fleet/server/routes/app/index.ts index ccf0c334e417c..ea5d7be8156d5 100644 --- a/x-pack/plugins/fleet/server/routes/app/index.ts +++ b/x-pack/plugins/fleet/server/routes/app/index.ts @@ -5,7 +5,7 @@ * 2.0. */ -import type { RequestHandler, RouteValidationResultFactory } from '@kbn/core/server'; +import type { RequestHandler } from '@kbn/core/server'; import type { TypeOf } from '@kbn/config-schema'; import { schema } from '@kbn/config-schema'; @@ -16,7 +16,7 @@ import { API_VERSIONS } from '../../../common/constants'; import { appContextService } from '../../services'; import type { CheckPermissionsResponse, GenerateServiceTokenResponse } from '../../../common/types'; import { defaultFleetErrorHandler, GenerateServiceTokenError } from '../../errors'; -import type { FleetRequestHandler, GenerateServiceTokenRequestSchema } from '../../types'; +import type { FleetRequestHandler } from '../../types'; import { CheckPermissionsRequestSchema, CheckPermissionsResponseSchema } from '../../types'; import { enableSpaceAwarenessMigration } from '../../services/spaces/enable_space_awareness'; import { type FleetConfigType } from '../../config'; @@ -125,7 +125,7 @@ export const generateServiceTokenHandler: RequestHandler< > = async (context, request, response) => { // Generate the fleet server service token as the current user as the internal user do not have the correct permissions const esClient = (await context.core).elasticsearch.client.asCurrentUser; - const serviceAccount = request.body.remote ? 'fleet-server-remote' : 'fleet-server'; + const serviceAccount = request.body?.remote ? 'fleet-server-remote' : 'fleet-server'; appContextService .getLogger() .debug(`Creating service token for account elastic/${serviceAccount}`); @@ -182,13 +182,12 @@ export const getAgentPoliciesSpacesHandler: FleetRequestHandler< } }; -const serviceTokenBodyValidation = (data: any, validationResult: RouteValidationResultFactory) => { - const { ok } = validationResult; - if (!data) { - return ok({ remote: false }); - } - const { remote } = data; - return ok({ remote }); +export const GenerateServiceTokenRequestSchema = { + body: schema.nullable( + schema.object({ + remote: schema.boolean({ defaultValue: false }), + }) + ), }; export const GenerateServiceTokenResponseSchema = schema.object({ @@ -221,7 +220,7 @@ export const registerRoutes = (router: FleetAuthzRouter, config: FleetConfigType path: APP_API_ROUTES.CHECK_PERMISSIONS_PATTERN, description: `Check permissions`, options: { - tags: ['oas_tag:Fleet internals'], + tags: ['oas-tag:Fleet internals'], }, }) .addVersion( @@ -266,14 +265,14 @@ export const registerRoutes = (router: FleetAuthzRouter, config: FleetConfigType }, description: `Create a service token`, options: { - tags: ['oas_tag:Fleet service tokens'], + tags: ['oas-tag:Fleet service tokens'], }, }) .addVersion( { version: API_VERSIONS.public.v1, validate: { - request: { body: serviceTokenBodyValidation }, + request: GenerateServiceTokenRequestSchema, response: { 200: { body: () => GenerateServiceTokenResponseSchema, @@ -294,6 +293,7 @@ export const registerRoutes = (router: FleetAuthzRouter, config: FleetConfigType fleet: { allAgents: true }, }, description: `Create a service token`, + deprecated: true, }) .addVersion( { diff --git a/x-pack/plugins/fleet/server/routes/data_streams/index.ts b/x-pack/plugins/fleet/server/routes/data_streams/index.ts index 2b506785f7baf..a20b893717fdc 100644 --- a/x-pack/plugins/fleet/server/routes/data_streams/index.ts +++ b/x-pack/plugins/fleet/server/routes/data_streams/index.ts @@ -54,7 +54,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { }, description: `List data streams`, options: { - tags: ['oas_tag:Data streams'], + tags: ['oas-tag:Data streams'], }, }) .addVersion( diff --git a/x-pack/plugins/fleet/server/routes/download_source/index.ts b/x-pack/plugins/fleet/server/routes/download_source/index.ts index cda907cfe794b..cf2a5b19c4b47 100644 --- a/x-pack/plugins/fleet/server/routes/download_source/index.ts +++ b/x-pack/plugins/fleet/server/routes/download_source/index.ts @@ -41,7 +41,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { }, description: `List agent binary download sources`, options: { - tags: ['oas_tag:Elastic Agent binary download sources'], + tags: ['oas-tag:Elastic Agent binary download sources'], }, }) .addVersion( @@ -70,7 +70,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { }, description: `Get agent binary download source by ID`, options: { - tags: ['oas_tag:Elastic Agent binary download sources'], + tags: ['oas-tag:Elastic Agent binary download sources'], }, }) .addVersion( @@ -99,7 +99,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { }, description: `Update agent binary download source by ID`, options: { - tags: ['oas_tag:Elastic Agent binary download sources'], + tags: ['oas-tag:Elastic Agent binary download sources'], }, }) .addVersion( @@ -128,7 +128,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { }, description: `Create agent binary download source`, options: { - tags: ['oas_tag:Elastic Agent binary download sources'], + tags: ['oas-tag:Elastic Agent binary download sources'], }, }) .addVersion( @@ -157,7 +157,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { }, description: `Delete agent binary download source by ID`, options: { - tags: ['oas_tag:Elastic Agent binary download sources'], + tags: ['oas-tag:Elastic Agent binary download sources'], }, }) .addVersion( diff --git a/x-pack/plugins/fleet/server/routes/enrollment_api_key/index.ts b/x-pack/plugins/fleet/server/routes/enrollment_api_key/index.ts index f4eb4b09fbb49..a93f63822e5b4 100644 --- a/x-pack/plugins/fleet/server/routes/enrollment_api_key/index.ts +++ b/x-pack/plugins/fleet/server/routes/enrollment_api_key/index.ts @@ -41,7 +41,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { }, description: `Get enrollment API key by ID`, options: { - tags: ['oas_tag:Fleet enrollment API keys'], + tags: ['oas-tag:Fleet enrollment API keys'], }, }) .addVersion( @@ -70,7 +70,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { }, description: `Revoke enrollment API key by ID by marking it as inactive`, options: { - tags: ['oas_tag:Fleet enrollment API keys'], + tags: ['oas-tag:Fleet enrollment API keys'], }, }) .addVersion( @@ -99,7 +99,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { }, description: `List enrollment API keys`, options: { - tags: ['oas_tag:Fleet enrollment API keys'], + tags: ['oas-tag:Fleet enrollment API keys'], }, }) .addVersion( @@ -131,7 +131,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { }, description: `Create enrollment API key`, options: { - tags: ['oas_tag:Fleet enrollment API keys'], + tags: ['oas-tag:Fleet enrollment API keys'], }, }) .addVersion( @@ -161,6 +161,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { fleetAuthz: { fleet: { readEnrollmentTokens: true }, }, + deprecated: true, }) .addVersion( { @@ -176,6 +177,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { fleetAuthz: { fleet: { allAgents: true }, }, + deprecated: true, }) .addVersion( { @@ -191,6 +193,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { fleetAuthz: { fleet: { readEnrollmentTokens: true }, }, + deprecated: true, }) .addVersion( { @@ -206,6 +209,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { fleetAuthz: { fleet: { allAgents: true }, }, + deprecated: true, }) .addVersion( { diff --git a/x-pack/plugins/fleet/server/routes/epm/index.ts b/x-pack/plugins/fleet/server/routes/epm/index.ts index ec7cab2ba3594..c7eddee19b9e0 100644 --- a/x-pack/plugins/fleet/server/routes/epm/index.ts +++ b/x-pack/plugins/fleet/server/routes/epm/index.ts @@ -118,7 +118,7 @@ export const registerRoutes = (router: FleetAuthzRouter, config: FleetConfigType fleetAuthz: READ_PACKAGE_INFO_AUTHZ, description: `List package categories`, options: { - tags: ['oas_tag:Elastic Package Manager (EPM)'], + tags: ['oas-tag:Elastic Package Manager (EPM)'], }, }) .addVersion( @@ -145,7 +145,7 @@ export const registerRoutes = (router: FleetAuthzRouter, config: FleetConfigType fleetAuthz: READ_PACKAGE_INFO_AUTHZ, description: `List packages`, options: { - tags: ['oas_tag:Elastic Package Manager (EPM)'], + tags: ['oas-tag:Elastic Package Manager (EPM)'], }, }) .addVersion( @@ -172,7 +172,7 @@ export const registerRoutes = (router: FleetAuthzRouter, config: FleetConfigType fleetAuthz: READ_PACKAGE_INFO_AUTHZ, description: `Get installed packages`, options: { - tags: ['oas_tag:Elastic Package Manager (EPM)'], + tags: ['oas-tag:Elastic Package Manager (EPM)'], }, }) .addVersion( @@ -199,7 +199,7 @@ export const registerRoutes = (router: FleetAuthzRouter, config: FleetConfigType fleetAuthz: READ_PACKAGE_INFO_AUTHZ, description: `Get limited package list`, options: { - tags: ['oas_tag:Elastic Package Manager (EPM)'], + tags: ['oas-tag:Elastic Package Manager (EPM)'], }, }) .addVersion( @@ -226,7 +226,7 @@ export const registerRoutes = (router: FleetAuthzRouter, config: FleetConfigType fleetAuthz: READ_PACKAGE_INFO_AUTHZ, description: `Get package stats`, options: { - tags: ['oas_tag:Elastic Package Manager (EPM)'], + tags: ['oas-tag:Elastic Package Manager (EPM)'], }, }) .addVersion( @@ -253,7 +253,7 @@ export const registerRoutes = (router: FleetAuthzRouter, config: FleetConfigType fleetAuthz: READ_PACKAGE_INFO_AUTHZ, description: `Get inputs template`, options: { - tags: ['oas_tag:Elastic Package Manager (EPM)'], + tags: ['oas-tag:Elastic Package Manager (EPM)'], }, }) .addVersion( @@ -280,7 +280,7 @@ export const registerRoutes = (router: FleetAuthzRouter, config: FleetConfigType fleetAuthz: READ_PACKAGE_INFO_AUTHZ, description: `Get package file`, options: { - tags: ['oas_tag:Elastic Package Manager (EPM)'], + tags: ['oas-tag:Elastic Package Manager (EPM)'], }, }) .addVersion( @@ -309,7 +309,7 @@ export const registerRoutes = (router: FleetAuthzRouter, config: FleetConfigType .granted, description: `Get package`, options: { - tags: ['oas_tag:Elastic Package Manager (EPM)'], + tags: ['oas-tag:Elastic Package Manager (EPM)'], }, }) .addVersion( @@ -338,7 +338,7 @@ export const registerRoutes = (router: FleetAuthzRouter, config: FleetConfigType }, description: `Update package settings`, options: { - tags: ['oas_tag:Elastic Package Manager (EPM)'], + tags: ['oas-tag:Elastic Package Manager (EPM)'], }, }) .addVersion( @@ -365,7 +365,7 @@ export const registerRoutes = (router: FleetAuthzRouter, config: FleetConfigType fleetAuthz: INSTALL_PACKAGES_AUTHZ, description: `Install package from registry`, options: { - tags: ['oas_tag:Elastic Package Manager (EPM)'], + tags: ['oas-tag:Elastic Package Manager (EPM)'], }, }) .addVersion( @@ -395,7 +395,7 @@ export const registerRoutes = (router: FleetAuthzRouter, config: FleetConfigType }, description: `Install Kibana assets for package`, options: { - tags: ['oas_tag:Elastic Package Manager (EPM)'], + tags: ['oas-tag:Elastic Package Manager (EPM)'], }, }) .addVersion( @@ -424,7 +424,7 @@ export const registerRoutes = (router: FleetAuthzRouter, config: FleetConfigType }, description: `Delete Kibana assets for package`, options: { - tags: ['oas_tag:Elastic Package Manager (EPM)'], + tags: ['oas-tag:Elastic Package Manager (EPM)'], }, }) .addVersion( @@ -454,7 +454,7 @@ export const registerRoutes = (router: FleetAuthzRouter, config: FleetConfigType }, description: `Bulk install packages`, options: { - tags: ['oas_tag:Elastic Package Manager (EPM)'], + tags: ['oas-tag:Elastic Package Manager (EPM)'], }, }) .addVersion( @@ -485,7 +485,7 @@ export const registerRoutes = (router: FleetAuthzRouter, config: FleetConfigType parse: false, maxBytes: MAX_FILE_SIZE_BYTES, }, - tags: [`oas_tag:Elastic Package Manager (EPM)`], + tags: [`oas-tag:Elastic Package Manager (EPM)`], }, fleetAuthz: { integrations: { uploadPackages: true }, @@ -516,7 +516,7 @@ export const registerRoutes = (router: FleetAuthzRouter, config: FleetConfigType fleetAuthz: INSTALL_PACKAGES_AUTHZ, description: `Create custom integration`, options: { - tags: ['oas_tag:Elastic Package Manager (EPM)'], + tags: ['oas-tag:Elastic Package Manager (EPM)'], }, }) .addVersion( @@ -545,7 +545,7 @@ export const registerRoutes = (router: FleetAuthzRouter, config: FleetConfigType }, description: `Delete package`, options: { - tags: ['oas_tag:Elastic Package Manager (EPM)'], + tags: ['oas-tag:Elastic Package Manager (EPM)'], }, }) .addVersion( @@ -573,7 +573,7 @@ export const registerRoutes = (router: FleetAuthzRouter, config: FleetConfigType fleetAuthz: READ_PACKAGE_INFO_AUTHZ, description: `Get a package signature verification key ID`, options: { - tags: ['oas_tag:Elastic Package Manager (EPM)'], + tags: ['oas-tag:Elastic Package Manager (EPM)'], }, }) .addVersion( @@ -600,7 +600,7 @@ export const registerRoutes = (router: FleetAuthzRouter, config: FleetConfigType fleetAuthz: READ_PACKAGE_INFO_AUTHZ, description: `List data streams`, options: { - tags: ['oas_tag:Data streams'], + tags: ['oas-tag:Data streams'], }, }) .addVersion( @@ -627,7 +627,7 @@ export const registerRoutes = (router: FleetAuthzRouter, config: FleetConfigType fleetAuthz: READ_PACKAGE_INFO_AUTHZ, description: `Bulk get assets`, options: { - tags: ['oas_tag:Elastic Package Manager (EPM)'], + tags: ['oas-tag:Elastic Package Manager (EPM)'], }, }) .addVersion( @@ -659,6 +659,7 @@ export const registerRoutes = (router: FleetAuthzRouter, config: FleetConfigType fleetAuthz, getRouteRequiredAuthz('get', EPM_API_ROUTES.INFO_PATTERN_DEPRECATED) ).granted, + deprecated: true, }) .addVersion( { @@ -683,10 +684,10 @@ export const registerRoutes = (router: FleetAuthzRouter, config: FleetConfigType router.versioned .put({ path: EPM_API_ROUTES.INFO_PATTERN_DEPRECATED, - fleetAuthz: { integrations: { writePackageSettings: true }, }, + deprecated: true, }) .addVersion( { @@ -712,6 +713,7 @@ export const registerRoutes = (router: FleetAuthzRouter, config: FleetConfigType .post({ path: EPM_API_ROUTES.INSTALL_FROM_REGISTRY_PATTERN_DEPRECATED, fleetAuthz: INSTALL_PACKAGES_AUTHZ, + deprecated: true, }) .addVersion( { @@ -736,10 +738,10 @@ export const registerRoutes = (router: FleetAuthzRouter, config: FleetConfigType router.versioned .delete({ path: EPM_API_ROUTES.DELETE_PATTERN_DEPRECATED, - fleetAuthz: { integrations: { removePackages: true }, }, + deprecated: true, }) .addVersion( { @@ -779,7 +781,7 @@ export const registerRoutes = (router: FleetAuthzRouter, config: FleetConfigType }, description: `Authorize transforms`, options: { - tags: ['oas_tag:Elastic Package Manager (EPM)'], + tags: ['oas-tag:Elastic Package Manager (EPM)'], }, }) .addVersion( diff --git a/x-pack/plugins/fleet/server/routes/fleet_proxies/index.ts b/x-pack/plugins/fleet/server/routes/fleet_proxies/index.ts index 1adc8355a0f48..54eba070dd8e1 100644 --- a/x-pack/plugins/fleet/server/routes/fleet_proxies/index.ts +++ b/x-pack/plugins/fleet/server/routes/fleet_proxies/index.ts @@ -39,7 +39,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { }, description: `List proxies`, options: { - tags: ['oas_tag:Fleet proxies'], + tags: ['oas-tag:Fleet proxies'], }, }) .addVersion( @@ -68,7 +68,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { }, description: `Create proxy`, options: { - tags: ['oas_tag:Fleet proxies'], + tags: ['oas-tag:Fleet proxies'], }, }) .addVersion( @@ -97,7 +97,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { }, description: `Update proxy by ID`, options: { - tags: ['oas_tag:Fleet proxies'], + tags: ['oas-tag:Fleet proxies'], }, }) .addVersion( @@ -126,7 +126,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { }, description: `Get proxy by ID`, options: { - tags: ['oas_tag:Fleet proxies'], + tags: ['oas-tag:Fleet proxies'], }, }) .addVersion( @@ -155,7 +155,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { }, description: `Delete proxy by ID`, options: { - tags: ['oas_tag:Fleet proxies'], + tags: ['oas-tag:Fleet proxies'], }, }) .addVersion( diff --git a/x-pack/plugins/fleet/server/routes/fleet_server_hosts/index.ts b/x-pack/plugins/fleet/server/routes/fleet_server_hosts/index.ts index e9cf5cd55a6f4..0a79e9ae11649 100644 --- a/x-pack/plugins/fleet/server/routes/fleet_server_hosts/index.ts +++ b/x-pack/plugins/fleet/server/routes/fleet_server_hosts/index.ts @@ -41,7 +41,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { }, description: `List Fleet Server hosts`, options: { - tags: ['oas_tag:Fleet Server hosts'], + tags: ['oas-tag:Fleet Server hosts'], }, }) .addVersion( @@ -69,7 +69,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { }, description: `Create Fleet Server host`, options: { - tags: ['oas_tag:Fleet Server hosts'], + tags: ['oas-tag:Fleet Server hosts'], }, }) .addVersion( @@ -97,7 +97,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { }, description: `Get Fleet Server host by ID`, options: { - tags: ['oas_tag:Fleet Server hosts'], + tags: ['oas-tag:Fleet Server hosts'], }, }) .addVersion( @@ -125,7 +125,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { }, description: `Delete Fleet Server host by ID`, options: { - tags: ['oas_tag:Fleet Server hosts'], + tags: ['oas-tag:Fleet Server hosts'], }, }) .addVersion( @@ -156,7 +156,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { }, description: `Update Fleet Server host by ID`, options: { - tags: ['oas_tag:Fleet Server hosts'], + tags: ['oas-tag:Fleet Server hosts'], }, }) .addVersion( diff --git a/x-pack/plugins/fleet/server/routes/health_check/index.ts b/x-pack/plugins/fleet/server/routes/health_check/index.ts index a9f7305bdf9cc..3b06526b62d14 100644 --- a/x-pack/plugins/fleet/server/routes/health_check/index.ts +++ b/x-pack/plugins/fleet/server/routes/health_check/index.ts @@ -24,7 +24,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { }, description: `Check Fleet Server health`, options: { - tags: ['oas_tag:Fleet internals'], + tags: ['oas-tag:Fleet internals'], }, }) .addVersion( diff --git a/x-pack/plugins/fleet/server/routes/message_signing_service/index.ts b/x-pack/plugins/fleet/server/routes/message_signing_service/index.ts index a94abf8b8591e..4e78b3228df5a 100644 --- a/x-pack/plugins/fleet/server/routes/message_signing_service/index.ts +++ b/x-pack/plugins/fleet/server/routes/message_signing_service/index.ts @@ -24,6 +24,9 @@ export const registerRoutes = (router: FleetAuthzRouter) => { fleet: { all: true }, }, description: 'Rotate fleet message signing key pair', + options: { + tags: ['oas-tag:Message Signing Service'], + }, }) .addVersion( { diff --git a/x-pack/plugins/fleet/server/routes/output/index.ts b/x-pack/plugins/fleet/server/routes/output/index.ts index 4a8d4aeb57503..b222f9f737d1d 100644 --- a/x-pack/plugins/fleet/server/routes/output/index.ts +++ b/x-pack/plugins/fleet/server/routes/output/index.ts @@ -45,7 +45,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { }, description: 'List outputs', options: { - tags: ['oas_tag:Fleet outputs'], + tags: ['oas-tag:Fleet outputs'], }, }) .addVersion( @@ -73,7 +73,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { }, description: 'Get output by ID', options: { - tags: ['oas_tag:Fleet outputs'], + tags: ['oas-tag:Fleet outputs'], }, }) .addVersion( @@ -101,7 +101,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { }, description: 'Update output by ID', options: { - tags: ['oas_tag:Fleet outputs'], + tags: ['oas-tag:Fleet outputs'], }, }) .addVersion( @@ -130,7 +130,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { }, description: 'Create output', options: { - tags: ['oas_tag:Fleet outputs'], + tags: ['oas-tag:Fleet outputs'], }, }) .addVersion( @@ -159,7 +159,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { }, description: 'Delete output by ID', options: { - tags: ['oas_tag:Fleet outputs'], + tags: ['oas-tag:Fleet outputs'], }, }) .addVersion( @@ -191,7 +191,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { }, description: 'Generate Logstash API keyy', options: { - tags: ['oas_tag:Fleet outputs'], + tags: ['oas-tag:Fleet outputs'], }, }) .addVersion( @@ -220,7 +220,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { }, description: 'Get latest output health', options: { - tags: ['oas_tag:Fleet outputs'], + tags: ['oas-tag:Fleet outputs'], }, }) .addVersion( diff --git a/x-pack/plugins/fleet/server/services/agents/helpers.test.ts b/x-pack/plugins/fleet/server/services/agents/helpers.test.ts index 8e13c3bfe6a28..da4a343d9e142 100644 --- a/x-pack/plugins/fleet/server/services/agents/helpers.test.ts +++ b/x-pack/plugins/fleet/server/services/agents/helpers.test.ts @@ -164,6 +164,162 @@ describe('searchHitToAgent', () => { }); }); + it('should work with DEGRADED last_checkin_status', () => { + const hit = { + _source: { + access_api_key_id: 'EH_RlIgBn_WkCEINY-qh', + active: true, + enrolled_at: '2023-06-07T07:45:30Z', + local_metadata: { + elastic: { + agent: { + 'build.original': + '8.9.0-SNAPSHOT (build: 953fda060f317c2389ef6fd1cac8806a2bfe92ac at 2023-05-29 14:51:32 +0000 UTC)', + }, + }, + }, + agent: { + id: '504b3006-52df-46a6-b7db-f3dc67aca7ac', + version: '8.9.0', + }, + policy_id: '76c5b020-0486-11ee-97a3-c3856dd800f7', + type: 'PERMANENT', + outputs: { + '68233290-0486-11ee-97a3-c3856dd800f7': { + api_key: 'En_RlIgBn_WkCEINb-pQ:mfeV4ji6RNGyCOBs25gteg', + permissions_hash: '6ac9e595a2f8cba8893f9ea1fbfb6cba4b4d6f16d935c17a6368f11ee0b0a5d8', + type: 'elasticsearch', + api_key_id: 'En_RlIgBn_WkCEINb-pQ', + to_retire_api_key_ids: [ + { + id: '1', + retired_at: '', + }, + ], + }, + }, + policy_revision_idx: 2, + components: [ + { + id: 'system/metrics-68233290-0486-11ee-97a3-c3856dd800f7', + units: [ + { + id: 'system/metrics-68233290-0486-11ee-97a3-c3856dd800f7-system/metrics-system-03ac5d6e-4931-4ace-a034-5e25768db326', + type: 'input', + message: 'Healthy', + status: 'HEALTHY', + payload: { + key: 'val', + }, + }, + ], + type: 'system/metrics', + message: "Healthy: communicating with pid '36'", + status: 'HEALTHY', + }, + ], + last_checkin_message: 'Running', + last_checkin_status: 'DEGRADED', + last_checkin: '2023-06-07T08:39:03Z', + unenrolled_at: '2023-06-07T07:45:30Z', + unenrollment_started_at: '2023-06-07T07:45:30Z', + upgraded_at: '2023-06-07T07:45:30Z', + upgrade_started_at: '2023-06-07T07:45:30Z', + default_api_key_id: 'EH_RlIgBn_WkCEINY-qh', + packages: ['system'], + tags: ['agent'], + user_provided_metadata: { + key: 'val', + }, + default_api_key_history: [ + { + id: '1', + retired_at: '', + }, + ], + }, + sort: [1686123930000, 'beb13bf6a73e'], + fields: { + status: ['online'], + }, + _id: '504b3006-52df-46a6-b7db-f3dc67aca7ac', + }; + const agent = searchHitToAgent(hit as any); + expect(agent).toEqual({ + id: '504b3006-52df-46a6-b7db-f3dc67aca7ac', + type: 'PERMANENT', + active: true, + enrolled_at: '2023-06-07T07:45:30Z', + access_api_key_id: 'EH_RlIgBn_WkCEINY-qh', + policy_id: '76c5b020-0486-11ee-97a3-c3856dd800f7', + last_checkin: '2023-06-07T08:39:03Z', + last_checkin_status: 'degraded', + last_checkin_message: 'Running', + policy_revision: 2, + sort: [1686123930000, 'beb13bf6a73e'], + outputs: { + '68233290-0486-11ee-97a3-c3856dd800f7': { + api_key_id: 'En_RlIgBn_WkCEINb-pQ', + type: 'elasticsearch', + to_retire_api_key_ids: [ + { + id: '1', + retired_at: '', + }, + ], + }, + }, + components: [ + { + id: 'system/metrics-68233290-0486-11ee-97a3-c3856dd800f7', + type: 'system/metrics', + status: 'HEALTHY', + message: "Healthy: communicating with pid '36'", + units: [ + { + id: 'system/metrics-68233290-0486-11ee-97a3-c3856dd800f7-system/metrics-system-03ac5d6e-4931-4ace-a034-5e25768db326', + type: 'input', + status: 'HEALTHY', + message: 'Healthy', + payload: { + key: 'val', + }, + }, + ], + }, + ], + local_metadata: { + elastic: { + agent: { + 'build.original': + '8.9.0-SNAPSHOT (build: 953fda060f317c2389ef6fd1cac8806a2bfe92ac at 2023-05-29 14:51:32 +0000 UTC)', + }, + }, + }, + status: 'online', + unenrolled_at: '2023-06-07T07:45:30Z', + unenrollment_started_at: '2023-06-07T07:45:30Z', + upgraded_at: '2023-06-07T07:45:30Z', + upgrade_started_at: '2023-06-07T07:45:30Z', + default_api_key_id: 'EH_RlIgBn_WkCEINY-qh', + packages: ['system'], + tags: ['agent'], + user_provided_metadata: { + key: 'val', + }, + default_api_key_history: [ + { + id: '1', + retired_at: '', + }, + ], + agent: { + id: '504b3006-52df-46a6-b7db-f3dc67aca7ac', + version: '8.9.0', + }, + }); + }); + it('should work when units is not present', () => { const hit = { _source: { diff --git a/x-pack/plugins/fleet/server/services/agents/helpers.ts b/x-pack/plugins/fleet/server/services/agents/helpers.ts index 7433fa441953d..4258e883b2351 100644 --- a/x-pack/plugins/fleet/server/services/agents/helpers.ts +++ b/x-pack/plugins/fleet/server/services/agents/helpers.ts @@ -72,7 +72,8 @@ export function searchHitToAgent( default_api_key_id: hit._source?.default_api_key_id, policy_id: hit._source?.policy_id, last_checkin: hit._source?.last_checkin, - last_checkin_status: hit._source?.last_checkin_status, + last_checkin_status: + hit._source?.last_checkin_status?.toLowerCase() as Agent['last_checkin_status'], last_checkin_message: hit._source?.last_checkin_message, policy_revision: hit._source?.policy_revision_idx, packages: hit._source?.packages ?? [], diff --git a/x-pack/plugins/fleet/server/types/rest_spec/agent.ts b/x-pack/plugins/fleet/server/types/rest_spec/agent.ts index 1a77dffa09d6b..c1dface818f28 100644 --- a/x-pack/plugins/fleet/server/types/rest_spec/agent.ts +++ b/x-pack/plugins/fleet/server/types/rest_spec/agent.ts @@ -518,6 +518,9 @@ export const GetAgentStatusRequestSchema = { return validationObj?.error; } }, + meta: { + deprecated: true, + }, }) ), }), diff --git a/x-pack/plugins/fleet/server/types/rest_spec/index.ts b/x-pack/plugins/fleet/server/types/rest_spec/index.ts index 04f9322354104..aad4982b8e499 100644 --- a/x-pack/plugins/fleet/server/types/rest_spec/index.ts +++ b/x-pack/plugins/fleet/server/types/rest_spec/index.ts @@ -22,5 +22,4 @@ export * from './download_sources'; export * from './tags'; export * from './health_check'; export * from './message_signing_service'; -export * from './app'; export * from './standalone_agent_api_key'; diff --git a/x-pack/plugins/integration_assistant/common/api/model/common_attributes.gen.ts b/x-pack/plugins/integration_assistant/common/api/model/common_attributes.gen.ts index 59fe7d461698f..49e6f12691429 100644 --- a/x-pack/plugins/integration_assistant/common/api/model/common_attributes.gen.ts +++ b/x-pack/plugins/integration_assistant/common/api/model/common_attributes.gen.ts @@ -46,7 +46,7 @@ export const RawSamples = z.array(z.string()); * mapping object to ECS Mapping Request. */ export type Mapping = z.infer; -export const Mapping = z.object({}).passthrough(); +export const Mapping = z.object({}).catchall(z.unknown()); /** * LLM Connector to be used in each API request. @@ -58,7 +58,7 @@ export const Connector = z.string(); * An array of processed documents. */ export type Docs = z.infer; -export const Docs = z.array(z.object({}).passthrough()); +export const Docs = z.array(z.object({}).catchall(z.unknown())); /** * The name of the log samples format. diff --git a/x-pack/plugins/integration_assistant/common/api/model/common_attributes.schema.yaml b/x-pack/plugins/integration_assistant/common/api/model/common_attributes.schema.yaml index 0af01834970c7..073b485b1cb3d 100644 --- a/x-pack/plugins/integration_assistant/common/api/model/common_attributes.schema.yaml +++ b/x-pack/plugins/integration_assistant/common/api/model/common_attributes.schema.yaml @@ -31,6 +31,7 @@ components: Mapping: type: object description: mapping object to ECS Mapping Request. + additionalProperties: true Connector: type: string @@ -41,6 +42,7 @@ components: description: An array of processed documents. items: type: object + additionalProperties: true SamplesFormatName: type: string diff --git a/x-pack/plugins/integration_assistant/common/ecs.ts b/x-pack/plugins/integration_assistant/common/ecs.ts index bdc2b885febe1..9fd2ac2c1835f 100644 --- a/x-pack/plugins/integration_assistant/common/ecs.ts +++ b/x-pack/plugins/integration_assistant/common/ecs.ts @@ -5,7 +5,7 @@ * 2.0. */ -interface EcsFields { +export interface EcsFields { [key: string]: string; } diff --git a/x-pack/plugins/integration_assistant/server/graphs/ecs/constants.ts b/x-pack/plugins/integration_assistant/server/graphs/ecs/constants.ts index 62cce199cfe0b..48cac5626f9fe 100644 --- a/x-pack/plugins/integration_assistant/server/graphs/ecs/constants.ts +++ b/x-pack/plugins/integration_assistant/server/graphs/ecs/constants.ts @@ -5,9 +5,7 @@ * 2.0. */ -interface EcsFields { - [key: string]: string; -} +import { EcsFields } from '../../../common/ecs'; export const ECS_TYPES: EcsFields = { '@timestamp': 'date', diff --git a/x-pack/plugins/integration_assistant/server/graphs/ecs/model.ts b/x-pack/plugins/integration_assistant/server/graphs/ecs/model.ts index 67dbc747152f5..8ef46aa2869dc 100644 --- a/x-pack/plugins/integration_assistant/server/graphs/ecs/model.ts +++ b/x-pack/plugins/integration_assistant/server/graphs/ecs/model.ts @@ -10,6 +10,7 @@ import { mergeAndChunkSamples } from './chunk'; import { ECS_EXAMPLE_ANSWER, ECS_FIELDS } from './constants'; import { createPipeline } from './pipeline'; import type { EcsBaseNodeParams } from './types'; +import { removeReservedFields } from './validate'; export function modelSubOutput({ state }: EcsBaseNodeParams): Partial { return { @@ -33,7 +34,7 @@ export function modelInput({ state }: EcsBaseNodeParams): Partial { it('processMapping()', async () => { @@ -122,3 +129,56 @@ describe('findDuplicateFields', () => { ]); }); }); + +describe('removeReservedFields', () => { + it('should remove reserved fields from the mapping', () => { + const ecsMapping = { + 'ecs.version': 'Version', + 'event.category': 'Category', + 'source.ip': 'IP', + }; + + const expectedMapping = { + 'source.ip': 'IP', + }; + + const result = removeReservedFields(ecsMapping); + expect(result).toEqual(expectedMapping); + }); + + it('should remove all fields if all are reserved', () => { + const ecsMapping = Object.fromEntries(ECS_RESERVED.map((key) => [key, key])); + const result = removeReservedFields(ecsMapping); + expect(result).toEqual({}); + }); + + it('should return the same mapping if there are no reserved fields', () => { + const ecsMapping = { + 'source.ip': 'Some IP', + 'destination.ip': 'Another IP', + }; + + const result = removeReservedFields(ecsMapping); + expect(result).toEqual(ecsMapping); + }); + + it('should handle an empty mapping', () => { + const ecsMapping = {}; + + const result = removeReservedFields(ecsMapping); + expect(result).toEqual({}); + }); + + it('should not modify the original mapping object', () => { + const ecsMapping = { + 'ecs.version': 'Version', + 'source.ip': 'IP', + }; + + const ecsMappingCopy = { ...ecsMapping }; + + const result = removeReservedFields(ecsMapping); + expect(ecsMapping).toEqual(ecsMappingCopy); + expect(ecsMapping).not.toEqual(result); + }); +}); diff --git a/x-pack/plugins/integration_assistant/server/graphs/ecs/validate.ts b/x-pack/plugins/integration_assistant/server/graphs/ecs/validate.ts index 87005e3553e90..62f88f2d234f2 100644 --- a/x-pack/plugins/integration_assistant/server/graphs/ecs/validate.ts +++ b/x-pack/plugins/integration_assistant/server/graphs/ecs/validate.ts @@ -5,7 +5,7 @@ * 2.0. */ /* eslint-disable @typescript-eslint/no-explicit-any */ -import { ECS_FULL } from '../../../common/ecs'; +import { EcsFields, ECS_FULL } from '../../../common/ecs'; import { mergeSamples } from '../../util/samples'; import { ECS_RESERVED } from './constants'; import type { EcsBaseNodeParams } from './types'; @@ -122,6 +122,15 @@ export function findDuplicateFields(prefixedSamples: string[], ecsMapping: AnyOb return results; } +// Produces a version of ECS mapping without reserved fields. +export function removeReservedFields(mapping: EcsFields): EcsFields { + const mappingCopy = { ...mapping }; + for (const field of ECS_RESERVED) { + delete mappingCopy[field]; + } + return mappingCopy; +} + // Function to find invalid ECS fields export function findInvalidEcsFields(currentMapping: AnyObject): string[] { const results: string[] = []; diff --git a/x-pack/plugins/ml/common/constants/locator.ts b/x-pack/plugins/ml/common/constants/locator.ts index 67b290bf34fcc..851c6bfa39067 100644 --- a/x-pack/plugins/ml/common/constants/locator.ts +++ b/x-pack/plugins/ml/common/constants/locator.ts @@ -62,8 +62,11 @@ export const ML_PAGES = { ANOMALY_DETECTION_MODULES_VIEW_OR_CREATE: 'modules/check_view_or_create', SETTINGS: 'settings', CALENDARS_MANAGE: 'settings/calendars_list', + CALENDARS_DST_MANAGE: 'settings/calendars_dst_list', CALENDARS_NEW: 'settings/calendars_list/new_calendar', + CALENDARS_DST_NEW: 'settings/calendars_dst_list/new_calendar', CALENDARS_EDIT: 'settings/calendars_list/edit_calendar', + CALENDARS_DST_EDIT: 'settings/calendars_dst_list/edit_calendar', FILTER_LISTS_MANAGE: 'settings/filter_lists', FILTER_LISTS_NEW: 'settings/filter_lists/new_filter_list', FILTER_LISTS_EDIT: 'settings/filter_lists/edit_filter_list', diff --git a/x-pack/plugins/ml/common/types/calendars.ts b/x-pack/plugins/ml/common/types/calendars.ts index bf37dbcc50572..a5e019d700282 100644 --- a/x-pack/plugins/ml/common/types/calendars.ts +++ b/x-pack/plugins/ml/common/types/calendars.ts @@ -5,16 +5,24 @@ * 2.0. */ -export type CalendarId = string; +import type * as estypes from '@elastic/elasticsearch/lib/api/typesWithBodyKey'; -export interface Calendar { - calendar_id: CalendarId; +export type MlCalendarId = string; + +export interface MlCalendar { + calendar_id: MlCalendarId; description: string; events: any[]; job_ids: string[]; total_job_count?: number; } -export interface UpdateCalendar extends Calendar { - calendarId: CalendarId; +export interface UpdateCalendar extends MlCalendar { + calendarId: MlCalendarId; } + +export type MlCalendarEvent = estypes.MlCalendarEvent & { + force_time_shift?: number; + skip_result?: boolean; + skip_model_update?: boolean; +}; diff --git a/x-pack/plugins/ml/common/types/locator.ts b/x-pack/plugins/ml/common/types/locator.ts index 3cc198bb3b3f2..2288fad9cb105 100644 --- a/x-pack/plugins/ml/common/types/locator.ts +++ b/x-pack/plugins/ml/common/types/locator.ts @@ -56,7 +56,9 @@ export type MlGenericUrlState = MLPageState< | typeof ML_PAGES.DATA_FRAME_ANALYTICS_CREATE_JOB | typeof ML_PAGES.OVERVIEW | typeof ML_PAGES.CALENDARS_MANAGE + | typeof ML_PAGES.CALENDARS_DST_MANAGE | typeof ML_PAGES.CALENDARS_NEW + | typeof ML_PAGES.CALENDARS_DST_NEW | typeof ML_PAGES.FILTER_LISTS_MANAGE | typeof ML_PAGES.FILTER_LISTS_NEW | typeof ML_PAGES.SETTINGS @@ -247,6 +249,14 @@ export type CalendarEditUrlState = MLPageState< } >; +export type CalendarDstEditUrlState = MLPageState< + typeof ML_PAGES.CALENDARS_DST_EDIT, + { + calendarId: string; + globalState?: MlCommonGlobalState; + } +>; + export type FilterEditUrlState = MLPageState< typeof ML_PAGES.FILTER_LISTS_EDIT, { @@ -277,6 +287,7 @@ export type MlLocatorState = | DataFrameAnalyticsUrlState | DataFrameAnalyticsExplorationUrlState | CalendarEditUrlState + | CalendarDstEditUrlState | FilterEditUrlState | MlGenericUrlState | NotificationsUrlState diff --git a/x-pack/plugins/ml/public/application/aiops/change_point_detection.tsx b/x-pack/plugins/ml/public/application/aiops/change_point_detection.tsx index 874183dcc4d2c..146a3efc9cfcd 100644 --- a/x-pack/plugins/ml/public/application/aiops/change_point_detection.tsx +++ b/x-pack/plugins/ml/public/application/aiops/change_point_detection.tsx @@ -13,6 +13,7 @@ import { EuiFlexGroup, EuiFlexItem } from '@elastic/eui'; import { FormattedMessage } from '@kbn/i18n-react'; import { ChangePointDetection } from '@kbn/aiops-plugin/public'; +import { AIOPS_EMBEDDABLE_ORIGIN } from '@kbn/aiops-common/constants'; import { useDataSource } from '../contexts/ml/data_source_context'; import { useMlKibana } from '../contexts/kibana'; @@ -48,7 +49,8 @@ export const ChangePointDetectionPage: FC = () => { dataView={dataView} savedSearch={savedSearch} showFrozenDataTierChoice={showNodeInfo} - appDependencies={{ + appContextValue={{ + embeddingOrigin: AIOPS_EMBEDDABLE_ORIGIN.ML_AIOPS_LABS, ...pick(services, [ 'analytics', 'application', diff --git a/x-pack/plugins/ml/public/application/aiops/log_categorization.tsx b/x-pack/plugins/ml/public/application/aiops/log_categorization.tsx index 1ca0fc8ec2ef4..fea9b0d7e8810 100644 --- a/x-pack/plugins/ml/public/application/aiops/log_categorization.tsx +++ b/x-pack/plugins/ml/public/application/aiops/log_categorization.tsx @@ -8,9 +8,13 @@ import type { FC } from 'react'; import React from 'react'; import { pick } from 'lodash'; + import { EuiFlexGroup, EuiFlexItem } from '@elastic/eui'; + import { FormattedMessage } from '@kbn/i18n-react'; import { LogCategorization } from '@kbn/aiops-plugin/public'; +import { AIOPS_EMBEDDABLE_ORIGIN } from '@kbn/aiops-common/constants'; + import { useDataSource } from '../contexts/ml/data_source_context'; import { useMlKibana } from '../contexts/kibana'; import { useEnabledFeatures } from '../contexts/ml'; @@ -40,24 +44,27 @@ export const LogCategorizationPage: FC = () => { dataView={dataView} savedSearch={savedSearch} showFrozenDataTierChoice={showNodeInfo} - appDependencies={pick(services, [ - 'analytics', - 'application', - 'charts', - 'data', - 'executionContext', - 'fieldFormats', - 'http', - 'i18n', - 'lens', - 'notifications', - 'share', - 'storage', - 'theme', - 'uiActions', - 'uiSettings', - 'unifiedSearch', - ])} + appContextValue={{ + embeddingOrigin: AIOPS_EMBEDDABLE_ORIGIN.ML_AIOPS_LABS, + ...pick(services, [ + 'analytics', + 'application', + 'charts', + 'data', + 'executionContext', + 'fieldFormats', + 'http', + 'i18n', + 'lens', + 'notifications', + 'share', + 'storage', + 'theme', + 'uiActions', + 'uiSettings', + 'unifiedSearch', + ]), + }} /> )} diff --git a/x-pack/plugins/ml/public/application/aiops/log_rate_analysis.tsx b/x-pack/plugins/ml/public/application/aiops/log_rate_analysis.tsx index f97387fa4c50d..d24b5ab8498b0 100644 --- a/x-pack/plugins/ml/public/application/aiops/log_rate_analysis.tsx +++ b/x-pack/plugins/ml/public/application/aiops/log_rate_analysis.tsx @@ -11,6 +11,8 @@ import { pick } from 'lodash'; import { FormattedMessage } from '@kbn/i18n-react'; import { LogRateAnalysis } from '@kbn/aiops-plugin/public'; +import { AIOPS_EMBEDDABLE_ORIGIN } from '@kbn/aiops-common/constants'; + import { useDataSource } from '../contexts/ml/data_source_context'; import { useMlKibana } from '../contexts/kibana'; import { HelpMenu } from '../components/help_menu'; @@ -37,25 +39,28 @@ export const LogRateAnalysisPage: FC = () => { savedSearch={savedSearch} showContextualInsights={showContextualInsights} showFrozenDataTierChoice={showNodeInfo} - appDependencies={pick(services, [ - 'analytics', - 'application', - 'charts', - 'data', - 'executionContext', - 'fieldFormats', - 'http', - 'i18n', - 'lens', - 'notifications', - 'share', - 'storage', - 'theme', - 'uiActions', - 'uiSettings', - 'unifiedSearch', - 'observabilityAIAssistant', - ])} + appContextValue={{ + embeddingOrigin: AIOPS_EMBEDDABLE_ORIGIN.ML_AIOPS_LABS, + ...pick(services, [ + 'analytics', + 'application', + 'charts', + 'data', + 'executionContext', + 'fieldFormats', + 'http', + 'i18n', + 'lens', + 'notifications', + 'share', + 'storage', + 'theme', + 'uiActions', + 'uiSettings', + 'unifiedSearch', + 'observabilityAIAssistant', + ]), + }} /> )} diff --git a/x-pack/plugins/ml/public/application/jobs/new_job/common/job_creator/job_creator.ts b/x-pack/plugins/ml/public/application/jobs/new_job/common/job_creator/job_creator.ts index f43fa93368447..3d659c7a96fd7 100644 --- a/x-pack/plugins/ml/public/application/jobs/new_job/common/job_creator/job_creator.ts +++ b/x-pack/plugins/ml/public/application/jobs/new_job/common/job_creator/job_creator.ts @@ -45,7 +45,7 @@ import type { CREATED_BY_LABEL } from '../../../../../../common/constants/new_jo import { JOB_TYPE, SHARED_RESULTS_INDEX_NAME } from '../../../../../../common/constants/new_job'; import { collectAggs } from './util/general'; import { filterRuntimeMappings } from './util/filter_runtime_mappings'; -import type { Calendar } from '../../../../../../common/types/calendars'; +import type { MlCalendar } from '../../../../../../common/types/calendars'; import { mlCalendarService } from '../../../../services/calendar_service'; import { getDatafeedAggregations } from '../../../../../../common/util/datafeed_utils'; import { getFirstKeyInObject } from '../../../../../../common/util/object_utils'; @@ -58,7 +58,7 @@ export class JobCreator { protected _indexPatternTitle: IndexPatternTitle = ''; protected _indexPatternDisplayName: string = ''; protected _job_config: Job; - protected _calendars: Calendar[]; + protected _calendars: MlCalendar[]; protected _datafeed_config: Datafeed; protected _detectors: Detector[]; protected _influencers: string[]; @@ -271,11 +271,11 @@ export class JobCreator { this._job_config.groups = groups; } - public get calendars(): Calendar[] { + public get calendars(): MlCalendar[] { return this._calendars; } - public set calendars(calendars: Calendar[]) { + public set calendars(calendars: MlCalendar[]) { this._calendars = calendars; } diff --git a/x-pack/plugins/ml/public/application/jobs/new_job/pages/components/job_details_step/components/additional_section/additional_section.tsx b/x-pack/plugins/ml/public/application/jobs/new_job/pages/components/job_details_step/components/additional_section/additional_section.tsx index f1ca62fc18dcc..d49db1bbc6316 100644 --- a/x-pack/plugins/ml/public/application/jobs/new_job/pages/components/job_details_step/components/additional_section/additional_section.tsx +++ b/x-pack/plugins/ml/public/application/jobs/new_job/pages/components/job_details_step/components/additional_section/additional_section.tsx @@ -43,12 +43,16 @@ export const AdditionalSection: FC = ({ additionalExpanded, setAdditional + + - + + + diff --git a/x-pack/plugins/ml/public/application/jobs/new_job/pages/components/job_details_step/components/additional_section/components/calendars/calendars_selection.tsx b/x-pack/plugins/ml/public/application/jobs/new_job/pages/components/job_details_step/components/additional_section/components/calendars/calendars_selection.tsx index 06718f175b266..8b9f7eb16b1f4 100644 --- a/x-pack/plugins/ml/public/application/jobs/new_job/pages/components/job_details_step/components/additional_section/components/calendars/calendars_selection.tsx +++ b/x-pack/plugins/ml/public/application/jobs/new_job/pages/components/job_details_step/components/additional_section/components/calendars/calendars_selection.tsx @@ -20,15 +20,24 @@ import { EuiToolTip, } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; +import { + filterCalendarsForDst, + separateCalendarsByType, +} from '../../../../../../../../../settings/calendars/dst_utils'; import { JobCreatorContext } from '../../../../../job_creator_context'; import { Description } from './description'; import { PLUGIN_ID } from '../../../../../../../../../../../common/constants/app'; -import type { Calendar } from '../../../../../../../../../../../common/types/calendars'; +import type { MlCalendar } from '../../../../../../../../../../../common/types/calendars'; import { useMlApi, useMlKibana } from '../../../../../../../../../contexts/kibana'; import { GLOBAL_CALENDAR } from '../../../../../../../../../../../common/constants/calendars'; import { ML_PAGES } from '../../../../../../../../../../../common/constants/locator'; +import { DescriptionDst } from './description_dst'; + +interface Props { + isDst?: boolean; +} -export const CalendarsSelection: FC = () => { +export const CalendarsSelection: FC = ({ isDst = false }) => { const { services: { application: { getUrlForApp }, @@ -37,19 +46,22 @@ export const CalendarsSelection: FC = () => { const mlApi = useMlApi(); const { jobCreator, jobCreatorUpdate } = useContext(JobCreatorContext); - const [selectedCalendars, setSelectedCalendars] = useState(jobCreator.calendars); - const [selectedOptions, setSelectedOptions] = useState>>( - [] + const [selectedCalendars, setSelectedCalendars] = useState( + filterCalendarsForDst(jobCreator.calendars, isDst) ); - const [options, setOptions] = useState>>([]); + const [selectedOptions, setSelectedOptions] = useState< + Array> + >([]); + const [options, setOptions] = useState>>([]); const [isLoading, setIsLoading] = useState(false); async function loadCalendars() { setIsLoading(true); - const calendars = (await mlApi.calendars()).filter( + const { calendars, calendarsDst } = separateCalendarsByType(await mlApi.calendars()); + const filteredCalendars = (isDst ? calendarsDst : calendars).filter( (c) => c.job_ids.includes(GLOBAL_CALENDAR) === false ); - setOptions(calendars.map((c) => ({ label: c.calendar_id, value: c }))); + setOptions(filteredCalendars.map((c) => ({ label: c.calendar_id, value: c }))); setSelectedOptions(selectedCalendars.map((c) => ({ label: c.calendar_id, value: c }))); setIsLoading(false); } @@ -60,12 +72,14 @@ export const CalendarsSelection: FC = () => { }, []); useEffect(() => { - jobCreator.calendars = selectedCalendars; + const { calendars, calendarsDst } = separateCalendarsByType(jobCreator.calendars); + const otherCalendars = isDst ? calendars : calendarsDst; + jobCreator.calendars = [...selectedCalendars, ...otherCalendars]; jobCreatorUpdate(); // eslint-disable-next-line react-hooks/exhaustive-deps }, [selectedCalendars.join()]); - const comboBoxProps: EuiComboBoxProps = { + const comboBoxProps: EuiComboBoxProps = { async: true, options, selectedOptions, @@ -77,11 +91,13 @@ export const CalendarsSelection: FC = () => { }; const manageCalendarsHref = getUrlForApp(PLUGIN_ID, { - path: ML_PAGES.CALENDARS_MANAGE, + path: isDst ? ML_PAGES.CALENDARS_DST_MANAGE : ML_PAGES.CALENDARS_MANAGE, }); + const Desc = isDst ? DescriptionDst : Description; + return ( - + @@ -119,6 +135,6 @@ export const CalendarsSelection: FC = () => { /> - + ); }; diff --git a/x-pack/plugins/ml/public/application/jobs/new_job/pages/components/job_details_step/components/additional_section/components/calendars/description_dst.tsx b/x-pack/plugins/ml/public/application/jobs/new_job/pages/components/job_details_step/components/additional_section/components/calendars/description_dst.tsx new file mode 100644 index 0000000000000..ec8ed142ab628 --- /dev/null +++ b/x-pack/plugins/ml/public/application/jobs/new_job/pages/components/job_details_step/components/additional_section/components/calendars/description_dst.tsx @@ -0,0 +1,51 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { FC, PropsWithChildren } from 'react'; +import React, { memo } from 'react'; +import { i18n } from '@kbn/i18n'; +import { FormattedMessage } from '@kbn/i18n-react'; +import { EuiDescribedFormGroup, EuiFormRow, EuiLink } from '@elastic/eui'; +import { useMlKibana } from '../../../../../../../../../contexts/kibana'; + +export const DescriptionDst: FC> = memo(({ children }) => { + const { + services: { docLinks }, + } = useMlKibana(); + const docsUrl = docLinks.links.ml.calendars; + const title = i18n.translate( + 'xpack.ml.newJob.wizard.jobDetailsStep.additionalSection.calendarsDstSelection.title', + { + defaultMessage: 'DST Calendars', + } + ); + return ( + {title}} + description={ + + + + ), + }} + /> + } + > + + <>{children} + + + ); +}); diff --git a/x-pack/plugins/ml/public/application/routing/breadcrumbs.ts b/x-pack/plugins/ml/public/application/routing/breadcrumbs.ts index 1792b4cbfefa2..78f820dc662ca 100644 --- a/x-pack/plugins/ml/public/application/routing/breadcrumbs.ts +++ b/x-pack/plugins/ml/public/application/routing/breadcrumbs.ts @@ -128,6 +128,14 @@ export const CALENDAR_MANAGEMENT_BREADCRUMB: ChromeBreadcrumb = Object.freeze({ deepLinkId: 'ml:calendarSettings', }); +export const CALENDAR_DST_MANAGEMENT_BREADCRUMB: ChromeBreadcrumb = Object.freeze({ + text: i18n.translate('xpack.ml.settings.breadcrumbs.calendarManagementLabel', { + defaultMessage: 'Calendar DST management', + }), + href: '/settings/calendars_dst_list', + deepLinkId: 'ml:calendarSettings', +}); + export const FILTER_LISTS_BREADCRUMB: ChromeBreadcrumb = Object.freeze({ text: i18n.translate('xpack.ml.settings.breadcrumbs.filterListsLabel', { defaultMessage: 'Filter lists', @@ -160,6 +168,7 @@ const breadcrumbs = { CHANGE_POINT_DETECTION, CREATE_JOB_BREADCRUMB, CALENDAR_MANAGEMENT_BREADCRUMB, + CALENDAR_DST_MANAGEMENT_BREADCRUMB, FILTER_LISTS_BREADCRUMB, SUPPLIED_CONFIGURATIONS, }; diff --git a/x-pack/plugins/ml/public/application/routing/routes/settings/calendar_list.tsx b/x-pack/plugins/ml/public/application/routing/routes/settings/calendar_list.tsx index 088c403378de0..16d8d8ac8cd9b 100644 --- a/x-pack/plugins/ml/public/application/routing/routes/settings/calendar_list.tsx +++ b/x-pack/plugins/ml/public/application/routing/routes/settings/calendar_list.tsx @@ -31,7 +31,7 @@ export const calendarListRouteFactory = ( title: i18n.translate('xpack.ml.settings.calendarList.docTitle', { defaultMessage: 'Calendars', }), - render: (props, deps) => , + render: (props, deps) => , breadcrumbs: [ getBreadcrumbWithUrlForApp('ML_BREADCRUMB', navigateToPath, basePath), getBreadcrumbWithUrlForApp('ANOMALY_DETECTION_BREADCRUMB', navigateToPath, basePath), @@ -40,7 +40,24 @@ export const calendarListRouteFactory = ( ], }); -const PageWrapper: FC = () => { +export const calendarDstListRouteFactory = ( + navigateToPath: NavigateToPath, + basePath: string +): MlRoute => ({ + path: createPath(ML_PAGES.CALENDARS_DST_MANAGE), + title: i18n.translate('xpack.ml.settings.calendarList.docTitle', { + defaultMessage: 'Calendars', + }), + render: (props, deps) => , + breadcrumbs: [ + getBreadcrumbWithUrlForApp('ML_BREADCRUMB', navigateToPath, basePath), + getBreadcrumbWithUrlForApp('ANOMALY_DETECTION_BREADCRUMB', navigateToPath, basePath), + getBreadcrumbWithUrlForApp('SETTINGS_BREADCRUMB', navigateToPath, basePath), + getBreadcrumbWithUrlForApp('CALENDAR_DST_MANAGEMENT_BREADCRUMB'), + ], +}); + +const PageWrapper: FC = ({ isDst }) => { const { context } = useRouteResolver('full', ['canGetCalendars'], { getMlNodeCount }); useTimefilter({ timeRangeSelector: false, autoRefreshSelector: false }); @@ -52,7 +69,7 @@ const PageWrapper: FC = () => { return ( - + ); }; diff --git a/x-pack/plugins/ml/public/application/routing/routes/settings/calendar_new_edit.tsx b/x-pack/plugins/ml/public/application/routing/routes/settings/calendar_new_edit.tsx index 61d5406871283..7d4db9b58e560 100644 --- a/x-pack/plugins/ml/public/application/routing/routes/settings/calendar_new_edit.tsx +++ b/x-pack/plugins/ml/public/application/routing/routes/settings/calendar_new_edit.tsx @@ -14,7 +14,6 @@ import type { NavigateToPath } from '../../../contexts/kibana'; import type { MlRoute, PageProps } from '../../router'; import { createPath, PageLoader } from '../../router'; import { useRouteResolver } from '../../use_resolver'; -import { usePermissionCheck } from '../../../capabilities/check_capabilities'; import { getBreadcrumbWithUrlForApp } from '../../breadcrumbs'; import { ML_PAGES } from '../../../../../common/constants/locator'; import { getMlNodeCount } from '../../../ml_nodes_check'; @@ -26,6 +25,7 @@ enum MODE { interface NewCalendarPageProps extends PageProps { mode: MODE; + isDst: boolean; } const NewCalendar = dynamic(async () => ({ @@ -40,7 +40,7 @@ export const newCalendarRouteFactory = ( title: i18n.translate('xpack.ml.settings.createCalendar.docTitle', { defaultMessage: 'Create Calendar', }), - render: (props, deps) => , + render: (props, deps) => , breadcrumbs: [ getBreadcrumbWithUrlForApp('ML_BREADCRUMB', navigateToPath, basePath), getBreadcrumbWithUrlForApp('ANOMALY_DETECTION_BREADCRUMB', navigateToPath, basePath), @@ -62,7 +62,7 @@ export const editCalendarRouteFactory = ( title: i18n.translate('xpack.ml.settings.editCalendar.docTitle', { defaultMessage: 'Edit Calendar', }), - render: (props, deps) => , + render: (props, deps) => , breadcrumbs: [ getBreadcrumbWithUrlForApp('ML_BREADCRUMB', navigateToPath, basePath), getBreadcrumbWithUrlForApp('SETTINGS_BREADCRUMB', navigateToPath, basePath), @@ -75,7 +75,50 @@ export const editCalendarRouteFactory = ( ], }); -const PageWrapper: FC = ({ location, mode }) => { +export const newCalendarDstRouteFactory = ( + navigateToPath: NavigateToPath, + basePath: string +): MlRoute => ({ + path: createPath(ML_PAGES.CALENDARS_DST_NEW), + title: i18n.translate('xpack.ml.settings.createCalendarDst.docTitle', { + defaultMessage: 'Create DST Calendar', + }), + render: (props, deps) => , + breadcrumbs: [ + getBreadcrumbWithUrlForApp('ML_BREADCRUMB', navigateToPath, basePath), + getBreadcrumbWithUrlForApp('ANOMALY_DETECTION_BREADCRUMB', navigateToPath, basePath), + getBreadcrumbWithUrlForApp('SETTINGS_BREADCRUMB', navigateToPath, basePath), + getBreadcrumbWithUrlForApp('CALENDAR_DST_MANAGEMENT_BREADCRUMB', navigateToPath, basePath), + { + text: i18n.translate('xpack.ml.settings.breadcrumbs.calendarManagement.createLabel', { + defaultMessage: 'Create', + }), + }, + ], +}); + +export const editCalendarDstRouteFactory = ( + navigateToPath: NavigateToPath, + basePath: string +): MlRoute => ({ + path: createPath(ML_PAGES.CALENDARS_DST_EDIT, '/:calendarId'), + title: i18n.translate('xpack.ml.settings.editCalendarDst.docTitle', { + defaultMessage: 'Edit DST Calendar', + }), + render: (props, deps) => , + breadcrumbs: [ + getBreadcrumbWithUrlForApp('ML_BREADCRUMB', navigateToPath, basePath), + getBreadcrumbWithUrlForApp('SETTINGS_BREADCRUMB', navigateToPath, basePath), + getBreadcrumbWithUrlForApp('CALENDAR_DST_MANAGEMENT_BREADCRUMB', navigateToPath, basePath), + { + text: i18n.translate('xpack.ml.settings.breadcrumbs.calendarManagement.editLabel', { + defaultMessage: 'Edit', + }), + }, + ], +}); + +const PageWrapper: FC = ({ location, mode, isDst }) => { let calendarId: string | undefined; if (mode === MODE.EDIT) { const pathMatch: string[] | null = location.pathname.match(/.+\/(.+)$/); @@ -86,14 +129,9 @@ const PageWrapper: FC = ({ location, mode }) => { useTimefilter({ timeRangeSelector: false, autoRefreshSelector: false }); - const [canCreateCalendar, canDeleteCalendar] = usePermissionCheck([ - 'canCreateCalendar', - 'canDeleteCalendar', - ]); - return ( - + ); }; diff --git a/x-pack/plugins/ml/public/application/routing/use_active_route.tsx b/x-pack/plugins/ml/public/application/routing/use_active_route.tsx index 202c552559c1b..5827cc036ddf4 100644 --- a/x-pack/plugins/ml/public/application/routing/use_active_route.tsx +++ b/x-pack/plugins/ml/public/application/routing/use_active_route.tsx @@ -15,6 +15,7 @@ import { toMountPoint } from '@kbn/react-kibana-mount'; import { PLUGIN_ID } from '../../../common/constants/app'; import { useMlKibana } from '../contexts/kibana'; import type { MlRoute } from './router'; +import { ML_PAGES } from '../../locator'; /** * Provides an active route of the ML app. @@ -30,8 +31,9 @@ export const useActiveRoute = (routesList: MlRoute[]): MlRoute => { /** * Temp fix for routes with params. */ - const editCalendarMatch = useRouteMatch('/settings/calendars_list/edit_calendar/:calendarId'); - const editFilterMatch = useRouteMatch('/settings/filter_lists/edit_filter_list/:filterId'); + const editCalendarMatch = useRouteMatch(`/${ML_PAGES.CALENDARS_EDIT}/:calendarId`); + const editCalendarDstMatch = useRouteMatch(`/${ML_PAGES.CALENDARS_DST_EDIT}/:calendarId`); + const editFilterMatch = useRouteMatch(`/${ML_PAGES.FILTER_LISTS_EDIT}/:filterId`); // eslint-disable-next-line react-hooks/exhaustive-deps const routesMap = useMemo(() => keyBy(routesList, 'path'), []); @@ -40,6 +42,9 @@ export const useActiveRoute = (routesList: MlRoute[]): MlRoute => { if (editCalendarMatch) { return routesMap[editCalendarMatch.path]; } + if (editCalendarDstMatch) { + return routesMap[editCalendarDstMatch.path]; + } if (editFilterMatch) { return routesMap[editFilterMatch.path]; } diff --git a/x-pack/plugins/ml/public/application/services/calendar_service.ts b/x-pack/plugins/ml/public/application/services/calendar_service.ts index ada2cbce43f6c..cccd2872ab344 100644 --- a/x-pack/plugins/ml/public/application/services/calendar_service.ts +++ b/x-pack/plugins/ml/public/application/services/calendar_service.ts @@ -6,7 +6,7 @@ */ import { i18n } from '@kbn/i18n'; -import type { Calendar, CalendarId } from '../../../common/types/calendars'; +import type { MlCalendar, MlCalendarId } from '../../../common/types/calendars'; import type { JobId } from '../../../common/types/anomaly_detection_jobs'; import type { MlApi } from './ml_api_service'; @@ -16,7 +16,7 @@ class CalendarService { * @param calendar * @param jobId */ - async assignNewJobId(mlApi: MlApi, calendar: Calendar, jobId: JobId) { + async assignNewJobId(mlApi: MlApi, calendar: MlCalendar, jobId: JobId) { const { calendar_id: calendarId } = calendar; try { await mlApi.updateCalendar({ @@ -38,7 +38,7 @@ class CalendarService { * Fetches calendars by the list of ids. * @param calendarIds */ - async fetchCalendarsByIds(mlApi: MlApi, calendarIds: CalendarId[]): Promise { + async fetchCalendarsByIds(mlApi: MlApi, calendarIds: MlCalendarId[]): Promise { try { const calendars = await mlApi.calendars({ calendarIds }); return Array.isArray(calendars) ? calendars : [calendars]; diff --git a/x-pack/plugins/ml/public/application/services/ml_api_service/index.ts b/x-pack/plugins/ml/public/application/services/ml_api_service/index.ts index e1a6d8c15d397..fa6d179059eec 100644 --- a/x-pack/plugins/ml/public/application/services/ml_api_service/index.ts +++ b/x-pack/plugins/ml/public/application/services/ml_api_service/index.ts @@ -20,7 +20,7 @@ import type { } from '../../../../common/types/ml_server_info'; import type { MlCapabilitiesResponse } from '../../../../common/types/capabilities'; import type { RecognizeModuleResult } from '../../../../common/types/modules'; -import type { Calendar, CalendarId, UpdateCalendar } from '../../../../common/types/calendars'; +import type { MlCalendar, MlCalendarId, UpdateCalendar } from '../../../../common/types/calendars'; import type { BucketSpanEstimatorData } from '../../../../common/types/job_service'; import type { Job, @@ -555,9 +555,9 @@ export function mlApiProvider(httpService: HttpService) { /** * Gets a list of calendars * @param obj - * @returns {Promise} + * @returns {Promise} */ - calendars(obj?: { calendarId?: CalendarId; calendarIds?: CalendarId[] }) { + calendars(obj?: { calendarId?: MlCalendarId; calendarIds?: MlCalendarId[] }) { const { calendarId, calendarIds } = obj || {}; let calendarIdsPathComponent = ''; if (calendarId) { @@ -565,14 +565,14 @@ export function mlApiProvider(httpService: HttpService) { } else if (calendarIds) { calendarIdsPathComponent = `/${calendarIds.join(',')}`; } - return httpService.http({ + return httpService.http({ path: `${ML_INTERNAL_BASE_PATH}/calendars${calendarIdsPathComponent}`, method: 'GET', version: '1', }); }, - addCalendar(obj: Calendar) { + addCalendar(obj: MlCalendar) { const body = JSON.stringify(obj); return httpService.http({ path: `${ML_INTERNAL_BASE_PATH}/calendars`, diff --git a/x-pack/plugins/ml/public/application/settings/anomaly_detection_settings.tsx b/x-pack/plugins/ml/public/application/settings/anomaly_detection_settings.tsx index e5fce41df2e18..9b6a71639cb97 100644 --- a/x-pack/plugins/ml/public/application/settings/anomaly_detection_settings.tsx +++ b/x-pack/plugins/ml/public/application/settings/anomaly_detection_settings.tsx @@ -27,11 +27,13 @@ import { AnomalyDetectionSettingsContext } from './anomaly_detection_settings_co import { useToastNotificationService } from '../services/toast_notification_service'; import { ML_PAGES } from '../../../common/constants/locator'; import { useCreateAndNavigateToMlLink } from '../contexts/kibana/use_create_url'; +import { separateCalendarsByType } from './calendars/dst_utils'; export const AnomalyDetectionSettings: FC = () => { const mlApi = useMlApi(); const [calendarsCount, setCalendarsCount] = useState(0); + const [calendarsDstCount, setCalendarsDstCount] = useState(0); const [filterListsCount, setFilterListsCount] = useState(0); const { canGetFilters, canCreateFilter, canGetCalendars, canCreateCalendar } = useContext( @@ -40,7 +42,9 @@ export const AnomalyDetectionSettings: FC = () => { const { displayErrorToast } = useToastNotificationService(); const redirectToCalendarList = useCreateAndNavigateToMlLink(ML_PAGES.CALENDARS_MANAGE); + const redirectToCalendarDstList = useCreateAndNavigateToMlLink(ML_PAGES.CALENDARS_DST_MANAGE); const redirectToNewCalendarPage = useCreateAndNavigateToMlLink(ML_PAGES.CALENDARS_NEW); + const redirectToNewCalendarDstPage = useCreateAndNavigateToMlLink(ML_PAGES.CALENDARS_DST_NEW); const redirectToFilterLists = useCreateAndNavigateToMlLink(ML_PAGES.FILTER_LISTS_MANAGE); const redirectToNewFilterListPage = useCreateAndNavigateToMlLink(ML_PAGES.FILTER_LISTS_NEW); @@ -53,8 +57,9 @@ export const AnomalyDetectionSettings: FC = () => { // Obtain the counts of calendars and filter lists. if (canGetCalendars === true) { try { - const calendars = await mlApi.calendars(); + const { calendarsDst, calendars } = separateCalendarsByType(await mlApi.calendars()); setCalendarsCount(calendars.length); + setCalendarsDstCount(calendarsDst.length); } catch (e) { displayErrorToast( e, @@ -94,7 +99,7 @@ export const AnomalyDetectionSettings: FC = () => { - +

{ - + + + +

+ +

+ + + + +

+ +

+ + + + + {canGetCalendars && ( + + + {calendarsDstCount}, + calendarsDstCount, + }} + /> + + + )} + + + + + + + + + + + + + + + + + +

{ + ); diff --git a/x-pack/plugins/ml/public/application/settings/calendars/dst_utils.test.ts b/x-pack/plugins/ml/public/application/settings/calendars/dst_utils.test.ts new file mode 100644 index 0000000000000..0bdb7a7af89ce --- /dev/null +++ b/x-pack/plugins/ml/public/application/settings/calendars/dst_utils.test.ts @@ -0,0 +1,81 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { getDSTChangeDates, createDstEvents } from './dst_utils'; +import moment from 'moment-timezone'; + +describe('getDSTChangeDates', () => { + it('should return correct DST change dates for a given timezone and year', () => { + const timezone = 'America/New_York'; + const year = 2023; + const { start, end } = getDSTChangeDates(timezone, year); + + expect(start).not.toBeNull(); + expect(end).not.toBeNull(); + + expect(moment(start).isDST()).toBe(true); + expect(moment(end).isDST()).toBe(false); + }); + + it('should return null for start and end if no DST changes are found', () => { + const timezone = 'Asia/Tokyo'; + const year = 2023; + const { start, end } = getDSTChangeDates(timezone, year); + + expect(start).toBeNull(); + expect(end).toBeNull(); + }); + + it('should handle edge cases around the start and end of the year', () => { + const timezone = 'Europe/London'; + const year = 2023; + const { start, end } = getDSTChangeDates(timezone, year); + + expect(start).not.toBeNull(); + expect(end).not.toBeNull(); + + if (start && end) { + expect(moment(start).isDST()).toBe(true); + expect(moment(end).isDST()).toBe(false); + } + }); +}); + +describe('createDstEvents', () => { + it('should create DST events for a given timezone', () => { + const timezone = 'America/New_York'; + const events = createDstEvents(timezone); + + expect(events.length).toBeGreaterThan(0); + events.forEach((event) => { + expect(event).toHaveProperty('event_id'); + expect(event).toHaveProperty('description'); + expect(event).toHaveProperty('start_time'); + expect(event).toHaveProperty('end_time'); + expect(event).toHaveProperty('skip_result', false); + expect(event).toHaveProperty('skip_model_update', false); + expect(event).toHaveProperty('force_time_shift'); + expect(event.description).toMatch(/(Winter|Summer) \d{4}/); + }); + }); + + it('should create correct number of DST events', () => { + const timezone = 'Europe/London'; + const events = createDstEvents(timezone); + + // Each year should have 2 events (start and end of DST) + const expectedNumberOfEvents = 20 * 2; + expect(events.length).toBe(expectedNumberOfEvents); + }); + + it('should handle timezones with no DST changes', () => { + const timezone = 'Asia/Tokyo'; + const events = createDstEvents(timezone); + + expect(events.length).toBe(0); + }); +}); diff --git a/x-pack/plugins/ml/public/application/settings/calendars/dst_utils.ts b/x-pack/plugins/ml/public/application/settings/calendars/dst_utils.ts new file mode 100644 index 0000000000000..6e4fd1fc5b9e4 --- /dev/null +++ b/x-pack/plugins/ml/public/application/settings/calendars/dst_utils.ts @@ -0,0 +1,153 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { i18n } from '@kbn/i18n'; +import type { Moment } from 'moment-timezone'; +import moment from 'moment-timezone'; + +import type { MlCalendar, MlCalendarEvent } from '../../../../common/types/calendars'; +import { generateTempId } from './edit/utils'; + +const YEARS_OF_DST_EVENTS = 20; + +function addZeroPadding(num: number) { + return num < 10 ? `0${num}` : num; +} + +const DST_CHANGE_DESCRIPTIONS = { + WINTER: i18n.translate('xpack.ml.calendarsEdit.dstChangeDescriptionWinter', { + defaultMessage: 'Winter', + }), + SUMMER: i18n.translate('xpack.ml.calendarsEdit.dstChangeDescriptionSummer', { + defaultMessage: 'Summer', + }), +} as const; + +function createDstEvent(time: Moment, year: number, shiftSecs: number) { + return { + event_id: generateTempId(), + description: `${ + shiftSecs > 0 ? DST_CHANGE_DESCRIPTIONS.SUMMER : DST_CHANGE_DESCRIPTIONS.WINTER + } ${year}`, + start_time: time.valueOf(), + end_time: time.add(2, 'days').valueOf(), + skip_result: false, + skip_model_update: false, + force_time_shift: shiftSecs, + }; +} + +export function getDSTChangeDates(timezone: string, year: number) { + let start: Moment | null = null; + let end: Moment | null = null; + + for (let month = 1; month < 13; month++) { + for (let day = 1; day <= 31; day++) { + const date = moment.tz( + `${year}-${addZeroPadding(month)}-${addZeroPadding(day)} 09:00:00`, + timezone + ); + if (date.isValid() === false) { + continue; + } + + if (!start && date.isDST()) { + // loop over hours + for (let hour = 0; hour < 24; hour++) { + const date2 = moment.tz( + `${year}-${addZeroPadding(month)}-${addZeroPadding(day)} ${addZeroPadding(hour)}:00:00`, + timezone + ); + if (date2.isDST() === true) { + start = date2; + break; + } + } + } + + if (start && !end && date.isDST() === false) { + // loop over hours + for (let hour = 0; hour < 24; hour++) { + const date2 = moment.tz( + `${year}-${addZeroPadding(month)}-${addZeroPadding(day)} ${addZeroPadding(hour)}:00:00`, + timezone + ); + if (date2.isDST() === false) { + end = date2; + break; + } + } + } + } + } + + return { start, end, year }; +} + +function generateDSTChangeDates( + timezone: string, + years: number +): { + dates: Array<{ start: Moment | null; end: Moment | null; year: number }>; + shiftSecs: number; +} { + const thisYear = new Date().getFullYear(); + const endYear = thisYear + years; + const dates = []; + for (let year = thisYear; year < endYear; year++) { + const dstChanges = getDSTChangeDates(timezone, year); + dates.push(dstChanges); + } + const janDate = moment.tz(`${thisYear}-01-10 09:00:00`, timezone); + const juneDate = moment.tz(`${thisYear}-06-10 09:00:00`, timezone); + const diffMins = juneDate.utcOffset() - janDate.utcOffset(); + const shiftSecs = diffMins * 60; + return { dates, shiftSecs }; +} + +export function createDstEvents(timezone: string) { + const { dates, shiftSecs } = generateDSTChangeDates(timezone, YEARS_OF_DST_EVENTS); + return dates.reduce((acc, date) => { + if (!date.start || !date.end) { + return acc; + } + acc.push(createDstEvent(date.start, date.year, shiftSecs)); + acc.push(createDstEvent(date.end, date.year, -shiftSecs)); + + return acc; + }, []); +} + +export function isDstCalendar(calendar: MlCalendar) { + return calendar.events.some((event) => { + return event.force_time_shift !== undefined; + }); +} + +export function filterCalendarsForDst(calendars: MlCalendar[], isDst: boolean) { + return calendars.filter((calendar) => { + return isDstCalendar(calendar) === isDst; + }); +} + +export function separateCalendarsByType(allCalendars: MlCalendar[]) { + const calendarsDst: MlCalendar[] = []; + const calendars: MlCalendar[] = []; + allCalendars.forEach((calendar) => { + if (isDstCalendar(calendar)) { + calendarsDst.push(calendar); + } else { + calendars.push(calendar); + } + }); + return { calendarsDst, calendars }; +} + +export function generateTimeZones() { + const zones = moment.tz.names(); + return zones; +} diff --git a/x-pack/plugins/ml/public/application/settings/calendars/edit/calendar_form/__snapshots__/calendar_form.test.js.snap b/x-pack/plugins/ml/public/application/settings/calendars/edit/calendar_form/__snapshots__/calendar_form.test.js.snap index 39098fa671fcd..e70c43b383f98 100644 --- a/x-pack/plugins/ml/public/application/settings/calendars/edit/calendar_form/__snapshots__/calendar_form.test.js.snap +++ b/x-pack/plugins/ml/public/application/settings/calendars/edit/calendar_form/__snapshots__/calendar_form.test.js.snap @@ -34,37 +34,9 @@ exports[`CalendarForm Renders calendar form 1`] = ` value="" /> - - } - > - - - - } - name="switch" - /> @@ -128,14 +100,12 @@ exports[`CalendarForm Renders calendar form 1`] = ` } > ({ useCreateAndNavigateToMlLink: jest.fn(), })); +jest.mock('../../../../capabilities/check_capabilities', () => ({ + usePermissionCheck: () => [true, true], +})); + const testProps = { calendarId: '', canCreateCalendar: true, diff --git a/x-pack/plugins/ml/public/application/settings/calendars/edit/calendar_form/calendar_form.js b/x-pack/plugins/ml/public/application/settings/calendars/edit/calendar_form/calendar_form.tsx similarity index 54% rename from x-pack/plugins/ml/public/application/settings/calendars/edit/calendar_form/calendar_form.js rename to x-pack/plugins/ml/public/application/settings/calendars/edit/calendar_form/calendar_form.tsx index 103d11821437f..5d8e02b8056a1 100644 --- a/x-pack/plugins/ml/public/application/settings/calendars/edit/calendar_form/calendar_form.js +++ b/x-pack/plugins/ml/public/application/settings/calendars/edit/calendar_form/calendar_form.tsx @@ -5,9 +5,11 @@ * 2.0. */ -import React, { Fragment } from 'react'; -import { PropTypes } from 'prop-types'; +import type { FC } from 'react'; +import React, { useState, useCallback } from 'react'; +import type * as estypes from '@elastic/elasticsearch/lib/api/typesWithBodyKey'; +import type { EuiSwitchEvent, EuiComboBoxOptionOption } from '@elastic/eui'; import { EuiButton, EuiComboBox, @@ -21,17 +23,21 @@ import { EuiSwitch, } from '@elastic/eui'; -import { EventsTable } from '../events_table'; - import { i18n } from '@kbn/i18n'; import { FormattedMessage } from '@kbn/i18n-react'; +import { usePermissionCheck } from '../../../../capabilities/check_capabilities'; import { ML_PAGES } from '../../../../../../common/constants/locator'; import { useCreateAndNavigateToMlLink } from '../../../../contexts/kibana/use_create_url'; import { MlPageHeader } from '../../../../components/page_header'; +import { DstEventGenerator } from './dst_event_generator'; +import { EventsTable } from '../events_table'; -function EditHeader({ calendarId, description }) { +const EditHeader: FC<{ calendarId: string; description: string }> = ({ + calendarId, + description, +}) => { return ( - + <> ) : null} - + ); +}; + +interface Props { + calendarId: string; + description: string; + eventsList: estypes.MlCalendarEvent[]; + groupIdOptions: EuiComboBoxOptionOption[]; + isEdit: boolean; + isNewCalendarIdValid: boolean; + jobIdOptions: EuiComboBoxOptionOption[]; + onCalendarIdChange: (e: React.ChangeEvent) => void; + onCreate: () => void; + onCreateGroupOption: (searchValue: string, flattenedOptions: EuiComboBoxOptionOption[]) => void; + onDescriptionChange: (e: React.ChangeEvent) => void; + onEdit: () => void; + onEventDelete: (eventId: string) => void; + onGroupSelection: (selectedOptions: any) => void; + showImportModal: () => void; + onJobSelection: (selectedOptions: any) => void; + saving: boolean; + loading: boolean; + selectedGroupOptions: EuiComboBoxOptionOption[]; + selectedJobOptions: EuiComboBoxOptionOption[]; + showNewEventModal: () => void; + isGlobalCalendar: boolean; + onGlobalCalendarChange: (e: EuiSwitchEvent) => void; + addEvents: (events: estypes.MlCalendarEvent[]) => void; + clearEvents: () => void; + isDst: boolean; } -export const CalendarForm = ({ +export const CalendarForm: FC = ({ calendarId, - canCreateCalendar, - canDeleteCalendar, description, eventsList, - groupIds, + groupIdOptions, isEdit, isNewCalendarIdValid, - jobIds, + jobIdOptions, onCalendarIdChange, onCreate, onCreateGroupOption, @@ -79,7 +112,12 @@ export const CalendarForm = ({ showNewEventModal, isGlobalCalendar, onGlobalCalendarChange, + addEvents, + clearEvents, + isDst, }) => { + const [canCreateCalendar] = usePermissionCheck(['canCreateCalendar']); + const [timezone, setTimezone] = useState(undefined); const msg = i18n.translate('xpack.ml.calendarsEdit.calendarForm.allowedCharactersDescription', { defaultMessage: 'Use lowercase alphanumerics (a-z and 0-9), hyphens or underscores; ' + @@ -92,20 +130,38 @@ export const CalendarForm = ({ saving || !isNewCalendarIdValid || calendarId === '' || - loading === true; - const redirectToCalendarsManagementPage = useCreateAndNavigateToMlLink(ML_PAGES.CALENDARS_MANAGE); + loading === true || + (isDst && eventsList.length === 0); + const redirectToCalendarsManagementPage = useCreateAndNavigateToMlLink( + isDst ? ML_PAGES.CALENDARS_DST_MANAGE : ML_PAGES.CALENDARS_MANAGE + ); + + const addDstEvents = useCallback( + (events: estypes.MlCalendarEvent[]) => { + clearEvents(); + addEvents(events); + }, + [addEvents, clearEvents] + ); return ( {isEdit === true ? ( ) : ( - + <> - + {isDst ? ( + + ) : ( + + )} - + } + > + - } - > - - + + ) : null} - + )} - - } - checked={isGlobalCalendar} - onChange={onGlobalCalendarChange} - disabled={saving === true || canCreateCalendar === false || loading === true} - data-test-subj="mlCalendarApplyToAllJobsSwitch" - /> + {isDst === false ? ( + + } + checked={isGlobalCalendar} + onChange={onGlobalCalendarChange} + disabled={saving === true || canCreateCalendar === false || loading === true} + data-test-subj="mlCalendarApplyToAllJobsSwitch" + /> + ) : null} - {isGlobalCalendar === false && ( + {isGlobalCalendar === false ? ( <> @@ -175,7 +235,7 @@ export const CalendarForm = ({ } > - )} + ) : null} + isDst ? ( + + ) : ( + + ) } fullWidth > - + <> + {isDst ? ( + + ) : null} + + @@ -260,30 +336,3 @@ export const CalendarForm = ({ ); }; - -CalendarForm.propTypes = { - calendarId: PropTypes.string.isRequired, - canCreateCalendar: PropTypes.bool.isRequired, - canDeleteCalendar: PropTypes.bool.isRequired, - description: PropTypes.string, - groupIds: PropTypes.array.isRequired, - isEdit: PropTypes.bool.isRequired, - isNewCalendarIdValid: PropTypes.bool.isRequired, - jobIds: PropTypes.array.isRequired, - onCalendarIdChange: PropTypes.func.isRequired, - onCreate: PropTypes.func.isRequired, - onCreateGroupOption: PropTypes.func.isRequired, - onDescriptionChange: PropTypes.func.isRequired, - onEdit: PropTypes.func.isRequired, - onEventDelete: PropTypes.func.isRequired, - onGroupSelection: PropTypes.func.isRequired, - showImportModal: PropTypes.func.isRequired, - onJobSelection: PropTypes.func.isRequired, - saving: PropTypes.bool.isRequired, - loading: PropTypes.bool.isRequired, - selectedGroupOptions: PropTypes.array.isRequired, - selectedJobOptions: PropTypes.array.isRequired, - showNewEventModal: PropTypes.func.isRequired, - isGlobalCalendar: PropTypes.bool.isRequired, - onGlobalCalendarChange: PropTypes.func.isRequired, -}; diff --git a/x-pack/plugins/ml/public/application/settings/calendars/edit/calendar_form/dst_event_generator.tsx b/x-pack/plugins/ml/public/application/settings/calendars/edit/calendar_form/dst_event_generator.tsx new file mode 100644 index 0000000000000..914a22856c89a --- /dev/null +++ b/x-pack/plugins/ml/public/application/settings/calendars/edit/calendar_form/dst_event_generator.tsx @@ -0,0 +1,107 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type * as estypes from '@elastic/elasticsearch/lib/api/typesWithBodyKey'; +import type { EuiComboBoxOptionOption } from '@elastic/eui'; +import { + EuiCallOut, + EuiComboBox, + EuiFlexGroup, + EuiFlexItem, + EuiFormRow, + EuiSpacer, +} from '@elastic/eui'; +import type { FC } from 'react'; +import React, { useEffect, useMemo, useState } from 'react'; +import { FormattedMessage } from '@kbn/i18n-react'; +import { createDstEvents, generateTimeZones } from '../../dst_utils'; + +interface Props { + addEvents: (events: estypes.MlCalendarEvent[]) => void; + setTimezone: (timezone: string) => void; + isDisabled?: boolean; +} + +export const DstEventGenerator: FC = ({ addEvents, setTimezone, isDisabled }) => { + const [selectedTimeZones, setSelectedTimeZones] = useState< + Array> + >([]); + const [eventsCount, setEventsCount] = useState(null); + + useEffect(() => { + if (selectedTimeZones.length > 0) { + setTimezone(selectedTimeZones[0].value!); + const events = createDstEvents(selectedTimeZones[0].value!); + addEvents(events); + setEventsCount(events.length); + } else { + addEvents([]); + setEventsCount(null); + } + }, [addEvents, selectedTimeZones, setTimezone]); + + const timeZoneOptions = useMemo(() => { + return generateTimeZones().map((tz) => { + return { + label: tz, + value: tz, + }; + }); + }, []); + + return ( + <> + + } + > + + + + + + + + {eventsCount === 0 ? ( + <> + + + + } + > +
+ +
+ + + ) : null} + + ); +}; diff --git a/x-pack/plugins/ml/public/application/settings/calendars/edit/calendar_form/index.js b/x-pack/plugins/ml/public/application/settings/calendars/edit/calendar_form/index.ts similarity index 100% rename from x-pack/plugins/ml/public/application/settings/calendars/edit/calendar_form/index.js rename to x-pack/plugins/ml/public/application/settings/calendars/edit/calendar_form/index.ts diff --git a/x-pack/plugins/ml/public/application/settings/calendars/edit/events_table/__snapshots__/events_table.test.js.snap b/x-pack/plugins/ml/public/application/settings/calendars/edit/events_table/__snapshots__/events_table.test.js.snap index 5d890d38c88a5..cf5d3a492c7b2 100644 --- a/x-pack/plugins/ml/public/application/settings/calendars/edit/events_table/__snapshots__/events_table.test.js.snap +++ b/x-pack/plugins/ml/public/application/settings/calendars/edit/events_table/__snapshots__/events_table.test.js.snap @@ -17,13 +17,17 @@ exports[`EventsTable Renders events table with no search bar 1`] = ` }, Object { "field": "start_time", - "name": "Start", + "name": + Start + , "render": [Function], "sortable": true, }, Object { "field": "end_time", - "name": "End", + "name": + End + , "render": [Function], "sortable": true, }, @@ -62,7 +66,7 @@ exports[`EventsTable Renders events table with no search bar 1`] = ` Object { "sort": Object { "direction": "asc", - "field": "description", + "field": "start_time", }, } } @@ -88,13 +92,17 @@ exports[`EventsTable Renders events table with search bar 1`] = ` }, Object { "field": "start_time", - "name": "Start", + "name": + Start + , "render": [Function], "sortable": true, }, Object { "field": "end_time", - "name": "End", + "name": + End + , "render": [Function], "sortable": true, }, @@ -167,7 +175,7 @@ exports[`EventsTable Renders events table with search bar 1`] = ` Object { "sort": Object { "direction": "asc", - "field": "description", + "field": "start_time", }, } } diff --git a/x-pack/plugins/ml/public/application/settings/calendars/edit/events_table/events_table.test.js b/x-pack/plugins/ml/public/application/settings/calendars/edit/events_table/events_table.test.js index d45d93043e16b..25961e266c3bc 100644 --- a/x-pack/plugins/ml/public/application/settings/calendars/edit/events_table/events_table.test.js +++ b/x-pack/plugins/ml/public/application/settings/calendars/edit/events_table/events_table.test.js @@ -9,6 +9,10 @@ import { shallowWithIntl } from '@kbn/test-jest-helpers'; import React from 'react'; import { EventsTable } from './events_table'; +jest.mock('../../../../capabilities/check_capabilities', () => ({ + usePermissionCheck: () => [true, true], +})); + const testProps = { canCreateCalendar: true, eventsList: [ diff --git a/x-pack/plugins/ml/public/application/settings/calendars/edit/events_table/events_table.js b/x-pack/plugins/ml/public/application/settings/calendars/edit/events_table/events_table.tsx similarity index 51% rename from x-pack/plugins/ml/public/application/settings/calendars/edit/events_table/events_table.js rename to x-pack/plugins/ml/public/application/settings/calendars/edit/events_table/events_table.tsx index 7dc6ad4d1d2f7..5946b80a5507e 100644 --- a/x-pack/plugins/ml/public/application/settings/calendars/edit/events_table/events_table.js +++ b/x-pack/plugins/ml/public/application/settings/calendars/edit/events_table/events_table.tsx @@ -5,19 +5,25 @@ * 2.0. */ -import PropTypes from 'prop-types'; -import React, { Fragment } from 'react'; -import moment from 'moment'; +import type { FC } from 'react'; +import React, { useCallback } from 'react'; +import moment from 'moment-timezone'; +import type * as estypes from '@elastic/elasticsearch/lib/api/typesWithBodyKey'; -import { EuiButton, EuiButtonEmpty, EuiInMemoryTable, EuiSpacer } from '@elastic/eui'; +import { EuiButton, EuiButtonEmpty, EuiIconTip, EuiInMemoryTable, EuiSpacer } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; import { FormattedMessage } from '@kbn/i18n-react'; import { TIME_FORMAT } from '@kbn/ml-date-utils'; +import { usePermissionCheck } from '../../../../capabilities/check_capabilities'; -function DeleteButton({ onClick, testSubj, disabled }) { +const DeleteButton: FC<{ + onClick: () => void; + testSubj: string; + disabled: boolean; +}> = ({ onClick, testSubj, disabled }) => { return ( - + <> - + ); +}; + +interface Props { + eventsList: estypes.MlCalendarEvent[]; + onDeleteClick: (eventId: string) => void; + showImportModal: () => void; + showNewEventModal: () => void; + showSearchBar?: boolean; + loading?: boolean; + saving?: boolean; + timezone?: string; + isDst: boolean; } -export const EventsTable = ({ - canCreateCalendar, - canDeleteCalendar, +export const EventsTable: FC = ({ eventsList, onDeleteClick, showSearchBar, @@ -44,19 +60,32 @@ export const EventsTable = ({ showNewEventModal, loading, saving, + timezone, + isDst, }) => { - const sorting = { - sort: { - field: 'description', - direction: 'asc', - }, - }; + const [canCreateCalendar, canDeleteCalendar] = usePermissionCheck([ + 'canCreateCalendar', + 'canDeleteCalendar', + ]); const pagination = { initialPageSize: 5, pageSizeOptions: [5, 10], }; + const formatEventDate = useCallback( + (timeMs: number) => { + if (timezone === undefined) { + const time = moment(timeMs); + return time.format(TIME_FORMAT); + } + + const time = moment.tz(timeMs, timezone); + return time.toLocaleString(); + }, + [timezone] + ); + const columns = [ { field: 'description', @@ -69,35 +98,66 @@ export const EventsTable = ({ }, { field: 'start_time', - name: i18n.translate('xpack.ml.calendarsEdit.eventsTable.startColumnName', { - defaultMessage: 'Start', - }), + name: ( + + {i18n.translate('xpack.ml.calendarsEdit.eventsTable.startColumnName', { + defaultMessage: 'Start', + })} + {isDst ? ( + <> +   + + + ) : null} + + ), sortable: true, - render: (timeMs) => { - const time = moment(timeMs); - return time.format(TIME_FORMAT); - }, + render: formatEventDate, }, { field: 'end_time', - name: i18n.translate('xpack.ml.calendarsEdit.eventsTable.endColumnName', { - defaultMessage: 'End', - }), + name: ( + + {i18n.translate('xpack.ml.calendarsEdit.eventsTable.endColumnName', { + defaultMessage: 'End', + })} + {isDst ? ( + <> +   + + + ) : null} + + ), sortable: true, - render: (timeMs) => { - const time = moment(timeMs); - return time.format(TIME_FORMAT); - }, + render: formatEventDate, }, { field: '', name: '', - render: (event) => ( + render: (event: estypes.MlCalendarEvent) => ( { - onDeleteClick(event.event_id); + onDeleteClick(event.event_id!); }} /> ), @@ -140,38 +200,25 @@ export const EventsTable = ({ }; return ( - + <> - items={eventsList} itemId="event_id" columns={columns} pagination={pagination} - sorting={sorting} + sorting={{ + sort: { + field: 'start_time', + direction: 'asc', + }, + }} search={showSearchBar ? search : undefined} data-test-subj="mlCalendarEventsTable" rowProps={(item) => ({ 'data-test-subj': `mlCalendarEventListRow row-${item.description}`, })} /> - + ); }; - -EventsTable.propTypes = { - canCreateCalendar: PropTypes.bool, - canDeleteCalendar: PropTypes.bool, - eventsList: PropTypes.array.isRequired, - onDeleteClick: PropTypes.func.isRequired, - showImportModal: PropTypes.func, - showNewEventModal: PropTypes.func, - showSearchBar: PropTypes.bool, - loading: PropTypes.bool, - saving: PropTypes.bool, -}; - -EventsTable.defaultProps = { - showSearchBar: false, - canCreateCalendar: true, - canDeleteCalendar: true, -}; diff --git a/x-pack/plugins/ml/public/application/settings/calendars/edit/events_table/index.js b/x-pack/plugins/ml/public/application/settings/calendars/edit/events_table/index.ts similarity index 100% rename from x-pack/plugins/ml/public/application/settings/calendars/edit/events_table/index.js rename to x-pack/plugins/ml/public/application/settings/calendars/edit/events_table/index.ts diff --git a/x-pack/plugins/ml/public/application/settings/calendars/edit/import_modal/import_modal.test.js b/x-pack/plugins/ml/public/application/settings/calendars/edit/import_modal/import_modal.test.js index bcbbdec7b65c6..ceccb4f2ba11e 100644 --- a/x-pack/plugins/ml/public/application/settings/calendars/edit/import_modal/import_modal.test.js +++ b/x-pack/plugins/ml/public/application/settings/calendars/edit/import_modal/import_modal.test.js @@ -9,6 +9,10 @@ import { shallowWithIntl, mountWithIntl } from '@kbn/test-jest-helpers'; import React from 'react'; import { ImportModal } from './import_modal'; +jest.mock('../../../../capabilities/check_capabilities', () => ({ + usePermissionCheck: () => [true, true], +})); + const testProps = { addImportedEvents: jest.fn(), closeImportModal: jest.fn(), diff --git a/x-pack/plugins/ml/public/application/settings/calendars/edit/imported_events/__snapshots__/imported_events.test.js.snap b/x-pack/plugins/ml/public/application/settings/calendars/edit/imported_events/__snapshots__/imported_events.test.js.snap index 87740b17bafb4..cae4e2d7b9f70 100644 --- a/x-pack/plugins/ml/public/application/settings/calendars/edit/imported_events/__snapshots__/imported_events.test.js.snap +++ b/x-pack/plugins/ml/public/application/settings/calendars/edit/imported_events/__snapshots__/imported_events.test.js.snap @@ -24,8 +24,6 @@ exports[`ImportedEvents Renders imported events 1`] = ` grow={false} > ; diff --git a/x-pack/plugins/ml/public/application/settings/calendars/edit/new_calendar.js b/x-pack/plugins/ml/public/application/settings/calendars/edit/new_calendar.js index 51939aaba639a..8e1b09716c58f 100644 --- a/x-pack/plugins/ml/public/application/settings/calendars/edit/new_calendar.js +++ b/x-pack/plugins/ml/public/application/settings/calendars/edit/new_calendar.js @@ -25,8 +25,7 @@ import { HelpMenu } from '../../../components/help_menu'; class NewCalendarUI extends Component { static propTypes = { calendarId: PropTypes.string, - canCreateCalendar: PropTypes.bool.isRequired, - canDeleteCalendar: PropTypes.bool.isRequired, + isDst: PropTypes.bool.isRequired, }; constructor(props) { @@ -66,7 +65,12 @@ class NewCalendarUI extends Component { application: { navigateToUrl }, }, } = this.props.kibana; - await navigateToUrl(`${basePath.get()}/app/ml/${ML_PAGES.CALENDARS_MANAGE}`, true); + await navigateToUrl( + `${basePath.get()}/app/ml/${ + this.props.isDst ? ML_PAGES.CALENDARS_DST_MANAGE : ML_PAGES.CALENDARS_MANAGE + }`, + true + ); }; async formSetup() { @@ -219,6 +223,11 @@ class NewCalendarUI extends Component { description: event.description, start_time: event.start_time, end_time: event.end_time, + ...(event.skip_result !== undefined ? { skip_result: event.skip_result } : {}), + ...(event.skip_model_update !== undefined + ? { skip_model_update: event.skip_model_update } + : {}), + ...(event.force_time_shift !== undefined ? { force_time_shift: event.force_time_shift } : {}), })); // set up calendar @@ -308,6 +317,19 @@ class NewCalendarUI extends Component { })); }; + addEvents = (events) => { + this.setState((prevState) => ({ + events: [...prevState.events, ...events], + isNewEventModalVisible: false, + })); + }; + + clearEvents = () => { + this.setState(() => ({ + events: [], + })); + }; + addImportedEvents = (events) => { this.setState((prevState) => ({ events: [...prevState.events, ...events], @@ -354,16 +376,14 @@ class NewCalendarUI extends Component { {modal} diff --git a/x-pack/plugins/ml/public/application/settings/calendars/edit/new_calendar.test.js b/x-pack/plugins/ml/public/application/settings/calendars/edit/new_calendar.test.js index 018acd8e6a306..7f899bc28730f 100644 --- a/x-pack/plugins/ml/public/application/settings/calendars/edit/new_calendar.test.js +++ b/x-pack/plugins/ml/public/application/settings/calendars/edit/new_calendar.test.js @@ -31,6 +31,9 @@ jest.mock('../../../capabilities/get_capabilities', () => ({ jest.mock('../../../ml_nodes_check/check_ml_nodes', () => ({ mlNodesAvailable: () => true, })); +jest.mock('../../../capabilities/check_capabilities', () => ({ + usePermissionCheck: () => [true, true], +})); const calendarsMock = [ { @@ -115,16 +118,11 @@ jest.mock('@kbn/kibana-react-plugin/public', () => ({ import { NewCalendar } from './new_calendar'; -const props = { - canCreateCalendar: true, - canDeleteCalendar: true, -}; - describe('NewCalendar', () => { test('Renders new calendar form', () => { const { getByTestId } = render( - + ); @@ -134,7 +132,7 @@ describe('NewCalendar', () => { test('Import modal button is disabled', () => { const { getByTestId } = render( - + ); @@ -146,7 +144,7 @@ describe('NewCalendar', () => { test('New event modal button is disabled', async () => { const { getByTestId } = render( - + ); @@ -158,7 +156,7 @@ describe('NewCalendar', () => { test('isDuplicateId returns true if form calendar id already exists in calendars', async () => { const { getByTestId, queryByTestId, getByText } = render( - + ); @@ -187,20 +185,4 @@ describe('NewCalendar', () => { 'Cannot create calendar with id [this-is-a-new-calendar] as it already exists.' ); }); - - test('Save button is disabled if canCreateCalendar is false', () => { - const noCreateProps = { - ...props, - canCreateCalendar: false, - }; - - const { getByTestId } = render( - - - - ); - - const saveButton = getByTestId('mlSaveCalendarButton'); - expect(saveButton).toBeDisabled(); - }); }); diff --git a/x-pack/plugins/ml/public/application/settings/calendars/edit/utils.js b/x-pack/plugins/ml/public/application/settings/calendars/edit/utils.ts similarity index 83% rename from x-pack/plugins/ml/public/application/settings/calendars/edit/utils.js rename to x-pack/plugins/ml/public/application/settings/calendars/edit/utils.ts index b4c655b755b99..0b8735a296c9a 100644 --- a/x-pack/plugins/ml/public/application/settings/calendars/edit/utils.js +++ b/x-pack/plugins/ml/public/application/settings/calendars/edit/utils.ts @@ -5,13 +5,15 @@ * 2.0. */ -import { isJobIdValid } from '../../../../../common/util/job_utils'; import { i18n } from '@kbn/i18n'; -function getJobIds(mlApi) { +import { isJobIdValid } from '../../../../../common/util/job_utils'; +import type { MlApi } from '../../../services/ml_api_service'; + +function getJobIds(mlApi: MlApi) { return new Promise((resolve, reject) => { mlApi.jobs - .jobsSummary() + .jobsSummary([]) .then((resp) => { resolve(resp.map((job) => job.id)); }) @@ -23,13 +25,14 @@ function getJobIds(mlApi) { values: { err }, } ); + // eslint-disable-next-line no-console console.log(errorMessage); reject(errorMessage); }); }); } -function getGroupIds(mlApi) { +function getGroupIds(mlApi: MlApi) { return new Promise((resolve, reject) => { mlApi.jobs .groups() @@ -44,13 +47,14 @@ function getGroupIds(mlApi) { values: { err }, } ); + // eslint-disable-next-line no-console console.log(errorMessage); reject(errorMessage); }); }); } -function getCalendars(mlApi) { +function getCalendars(mlApi: MlApi) { return new Promise((resolve, reject) => { mlApi .calendars() @@ -65,13 +69,14 @@ function getCalendars(mlApi) { values: { err }, } ); + // eslint-disable-next-line no-console console.log(errorMessage); reject(errorMessage); }); }); } -export function getCalendarSettingsData(mlApi) { +export function getCalendarSettingsData(mlApi: MlApi) { return new Promise(async (resolve, reject) => { try { const [jobIds, groupIds, calendars] = await Promise.all([ @@ -86,13 +91,14 @@ export function getCalendarSettingsData(mlApi) { calendars, }); } catch (error) { + // eslint-disable-next-line no-console console.log(error); reject(error); } }); } -export function validateCalendarId(calendarId) { +export function validateCalendarId(calendarId: string) { let valid = true; if (calendarId === '' || calendarId === undefined) { diff --git a/x-pack/plugins/ml/public/application/settings/calendars/list/__snapshots__/header.test.js.snap b/x-pack/plugins/ml/public/application/settings/calendars/list/__snapshots__/header.test.js.snap index a4ee42609c834..de3e3fe60315d 100644 --- a/x-pack/plugins/ml/public/application/settings/calendars/list/__snapshots__/header.test.js.snap +++ b/x-pack/plugins/ml/public/application/settings/calendars/list/__snapshots__/header.test.js.snap @@ -82,7 +82,7 @@ exports[`CalendarListsHeader renders header 1`] = ` Object { "br":
, "learnMoreLink": ; diff --git a/x-pack/plugins/ml/public/application/settings/calendars/list/calendars_list.js b/x-pack/plugins/ml/public/application/settings/calendars/list/calendars_list.js index f49ed3bdac194..ed17534c3feaa 100644 --- a/x-pack/plugins/ml/public/application/settings/calendars/list/calendars_list.js +++ b/x-pack/plugins/ml/public/application/settings/calendars/list/calendars_list.js @@ -18,11 +18,13 @@ import { deleteCalendars } from './delete_calendars'; import { i18n } from '@kbn/i18n'; import { withKibana } from '@kbn/kibana-react-plugin/public'; import { HelpMenu } from '../../../components/help_menu'; +import { isDstCalendar } from '../dst_utils'; export class CalendarsListUI extends Component { static propTypes = { canCreateCalendar: PropTypes.bool.isRequired, canDeleteCalendar: PropTypes.bool.isRequired, + isDst: PropTypes.bool.isRequired, }; constructor(props) { @@ -42,7 +44,9 @@ export class CalendarsListUI extends Component { this.setState({ loading: true }); try { - const calendars = await mlApi.calendars(); + const calendars = (await mlApi.calendars()).filter( + (calendar) => isDstCalendar(calendar) === this.props.isDst + ); this.setState({ calendars, @@ -146,6 +150,7 @@ export class CalendarsListUI extends Component { 0} + isDst={this.props.isDst} /> {destroyModal} diff --git a/x-pack/plugins/ml/public/application/settings/calendars/list/calendars_list.test.js b/x-pack/plugins/ml/public/application/settings/calendars/list/calendars_list.test.js index c00b86cf8b231..df2a5e9d5cc33 100644 --- a/x-pack/plugins/ml/public/application/settings/calendars/list/calendars_list.test.js +++ b/x-pack/plugins/ml/public/application/settings/calendars/list/calendars_list.test.js @@ -43,6 +43,9 @@ jest.mock('../../../capabilities/get_capabilities', () => ({ jest.mock('../../../ml_nodes_check/check_ml_nodes', () => ({ mlNodesAvailable: () => true, })); +jest.mock('../../../capabilities/check_capabilities', () => ({ + usePermissionCheck: () => [true, true], +})); const mockCalendars = [ { @@ -114,6 +117,7 @@ jest.mock('@kbn/kibana-react-plugin/public', () => ({ const props = { canCreateCalendar: true, canDeleteCalendar: true, + isDst: false, }; describe('CalendarsList', () => { diff --git a/x-pack/plugins/ml/public/application/settings/calendars/list/header.js b/x-pack/plugins/ml/public/application/settings/calendars/list/header.js deleted file mode 100644 index 08f345b2de5a2..0000000000000 --- a/x-pack/plugins/ml/public/application/settings/calendars/list/header.js +++ /dev/null @@ -1,107 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -/* - * React component for the header section of the calendars list page. - */ - -import PropTypes from 'prop-types'; -import React from 'react'; -import { FormattedMessage } from '@kbn/i18n-react'; - -import { - EuiSpacer, - EuiFlexGroup, - EuiFlexItem, - EuiLink, - EuiText, - EuiTextColor, - EuiButtonEmpty, -} from '@elastic/eui'; - -import { withKibana } from '@kbn/kibana-react-plugin/public'; -import { MlPageHeader } from '../../../components/page_header'; - -function CalendarsListHeaderUI({ totalCount, refreshCalendars, kibana }) { - const docsUrl = kibana.services.docLinks.links.ml.calendars; - return ( - <> - - - - - - - - -

- -

- - - - - - - - - - - - - - - - -

- - , - learnMoreLink: ( - - - - ), - }} - /> - -

- - - - ); -} -CalendarsListHeaderUI.propTypes = { - totalCount: PropTypes.number.isRequired, - refreshCalendars: PropTypes.func.isRequired, -}; - -export const CalendarsListHeader = withKibana(CalendarsListHeaderUI); diff --git a/x-pack/plugins/ml/public/application/settings/calendars/list/header.test.js b/x-pack/plugins/ml/public/application/settings/calendars/list/header.test.js index ba4d49a31135c..e1c42d5068592 100644 --- a/x-pack/plugins/ml/public/application/settings/calendars/list/header.test.js +++ b/x-pack/plugins/ml/public/application/settings/calendars/list/header.test.js @@ -15,6 +15,16 @@ jest.mock('@kbn/kibana-react-plugin/public', () => ({ return comp; }, })); +jest.mock('../../../capabilities/check_capabilities', () => ({ + usePermissionCheck: () => [true, true], +})); +jest.mock('../../../contexts/kibana/kibana_context', () => ({ + useMlKibana: () => ({ + services: { + docLinks: { links: { ml: { calendars: jest.fn() } } }, + }, + }), +})); describe('CalendarListsHeader', () => { const refreshCalendars = jest.fn(() => {}); diff --git a/x-pack/plugins/ml/public/application/settings/calendars/list/header.tsx b/x-pack/plugins/ml/public/application/settings/calendars/list/header.tsx new file mode 100644 index 0000000000000..ace83a21dcf51 --- /dev/null +++ b/x-pack/plugins/ml/public/application/settings/calendars/list/header.tsx @@ -0,0 +1,137 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +/* + * React component for the header section of the calendars list page. + */ + +import type { FC } from 'react'; +import React from 'react'; +import { FormattedMessage } from '@kbn/i18n-react'; + +import { + EuiSpacer, + EuiFlexGroup, + EuiFlexItem, + EuiLink, + EuiText, + EuiTextColor, + EuiButtonEmpty, +} from '@elastic/eui'; + +import { MlPageHeader } from '../../../components/page_header'; +import { useMlKibana } from '../../../contexts/kibana/kibana_context'; + +interface Props { + isDst: boolean; + totalCount: number; + refreshCalendars: () => void; +} + +export const CalendarsListHeader: FC = ({ totalCount, refreshCalendars, isDst }) => { + const { + services: { + docLinks: { links }, + }, + } = useMlKibana(); + const docsUrl = links.ml.calendars; + return ( + <> + + {isDst ? ( + + ) : ( + + )} + + + + + + +

+ +

+ + + + + + + + + + + + + + + + +

+ + {isDst ? ( + , + learnMoreLink: ( + + + + ), + }} + /> + ) : ( + , + learnMoreLink: ( + + + + ), + }} + /> + )} + +

+ + + + ); +}; diff --git a/x-pack/plugins/ml/public/application/settings/calendars/list/table/table.js b/x-pack/plugins/ml/public/application/settings/calendars/list/table/table.js index e9240557d2a68..c8feff122c3ec 100644 --- a/x-pack/plugins/ml/public/application/settings/calendars/list/table/table.js +++ b/x-pack/plugins/ml/public/application/settings/calendars/list/table/table.js @@ -26,8 +26,11 @@ export const CalendarsListTable = ({ canDeleteCalendar, mlNodesAvailable, itemsSelected, + isDst, }) => { - const redirectToNewCalendarPage = useCreateAndNavigateToMlLink(ML_PAGES.CALENDARS_NEW); + const redirectToNewCalendarPage = useCreateAndNavigateToMlLink( + isDst ? ML_PAGES.CALENDARS_DST_NEW : ML_PAGES.CALENDARS_NEW + ); const sorting = { sort: { @@ -51,7 +54,10 @@ export const CalendarsListTable = ({ truncateText: true, scope: 'row', render: (id) => ( - + {id} ), diff --git a/x-pack/plugins/ml/public/locator/formatters/settings.tsx b/x-pack/plugins/ml/public/locator/formatters/settings.tsx index fd9b9dd3dba4c..e0e73e3b3b89c 100644 --- a/x-pack/plugins/ml/public/locator/formatters/settings.tsx +++ b/x-pack/plugins/ml/public/locator/formatters/settings.tsx @@ -27,6 +27,24 @@ export function formatEditCalendarUrl( return url; } +export function formatEditCalendarDstUrl( + appBasePath: string, + pageState: CalendarEditUrlState['pageState'] +): string { + let url = `${appBasePath}/${ML_PAGES.CALENDARS_DST_EDIT}`; + if (pageState) { + const { globalState, calendarId } = pageState; + if (calendarId !== undefined) { + url = `${url}/${calendarId}`; + } + if (globalState) { + url = setStateToKbnUrl('_g', globalState, { useHash: false, storeInHashQuery: false }, url); + } + } + + return url; +} + export function formatEditFilterUrl( appBasePath: string, pageState: FilterEditUrlState['pageState'] diff --git a/x-pack/plugins/ml/public/locator/ml_locator.ts b/x-pack/plugins/ml/public/locator/ml_locator.ts index d86fd10e7dc87..f2807687110f6 100644 --- a/x-pack/plugins/ml/public/locator/ml_locator.ts +++ b/x-pack/plugins/ml/public/locator/ml_locator.ts @@ -29,6 +29,7 @@ import { formatGenericMlUrl, formatEditCalendarUrl, formatEditFilterUrl, + formatEditCalendarDstUrl, } from './formatters'; import { formatTrainedModelsManagementUrl, @@ -114,7 +115,9 @@ export class MlLocatorDefinition implements LocatorDefinition { case ML_PAGES.FILTER_LISTS_MANAGE: case ML_PAGES.FILTER_LISTS_NEW: case ML_PAGES.CALENDARS_MANAGE: + case ML_PAGES.CALENDARS_DST_MANAGE: case ML_PAGES.CALENDARS_NEW: + case ML_PAGES.CALENDARS_DST_NEW: path = formatGenericMlUrl('', params.page, params.pageState); break; case ML_PAGES.FILTER_LISTS_EDIT: @@ -122,6 +125,8 @@ export class MlLocatorDefinition implements LocatorDefinition { break; case ML_PAGES.CALENDARS_EDIT: path = formatEditCalendarUrl('', params.pageState); + case ML_PAGES.CALENDARS_DST_EDIT: + path = formatEditCalendarDstUrl('', params.pageState); break; case ML_PAGES.NOTIFICATIONS: path = formatNotificationsUrl('', params.pageState); diff --git a/x-pack/plugins/ml/tsconfig.json b/x-pack/plugins/ml/tsconfig.json index b625562ab2674..4f1d63728ab33 100644 --- a/x-pack/plugins/ml/tsconfig.json +++ b/x-pack/plugins/ml/tsconfig.json @@ -131,6 +131,7 @@ "@kbn/json-schemas", "@kbn/ml-field-stats-flyout", "@kbn/ml-parse-interval", - "@kbn/ml-validators" + "@kbn/ml-validators", + "@kbn/aiops-common" ] } diff --git a/x-pack/plugins/observability_solution/apm/kibana.jsonc b/x-pack/plugins/observability_solution/apm/kibana.jsonc index 0e305bc449c0e..e12b22a43d60a 100644 --- a/x-pack/plugins/observability_solution/apm/kibana.jsonc +++ b/x-pack/plugins/observability_solution/apm/kibana.jsonc @@ -30,8 +30,7 @@ "lens", "maps", "uiActions", - "logsDataAccess", - "entityManager" + "logsDataAccess" ], "optionalPlugins": [ "actions", diff --git a/x-pack/plugins/observability_solution/apm/public/analytics/register_service_inventory_view_type_context.ts b/x-pack/plugins/observability_solution/apm/public/analytics/register_service_inventory_view_type_context.ts deleted file mode 100644 index c26a84bb07b6c..0000000000000 --- a/x-pack/plugins/observability_solution/apm/public/analytics/register_service_inventory_view_type_context.ts +++ /dev/null @@ -1,36 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { AnalyticsServiceSetup } from '@kbn/core/public'; -import { BehaviorSubject } from 'rxjs'; -import { ServiceInventoryView } from '../context/entity_manager_context/entity_manager_context'; - -export const SERVICE_INVENTORY_STORAGE_KEY = 'apm.service.inventory.view'; - -export let serviceInventoryViewType$: BehaviorSubject<{ serviceInventoryViewType: string }>; - -export function registerServiceInventoryViewTypeContext(analytics: AnalyticsServiceSetup) { - const serviceInventoryLocalStorageValue = window.localStorage.getItem( - SERVICE_INVENTORY_STORAGE_KEY - ); - serviceInventoryViewType$ = new BehaviorSubject({ - serviceInventoryViewType: - serviceInventoryLocalStorageValue === null - ? ServiceInventoryView.classic - : JSON.parse(serviceInventoryLocalStorageValue), - }); - analytics.registerContextProvider({ - name: 'serviceInventoryViewType', - context$: serviceInventoryViewType$, - schema: { - serviceInventoryViewType: { - type: 'keyword', - _meta: { description: 'The APM service inventory view type' }, - }, - }, - }); -} diff --git a/x-pack/plugins/observability_solution/apm/public/components/app/entities/entity_link/entity_link.test.tsx b/x-pack/plugins/observability_solution/apm/public/components/app/entities/entity_link/entity_link.test.tsx index 4054614838954..cdf6f23eb53d9 100644 --- a/x-pack/plugins/observability_solution/apm/public/components/app/entities/entity_link/entity_link.test.tsx +++ b/x-pack/plugins/observability_solution/apm/public/components/app/entities/entity_link/entity_link.test.tsx @@ -11,8 +11,6 @@ import { EntityLink } from '.'; import { MockApmPluginContextWrapper } from '../../../../context/apm_plugin/mock_apm_plugin_context'; import type { ServiceEntitySummary } from '../../../../context/apm_service/use_service_entity_summary_fetcher'; import * as useServiceEntitySummary from '../../../../context/apm_service/use_service_entity_summary_fetcher'; -import type { EntityManagerEnablementContextValue } from '../../../../context/entity_manager_context/entity_manager_context'; -import * as useEntityManagerEnablementContext from '../../../../context/entity_manager_context/use_entity_manager_enablement_context'; import * as useFetcher from '../../../../hooks/use_fetcher'; import { FETCH_STATUS } from '../../../../hooks/use_fetcher'; import { fromQuery } from '../../../shared/links/url_helpers'; @@ -20,6 +18,7 @@ import { APIReturnType } from '../../../../services/rest/create_call_apm_api'; import { Redirect } from 'react-router-dom'; import { ApmPluginContextValue } from '../../../../context/apm_plugin/apm_plugin_context'; import { ApmThemeProvider } from '../../../routing/app_root'; +import * as useEntityCentricExperienceSetting from '../../../../hooks/use_entity_centric_experience_setting'; jest.mock('react-router-dom', () => ({ ...jest.requireActual('react-router-dom'), // Keep other functionality intact @@ -29,12 +28,12 @@ jest.mock('react-router-dom', () => ({ export type HasApmData = APIReturnType<'GET /internal/apm/has_data'>; const renderEntityLink = ({ - entityManagerMockReturnValue, + isEntityCentricExperienceEnabled = true, serviceEntitySummaryMockReturnValue, hasApmDataFetcherMockReturnValue, query = {}, }: { - entityManagerMockReturnValue: Partial; + isEntityCentricExperienceEnabled?: boolean; serviceEntitySummaryMockReturnValue: ReturnType< typeof useServiceEntitySummary.useServiceEntitySummaryFetcher >; @@ -45,10 +44,8 @@ const renderEntityLink = ({ }; }) => { jest - .spyOn(useEntityManagerEnablementContext, 'useEntityManagerEnablementContext') - .mockReturnValue( - entityManagerMockReturnValue as unknown as EntityManagerEnablementContextValue - ); + .spyOn(useEntityCentricExperienceSetting, 'useEntityCentricExperienceSetting') + .mockReturnValue({ isEntityCentricExperienceEnabled }); jest .spyOn(useServiceEntitySummary, 'useServiceEntitySummaryFetcher') @@ -101,30 +98,9 @@ describe('Entity link', () => { jest.clearAllMocks(); }); - it('renders a loading spinner while fetching data', () => { - renderEntityLink({ - entityManagerMockReturnValue: { - isEntityCentricExperienceViewEnabled: undefined, - isEnablementPending: true, - }, - serviceEntitySummaryMockReturnValue: { - serviceEntitySummary: undefined, - serviceEntitySummaryStatus: FETCH_STATUS.LOADING, - }, - hasApmDataFetcherMockReturnValue: { - data: undefined, - status: FETCH_STATUS.LOADING, - }, - }); - expect(screen.queryByTestId('apmEntityLinkLoadingSpinner')).toBeInTheDocument(); - }); - it('renders EEM callout when EEM is enabled but service is not found on EEM indices', () => { renderEntityLink({ - entityManagerMockReturnValue: { - isEntityCentricExperienceViewEnabled: true, - isEnablementPending: false, - }, + isEntityCentricExperienceEnabled: true, serviceEntitySummaryMockReturnValue: { serviceEntitySummary: undefined, serviceEntitySummaryStatus: FETCH_STATUS.SUCCESS, @@ -141,10 +117,7 @@ describe('Entity link', () => { it('renders Service Overview page when EEM is disabled', () => { renderEntityLink({ - entityManagerMockReturnValue: { - isEntityCentricExperienceViewEnabled: false, - isEnablementPending: false, - }, + isEntityCentricExperienceEnabled: false, serviceEntitySummaryMockReturnValue: { serviceEntitySummary: undefined, serviceEntitySummaryStatus: FETCH_STATUS.SUCCESS, @@ -171,10 +144,7 @@ describe('Entity link', () => { it('renders Service Overview page when EEM is enabled but Service is not found on EEM but it has raw APM data', () => { renderEntityLink({ - entityManagerMockReturnValue: { - isEntityCentricExperienceViewEnabled: true, - isEnablementPending: false, - }, + isEntityCentricExperienceEnabled: true, serviceEntitySummaryMockReturnValue: { serviceEntitySummary: undefined, serviceEntitySummaryStatus: FETCH_STATUS.SUCCESS, @@ -201,10 +171,7 @@ describe('Entity link', () => { it('renders Service Overview page when EEM is enabled and Service is found on EEM', () => { renderEntityLink({ - entityManagerMockReturnValue: { - isEntityCentricExperienceViewEnabled: true, - isEnablementPending: false, - }, + isEntityCentricExperienceEnabled: true, serviceEntitySummaryMockReturnValue: { serviceEntitySummary: { dataStreamTypes: ['metrics'] } as unknown as ServiceEntitySummary, serviceEntitySummaryStatus: FETCH_STATUS.SUCCESS, @@ -231,10 +198,7 @@ describe('Entity link', () => { it('renders Service Overview page setting time range from data plugin', () => { renderEntityLink({ - entityManagerMockReturnValue: { - isEntityCentricExperienceViewEnabled: true, - isEnablementPending: false, - }, + isEntityCentricExperienceEnabled: true, serviceEntitySummaryMockReturnValue: { serviceEntitySummary: { dataStreamTypes: ['metrics'] } as unknown as ServiceEntitySummary, serviceEntitySummaryStatus: FETCH_STATUS.SUCCESS, diff --git a/x-pack/plugins/observability_solution/apm/public/components/app/entities/entity_link/index.tsx b/x-pack/plugins/observability_solution/apm/public/components/app/entities/entity_link/index.tsx index 5fdbcc9399258..2ea10868957b5 100644 --- a/x-pack/plugins/observability_solution/apm/public/components/app/entities/entity_link/index.tsx +++ b/x-pack/plugins/observability_solution/apm/public/components/app/entities/entity_link/index.tsx @@ -14,9 +14,9 @@ import React from 'react'; import { Redirect } from 'react-router-dom'; import { ENVIRONMENT_ALL_VALUE } from '../../../../../common/environment_filter_values'; import { useServiceEntitySummaryFetcher } from '../../../../context/apm_service/use_service_entity_summary_fetcher'; -import { useEntityManagerEnablementContext } from '../../../../context/entity_manager_context/use_entity_manager_enablement_context'; import { useApmParams } from '../../../../hooks/use_apm_params'; import { useApmRouter } from '../../../../hooks/use_apm_router'; +import { useEntityCentricExperienceSetting } from '../../../../hooks/use_entity_centric_experience_setting'; import { FETCH_STATUS, isPending, useFetcher } from '../../../../hooks/use_fetcher'; import { useTheme } from '../../../../hooks/use_theme'; import { ApmPluginStartDeps } from '../../../../plugin'; @@ -36,8 +36,7 @@ export function EntityLink() { path: { serviceName }, query: { rangeFrom = timeRange.from, rangeTo = timeRange.to }, } = useApmParams('/link-to/entity/{serviceName}'); - const { isEntityCentricExperienceViewEnabled, isEnablementPending } = - useEntityManagerEnablementContext(); + const { isEntityCentricExperienceEnabled } = useEntityCentricExperienceSetting(); const { serviceEntitySummary, serviceEntitySummaryStatus } = useServiceEntitySummaryFetcher({ serviceName, @@ -48,17 +47,13 @@ export function EntityLink() { return callApmApi('GET /internal/apm/has_data'); }, []); - if ( - isEnablementPending || - serviceEntitySummaryStatus === FETCH_STATUS.LOADING || - isPending(hasApmDataStatus) - ) { + if (serviceEntitySummaryStatus === FETCH_STATUS.LOADING || isPending(hasApmDataStatus)) { return ; } if ( // When EEM is enabled and the service is not found on the EEM indices and there's no APM data, display a callout guiding on the limitations of EEM - isEntityCentricExperienceViewEnabled === true && + isEntityCentricExperienceEnabled === true && (serviceEntitySummary?.dataStreamTypes === undefined || serviceEntitySummary.dataStreamTypes.length === 0) && hasApmData?.hasData !== true diff --git a/x-pack/plugins/observability_solution/apm/public/components/app/entities/logs/add_apm_callout.tsx b/x-pack/plugins/observability_solution/apm/public/components/app/entities/logs/add_apm_callout.tsx deleted file mode 100644 index 49856327dd703..0000000000000 --- a/x-pack/plugins/observability_solution/apm/public/components/app/entities/logs/add_apm_callout.tsx +++ /dev/null @@ -1,117 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ -import React from 'react'; -import { i18n } from '@kbn/i18n'; -import { - EuiFlexGroup, - EuiFlexItem, - EuiImage, - EuiPanel, - EuiSpacer, - EuiText, - EuiTitle, - EuiButtonEmpty, - useEuiTheme, - EuiButtonIcon, -} from '@elastic/eui'; -import { apmLight } from '@kbn/shared-svg'; -import { FormattedMessage } from '@kbn/i18n-react'; -import { useKibana } from '../../../../context/kibana_context/use_kibana'; -import { ApmPluginStartDeps, ApmServices } from '../../../../plugin'; -import { AddApmData } from '../../../shared/add_data_buttons/buttons'; - -interface Props { - onClose: () => void; -} - -export function AddAPMCallOut({ onClose }: Props) { - const { euiTheme } = useEuiTheme(); - const { services } = useKibana(); - - function handleClick() { - services.telemetry.reportEntityInventoryAddData({ - view: 'add_apm_cta', - }); - } - - return ( - - - - - - - - - -

- -

- - - - - -

- -

- - - - - - - - - - - - - - - -
- -
- - - - {i18n.translate('xpack.apm.addAPMCallOut.linkToElasticcoButtonEmptyLabel', { - defaultMessage: 'Learn more', - })} - - - - - ); -} diff --git a/x-pack/plugins/observability_solution/apm/public/components/app/service_groups/service_group_save/group_details.tsx b/x-pack/plugins/observability_solution/apm/public/components/app/service_groups/service_group_save/group_details.tsx index dccfc2be9da27..5e82ab290e07d 100644 --- a/x-pack/plugins/observability_solution/apm/public/components/app/service_groups/service_group_save/group_details.tsx +++ b/x-pack/plugins/observability_solution/apm/public/components/app/service_groups/service_group_save/group_details.tsx @@ -21,7 +21,7 @@ import { isValidHex, } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; -import React, { useEffect, useRef, useState } from 'react'; +import React, { useEffect, useState } from 'react'; import type { StagedServiceGroup } from './save_modal'; interface Props { @@ -31,6 +31,7 @@ interface Props { onClickNext: (serviceGroup: StagedServiceGroup) => void; onDeleteGroup: () => void; isLoading: boolean; + titleId?: string; } export function GroupDetails({ @@ -40,13 +41,16 @@ export function GroupDetails({ onClickNext, onDeleteGroup, isLoading, + titleId, }: Props) { - const [name, setName] = useState(serviceGroup?.groupName || ''); - const [color, setColor, colorPickerErrors] = useColorPickerState( - serviceGroup?.color || '#5094C4' - ); - + const initialColor = serviceGroup?.color || '#5094C4'; + const [name, setName] = useState(serviceGroup?.groupName); + const [color, setColor, colorPickerErrors] = useColorPickerState(initialColor); const [description, setDescription] = useState(serviceGroup?.description); + + const isNamePristine = name === serviceGroup?.groupName; + const isColorPristine = color === initialColor; + useEffect(() => { if (serviceGroup) { setName(serviceGroup.groupName); @@ -65,16 +69,10 @@ export function GroupDetails({ const isInvalidName = !name; const isInvalid = isInvalidName || isInvalidColor; - const inputRef = useRef(null); - - useEffect(() => { - inputRef.current?.focus(); // autofocus on initial render - }, []); - return ( <> - + {isEdit ? i18n.translate('xpack.apm.serviceGroups.groupDetailsForm.edit.title', { defaultMessage: 'Edit group', @@ -93,15 +91,25 @@ export function GroupDetails({ label={i18n.translate('xpack.apm.serviceGroups.groupDetailsForm.name', { defaultMessage: 'Name', })} - isInvalid={isInvalidName} + isInvalid={!isNamePristine && isInvalidName} + error={ + !isNamePristine && isInvalidName + ? i18n.translate( + 'xpack.apm.serviceGroups.groupDetailsForm.invalidNameError', + { + defaultMessage: 'Please provide a valid name value', + } + ) + : undefined + } > { setName(e.target.value); }} - inputRef={inputRef} + isInvalid={!isNamePristine && isInvalidName} /> @@ -110,9 +118,9 @@ export function GroupDetails({ label={i18n.translate('xpack.apm.serviceGroups.groupDetailsForm.color', { defaultMessage: 'Color', })} - isInvalid={isInvalidColor} + isInvalid={!isColorPristine && isInvalidColor} error={ - isInvalidColor + !isColorPristine && isInvalidColor ? i18n.translate( 'xpack.apm.serviceGroups.groupDetailsForm.invalidColorError', { @@ -122,7 +130,11 @@ export function GroupDetails({ : undefined } > - + @@ -144,7 +156,7 @@ export function GroupDetails({ { setDescription(e.target.value); }} @@ -164,6 +176,7 @@ export function GroupDetails({ onDeleteGroup(); }} color="danger" + isLoading={isLoading} isDisabled={isLoading} data-test-subj="apmDeleteGroupButton" > @@ -177,6 +190,7 @@ export function GroupDetails({ {i18n.translate('xpack.apm.serviceGroups.groupDetailsForm.cancel', { @@ -192,12 +206,13 @@ export function GroupDetails({ iconSide="right" onClick={() => { onClickNext({ - groupName: name, + groupName: name || '', color, description, kuery: serviceGroup?.kuery ?? '', }); }} + isLoading={isLoading} isDisabled={isInvalid || isLoading} > {i18n.translate('xpack.apm.serviceGroups.groupDetailsForm.selectServices', { diff --git a/x-pack/plugins/observability_solution/apm/public/components/app/service_groups/service_group_save/save_modal.tsx b/x-pack/plugins/observability_solution/apm/public/components/app/service_groups/service_group_save/save_modal.tsx index ee16952fddb79..9ecc00d8681ec 100644 --- a/x-pack/plugins/observability_solution/apm/public/components/app/service_groups/service_group_save/save_modal.tsx +++ b/x-pack/plugins/observability_solution/apm/public/components/app/service_groups/service_group_save/save_modal.tsx @@ -4,7 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ -import { EuiModal } from '@elastic/eui'; +import { EuiModal, useGeneratedHtmlId } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; import { useHistory } from 'react-router-dom'; import React, { useCallback, useEffect, useState } from 'react'; @@ -89,6 +89,8 @@ export function SaveGroupModal({ onClose, savedServiceGroup }: Props) { [savedServiceGroup?.id, notifications.toasts, onClose, isEdit, navigateToServiceGroups] ); + const modalTitleId = useGeneratedHtmlId(); + const onDelete = useCallback( async function () { setIsLoading(true); @@ -115,7 +117,7 @@ export function SaveGroupModal({ onClose, savedServiceGroup }: Props) { ); return ( - + {modalView === 'group_details' && ( )} {modalView === 'select_service' && stagedServiceGroup && ( @@ -139,6 +142,7 @@ export function SaveGroupModal({ onClose, savedServiceGroup }: Props) { setModalView('group_details'); }} isLoading={isLoading} + titleId={modalTitleId} /> )} diff --git a/x-pack/plugins/observability_solution/apm/public/components/app/service_groups/service_group_save/select_services.tsx b/x-pack/plugins/observability_solution/apm/public/components/app/service_groups/service_group_save/select_services.tsx index 5b7ce6607ca05..b6a901bac8d2f 100644 --- a/x-pack/plugins/observability_solution/apm/public/components/app/service_groups/service_group_save/select_services.tsx +++ b/x-pack/plugins/observability_solution/apm/public/components/app/service_groups/service_group_save/select_services.tsx @@ -54,6 +54,7 @@ interface Props { onSaveClick: (serviceGroup: StagedServiceGroup) => void; onEditGroupDetailsClick: () => void; isLoading: boolean; + titleId?: string; } export function SelectServices({ @@ -63,6 +64,7 @@ export function SelectServices({ onSaveClick, onEditGroupDetailsClick, isLoading, + titleId, }: Props) { const [kuery, setKuery] = useState(serviceGroup?.kuery || ''); const [stagedKuery, setStagedKuery] = useState(serviceGroup?.kuery || ''); @@ -117,7 +119,7 @@ export function SelectServices({
- + {i18n.translate('xpack.apm.serviceGroups.selectServicesForm.title', { defaultMessage: 'Select services', })} diff --git a/x-pack/plugins/observability_solution/apm/public/components/app/service_groups/service_groups_list/index.tsx b/x-pack/plugins/observability_solution/apm/public/components/app/service_groups/service_groups_list/index.tsx index 4381523417b25..27749d9c96b28 100644 --- a/x-pack/plugins/observability_solution/apm/public/components/app/service_groups/service_groups_list/index.tsx +++ b/x-pack/plugins/observability_solution/apm/public/components/app/service_groups/service_groups_list/index.tsx @@ -24,14 +24,14 @@ import { Sort } from './sort'; import { RefreshServiceGroupsSubscriber } from '../refresh_service_groups_subscriber'; import { ServiceGroupSaveButton } from '../service_group_save'; import { BetaBadge } from '../../../shared/beta_badge'; -import { useEntityManagerEnablementContext } from '../../../../context/entity_manager_context/use_entity_manager_enablement_context'; +import { useEntityCentricExperienceSetting } from '../../../../hooks/use_entity_centric_experience_setting'; export type ServiceGroupsSortType = 'recently_added' | 'alphabetical'; const GET_STARTED_URL = 'https://www.elastic.co/guide/en/apm/get-started/current/index.html'; export function ServiceGroupsList() { - const { isEntityCentricExperienceViewEnabled } = useEntityManagerEnablementContext(); + const { isEntityCentricExperienceEnabled } = useEntityCentricExperienceSetting(); const [filter, setFilter] = useState(''); @@ -137,7 +137,7 @@ export function ServiceGroupsList() { {i18n.translate('xpack.apm.serviceGroups.listDescription', { defaultMessage: 'Displayed service counts reflect the last 24 hours.', })} - {isEntityCentricExperienceViewEnabled && ( + {isEntityCentricExperienceEnabled && ( ; - -const INITIAL_PAGE_SIZE = 25; -const INITIAL_DATA: MainStatisticsApiResponse & { requestId: string } = { - requestId: '', - items: [], - serviceOverflowCount: 0, - maxCountExceeded: false, -}; - -function useServicesMainStatisticsFetcher(searchQuery: string | undefined) { - const { - query: { - rangeFrom, - rangeTo, - environment, - kuery, - serviceGroup, - page = 0, - pageSize = INITIAL_PAGE_SIZE, - sortDirection, - sortField, - }, - } = useApmParams('/services'); - - const { start, end } = useTimeRange({ rangeFrom, rangeTo }); - - const preferred = usePreferredDataSourceAndBucketSize({ - start, - end, - kuery, - type: ApmDocumentType.ServiceTransactionMetric, - numBuckets: 20, - }); - - const shouldUseDurationSummary = !!preferred?.source?.hasDurationSummaryField; - - const { data = INITIAL_DATA, status } = useProgressiveFetcher( - (callApmApi) => { - if (preferred) { - return callApmApi('GET /internal/apm/services', { - params: { - query: { - environment, - kuery, - start, - end, - serviceGroup, - useDurationSummary: shouldUseDurationSummary, - documentType: preferred.source.documentType, - rollupInterval: preferred.source.rollupInterval, - searchQuery, - }, - }, - }).then((mainStatisticsData) => { - return { - requestId: uuidv4(), - ...mainStatisticsData, - }; - }); - } - }, - // eslint-disable-next-line react-hooks/exhaustive-deps - [ - environment, - kuery, - start, - end, - serviceGroup, - preferred, - searchQuery, - // not used, but needed to update the requestId to call the details statistics API when table options are updated - page, - pageSize, - sortField, - sortDirection, - ] - ); - - return { mainStatisticsData: data, mainStatisticsStatus: status }; -} - -function useServicesDetailedStatisticsFetcher({ - mainStatisticsFetch, - renderedItems, -}: { - mainStatisticsFetch: ReturnType; - renderedItems: ServiceListItem[]; -}) { - const { - query: { rangeFrom, rangeTo, environment, kuery, offset, comparisonEnabled }, - } = useApmParams('/services'); - - const { start, end } = useTimeRange({ rangeFrom, rangeTo }); - - const dataSourceOptions = usePreferredDataSourceAndBucketSize({ - start, - end, - kuery, - type: ApmDocumentType.ServiceTransactionMetric, - numBuckets: 20, - }); - - const { mainStatisticsData, mainStatisticsStatus } = mainStatisticsFetch; - - const comparisonFetch = useProgressiveFetcher( - (callApmApi) => { - const serviceNames = renderedItems.map(({ serviceName }) => serviceName); - - if ( - start && - end && - serviceNames.length > 0 && - mainStatisticsStatus === FETCH_STATUS.SUCCESS && - dataSourceOptions - ) { - return callApmApi('POST /internal/apm/services/detailed_statistics', { - params: { - query: { - environment, - kuery, - start, - end, - offset: comparisonEnabled && isTimeComparison(offset) ? offset : undefined, - documentType: dataSourceOptions.source.documentType, - rollupInterval: dataSourceOptions.source.rollupInterval, - bucketSizeInSeconds: dataSourceOptions.bucketSizeInSeconds, - }, - body: { - // Service name is sorted to guarantee the same order every time this API is called so the result can be cached. - serviceNames: JSON.stringify(serviceNames.sort()), - }, - }, - }); - } - }, - // only fetches detailed statistics when requestId is invalidated by main statistics api call or offset is changed - // eslint-disable-next-line react-hooks/exhaustive-deps - [mainStatisticsData.requestId, renderedItems, offset, comparisonEnabled], - { preservePreviousData: false } - ); - - return { comparisonFetch }; -} - -export function ApmServiceInventory() { - const [debouncedSearchQuery, setDebouncedSearchQuery] = useStateDebounced(''); - const { onPageReady } = usePerformanceContext(); - const [renderedItems, setRenderedItems] = useState([]); - const mainStatisticsFetch = useServicesMainStatisticsFetcher(debouncedSearchQuery); - const { mainStatisticsData, mainStatisticsStatus } = mainStatisticsFetch; - - const displayHealthStatus = mainStatisticsData.items.some((item) => 'healthStatus' in item); - - const serviceOverflowCount = mainStatisticsData?.serviceOverflowCount ?? 0; - - const displayAlerts = mainStatisticsData.items.some( - (item) => ServiceInventoryFieldName.AlertsCount in item - ); - - const tiebreakerField = ServiceInventoryFieldName.Throughput; - - const initialSortField = displayHealthStatus - ? ServiceInventoryFieldName.HealthStatus - : tiebreakerField; - - const initialSortDirection = 'desc'; - - const { comparisonFetch } = useServicesDetailedStatisticsFetcher({ - mainStatisticsFetch, - renderedItems, - }); - - const { anomalyDetectionSetupState } = useAnomalyDetectionJobsContext(); - - const [userHasDismissedCallout, setUserHasDismissedCallout] = useLocalStorage( - `apm.userHasDismissedServiceInventoryMlCallout.${anomalyDetectionSetupState}`, - false - ); - - const displayMlCallout = - !userHasDismissedCallout && shouldDisplayMlCallout(anomalyDetectionSetupState); - - const noItemsMessage = useMemo(() => { - return ( - - {i18n.translate('xpack.apm.servicesTable.notFoundLabel', { - defaultMessage: 'No services found', - })} -
- } - titleSize="s" - /> - ); - }, []); - - const mlCallout = ( - - setUserHasDismissedCallout(true)} - /> - - ); - - const sortFn: SortFunction = useCallback( - (itemsToSort, sortField, sortDirection) => { - return orderServiceItems({ - items: itemsToSort, - primarySortField: sortField, - sortDirection, - tiebreakerField, - }); - }, - [tiebreakerField] - ); - - // TODO verify this with AI team - const setScreenContext = useApmPluginContext().observabilityAIAssistant?.service.setScreenContext; - - useEffect(() => { - if (!setScreenContext) { - return; - } - - if (isFailure(mainStatisticsStatus)) { - return setScreenContext({ - screenDescription: 'The services have failed to load', - }); - } - - if (isPending(mainStatisticsStatus)) { - return setScreenContext({ - screenDescription: 'The services are still loading', - }); - } - - return setScreenContext({ - data: [ - { - name: 'services', - description: 'The list of services that the user is looking at', - value: mainStatisticsData.items, - }, - ], - }); - }, [mainStatisticsStatus, mainStatisticsData.items, setScreenContext]); - - useEffect(() => { - if ( - mainStatisticsStatus === FETCH_STATUS.SUCCESS && - comparisonFetch.status === FETCH_STATUS.SUCCESS - ) { - onPageReady(); - } - }, [mainStatisticsStatus, comparisonFetch.status, onPageReady]); - - return ( - <> - - - {displayMlCallout && mlCallout} - - - - - - ); -} diff --git a/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/index.tsx b/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/index.tsx index 55f72d21f48d7..e3e9601c72978 100644 --- a/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/index.tsx +++ b/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/index.tsx @@ -4,9 +4,316 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ -import React from 'react'; -import { ApmServiceInventory } from './apm_signal_inventory'; + +import { EuiEmptyPrompt, EuiFlexGroup, EuiFlexItem } from '@elastic/eui'; +import { usePerformanceContext } from '@kbn/ebt-tools'; +import { i18n } from '@kbn/i18n'; +import React, { useCallback, useEffect, useMemo, useState } from 'react'; +import { v4 as uuidv4 } from 'uuid'; +import { ApmDocumentType } from '../../../../common/document_type'; +import { ServiceInventoryFieldName, ServiceListItem } from '../../../../common/service_inventory'; +import { useAnomalyDetectionJobsContext } from '../../../context/anomaly_detection_jobs/use_anomaly_detection_jobs_context'; +import { useApmPluginContext } from '../../../context/apm_plugin/use_apm_plugin_context'; +import { useApmParams } from '../../../hooks/use_apm_params'; +import { useStateDebounced } from '../../../hooks/use_debounce'; +import { FETCH_STATUS, isFailure, isPending } from '../../../hooks/use_fetcher'; +import { useLocalStorage } from '../../../hooks/use_local_storage'; +import { usePreferredDataSourceAndBucketSize } from '../../../hooks/use_preferred_data_source_and_bucket_size'; +import { useProgressiveFetcher } from '../../../hooks/use_progressive_fetcher'; +import { useTimeRange } from '../../../hooks/use_time_range'; +import { APIReturnType } from '../../../services/rest/create_call_apm_api'; +import { SortFunction } from '../../shared/managed_table'; +import { MLCallout, shouldDisplayMlCallout } from '../../shared/ml_callout'; +import { SearchBar } from '../../shared/search_bar/search_bar'; +import { isTimeComparison } from '../../shared/time_comparison/get_comparison_options'; +import { ApmServicesTable } from './service_list/apm_services_table'; +import { orderServiceItems } from './service_list/order_service_items'; + +type MainStatisticsApiResponse = APIReturnType<'GET /internal/apm/services'>; + +const INITIAL_PAGE_SIZE = 25; +const INITIAL_DATA: MainStatisticsApiResponse & { requestId: string } = { + requestId: '', + items: [], + serviceOverflowCount: 0, + maxCountExceeded: false, +}; + +function useServicesMainStatisticsFetcher(searchQuery: string | undefined) { + const { + query: { + rangeFrom, + rangeTo, + environment, + kuery, + serviceGroup, + page = 0, + pageSize = INITIAL_PAGE_SIZE, + sortDirection, + sortField, + }, + } = useApmParams('/services'); + + const { start, end } = useTimeRange({ rangeFrom, rangeTo }); + + const preferred = usePreferredDataSourceAndBucketSize({ + start, + end, + kuery, + type: ApmDocumentType.ServiceTransactionMetric, + numBuckets: 20, + }); + + const shouldUseDurationSummary = !!preferred?.source?.hasDurationSummaryField; + + const { data = INITIAL_DATA, status } = useProgressiveFetcher( + (callApmApi) => { + if (preferred) { + return callApmApi('GET /internal/apm/services', { + params: { + query: { + environment, + kuery, + start, + end, + serviceGroup, + useDurationSummary: shouldUseDurationSummary, + documentType: preferred.source.documentType, + rollupInterval: preferred.source.rollupInterval, + searchQuery, + }, + }, + }).then((mainStatisticsData) => { + return { + requestId: uuidv4(), + ...mainStatisticsData, + }; + }); + } + }, + // eslint-disable-next-line react-hooks/exhaustive-deps + [ + environment, + kuery, + start, + end, + serviceGroup, + preferred, + searchQuery, + // not used, but needed to update the requestId to call the details statistics API when table options are updated + page, + pageSize, + sortField, + sortDirection, + ] + ); + + return { mainStatisticsData: data, mainStatisticsStatus: status }; +} + +function useServicesDetailedStatisticsFetcher({ + mainStatisticsFetch, + renderedItems, +}: { + mainStatisticsFetch: ReturnType; + renderedItems: ServiceListItem[]; +}) { + const { + query: { rangeFrom, rangeTo, environment, kuery, offset, comparisonEnabled }, + } = useApmParams('/services'); + + const { start, end } = useTimeRange({ rangeFrom, rangeTo }); + + const dataSourceOptions = usePreferredDataSourceAndBucketSize({ + start, + end, + kuery, + type: ApmDocumentType.ServiceTransactionMetric, + numBuckets: 20, + }); + + const { mainStatisticsData, mainStatisticsStatus } = mainStatisticsFetch; + + const comparisonFetch = useProgressiveFetcher( + (callApmApi) => { + const serviceNames = renderedItems.map(({ serviceName }) => serviceName); + + if ( + start && + end && + serviceNames.length > 0 && + mainStatisticsStatus === FETCH_STATUS.SUCCESS && + dataSourceOptions + ) { + return callApmApi('POST /internal/apm/services/detailed_statistics', { + params: { + query: { + environment, + kuery, + start, + end, + offset: comparisonEnabled && isTimeComparison(offset) ? offset : undefined, + documentType: dataSourceOptions.source.documentType, + rollupInterval: dataSourceOptions.source.rollupInterval, + bucketSizeInSeconds: dataSourceOptions.bucketSizeInSeconds, + }, + body: { + // Service name is sorted to guarantee the same order every time this API is called so the result can be cached. + serviceNames: JSON.stringify(serviceNames.sort()), + }, + }, + }); + } + }, + // only fetches detailed statistics when requestId is invalidated by main statistics api call or offset is changed + // eslint-disable-next-line react-hooks/exhaustive-deps + [mainStatisticsData.requestId, renderedItems, offset, comparisonEnabled], + { preservePreviousData: false } + ); + + return { comparisonFetch }; +} export function ServiceInventory() { - return ; + const [debouncedSearchQuery, setDebouncedSearchQuery] = useStateDebounced(''); + const { onPageReady } = usePerformanceContext(); + const [renderedItems, setRenderedItems] = useState([]); + const mainStatisticsFetch = useServicesMainStatisticsFetcher(debouncedSearchQuery); + const { mainStatisticsData, mainStatisticsStatus } = mainStatisticsFetch; + + const displayHealthStatus = mainStatisticsData.items.some((item) => 'healthStatus' in item); + + const serviceOverflowCount = mainStatisticsData?.serviceOverflowCount ?? 0; + + const displayAlerts = mainStatisticsData.items.some( + (item) => ServiceInventoryFieldName.AlertsCount in item + ); + + const tiebreakerField = ServiceInventoryFieldName.Throughput; + + const initialSortField = displayHealthStatus + ? ServiceInventoryFieldName.HealthStatus + : tiebreakerField; + + const initialSortDirection = 'desc'; + + const { comparisonFetch } = useServicesDetailedStatisticsFetcher({ + mainStatisticsFetch, + renderedItems, + }); + + const { anomalyDetectionSetupState } = useAnomalyDetectionJobsContext(); + + const [userHasDismissedCallout, setUserHasDismissedCallout] = useLocalStorage( + `apm.userHasDismissedServiceInventoryMlCallout.${anomalyDetectionSetupState}`, + false + ); + + const displayMlCallout = + !userHasDismissedCallout && shouldDisplayMlCallout(anomalyDetectionSetupState); + + const noItemsMessage = useMemo(() => { + return ( + + {i18n.translate('xpack.apm.servicesTable.notFoundLabel', { + defaultMessage: 'No services found', + })} + + } + titleSize="s" + /> + ); + }, []); + + const mlCallout = ( + + setUserHasDismissedCallout(true)} + /> + + ); + + const sortFn: SortFunction = useCallback( + (itemsToSort, sortField, sortDirection) => { + return orderServiceItems({ + items: itemsToSort, + primarySortField: sortField, + sortDirection, + tiebreakerField, + }); + }, + [tiebreakerField] + ); + + // TODO verify this with AI team + const setScreenContext = useApmPluginContext().observabilityAIAssistant?.service.setScreenContext; + + useEffect(() => { + if (!setScreenContext) { + return; + } + + if (isFailure(mainStatisticsStatus)) { + return setScreenContext({ + screenDescription: 'The services have failed to load', + }); + } + + if (isPending(mainStatisticsStatus)) { + return setScreenContext({ + screenDescription: 'The services are still loading', + }); + } + + return setScreenContext({ + data: [ + { + name: 'services', + description: 'The list of services that the user is looking at', + value: mainStatisticsData.items, + }, + ], + }); + }, [mainStatisticsStatus, mainStatisticsData.items, setScreenContext]); + + useEffect(() => { + if ( + mainStatisticsStatus === FETCH_STATUS.SUCCESS && + comparisonFetch.status === FETCH_STATUS.SUCCESS + ) { + onPageReady(); + } + }, [mainStatisticsStatus, comparisonFetch.status, onPageReady]); + + return ( + <> + + + {displayMlCallout && mlCallout} + + + + + + ); } diff --git a/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/multi_signal_inventory/index.tsx b/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/multi_signal_inventory/index.tsx deleted file mode 100644 index e915ce01e24f6..0000000000000 --- a/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/multi_signal_inventory/index.tsx +++ /dev/null @@ -1,218 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ -import { EuiFlexItem, EuiFlexGroup } from '@elastic/eui'; -import { i18n } from '@kbn/i18n'; -import React, { useEffect } from 'react'; -import { v4 as uuidv4 } from 'uuid'; -import { APIReturnType } from '../../../../services/rest/create_call_apm_api'; -import { useApmParams } from '../../../../hooks/use_apm_params'; -import { FETCH_STATUS, useFetcher } from '../../../../hooks/use_fetcher'; -import { useTimeRange } from '../../../../hooks/use_time_range'; -import { EmptyMessage } from '../../../shared/empty_message'; -import { SearchBar } from '../../../shared/search_bar/search_bar'; -import { - getItemsFilteredBySearchQuery, - TableSearchBar, -} from '../../../shared/table_search_bar/table_search_bar'; -import { - MultiSignalServicesTable, - ServiceInventoryFieldName, -} from './table/multi_signal_services_table'; -import { ServiceListItem } from '../../../../../common/service_inventory'; -import { NoEntitiesEmptyState } from './table/no_entities_empty_state'; -import { Welcome } from '../../../shared/entity_enablement/welcome_modal'; -import { useKibana } from '../../../../context/kibana_context/use_kibana'; -import { ApmPluginStartDeps, ApmServices } from '../../../../plugin'; -import { useEntityManagerEnablementContext } from '../../../../context/entity_manager_context/use_entity_manager_enablement_context'; - -type MainStatisticsApiResponse = APIReturnType<'GET /internal/apm/entities/services'>; - -const INITIAL_PAGE_SIZE = 25; -const INITIAL_SORT_DIRECTION = 'desc'; - -type MainStatisticsApiResponseWithRequestId = MainStatisticsApiResponse & { requestId: string }; - -const INITIAL_DATA: MainStatisticsApiResponseWithRequestId = { - services: [], - requestId: '', -}; - -function useServicesEntitiesMainStatisticsFetcher() { - const { - query: { - rangeFrom, - rangeTo, - environment, - kuery, - page = 0, - pageSize = INITIAL_PAGE_SIZE, - sortDirection, - sortField, - }, - } = useApmParams('/services'); - - const { start, end } = useTimeRange({ rangeFrom, rangeTo }); - - const { data = INITIAL_DATA, status } = useFetcher( - (callApmApi) => { - return callApmApi('GET /internal/apm/entities/services', { - params: { - query: { - environment, - kuery, - start, - end, - }, - }, - }).then((mainStatisticsData) => { - return { - requestId: uuidv4(), - ...mainStatisticsData, - }; - }); - }, - // eslint-disable-next-line react-hooks/exhaustive-deps - [environment, kuery, start, end, page, pageSize, sortField, sortDirection] - ); - - return { mainStatisticsData: data, mainStatisticsStatus: status }; -} - -function useServicesEntitiesDetailedStatisticsFetcher({ - mainStatisticsData, - mainStatisticsStatus, - services, -}: { - mainStatisticsData: MainStatisticsApiResponseWithRequestId; - mainStatisticsStatus: FETCH_STATUS; - services: ServiceListItem[]; -}) { - const { - query: { rangeFrom, rangeTo, environment, kuery }, - } = useApmParams('/services'); - - const { start, end } = useTimeRange({ rangeFrom, rangeTo }); - - const timeseriesDataFetch = useFetcher( - (callApmApi) => { - const serviceNames = services.map(({ serviceName }) => serviceName); - - if ( - start && - end && - serviceNames.length > 0 && - mainStatisticsStatus === FETCH_STATUS.SUCCESS - ) { - return callApmApi('POST /internal/apm/entities/services/detailed_statistics', { - params: { - query: { - environment, - kuery, - start, - end, - }, - body: { - // Service name is sorted to guarantee the same order every time this API is called so the result can be cached. - serviceNames: JSON.stringify(serviceNames.sort()), - }, - }, - }); - } - }, - // only fetches detailed statistics when requestId is invalidated by main statistics api call or offset is changed - // eslint-disable-next-line react-hooks/exhaustive-deps - [mainStatisticsData.requestId, services], - { preservePreviousData: false } - ); - - return { timeseriesDataFetch }; -} - -export function MultiSignalInventory() { - const [searchQuery, setSearchQuery] = React.useState(''); - const { services } = useKibana(); - const { mainStatisticsData, mainStatisticsStatus } = useServicesEntitiesMainStatisticsFetcher(); - const { tourState, updateTourState } = useEntityManagerEnablementContext(); - - const initialSortField = ServiceInventoryFieldName.Throughput; - - const filteredData = getItemsFilteredBySearchQuery({ - items: mainStatisticsData.services, - searchQuery, - fieldsToSearch: [ServiceInventoryFieldName.ServiceName], - }); - - const { timeseriesDataFetch } = useServicesEntitiesDetailedStatisticsFetcher({ - mainStatisticsData, - mainStatisticsStatus, - services: mainStatisticsData.services, - }); - - const { data, status } = useFetcher((callApmApi) => { - return callApmApi('GET /internal/apm/has_entities'); - }, []); - - useEffect(() => { - if (data?.hasData) { - services.telemetry.reportEntityInventoryPageState({ state: 'available' }); - } - }, [services.telemetry, data?.hasData]); - - function handleModalClose() { - updateTourState({ isModalVisible: false, isTourActive: true }); - } - - return ( - <> - {!data?.hasData && status === FETCH_STATUS.SUCCESS ? ( - - ) : ( - <> - - - - - - - - - - - - } - /> - - - - )} - - - ); -} diff --git a/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/multi_signal_inventory/table/column_header.tsx b/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/multi_signal_inventory/table/column_header.tsx deleted file mode 100644 index 9dcdaf1da2598..0000000000000 --- a/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/multi_signal_inventory/table/column_header.tsx +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ -import React, { ReactElement } from 'react'; -import { EuiFlexGroup } from '@elastic/eui'; -import { css } from '@emotion/react'; -import { TooltipContent } from './tooltip_content'; -import { Popover } from './popover'; - -interface Props { - label: string; - toolTip?: ReactElement | string; - formula?: string; -} - -export const ColumnHeader = React.memo(({ label, toolTip, formula }: Props) => ( - -
- {label} -
- - {toolTip && ( - - - - )} - -)); diff --git a/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/multi_signal_inventory/table/get_service_columns.tsx b/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/multi_signal_inventory/table/get_service_columns.tsx deleted file mode 100644 index ec6385b37dee3..0000000000000 --- a/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/multi_signal_inventory/table/get_service_columns.tsx +++ /dev/null @@ -1,268 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { EuiFlexGroup, EuiFlexItem, RIGHT_ALIGNMENT } from '@elastic/eui'; -import { i18n } from '@kbn/i18n'; -import { TypeOf } from '@kbn/typed-react-router-config'; -import React from 'react'; -import { FormattedMessage } from '@kbn/i18n-react'; -import { css } from '@emotion/react'; -import { - asDecimalOrInteger, - asMillisecondDuration, - asPercent, - asTransactionRate, -} from '../../../../../../common/utils/formatters'; -import { Breakpoints } from '../../../../../hooks/use_breakpoints'; -import { unit } from '../../../../../utils/style'; -import { ApmRoutes } from '../../../../routing/apm_route_config'; -import { - getTimeSeriesColor, - ChartType, -} from '../../../../shared/charts/helper/get_timeseries_color'; -import { - getMetricsFormula, - ChartMetricType, -} from '../../../../shared/charts/helper/get_metrics_formulas'; -import { EnvironmentBadge } from '../../../../shared/environment_badge'; -import { ServiceLink } from '../../../../shared/links/apm/service_link'; -import { ListMetric } from '../../../../shared/list_metric'; -import { ITableColumn } from '../../../../shared/managed_table'; -import { NotAvailableApmMetrics } from '../../../../shared/not_available_popover/not_available_apm_metrics'; -import { TruncateWithTooltip } from '../../../../shared/truncate_with_tooltip'; -import { ServiceInventoryFieldName } from './multi_signal_services_table'; -import { EntityDataStreamType } from '../../../../../../common/entities/types'; -import { isApmSignal } from '../../../../../utils/get_signal_type'; -import { ColumnHeader } from './column_header'; -import { APIReturnType } from '../../../../../services/rest/create_call_apm_api'; - -type ServicesDetailedStatisticsAPIResponse = - APIReturnType<'POST /internal/apm/entities/services/detailed_statistics'>; - -type EntityServiceListItem = APIReturnType<'GET /internal/apm/entities/services'>['services'][0]; - -export function getServiceColumns({ - query, - breakpoints, - timeseriesDataLoading, - timeseriesData, -}: { - query: TypeOf['query']; - breakpoints: Breakpoints; - timeseriesDataLoading: boolean; - timeseriesData?: ServicesDetailedStatisticsAPIResponse; -}): Array> { - const { isSmall, isLarge } = breakpoints; - const showWhenSmallOrGreaterThanLarge = isSmall || !isLarge; - return [ - { - field: ServiceInventoryFieldName.ServiceName, - name: i18n.translate('xpack.apm.multiSignal.servicesTable.nameColumnLabel', { - defaultMessage: 'Name', - }), - sortable: true, - render: (_, { serviceName, agentName, dataStreamTypes }) => ( - - - - - - } - /> - ), - }, - { - field: ServiceInventoryFieldName.Environments, - name: i18n.translate('xpack.apm.multiSignal.servicesTable.environmentColumnLabel', { - defaultMessage: 'Environment', - }), - sortable: true, - width: `${unit * 9}px`, - dataType: 'number', - render: (_, { environments, dataStreamTypes }) => ( - - ), - align: RIGHT_ALIGNMENT, - }, - { - field: ServiceInventoryFieldName.Latency, - name: i18n.translate('xpack.apm.multiSignal.servicesTable.latencyAvgColumnLabel', { - defaultMessage: 'Latency (avg.)', - }), - sortable: true, - dataType: 'number', - align: RIGHT_ALIGNMENT, - render: (_, { metrics, serviceName, dataStreamTypes }) => { - const { currentPeriodColor } = getTimeSeriesColor(ChartType.LATENCY_AVG); - - return !isApmSignal(dataStreamTypes) ? ( - - ) : ( - - ); - }, - }, - { - field: ServiceInventoryFieldName.Throughput, - name: i18n.translate('xpack.apm.multiSignal.servicesTable.throughputColumnLabel', { - defaultMessage: 'Throughput', - }), - sortable: true, - dataType: 'number', - align: RIGHT_ALIGNMENT, - render: (_, { metrics, serviceName, dataStreamTypes }) => { - const { currentPeriodColor } = getTimeSeriesColor(ChartType.THROUGHPUT); - - return !isApmSignal(dataStreamTypes) ? ( - - ) : ( - - ); - }, - }, - { - field: ServiceInventoryFieldName.FailedTransactionRate, - name: i18n.translate('xpack.apm.multiSignal.servicesTable.transactionErrorRate', { - defaultMessage: 'Failed transaction rate', - }), - sortable: true, - dataType: 'number', - align: RIGHT_ALIGNMENT, - render: (_, { metrics, serviceName, dataStreamTypes }) => { - const { currentPeriodColor } = getTimeSeriesColor(ChartType.FAILED_TRANSACTION_RATE); - - return !isApmSignal(dataStreamTypes) ? ( - - ) : ( - - ); - }, - }, - { - field: ServiceInventoryFieldName.logRate, - name: ( - - {i18n.translate( - 'xpack.apm.multiSignal.servicesTable.logRate.tooltip.serviceNameLabel', - { - defaultMessage: 'service.name', - } - )} - - ), - }} - /> - } - /> - ), - sortable: true, - dataType: 'number', - align: RIGHT_ALIGNMENT, - render: (_, { metrics, serviceName, dataStreamTypes, hasLogMetrics }) => { - const { currentPeriodColor } = getTimeSeriesColor(ChartType.LOG_RATE); - return ( - - ); - }, - }, - { - field: ServiceInventoryFieldName.LogErrorRate, - name: ( - - {i18n.translate( - 'xpack.apm.multiSignal.servicesTable.logErrorRate.tooltip.serviceNameLabel', - { - defaultMessage: 'service.name', - } - )} - - ), - }} - /> - } - /> - ), - sortable: true, - dataType: 'number', - align: RIGHT_ALIGNMENT, - render: (_, { metrics, serviceName, dataStreamTypes, hasLogMetrics }) => { - const { currentPeriodColor } = getTimeSeriesColor(ChartType.LOG_ERROR_RATE); - - return ( - - ); - }, - }, - ]; -} diff --git a/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/multi_signal_inventory/table/multi_signal_services_table.tsx b/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/multi_signal_inventory/table/multi_signal_services_table.tsx deleted file mode 100644 index eede4b2ef346c..0000000000000 --- a/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/multi_signal_inventory/table/multi_signal_services_table.tsx +++ /dev/null @@ -1,82 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { EuiFlexGroup, EuiFlexItem } from '@elastic/eui'; -import { omit } from 'lodash'; -import React, { useMemo } from 'react'; -import { useApmParams } from '../../../../../hooks/use_apm_params'; -import { useBreakpoints } from '../../../../../hooks/use_breakpoints'; -import { FETCH_STATUS, isFailure, isPending } from '../../../../../hooks/use_fetcher'; -import { APIReturnType } from '../../../../../services/rest/create_call_apm_api'; -import { ManagedTable } from '../../../../shared/managed_table'; -import { getServiceColumns } from './get_service_columns'; - -type MainStatisticsApiResponse = APIReturnType<'GET /internal/apm/entities/services'>; -type ServicesDetailedStatisticsAPIResponse = - APIReturnType<'POST /internal/apm/entities/services/detailed_statistics'>; - -export enum ServiceInventoryFieldName { - ServiceName = 'serviceName', - Environments = 'environments', - Throughput = 'metrics.throughput', - Latency = 'metrics.latency', - FailedTransactionRate = 'metrics.failedTransactionRate', - logRate = 'metrics.logRate', - LogErrorRate = 'metrics.logErrorRate', -} - -interface Props { - status: FETCH_STATUS; - initialSortField: ServiceInventoryFieldName; - initialPageSize: number; - initialSortDirection: 'asc' | 'desc'; - noItemsMessage: React.ReactNode; - data: MainStatisticsApiResponse['services']; - timeseriesDataLoading: boolean; - timeseriesData?: ServicesDetailedStatisticsAPIResponse; -} - -export function MultiSignalServicesTable({ - status, - data, - initialSortField, - initialPageSize, - initialSortDirection, - noItemsMessage, - timeseriesDataLoading, - timeseriesData, -}: Props) { - const breakpoints = useBreakpoints(); - const { query } = useApmParams('/services'); - - const serviceColumns = useMemo(() => { - return getServiceColumns({ - // removes pagination and sort instructions from the query so it won't be passed down to next route - query: omit(query, 'page', 'pageSize', 'sortDirection', 'sortField'), - breakpoints, - timeseriesDataLoading, - timeseriesData, - }); - }, [query, breakpoints, timeseriesDataLoading, timeseriesData]); - - return ( - - - - - - ); -} diff --git a/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/multi_signal_inventory/table/no_entities_empty_state.tsx b/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/multi_signal_inventory/table/no_entities_empty_state.tsx deleted file mode 100644 index 45e8b2ab8a0c9..0000000000000 --- a/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/multi_signal_inventory/table/no_entities_empty_state.tsx +++ /dev/null @@ -1,144 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { - EuiCallOut, - EuiEmptyPrompt, - EuiFlexGroup, - EuiFlexItem, - EuiHorizontalRule, - EuiImage, - EuiLink, - EuiText, - EuiTextColor, -} from '@elastic/eui'; -import { i18n } from '@kbn/i18n'; -import React from 'react'; -import { dashboardsLight } from '@kbn/shared-svg'; -import useEffectOnce from 'react-use/lib/useEffectOnce'; -import { useKibana } from '../../../../../context/kibana_context/use_kibana'; -import { useLocalStorage } from '../../../../../hooks/use_local_storage'; -import { ApmPluginStartDeps, ApmServices } from '../../../../../plugin'; -import { EntityInventoryAddDataParams } from '../../../../../services/telemetry'; -import { - AddApmData, - AssociateServiceLogs, - CollectServiceLogs, -} from '../../../../shared/add_data_buttons/buttons'; -import { useBreakpoints } from '../../../../../hooks/use_breakpoints'; - -export function NoEntitiesEmptyState() { - const { isLarge } = useBreakpoints(); - const { services } = useKibana(); - const [userHasDismissedCallout, setUserHasDismissedCallout] = useLocalStorage( - 'apm.uiNewExperienceCallout', - false - ); - - useEffectOnce(() => { - services.telemetry.reportEntityInventoryPageState({ state: 'empty_state' }); - }); - - function reportButtonClick(journey: EntityInventoryAddDataParams['journey']) { - services.telemetry.reportEntityInventoryAddData({ - view: 'empty_state', - journey, - }); - } - - return ( - - {!userHasDismissedCallout && ( - - setUserHasDismissedCallout(true)} - title={i18n.translate('xpack.apm.noEntitiesEmptyState.callout.title', { - defaultMessage: 'Trying for the first time?', - })} - > -

- {i18n.translate('xpack.apm.noEntitiesEmptyState.description', { - defaultMessage: - 'It can take up to a couple of minutes for your services to show. Try refreshing the page in a minute.', - })} -

- - {i18n.translate('xpack.apm.noEntitiesEmptyState.learnMore.link', { - defaultMessage: 'Learn more', - })} - - - - )} - - } - title={ -

- {i18n.translate('xpack.apm.noEntitiesEmptyState.title', { - defaultMessage: 'No services available.', - })} -

- } - layout={isLarge ? 'vertical' : 'horizontal'} - color="plain" - body={ - <> -

- {i18n.translate('xpack.apm.noEntitiesEmptyState.body.description', { - defaultMessage: - 'The services inventory provides an overview of the health and general performance of your services. To add data to this page, instrument your services using the APM agent or detect services from your logs.', - })} -

- - -
- - {i18n.translate('xpack.apm.noEntitiesEmptyState.actions.title', { - defaultMessage: 'Start observing your services:', - })} - -
- - - } - actions={ - - - { - reportButtonClick('add_apm_agent'); - }} - /> - { - reportButtonClick('collect_new_service_logs'); - }} - /> - { - reportButtonClick('associate_existing_service_logs'); - }} - /> - - - } - /> - - - ); -} diff --git a/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/apm_signal_inventory/service_inventory.stories.tsx b/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/service_inventory.stories.tsx similarity index 74% rename from x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/apm_signal_inventory/service_inventory.stories.tsx rename to x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/service_inventory.stories.tsx index 17848c98af8f6..41b69daf1cdf4 100644 --- a/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/apm_signal_inventory/service_inventory.stories.tsx +++ b/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/service_inventory.stories.tsx @@ -8,16 +8,16 @@ import { CoreStart } from '@kbn/core/public'; import { Meta, Story } from '@storybook/react'; import React from 'react'; -import { ApmServiceInventory } from '.'; -import { AnomalyDetectionSetupState } from '../../../../../common/anomaly_detection/get_anomaly_detection_setup_state'; -import { AnomalyDetectionJobsContext } from '../../../../context/anomaly_detection_jobs/anomaly_detection_jobs_context'; -import { ApmPluginContextValue } from '../../../../context/apm_plugin/apm_plugin_context'; -import { MockApmPluginStorybook } from '../../../../context/apm_plugin/mock_apm_plugin_storybook'; -import { FETCH_STATUS } from '../../../../hooks/use_fetcher'; +import { ServiceInventory } from '.'; +import { AnomalyDetectionSetupState } from '../../../../common/anomaly_detection/get_anomaly_detection_setup_state'; +import { AnomalyDetectionJobsContext } from '../../../context/anomaly_detection_jobs/anomaly_detection_jobs_context'; +import { ApmPluginContextValue } from '../../../context/apm_plugin/apm_plugin_context'; +import { MockApmPluginStorybook } from '../../../context/apm_plugin/mock_apm_plugin_storybook'; +import { FETCH_STATUS } from '../../../hooks/use_fetcher'; const stories: Meta<{}> = { title: 'app/ServiceInventory', - component: ApmServiceInventory, + component: ServiceInventory, decorators: [ (StoryComponent) => { const coreMock = { @@ -60,5 +60,5 @@ const stories: Meta<{}> = { export default stories; export const Example: Story<{}> = () => { - return ; + return ; }; diff --git a/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/apm_signal_inventory/service_list/__fixtures__/service_api_mock_data.ts b/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/service_list/__fixtures__/service_api_mock_data.ts similarity index 94% rename from x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/apm_signal_inventory/service_list/__fixtures__/service_api_mock_data.ts rename to x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/service_list/__fixtures__/service_api_mock_data.ts index 7c050a9191283..7c6f3d85c13cb 100644 --- a/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/apm_signal_inventory/service_list/__fixtures__/service_api_mock_data.ts +++ b/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/service_list/__fixtures__/service_api_mock_data.ts @@ -5,7 +5,7 @@ * 2.0. */ -import { APIReturnType } from '../../../../../../services/rest/create_call_apm_api'; +import { APIReturnType } from '../../../../../services/rest/create_call_apm_api'; type ServiceListAPIResponse = APIReturnType<'GET /internal/apm/services'>; diff --git a/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/apm_signal_inventory/service_list/apm_services_table.tsx b/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/service_list/apm_services_table.tsx similarity index 91% rename from x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/apm_signal_inventory/service_list/apm_services_table.tsx rename to x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/service_list/apm_services_table.tsx index acb0818797d10..930fa2829c424 100644 --- a/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/apm_signal_inventory/service_list/apm_services_table.tsx +++ b/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/service_list/apm_services_table.tsx @@ -20,40 +20,37 @@ import { ALERT_STATUS_ACTIVE } from '@kbn/rule-data-utils'; import { TypeOf } from '@kbn/typed-react-router-config'; import { omit } from 'lodash'; import React, { useMemo } from 'react'; -import { ServiceHealthStatus } from '../../../../../../common/service_health_status'; +import { ServiceHealthStatus } from '../../../../../common/service_health_status'; import { ServiceInventoryFieldName, ServiceListItem, -} from '../../../../../../common/service_inventory'; -import { isDefaultTransactionType } from '../../../../../../common/transaction_types'; +} from '../../../../../common/service_inventory'; +import { isDefaultTransactionType } from '../../../../../common/transaction_types'; import { asMillisecondDuration, asPercent, asTransactionRate, -} from '../../../../../../common/utils/formatters'; -import { useApmPluginContext } from '../../../../../context/apm_plugin/use_apm_plugin_context'; -import { useApmParams } from '../../../../../hooks/use_apm_params'; -import { useApmRouter } from '../../../../../hooks/use_apm_router'; -import { Breakpoints, useBreakpoints } from '../../../../../hooks/use_breakpoints'; -import { useFallbackToTransactionsFetcher } from '../../../../../hooks/use_fallback_to_transactions_fetcher'; -import { FETCH_STATUS, isFailure, isPending } from '../../../../../hooks/use_fetcher'; -import { APIReturnType } from '../../../../../services/rest/create_call_apm_api'; -import { unit } from '../../../../../utils/style'; -import { ApmRoutes } from '../../../../routing/apm_route_config'; -import { AggregatedTransactionsBadge } from '../../../../shared/aggregated_transactions_badge'; -import { - ChartType, - getTimeSeriesColor, -} from '../../../../shared/charts/helper/get_timeseries_color'; -import { EnvironmentBadge } from '../../../../shared/environment_badge'; -import { ServiceLink } from '../../../../shared/links/apm/service_link'; -import { ListMetric } from '../../../../shared/list_metric'; +} from '../../../../../common/utils/formatters'; +import { useApmPluginContext } from '../../../../context/apm_plugin/use_apm_plugin_context'; +import { useApmParams } from '../../../../hooks/use_apm_params'; +import { useApmRouter } from '../../../../hooks/use_apm_router'; +import { Breakpoints, useBreakpoints } from '../../../../hooks/use_breakpoints'; +import { useFallbackToTransactionsFetcher } from '../../../../hooks/use_fallback_to_transactions_fetcher'; +import { FETCH_STATUS, isFailure, isPending } from '../../../../hooks/use_fetcher'; +import { APIReturnType } from '../../../../services/rest/create_call_apm_api'; +import { unit } from '../../../../utils/style'; +import { ApmRoutes } from '../../../routing/apm_route_config'; +import { AggregatedTransactionsBadge } from '../../../shared/aggregated_transactions_badge'; +import { ChartType, getTimeSeriesColor } from '../../../shared/charts/helper/get_timeseries_color'; +import { EnvironmentBadge } from '../../../shared/environment_badge'; +import { ServiceLink } from '../../../shared/links/apm/service_link'; +import { ListMetric } from '../../../shared/list_metric'; import { ITableColumn, ManagedTable, SortFunction, TableSearchBar, -} from '../../../../shared/managed_table'; +} from '../../../shared/managed_table'; import { ColumnHeaderWithTooltip } from './column_header_with_tooltip'; import { HealthBadge } from './health_badge'; diff --git a/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/apm_signal_inventory/service_list/column_header_with_tooltip.tsx b/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/service_list/column_header_with_tooltip.tsx similarity index 100% rename from x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/apm_signal_inventory/service_list/column_header_with_tooltip.tsx rename to x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/service_list/column_header_with_tooltip.tsx diff --git a/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/apm_signal_inventory/service_list/health_badge.tsx b/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/service_list/health_badge.tsx similarity index 85% rename from x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/apm_signal_inventory/service_list/health_badge.tsx rename to x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/service_list/health_badge.tsx index 0a6d6398866f1..aa4299006cc48 100644 --- a/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/apm_signal_inventory/service_list/health_badge.tsx +++ b/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/service_list/health_badge.tsx @@ -11,8 +11,8 @@ import { getServiceHealthStatusBadgeColor, getServiceHealthStatusLabel, ServiceHealthStatus, -} from '../../../../../../common/service_health_status'; -import { useTheme } from '../../../../../hooks/use_theme'; +} from '../../../../../common/service_health_status'; +import { useTheme } from '../../../../hooks/use_theme'; export function HealthBadge({ healthStatus }: { healthStatus: ServiceHealthStatus }) { const theme = useTheme(); diff --git a/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/apm_signal_inventory/service_list/order_service_items.test.ts b/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/service_list/order_service_items.test.ts similarity index 97% rename from x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/apm_signal_inventory/service_list/order_service_items.test.ts rename to x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/service_list/order_service_items.test.ts index 1308c3bf99a0c..1b74d4d897df4 100644 --- a/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/apm_signal_inventory/service_list/order_service_items.test.ts +++ b/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/service_list/order_service_items.test.ts @@ -4,8 +4,8 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ -import { ServiceHealthStatus } from '../../../../../../common/service_health_status'; -import { ServiceInventoryFieldName } from '../../../../../../common/service_inventory'; +import { ServiceHealthStatus } from '../../../../../common/service_health_status'; +import { ServiceInventoryFieldName } from '../../../../../common/service_inventory'; import { orderServiceItems } from './order_service_items'; describe('orderServiceItems', () => { diff --git a/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/apm_signal_inventory/service_list/order_service_items.ts b/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/service_list/order_service_items.ts similarity index 94% rename from x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/apm_signal_inventory/service_list/order_service_items.ts rename to x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/service_list/order_service_items.ts index 4a4e756492d79..85d2b9678f061 100644 --- a/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/apm_signal_inventory/service_list/order_service_items.ts +++ b/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/service_list/order_service_items.ts @@ -5,11 +5,11 @@ * 2.0. */ import { orderBy } from 'lodash'; -import { ServiceHealthStatus } from '../../../../../../common/service_health_status'; +import { ServiceHealthStatus } from '../../../../../common/service_health_status'; import { ServiceListItem, ServiceInventoryFieldName, -} from '../../../../../../common/service_inventory'; +} from '../../../../../common/service_inventory'; type SortValueGetter = (item: ServiceListItem) => string | number; diff --git a/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/apm_signal_inventory/service_list/service_list.stories.tsx b/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/service_list/service_list.stories.tsx similarity index 83% rename from x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/apm_signal_inventory/service_list/service_list.stories.tsx rename to x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/service_list/service_list.stories.tsx index 9be7faa2f3671..efd00b38b56cc 100644 --- a/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/apm_signal_inventory/service_list/service_list.stories.tsx +++ b/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/service_list/service_list.stories.tsx @@ -8,13 +8,13 @@ import { CoreStart } from '@kbn/core/public'; import { Meta, Story } from '@storybook/react'; import React, { ComponentProps } from 'react'; -import { FETCH_STATUS } from '../../../../../hooks/use_fetcher'; +import { FETCH_STATUS } from '../../../../hooks/use_fetcher'; import { ApmServicesTable } from './apm_services_table'; -import { ServiceHealthStatus } from '../../../../../../common/service_health_status'; -import { ServiceInventoryFieldName } from '../../../../../../common/service_inventory'; -import type { ApmPluginContextValue } from '../../../../../context/apm_plugin/apm_plugin_context'; -import { MockApmPluginStorybook } from '../../../../../context/apm_plugin/mock_apm_plugin_storybook'; -import { mockApmApiCallResponse } from '../../../../../services/rest/call_apm_api_spy'; +import { ServiceHealthStatus } from '../../../../../common/service_health_status'; +import { ServiceInventoryFieldName } from '../../../../../common/service_inventory'; +import type { ApmPluginContextValue } from '../../../../context/apm_plugin/apm_plugin_context'; +import { MockApmPluginStorybook } from '../../../../context/apm_plugin/mock_apm_plugin_storybook'; +import { mockApmApiCallResponse } from '../../../../services/rest/call_apm_api_spy'; import { items, overflowItems } from './__fixtures__/service_api_mock_data'; type Args = ComponentProps; diff --git a/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/apm_signal_inventory/service_list/service_list.test.tsx b/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/service_list/service_list.test.tsx similarity index 96% rename from x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/apm_signal_inventory/service_list/service_list.test.tsx rename to x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/service_list/service_list.test.tsx index ccf028aa25478..e2ac029c79ce3 100644 --- a/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/apm_signal_inventory/service_list/service_list.test.tsx +++ b/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/service_list/service_list.test.tsx @@ -9,10 +9,10 @@ import { composeStories } from '@storybook/testing-react'; import { render, screen } from '@testing-library/react'; import React from 'react'; import { getServiceColumns } from './apm_services_table'; -import { ENVIRONMENT_ALL } from '../../../../../../common/environment_filter_values'; -import { Breakpoints } from '../../../../../hooks/use_breakpoints'; -import { apmRouter } from '../../../../routing/apm_route_config'; -import * as timeSeriesColor from '../../../../shared/charts/helper/get_timeseries_color'; +import { ENVIRONMENT_ALL } from '../../../../../common/environment_filter_values'; +import { Breakpoints } from '../../../../hooks/use_breakpoints'; +import { apmRouter } from '../../../routing/apm_route_config'; +import * as timeSeriesColor from '../../../shared/charts/helper/get_timeseries_color'; import * as stories from './service_list.stories'; const { ServiceListEmptyState, ServiceListWithItems } = composeStories(stories); diff --git a/x-pack/plugins/observability_solution/apm/public/components/app/service_overview/index.tsx b/x-pack/plugins/observability_solution/apm/public/components/app/service_overview/index.tsx index 3475f622edebe..0df6e9e1ebae0 100644 --- a/x-pack/plugins/observability_solution/apm/public/components/app/service_overview/index.tsx +++ b/x-pack/plugins/observability_solution/apm/public/components/app/service_overview/index.tsx @@ -11,7 +11,6 @@ import { AnnotationsContextProvider } from '../../../context/annotations/annotat import { useApmPluginContext } from '../../../context/apm_plugin/use_apm_plugin_context'; import { useApmServiceContext } from '../../../context/apm_service/use_apm_service_context'; import { ChartPointerEventContextProvider } from '../../../context/chart_pointer_event/chart_pointer_event_context'; -import { useEntityManagerEnablementContext } from '../../../context/entity_manager_context/use_entity_manager_enablement_context'; import { useApmParams } from '../../../hooks/use_apm_params'; import { useTimeRange } from '../../../hooks/use_time_range'; import { isApmSignal, isLogsSignal, isLogsOnlySignal } from '../../../utils/get_signal_type'; @@ -21,6 +20,7 @@ import { ServiceTabEmptyState } from '../service_tab_empty_state'; import { useLocalStorage } from '../../../hooks/use_local_storage'; import { SearchBar } from '../../shared/search_bar/search_bar'; import { FETCH_STATUS } from '../../../hooks/use_fetcher'; +import { useEntityCentricExperienceSetting } from '../../../hooks/use_entity_centric_experience_setting'; /** * The height a chart should be if it's next to a table with 5 rows and a title. * Add the height of the pagination row. @@ -28,7 +28,7 @@ import { FETCH_STATUS } from '../../../hooks/use_fetcher'; export const chartHeight = 288; export function ServiceOverview() { - const { isEntityCentricExperienceViewEnabled } = useEntityManagerEnablementContext(); + const { isEntityCentricExperienceEnabled } = useEntityCentricExperienceSetting(); const { serviceName, serviceEntitySummary, serviceEntitySummaryStatus } = useApmServiceContext(); const setScreenContext = useApmPluginContext().observabilityAIAssistant?.service.setScreenContext; @@ -68,8 +68,7 @@ export function ServiceOverview() { const hasApmSignal = hasSignal && isApmSignal(serviceEntitySummary.dataStreamTypes); // Shows APM overview when entity has APM signal or when Entity centric is not enabled or when entity has no signal - const showApmOverview = - isEntityCentricExperienceViewEnabled === false || hasApmSignal || !hasSignal; + const showApmOverview = isEntityCentricExperienceEnabled === false || hasApmSignal || !hasSignal; if (serviceEntitySummaryStatus === FETCH_STATUS.LOADING) { return ( diff --git a/x-pack/plugins/observability_solution/apm/public/components/app/service_overview/logs_overview/index.tsx b/x-pack/plugins/observability_solution/apm/public/components/app/service_overview/logs_overview/index.tsx index b51a95e3ccabc..7c53a77284679 100644 --- a/x-pack/plugins/observability_solution/apm/public/components/app/service_overview/logs_overview/index.tsx +++ b/x-pack/plugins/observability_solution/apm/public/components/app/service_overview/logs_overview/index.tsx @@ -7,9 +7,9 @@ import { EuiFlexGroup, EuiFlexItem } from '@elastic/eui'; import React from 'react'; -import { LogRateChart } from '../../entities/charts/log_rate_chart'; -import { LogErrorRateChart } from '../../entities/charts/log_error_rate_chart'; import { chartHeight } from '..'; +import { LogRateChart } from '../../../shared/charts/log_rates/log_rate_chart'; +import { LogErrorRateChart } from '../../../shared/charts/log_rates/log_error_rate_chart'; export function LogsOverview() { return ( diff --git a/x-pack/plugins/observability_solution/apm/public/components/routing/app_root/apm_header_action_menu/add_data_context_menu.tsx b/x-pack/plugins/observability_solution/apm/public/components/routing/app_root/apm_header_action_menu/add_data_context_menu.tsx index d94fc86ecf73b..7f55b112a5a64 100644 --- a/x-pack/plugins/observability_solution/apm/public/components/routing/app_root/apm_header_action_menu/add_data_context_menu.tsx +++ b/x-pack/plugins/observability_solution/apm/public/components/routing/app_root/apm_header_action_menu/add_data_context_menu.tsx @@ -22,8 +22,6 @@ import { collectServiceLogs, addApmData, } from '../../../shared/add_data_buttons/buttons'; -import { ServiceEcoTour } from '../../../shared/entity_enablement/service_eco_tour'; -import { useEntityManagerEnablementContext } from '../../../../context/entity_manager_context/use_entity_manager_enablement_context'; const addData = i18n.translate('xpack.apm.addDataContextMenu.link', { defaultMessage: 'Add data', @@ -31,7 +29,6 @@ const addData = i18n.translate('xpack.apm.addDataContextMenu.link', { export function AddDataContextMenu() { const [popoverOpen, setPopoverOpen] = useState(false); - const { tourState, updateTourState } = useEntityManagerEnablementContext(); const { services } = useKibana(); const { core: { @@ -93,23 +90,17 @@ export function AddDataContextMenu() { }, ]; - const handleTourClose = () => { - updateTourState({ isTourActive: false }); - setPopoverOpen(false); - }; return ( <> setPopoverOpen(false)} panelPaddingSize="none" anchorPosition="downRight" > - - - + ); diff --git a/x-pack/plugins/observability_solution/apm/public/components/routing/app_root/apm_header_action_menu/index.tsx b/x-pack/plugins/observability_solution/apm/public/components/routing/app_root/apm_header_action_menu/index.tsx index bf2c304236246..06d04c94cfddd 100644 --- a/x-pack/plugins/observability_solution/apm/public/components/routing/app_root/apm_header_action_menu/index.tsx +++ b/x-pack/plugins/observability_solution/apm/public/components/routing/app_root/apm_header_action_menu/index.tsx @@ -17,7 +17,7 @@ import { AnomalyDetectionSetupLink } from './anomaly_detection_setup_link'; import { InspectorHeaderLink } from './inspector_header_link'; import { Labs } from './labs'; import { AddDataContextMenu } from './add_data_context_menu'; -import { useEntityManagerEnablementContext } from '../../../../context/entity_manager_context/use_entity_manager_enablement_context'; +import { useEntityCentricExperienceSetting } from '../../../../hooks/use_entity_centric_experience_setting'; export function ApmHeaderActionMenu() { const { core, plugins, config } = useApmPluginContext(); @@ -33,8 +33,7 @@ export function ApmHeaderActionMenu() { capabilities ); const canSaveApmAlerts = capabilities.apm.save && canSaveAlerts; - const { isEntityCentricExperienceViewEnabled, isEnablementPending } = - useEntityManagerEnablementContext(); + const { isEntityCentricExperienceEnabled } = useEntityCentricExperienceSetting(); function apmHref(path: string) { return getLegacyApmHref({ basePath, path, search }); @@ -73,11 +72,10 @@ export function ApmHeaderActionMenu() { canReadMlJobs={canReadMlJobs} /> )} - {isEntityCentricExperienceViewEnabled ? ( + {isEntityCentricExperienceEnabled ? ( ) : ( - - - - - - - - - - - + + + + + + + + + diff --git a/x-pack/plugins/observability_solution/apm/public/components/routing/templates/apm_main_template/index.tsx b/x-pack/plugins/observability_solution/apm/public/components/routing/templates/apm_main_template/index.tsx index 8633e206599b6..e536ed9456801 100644 --- a/x-pack/plugins/observability_solution/apm/public/components/routing/templates/apm_main_template/index.tsx +++ b/x-pack/plugins/observability_solution/apm/public/components/routing/templates/apm_main_template/index.tsx @@ -14,7 +14,6 @@ import React, { useContext } from 'react'; import { useLocation } from 'react-router-dom'; import { FeatureFeedbackButton } from '@kbn/observability-shared-plugin/public'; import { useLocalStorage } from '../../../../hooks/use_local_storage'; -import { useEntityManagerEnablementContext } from '../../../../context/entity_manager_context/use_entity_manager_enablement_context'; import { useDefaultAiAssistantStarterPromptsForAPM } from '../../../../hooks/use_default_ai_assistant_starter_prompts_for_apm'; import { KibanaEnvironmentContext } from '../../../../context/kibana_environment_context/kibana_environment_context'; import { getPathForFeedback } from '../../../../utils/get_path_for_feedback'; @@ -27,6 +26,7 @@ import { ApmEnvironmentFilter } from '../../../shared/environment_filter'; import { getNoDataConfig } from '../no_data_config'; import { useApmPluginContext } from '../../../../context/apm_plugin/use_apm_plugin_context'; import { EntitiesInventoryCallout } from './entities_inventory_callout'; +import { useEntityCentricExperienceSetting } from '../../../../hooks/use_entity_centric_experience_setting'; // Paths that must skip the no data screen const bypassNoDataScreenPaths = ['/settings', '/diagnostics']; @@ -77,7 +77,7 @@ export function ApmMainTemplate({ true ); - const { isEntityCentricExperienceViewEnabled } = useEntityManagerEnablementContext(); + const { isEntityCentricExperienceEnabled } = useEntityCentricExperienceSetting(); const ObservabilityPageTemplate = observabilityShared.navigation.PageTemplate; @@ -146,7 +146,7 @@ export function ApmMainTemplate({ ; diff --git a/x-pack/plugins/observability_solution/apm/public/components/app/entities/charts/log_rate_chart.tsx b/x-pack/plugins/observability_solution/apm/public/components/shared/charts/log_rates/log_rate_chart.tsx similarity index 87% rename from x-pack/plugins/observability_solution/apm/public/components/app/entities/charts/log_rate_chart.tsx rename to x-pack/plugins/observability_solution/apm/public/components/shared/charts/log_rates/log_rate_chart.tsx index b27d73004d489..f4d5981da38ef 100644 --- a/x-pack/plugins/observability_solution/apm/public/components/app/entities/charts/log_rate_chart.tsx +++ b/x-pack/plugins/observability_solution/apm/public/components/shared/charts/log_rates/log_rate_chart.tsx @@ -13,16 +13,13 @@ import { useApmParams } from '../../../../hooks/use_apm_params'; import { useFetcher } from '../../../../hooks/use_fetcher'; import { useTimeRange } from '../../../../hooks/use_time_range'; import { APIReturnType } from '../../../../services/rest/create_call_apm_api'; -import { getTimeSeriesColor, ChartType } from '../../../shared/charts/helper/get_timeseries_color'; -import { TimeseriesChartWithContext } from '../../../shared/charts/timeseries_chart_with_context'; import { asInteger } from '../../../../../common/utils/formatters'; -import { TooltipContent } from '../../service_inventory/multi_signal_inventory/table/tooltip_content'; -import { Popover } from '../../service_inventory/multi_signal_inventory/table/popover'; -import { - getMetricsFormula, - ChartMetricType, -} from '../../../shared/charts/helper/get_metrics_formulas'; -import { ExploreLogsButton } from '../../../shared/explore_logs_button/explore_logs_button'; +import { TooltipContent } from './tooltip_content'; +import { Popover } from './popover'; +import { ChartType, getTimeSeriesColor } from '../helper/get_timeseries_color'; +import { ChartMetricType, getMetricsFormula } from '../helper/get_metrics_formulas'; +import { ExploreLogsButton } from '../../explore_logs_button/explore_logs_button'; +import { TimeseriesChartWithContext } from '../timeseries_chart_with_context'; type LogRateReturnType = APIReturnType<'GET /internal/apm/entities/services/{serviceName}/logs_rate_timeseries'>; diff --git a/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/multi_signal_inventory/table/popover.tsx b/x-pack/plugins/observability_solution/apm/public/components/shared/charts/log_rates/popover.tsx similarity index 100% rename from x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/multi_signal_inventory/table/popover.tsx rename to x-pack/plugins/observability_solution/apm/public/components/shared/charts/log_rates/popover.tsx diff --git a/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/multi_signal_inventory/table/tooltip_content.tsx b/x-pack/plugins/observability_solution/apm/public/components/shared/charts/log_rates/tooltip_content.tsx similarity index 93% rename from x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/multi_signal_inventory/table/tooltip_content.tsx rename to x-pack/plugins/observability_solution/apm/public/components/shared/charts/log_rates/tooltip_content.tsx index 8551c56ef6961..9fbcdec335a73 100644 --- a/x-pack/plugins/observability_solution/apm/public/components/app/service_inventory/multi_signal_inventory/table/tooltip_content.tsx +++ b/x-pack/plugins/observability_solution/apm/public/components/shared/charts/log_rates/tooltip_content.tsx @@ -10,7 +10,7 @@ import { EuiText } from '@elastic/eui'; import { css } from '@emotion/react'; import { FormattedMessage } from '@kbn/i18n-react'; -export interface TooltipContentProps extends Pick, 'style'> { +interface TooltipContentProps extends Pick, 'style'> { description: ReactElement | string; formula?: string; } diff --git a/x-pack/plugins/observability_solution/apm/public/components/shared/entity_enablement/service_eco_tour.tsx b/x-pack/plugins/observability_solution/apm/public/components/shared/entity_enablement/service_eco_tour.tsx deleted file mode 100644 index 3a8a7272af46b..0000000000000 --- a/x-pack/plugins/observability_solution/apm/public/components/shared/entity_enablement/service_eco_tour.tsx +++ /dev/null @@ -1,49 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import React from 'react'; -import { i18n } from '@kbn/i18n'; -import { EuiText, EuiTourStep } from '@elastic/eui'; -import { useEntityManagerEnablementContext } from '../../../context/entity_manager_context/use_entity_manager_enablement_context'; - -export function ServiceEcoTour({ - children, - onFinish, -}: { - children: React.ReactElement; - onFinish: () => void; -}) { - const { tourState } = useEntityManagerEnablementContext(); - - return ( - -

- {i18n.translate('xpack.apm.serviceEcoTour.content', { - defaultMessage: 'You can now add services from logs to the service inventory', - })} -

- - } - isStepOpen={tourState.isTourActive} - minWidth={200} - onFinish={onFinish} - step={1} - stepsTotal={1} - title={i18n.translate('xpack.apm.serviceEcoTour.title', { - defaultMessage: 'Add services from logs', - })} - subtitle={i18n.translate('xpack.apm.serviceEcoTour.subtitle', { - defaultMessage: 'New Services Inventory', - })} - anchorPosition="rightUp" - > - {children} - - ); -} diff --git a/x-pack/plugins/observability_solution/apm/public/context/apm_service/use_service_entity_summary_fetcher.ts b/x-pack/plugins/observability_solution/apm/public/context/apm_service/use_service_entity_summary_fetcher.ts index 2d24d3a7dfca6..1c01b6bd25cb2 100644 --- a/x-pack/plugins/observability_solution/apm/public/context/apm_service/use_service_entity_summary_fetcher.ts +++ b/x-pack/plugins/observability_solution/apm/public/context/apm_service/use_service_entity_summary_fetcher.ts @@ -5,9 +5,9 @@ * 2.0. */ +import { useEntityCentricExperienceSetting } from '../../hooks/use_entity_centric_experience_setting'; import { useFetcher } from '../../hooks/use_fetcher'; import { APIReturnType } from '../../services/rest/create_call_apm_api'; -import { useEntityManagerEnablementContext } from '../entity_manager_context/use_entity_manager_enablement_context'; export type ServiceEntitySummary = APIReturnType<'GET /internal/apm/entities/services/{serviceName}/summary'>; @@ -21,17 +21,17 @@ export function useServiceEntitySummaryFetcher({ end?: string; environment?: string; }) { - const { isEntityCentricExperienceViewEnabled } = useEntityManagerEnablementContext(); + const { isEntityCentricExperienceEnabled } = useEntityCentricExperienceSetting(); const { data, status } = useFetcher( (callAPI) => { - if (isEntityCentricExperienceViewEnabled && serviceName && environment) { + if (isEntityCentricExperienceEnabled && serviceName && environment) { return callAPI('GET /internal/apm/entities/services/{serviceName}/summary', { params: { path: { serviceName }, query: { environment } }, }); } }, - [environment, isEntityCentricExperienceViewEnabled, serviceName] + [environment, isEntityCentricExperienceEnabled, serviceName] ); return { serviceEntitySummary: data, serviceEntitySummaryStatus: status }; diff --git a/x-pack/plugins/observability_solution/apm/public/context/entity_manager_context/entity_manager_context.tsx b/x-pack/plugins/observability_solution/apm/public/context/entity_manager_context/entity_manager_context.tsx deleted file mode 100644 index 95a246ddce566..0000000000000 --- a/x-pack/plugins/observability_solution/apm/public/context/entity_manager_context/entity_manager_context.tsx +++ /dev/null @@ -1,94 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ -import { entityCentricExperience } from '@kbn/observability-plugin/common'; -import React, { createContext } from 'react'; -import { - SERVICE_INVENTORY_STORAGE_KEY, - serviceInventoryViewType$, -} from '../../analytics/register_service_inventory_view_type_context'; -import { useLocalStorage } from '../../hooks/use_local_storage'; -import { ApmPluginStartDeps, ApmServices } from '../../plugin'; -import { useApmPluginContext } from '../apm_plugin/use_apm_plugin_context'; -import { useKibana } from '../kibana_context/use_kibana'; -import { ENTITY_FETCH_STATUS, useEntityManager } from './use_entity_manager'; - -export interface EntityManagerEnablementContextValue { - isEntityManagerEnabled: boolean; - isEnablementPending: boolean; - refetch: () => void; - serviceInventoryViewLocalStorageSetting: ServiceInventoryView; - setServiceInventoryViewLocalStorageSetting: (view: ServiceInventoryView) => void; - isEntityCentricExperienceViewEnabled: boolean; - tourState: TourState; - updateTourState: (newState: Partial) => void; -} - -export enum ServiceInventoryView { - classic = 'classic', - entity = 'entity', -} - -export const EntityManagerEnablementContext = createContext( - {} as EntityManagerEnablementContextValue -); - -interface TourState { - isModalVisible?: boolean; - isTourActive: boolean; -} -const TOUR_INITIAL_STATE: TourState = { - isModalVisible: undefined, - isTourActive: false, -}; - -export function EntityManagerEnablementContextProvider({ - children, -}: { - children: React.ReactChild; -}) { - const { core } = useApmPluginContext(); - const { services } = useKibana(); - const { isEnabled: isEntityManagerEnabled, status, refetch } = useEntityManager(); - const [tourState, setTourState] = useLocalStorage('apm.serviceEcoTour', TOUR_INITIAL_STATE); - const [serviceInventoryViewLocalStorageSetting, setServiceInventoryViewLocalStorageSetting] = - useLocalStorage(SERVICE_INVENTORY_STORAGE_KEY, ServiceInventoryView.classic); - - const isEntityCentricExperienceSettingEnabled = core.uiSettings.get( - entityCentricExperience, - true - ); - - function handleServiceInventoryViewChange(nextView: ServiceInventoryView) { - setServiceInventoryViewLocalStorageSetting(nextView); - // Updates the telemetry context variable every time the user switches views - serviceInventoryViewType$.next({ serviceInventoryViewType: nextView }); - services.telemetry.reportEntityExperienceStatusChange({ - status: nextView === ServiceInventoryView.entity ? 'enabled' : 'disabled', - }); - } - - function handleTourStateUpdate(newTourState: Partial) { - setTourState({ ...tourState, ...newTourState }); - } - - return ( - - {children} - - ); -} diff --git a/x-pack/plugins/observability_solution/apm/public/context/entity_manager_context/use_entity_manager.ts b/x-pack/plugins/observability_solution/apm/public/context/entity_manager_context/use_entity_manager.ts deleted file mode 100644 index 0fe465beb19ef..0000000000000 --- a/x-pack/plugins/observability_solution/apm/public/context/entity_manager_context/use_entity_manager.ts +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { useKibana } from '@kbn/kibana-react-plugin/public'; -import { useEffect, useMemo, useState } from 'react'; -import { ApmPluginStartDeps } from '../../plugin'; - -export enum ENTITY_FETCH_STATUS { - LOADING = 'loading', - SUCCESS = 'success', - FAILURE = 'failure', - NOT_INITIATED = 'not_initiated', -} - -export function useEntityManager() { - const { - services: { entityManager }, - } = useKibana(); - const [counter, setCounter] = useState(0); - const [result, setResult] = useState({ - isEnabled: false, - status: ENTITY_FETCH_STATUS.NOT_INITIATED, - }); - - useEffect(() => { - async function isManagedEntityDiscoveryEnabled() { - setResult({ isEnabled: false, status: ENTITY_FETCH_STATUS.LOADING }); - - try { - const response = await entityManager.entityClient.isManagedEntityDiscoveryEnabled(); - setResult({ isEnabled: response?.enabled, status: ENTITY_FETCH_STATUS.SUCCESS }); - } catch (err) { - setResult({ isEnabled: false, status: ENTITY_FETCH_STATUS.FAILURE }); - - console.error(err); - } - } - - isManagedEntityDiscoveryEnabled(); - }, [entityManager, counter]); - - return useMemo(() => { - return { - ...result, - refetch: () => { - // this will invalidate the deps to `useEffect` and will result in a new request - setCounter((count) => count + 1); - }, - }; - }, [result]); -} diff --git a/x-pack/plugins/observability_solution/apm/public/hooks/use_entity_centric_experience_setting.tsx b/x-pack/plugins/observability_solution/apm/public/hooks/use_entity_centric_experience_setting.tsx new file mode 100644 index 0000000000000..32e68c40788fc --- /dev/null +++ b/x-pack/plugins/observability_solution/apm/public/hooks/use_entity_centric_experience_setting.tsx @@ -0,0 +1,20 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { entityCentricExperience } from '@kbn/observability-plugin/common'; +import { useApmPluginContext } from '../context/apm_plugin/use_apm_plugin_context'; + +export function useEntityCentricExperienceSetting() { + const { core } = useApmPluginContext(); + + const isEntityCentricExperienceEnabled = core.uiSettings.get( + entityCentricExperience, + true + ); + + return { isEntityCentricExperienceEnabled }; +} diff --git a/x-pack/plugins/observability_solution/apm/public/plugin.ts b/x-pack/plugins/observability_solution/apm/public/plugin.ts index 85580d6d866a4..9a9f45f42a39e 100644 --- a/x-pack/plugins/observability_solution/apm/public/plugin.ts +++ b/x-pack/plugins/observability_solution/apm/public/plugin.ts @@ -19,10 +19,6 @@ import { PluginInitializerContext, SecurityServiceStart, } from '@kbn/core/public'; -import { - EntityManagerPublicPluginSetup, - EntityManagerPublicPluginStart, -} from '@kbn/entityManager-plugin/public'; import type { DataPublicPluginSetup, DataPublicPluginStart } from '@kbn/data-plugin/public'; import { DataViewsPublicPluginStart } from '@kbn/data-views-plugin/public'; import { DiscoverSetup, DiscoverStart } from '@kbn/discover-plugin/public'; @@ -86,7 +82,6 @@ import { getLazyAPMPolicyEditExtension } from './components/fleet_integration/la import { featureCatalogueEntry } from './feature_catalogue_entry'; import { APMServiceDetailLocator } from './locator/service_detail_locator'; import { ITelemetryClient, TelemetryService } from './services/telemetry'; -import { registerServiceInventoryViewTypeContext } from './analytics/register_service_inventory_view_type_context'; export type ApmPluginSetup = ReturnType; export type ApmPluginStart = void; @@ -111,7 +106,6 @@ export interface ApmPluginSetupDeps { uiActions: UiActionsSetup; profiling?: ProfilingPluginSetup; cloud?: CloudSetup; - entityManager: EntityManagerPublicPluginSetup; } export interface ApmServices { @@ -148,7 +142,6 @@ export interface ApmPluginStartDeps { dashboard: DashboardStart; metricsDataAccess: MetricsDataPluginStart; uiSettings: IUiSettingsClient; - entityManager: EntityManagerPublicPluginStart; } const applicationsTitle = i18n.translate('xpack.apm.navigation.rootTitle', { @@ -279,7 +272,6 @@ export class ApmPlugin implements Plugin { }; this.telemetry.setup({ analytics: core.analytics }); - registerServiceInventoryViewTypeContext(core.analytics); // Registers a status check callback for the tutorial to call and verify if the APM integration is installed on fleet. pluginSetupDeps.home?.tutorials.registerCustomStatusCheck( diff --git a/x-pack/plugins/observability_solution/apm/public/services/telemetry/telemetry_client.ts b/x-pack/plugins/observability_solution/apm/public/services/telemetry/telemetry_client.ts index 87567c82e3454..3f9f870fb3ffe 100644 --- a/x-pack/plugins/observability_solution/apm/public/services/telemetry/telemetry_client.ts +++ b/x-pack/plugins/observability_solution/apm/public/services/telemetry/telemetry_client.ts @@ -9,9 +9,7 @@ import { AnalyticsServiceSetup } from '@kbn/core-analytics-browser'; import { ITelemetryClient, SearchQuerySubmittedParams, - EntityExperienceStatusParams, TelemetryEventTypes, - EntityInventoryPageStateParams, EntityInventoryAddDataParams, EmptyStateClickParams, } from './types'; @@ -31,14 +29,6 @@ export class TelemetryClient implements ITelemetryClient { }); }; - public reportEntityExperienceStatusChange = (params: EntityExperienceStatusParams) => { - this.analytics.reportEvent(TelemetryEventTypes.ENTITY_EXPERIENCE_STATUS, params); - }; - - public reportEntityInventoryPageState = (params: EntityInventoryPageStateParams) => { - this.analytics.reportEvent(TelemetryEventTypes.ENTITY_INVENTORY_PAGE_STATE, params); - }; - public reportEntityInventoryAddData = (params: EntityInventoryAddDataParams) => { this.analytics.reportEvent(TelemetryEventTypes.ENTITY_INVENTORY_ADD_DATA, params); }; diff --git a/x-pack/plugins/observability_solution/apm/public/services/telemetry/telemetry_events.ts b/x-pack/plugins/observability_solution/apm/public/services/telemetry/telemetry_events.ts index 2d00970a2b128..605c326f7cb09 100644 --- a/x-pack/plugins/observability_solution/apm/public/services/telemetry/telemetry_events.ts +++ b/x-pack/plugins/observability_solution/apm/public/services/telemetry/telemetry_events.ts @@ -33,30 +33,6 @@ const searchQuerySubmittedEventType: TelemetryEvent = { }, }; -const entityExperienceStatusEventType: TelemetryEvent = { - eventType: TelemetryEventTypes.ENTITY_EXPERIENCE_STATUS, - schema: { - status: { - type: 'keyword', - _meta: { - description: 'The status of the Entity experience (Enabled or Disabled)', - }, - }, - }, -}; - -const entityInventoryPageStateEventType: TelemetryEvent = { - eventType: TelemetryEventTypes.ENTITY_INVENTORY_PAGE_STATE, - schema: { - state: { - type: 'keyword', - _meta: { - description: 'The current entity inventory page state (empty_state or available)', - }, - }, - }, -}; - const entityInventoryAddDataEventType: TelemetryEvent = { eventType: TelemetryEventTypes.ENTITY_INVENTORY_ADD_DATA, schema: { @@ -106,8 +82,6 @@ const learnMoreClickEventType: TelemetryEvent = { export const apmTelemetryEventBasedTypes = [ searchQuerySubmittedEventType, - entityExperienceStatusEventType, - entityInventoryPageStateEventType, entityInventoryAddDataEventType, tryItClickEventType, learnMoreClickEventType, diff --git a/x-pack/plugins/observability_solution/apm/public/services/telemetry/types.ts b/x-pack/plugins/observability_solution/apm/public/services/telemetry/types.ts index 665f3c59d7612..40f77a02899e4 100644 --- a/x-pack/plugins/observability_solution/apm/public/services/telemetry/types.ts +++ b/x-pack/plugins/observability_solution/apm/public/services/telemetry/types.ts @@ -21,14 +21,6 @@ export interface SearchQuerySubmittedParams { action: SearchQueryActions; } -export interface EntityExperienceStatusParams { - status: 'enabled' | 'disabled'; -} - -export interface EntityInventoryPageStateParams { - state: 'empty_state' | 'available'; -} - export interface EntityInventoryAddDataParams { view: 'empty_state' | 'add_data_button' | 'add_apm_cta' | 'add_apm_n/a'; journey?: 'add_apm_agent' | 'associate_existing_service_logs' | 'collect_new_service_logs'; @@ -40,15 +32,11 @@ export interface EmptyStateClickParams { export type TelemetryEventParams = | SearchQuerySubmittedParams - | EntityExperienceStatusParams - | EntityInventoryPageStateParams | EntityInventoryAddDataParams | EmptyStateClickParams; export interface ITelemetryClient { reportSearchQuerySubmitted(params: SearchQuerySubmittedParams): void; - reportEntityExperienceStatusChange(params: EntityExperienceStatusParams): void; - reportEntityInventoryPageState(params: EntityInventoryPageStateParams): void; reportEntityInventoryAddData(params: EntityInventoryAddDataParams): void; reportTryItClick(params: EmptyStateClickParams): void; reportLearnMoreClick(params: EmptyStateClickParams): void; @@ -56,8 +44,6 @@ export interface ITelemetryClient { export enum TelemetryEventTypes { SEARCH_QUERY_SUBMITTED = 'Search Query Submitted', - ENTITY_EXPERIENCE_STATUS = 'entity_experience_status', - ENTITY_INVENTORY_PAGE_STATE = 'entity_inventory_page_state', ENTITY_INVENTORY_ADD_DATA = 'entity_inventory_add_data', TRY_IT_CLICK = 'try_it_click', LEARN_MORE_CLICK = 'learn_more_click', diff --git a/x-pack/plugins/observability_solution/apm/tsconfig.json b/x-pack/plugins/observability_solution/apm/tsconfig.json index 9f6a5e4f57f40..0f08bf3143cd2 100644 --- a/x-pack/plugins/observability_solution/apm/tsconfig.json +++ b/x-pack/plugins/observability_solution/apm/tsconfig.json @@ -119,7 +119,6 @@ "@kbn/react-kibana-context-theme", "@kbn/test-jest-helpers", "@kbn/security-plugin-types-common", - "@kbn/entityManager-plugin", "@kbn/server-route-repository-utils", "@kbn/core-analytics-browser", "@kbn/apm-types", diff --git a/x-pack/plugins/observability_solution/dataset_quality/server/routes/data_streams/get_data_stream_details/index.ts b/x-pack/plugins/observability_solution/dataset_quality/server/routes/data_streams/get_data_stream_details/index.ts index fd117d65ac99d..eb1d70b867dc4 100644 --- a/x-pack/plugins/observability_solution/dataset_quality/server/routes/data_streams/get_data_stream_details/index.ts +++ b/x-pack/plugins/observability_solution/dataset_quality/server/routes/data_streams/get_data_stream_details/index.ts @@ -119,7 +119,7 @@ export async function getDataStreamDetails({ } async function getDataStreamCreatedOn(esClient: ElasticsearchClient, dataStream: string) { - const indexSettings = await dataStreamService.getDataSteamIndexSettings(esClient, dataStream); + const indexSettings = await dataStreamService.getDataStreamIndexSettings(esClient, dataStream); const indexesList = Object.values(indexSettings); diff --git a/x-pack/plugins/observability_solution/dataset_quality/server/routes/data_streams/get_data_streams_metering_stats/index.ts b/x-pack/plugins/observability_solution/dataset_quality/server/routes/data_streams/get_data_streams_metering_stats/index.ts index bdf30533cbed9..5bd6f8b15f1c1 100644 --- a/x-pack/plugins/observability_solution/dataset_quality/server/routes/data_streams/get_data_streams_metering_stats/index.ts +++ b/x-pack/plugins/observability_solution/dataset_quality/server/routes/data_streams/get_data_streams_metering_stats/index.ts @@ -6,6 +6,7 @@ */ import type { ElasticsearchClient } from '@kbn/core/server'; +import { reduceAsyncChunks } from '../../../utils/reduce_async_chunks'; export interface MeteringStatsResponse { datastreams: Array<{ @@ -26,11 +27,13 @@ export async function getDataStreamsMeteringStats({ return {}; } - const { datastreams: dataStreamsStats } = await esClient.transport.request( - { - method: 'GET', - path: `/_metering/stats/` + dataStreams.join(','), - } + const { datastreams: dataStreamsStats } = await reduceAsyncChunks( + dataStreams, + (dataStreamsChunk) => + esClient.transport.request({ + method: 'GET', + path: `/_metering/stats/` + dataStreamsChunk.join(','), + }) ); return dataStreamsStats.reduce( diff --git a/x-pack/plugins/observability_solution/dataset_quality/server/services/data_stream.ts b/x-pack/plugins/observability_solution/dataset_quality/server/services/data_stream.ts index 16b283d583fd3..1157b40936a6d 100644 --- a/x-pack/plugins/observability_solution/dataset_quality/server/services/data_stream.ts +++ b/x-pack/plugins/observability_solution/dataset_quality/server/services/data_stream.ts @@ -10,6 +10,7 @@ import type { IndicesDataStreamsStatsDataStreamsStatsItem, } from '@elastic/elasticsearch/lib/api/types'; import type { ElasticsearchClient } from '@kbn/core/server'; +import { reduceAsyncChunks } from '../utils/reduce_async_chunks'; class DataStreamService { public async getMatchingDataStreams( @@ -37,10 +38,11 @@ class DataStreamService { dataStreams: string[] ): Promise { try { - const { data_streams: dataStreamsStats } = await esClient.indices.dataStreamsStats({ - name: dataStreams.join(','), - human: true, - }); + const { data_streams: dataStreamsStats } = await reduceAsyncChunks( + dataStreams, + (dataStreamsChunk) => + esClient.indices.dataStreamsStats({ name: dataStreamsChunk.join(','), human: true }) + ); return dataStreamsStats; } catch (e) { @@ -51,7 +53,7 @@ class DataStreamService { } } - public async getDataSteamIndexSettings( + public async getDataStreamIndexSettings( esClient: ElasticsearchClient, dataStream: string ): Promise>> { diff --git a/x-pack/plugins/observability_solution/dataset_quality/server/services/index_stats.ts b/x-pack/plugins/observability_solution/dataset_quality/server/services/index_stats.ts index 967a8c393bcc8..70cdb6d260afb 100644 --- a/x-pack/plugins/observability_solution/dataset_quality/server/services/index_stats.ts +++ b/x-pack/plugins/observability_solution/dataset_quality/server/services/index_stats.ts @@ -8,6 +8,7 @@ import { chain, sumBy } from 'lodash'; import type { ElasticsearchClient } from '@kbn/core/server'; import { extractIndexNameFromBackingIndex } from '../../common/utils'; +import { reduceAsyncChunks } from '../utils/reduce_async_chunks'; interface IndexStatsResponse { docsCountPerDataStream: { [indexName: string]: number }; @@ -19,9 +20,9 @@ class IndexStatsService { dataStreams: string[] ): Promise { try { - const index = dataStreams; - - const { indices } = await esClient.indices.stats({ index, metric: ['docs'] }); + const { indices } = await reduceAsyncChunks(dataStreams, (indexChunk) => + esClient.indices.stats({ index: indexChunk, metric: ['docs'] }) + ); const docsCountPerDataStream = chain(indices || {}) .map((indexStats, indexName) => ({ diff --git a/x-pack/plugins/observability_solution/dataset_quality/server/utils/reduce_async_chunks.test.ts b/x-pack/plugins/observability_solution/dataset_quality/server/utils/reduce_async_chunks.test.ts new file mode 100644 index 0000000000000..49a2ddf672d1d --- /dev/null +++ b/x-pack/plugins/observability_solution/dataset_quality/server/utils/reduce_async_chunks.test.ts @@ -0,0 +1,58 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { reduceAsyncChunks } from './reduce_async_chunks'; + +describe('reduceAsyncChunks', () => { + const spyChunkExecutor = jest + .fn() + .mockImplementation((chunk: string[]) => + Promise.resolve(chunk.map((str) => str.toUpperCase())) + ); + + afterEach(() => { + spyChunkExecutor.mockClear(); + }); + + it('should run a iterator mapping callback on each chunk and merge the result', async () => { + const input = Array(20).fill('logs-dataset-default'); + const expected = Array(20).fill('LOGS-DATASET-DEFAULT'); + + const res = await reduceAsyncChunks(input, spyChunkExecutor); + + expect(res).toEqual(expected); + expect(spyChunkExecutor).toHaveBeenCalledTimes(1); + }); + + it('should create chunks where the total strings length does not exceed the allowed maximum', async () => { + const input = Array(1000).fill('logs-dataset-default'); // 20k chars => 20k/3072 => Expected 7 chunks + const expected = Array(1000).fill('LOGS-DATASET-DEFAULT'); + const expectedChunks = 7; + + const res = await reduceAsyncChunks(input, spyChunkExecutor); + + expect(res).toEqual(expected); + expect(spyChunkExecutor).toHaveBeenCalledTimes(expectedChunks); + }); + + it('should maximize the chunks length the chunks count', async () => { + const input = [ + ...Array(1000).fill('logs-dataset_30letters-default'), + ...Array(1000).fill('logs-dataset-default'), + ]; // 30k chars + 20k chars + ~2k commas => 52k/3072 => Expected 17 chunks + const expected = [ + ...Array(1000).fill('LOGS-DATASET_30LETTERS-DEFAULT'), + ...Array(1000).fill('LOGS-DATASET-DEFAULT'), + ]; + const expectedChunks = 17; + + const res = await reduceAsyncChunks(input, spyChunkExecutor); + + expect(res).toEqual(expected); + expect(spyChunkExecutor).toHaveBeenCalledTimes(expectedChunks); + }); +}); diff --git a/x-pack/plugins/observability_solution/dataset_quality/server/utils/reduce_async_chunks.ts b/x-pack/plugins/observability_solution/dataset_quality/server/utils/reduce_async_chunks.ts new file mode 100644 index 0000000000000..cd47f577b46bf --- /dev/null +++ b/x-pack/plugins/observability_solution/dataset_quality/server/utils/reduce_async_chunks.ts @@ -0,0 +1,59 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ +import { Observable, OperatorFunction, from, lastValueFrom, mergeMap, reduce } from 'rxjs'; +import deepmerge from 'deepmerge'; + +type CallbackFn = (chunk: string[], id: number) => Promise; + +const MAX_HTTP_LINE_LENGTH = 4096; +// Apply an 80% threshold to the http line max length to guarantee enough space for url and potentially other parameters. +// This value might need to vary as it's an estimate of how much we can reserve for the chunked list length. +const MAX_CHUNK_LENGTH = MAX_HTTP_LINE_LENGTH * 0.75; // 4096 *0.75 === 3072 characters, as 1 chars = 1 byte + +export const reduceAsyncChunks = (list: string[], chunkExecutor: CallbackFn) => { + const result$ = from(list).pipe( + bufferUntil(isLessThanMaxChunkLength), + mergeMap((chunk, id) => from(chunkExecutor(chunk, id))), + reduce((result, chunkResult) => deepmerge(result, chunkResult)) + ); + + return lastValueFrom(result$); +}; + +/** + * Support functions for reduceAsyncChunks + */ +const bufferUntil = ( + predicate: (chunk: TItem[], currentItem: TItem) => boolean +): OperatorFunction => { + return (source) => + new Observable((observer) => { + let chunk: TItem[] = []; + + return source.subscribe({ + next(currentItem) { + if (predicate(chunk, currentItem)) { + chunk.push(currentItem); + } else { + // Emit the current chunk, start a new one + if (chunk.length > 0) observer.next(chunk); + chunk = [currentItem]; // Reset the chunk with the current item + } + }, + complete() { + // Emit the final chunk if it has any items + if (chunk.length > 0) observer.next(chunk); + observer.complete(); + }, + }); + }); +}; + +const isLessThanMaxChunkLength = (chunk: string[], currentItem: string) => { + const totalLength = [...chunk, currentItem].join().length; + return totalLength <= MAX_CHUNK_LENGTH; // Allow the chunk until it exceeds the max chunk length +}; diff --git a/x-pack/plugins/observability_solution/infra/public/alerting/log_threshold/components/alert_details_app_section/components/log_rate_analysis.tsx b/x-pack/plugins/observability_solution/infra/public/alerting/log_threshold/components/alert_details_app_section/components/log_rate_analysis.tsx index c85a5b072cb7a..a399414f24c54 100644 --- a/x-pack/plugins/observability_solution/infra/public/alerting/log_threshold/components/alert_details_app_section/components/log_rate_analysis.tsx +++ b/x-pack/plugins/observability_solution/infra/public/alerting/log_threshold/components/alert_details_app_section/components/log_rate_analysis.tsx @@ -207,7 +207,6 @@ export const LogRateAnalysis: FC = ({ r = ({ r barColorOverride={colorTransformer(Color.color0)} barHighlightColorOverride={colorTransformer(Color.color1)} onAnalysisCompleted={onAnalysisCompleted} - appDependencies={pick(services, [ - 'analytics', - 'application', - 'data', - 'executionContext', - 'charts', - 'fieldFormats', - 'http', - 'notifications', - 'share', - 'storage', - 'uiSettings', - 'unifiedSearch', - 'theme', - 'lens', - 'i18n', - ])} + appContextValue={{ + embeddingOrigin: 'observability_log_threshold_alert_details', + ...pick(services, [ + 'analytics', + 'application', + 'data', + 'executionContext', + 'charts', + 'fieldFormats', + 'http', + 'notifications', + 'share', + 'storage', + 'uiSettings', + 'unifiedSearch', + 'theme', + 'lens', + 'i18n', + ]), + }} /> diff --git a/x-pack/plugins/observability_solution/investigate_app/.storybook/get_mock_investigate_app_services.tsx b/x-pack/plugins/observability_solution/investigate_app/.storybook/get_mock_investigate_app_services.tsx index 13e2c008648e5..42ccc20d52a71 100644 --- a/x-pack/plugins/observability_solution/investigate_app/.storybook/get_mock_investigate_app_services.tsx +++ b/x-pack/plugins/observability_solution/investigate_app/.storybook/get_mock_investigate_app_services.tsx @@ -53,6 +53,7 @@ export function getMockInvestigateAppContext(): DeeplyMockedKeys) => [...investigationKeys.all, 'userProfiles', ...profileIds] as const, tags: () => [...investigationKeys.all, 'tags'] as const, + events: (rangeFrom?: string, rangeTo?: string) => + [...investigationKeys.all, 'events', rangeFrom, rangeTo] as const, stats: () => [...investigationKeys.all, 'stats'] as const, lists: () => [...investigationKeys.all, 'list'] as const, list: (params: { page: number; perPage: number; search?: string; filter?: string }) => diff --git a/x-pack/plugins/observability_solution/investigate_app/public/hooks/use_fetch_events.ts b/x-pack/plugins/observability_solution/investigate_app/public/hooks/use_fetch_events.ts new file mode 100644 index 0000000000000..61b0c441c1fc2 --- /dev/null +++ b/x-pack/plugins/observability_solution/investigate_app/public/hooks/use_fetch_events.ts @@ -0,0 +1,70 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { i18n } from '@kbn/i18n'; +import { useQuery } from '@tanstack/react-query'; +import { GetEventsResponse } from '@kbn/investigation-shared'; +import { investigationKeys } from './query_key_factory'; +import { useKibana } from './use_kibana'; + +export interface Response { + isInitialLoading: boolean; + isLoading: boolean; + isRefetching: boolean; + isSuccess: boolean; + isError: boolean; + data?: GetEventsResponse; +} + +export function useFetchEvents({ + rangeFrom, + rangeTo, +}: { + rangeFrom?: string; + rangeTo?: string; +}): Response { + const { + core: { + http, + notifications: { toasts }, + }, + } = useKibana(); + + const { isInitialLoading, isLoading, isError, isSuccess, isRefetching, data } = useQuery({ + queryKey: investigationKeys.events(rangeFrom, rangeTo), + queryFn: async ({ signal }) => { + return await http.get(`/api/observability/events`, { + query: { + rangeFrom, + rangeTo, + }, + version: '2023-10-31', + signal, + }); + }, + cacheTime: 600 * 1000, // 10_minutes + staleTime: 0, + refetchOnWindowFocus: false, + retry: false, + onError: (error: Error) => { + toasts.addError(error, { + title: i18n.translate('xpack.investigateApp.events.fetch.error', { + defaultMessage: 'Something went wrong while fetching the events', + }), + }); + }, + }); + + return { + data, + isInitialLoading, + isLoading, + isRefetching, + isSuccess, + isError, + }; +} diff --git a/x-pack/plugins/observability_solution/investigate_app/public/pages/details/components/events_timeline/alert_event.tsx b/x-pack/plugins/observability_solution/investigate_app/public/pages/details/components/events_timeline/alert_event.tsx new file mode 100644 index 0000000000000..2e5ab220054e4 --- /dev/null +++ b/x-pack/plugins/observability_solution/investigate_app/public/pages/details/components/events_timeline/alert_event.tsx @@ -0,0 +1,34 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { LineAnnotation, AnnotationDomainType } from '@elastic/charts'; +import { EuiIcon } from '@elastic/eui'; +import React from 'react'; +import moment from 'moment'; +import { EventSchema } from '@kbn/investigation-shared'; + +export const AlertEvent = ({ event }: { event: EventSchema }) => { + return ( + + + + } + markerPosition="bottom" + dataValues={[ + { + dataValue: moment(event.timestamp).valueOf(), + header: moment(event.timestamp).format('lll'), + details: event.description, + }, + ]} + /> + ); +}; diff --git a/x-pack/plugins/observability_solution/investigate_app/public/pages/details/components/events_timeline/annotation_event.tsx b/x-pack/plugins/observability_solution/investigate_app/public/pages/details/components/events_timeline/annotation_event.tsx new file mode 100644 index 0000000000000..1db856575441a --- /dev/null +++ b/x-pack/plugins/observability_solution/investigate_app/public/pages/details/components/events_timeline/annotation_event.tsx @@ -0,0 +1,36 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import React from 'react'; +import moment from 'moment'; +import { AnnotationDomainType, LineAnnotation } from '@elastic/charts'; +import { EuiIcon } from '@elastic/eui'; +import { EventSchema } from '@kbn/investigation-shared'; + +export function AnnotationEvent({ event }: { event: EventSchema }) { + const timestamp = event.timestamp; + + return ( + + + + } + markerPosition="bottom" + /> + ); +} diff --git a/x-pack/plugins/observability_solution/investigate_app/public/pages/details/components/events_timeline/events_timeline.tsx b/x-pack/plugins/observability_solution/investigate_app/public/pages/details/components/events_timeline/events_timeline.tsx new file mode 100644 index 0000000000000..70f4159924bd1 --- /dev/null +++ b/x-pack/plugins/observability_solution/investigate_app/public/pages/details/components/events_timeline/events_timeline.tsx @@ -0,0 +1,114 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ +import React, { useMemo, useRef } from 'react'; +import moment from 'moment'; + +import { Chart, Axis, AreaSeries, Position, ScaleType, Settings } from '@elastic/charts'; +import { useActiveCursor } from '@kbn/charts-plugin/public'; +import { EuiSkeletonText } from '@elastic/eui'; +import { getBrushData } from '@kbn/observability-utils/chart/utils'; +import { AnnotationEvent } from './annotation_event'; +import { TIME_LINE_THEME } from './timeline_theme'; +import { useFetchEvents } from '../../../../hooks/use_fetch_events'; +import { useInvestigation } from '../../contexts/investigation_context'; +import { useKibana } from '../../../../hooks/use_kibana'; +import { AlertEvent } from './alert_event'; + +export const EventsTimeLine = () => { + const { dependencies } = useKibana(); + + const baseTheme = dependencies.start.charts.theme.useChartsBaseTheme(); + + const { globalParams, updateInvestigationParams } = useInvestigation(); + + const { data: events, isLoading } = useFetchEvents({ + rangeFrom: globalParams.timeRange.from, + rangeTo: globalParams.timeRange.to, + }); + + const chartRef = useRef(null); + const handleCursorUpdate = useActiveCursor(dependencies.start.charts.activeCursor, chartRef, { + isDateHistogram: true, + }); + + const data = useMemo(() => { + const points = [ + { x: moment(globalParams.timeRange.from).valueOf(), y: 0 }, + { x: moment(globalParams.timeRange.to).valueOf(), y: 0 }, + ]; + + // adding 100 fake points to the chart so the chart shows cursor on hover + for (let i = 0; i < 100; i++) { + const diff = + moment(globalParams.timeRange.to).valueOf() - moment(globalParams.timeRange.from).valueOf(); + points.push({ x: moment(globalParams.timeRange.from).valueOf() + (diff / 100) * i, y: 0 }); + } + return points; + }, [globalParams.timeRange.from, globalParams.timeRange.to]); + + if (isLoading) { + return ; + } + + const alertEvents = events?.filter((evt) => evt.eventType === 'alert'); + const annotations = events?.filter((evt) => evt.eventType === 'annotation'); + + return ( + <> + + { + const { from, to } = getBrushData(brush); + updateInvestigationParams({ + timeRange: { from, to }, + }); + }} + /> + + moment(d).format('LTS')} + style={{ + tickLine: { + visible: true, + strokeWidth: 1, + stroke: '#98A2B3', + }, + }} + /> + + {alertEvents?.map((event) => ( + + ))} + + {annotations?.map((annotation) => ( + + ))} + + false} + /> + + + ); +}; diff --git a/x-pack/plugins/observability_solution/investigate_app/public/pages/details/components/events_timeline/timeline_theme.ts b/x-pack/plugins/observability_solution/investigate_app/public/pages/details/components/events_timeline/timeline_theme.ts new file mode 100644 index 0000000000000..a1d7441fee539 --- /dev/null +++ b/x-pack/plugins/observability_solution/investigate_app/public/pages/details/components/events_timeline/timeline_theme.ts @@ -0,0 +1,47 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { PartialTheme } from '@elastic/charts'; + +export const TIME_LINE_THEME: PartialTheme = { + highlighter: { + point: { + opacity: 0, + }, + }, + axes: { + gridLine: { + horizontal: { + visible: false, + }, + vertical: { + visible: false, + }, + }, + axisLine: { + strokeWidth: 1, + stroke: '#98A2B3', + }, + }, + chartMargins: { + bottom: 10, + top: 10, + }, + areaSeriesStyle: { + area: { + visible: false, + }, + line: { + visible: false, + }, + }, + lineAnnotation: { + line: { + opacity: 0, + }, + }, +}; diff --git a/x-pack/plugins/observability_solution/investigate_app/public/pages/details/components/investigation_items/investigation_items.tsx b/x-pack/plugins/observability_solution/investigate_app/public/pages/details/components/investigation_items/investigation_items.tsx index a95c50274d198..bd03324a994ac 100644 --- a/x-pack/plugins/observability_solution/investigate_app/public/pages/details/components/investigation_items/investigation_items.tsx +++ b/x-pack/plugins/observability_solution/investigate_app/public/pages/details/components/investigation_items/investigation_items.tsx @@ -6,8 +6,9 @@ */ import datemath from '@elastic/datemath'; -import { EuiFlexGroup, EuiFlexItem } from '@elastic/eui'; +import { EuiFlexGroup, EuiFlexItem, EuiSpacer } from '@elastic/eui'; import React from 'react'; +import { EventsTimeLine } from '../events_timeline/events_timeline'; import { useInvestigation } from '../../contexts/investigation_context'; import { AddInvestigationItem } from '../add_investigation_item/add_investigation_item'; import { InvestigationItemsList } from '../investigation_items_list/investigation_items_list'; @@ -18,8 +19,8 @@ export function InvestigationItems() { const { globalParams, updateInvestigationParams, investigation } = useInvestigation(); return ( - - + <> + - - {investigation?.id && ( - + - )} - - - + + {investigation?.id && ( + + + + )} + + + + + + + - + ); } diff --git a/x-pack/plugins/observability_solution/investigate_app/public/plugin.tsx b/x-pack/plugins/observability_solution/investigate_app/public/plugin.tsx index a98d89fb314b2..5ec88f9d72468 100644 --- a/x-pack/plugins/observability_solution/investigate_app/public/plugin.tsx +++ b/x-pack/plugins/observability_solution/investigate_app/public/plugin.tsx @@ -86,11 +86,13 @@ export class InvestigateAppPlugin ]); const services: InvestigateAppServices = { + ...coreStart, esql: createEsqlService({ data: pluginsStart.data, dataViews: pluginsStart.dataViews, lens: pluginsStart.lens, }), + charts: pluginsStart.charts, }; ReactDOM.render( @@ -130,6 +132,7 @@ export class InvestigateAppPlugin dataViews: pluginsStart.dataViews, lens: pluginsStart.lens, }), + charts: pluginsStart.charts, }, }); }); diff --git a/x-pack/plugins/observability_solution/investigate_app/public/services/types.ts b/x-pack/plugins/observability_solution/investigate_app/public/services/types.ts index 149cacf2434a7..257ed5a7aeaca 100644 --- a/x-pack/plugins/observability_solution/investigate_app/public/services/types.ts +++ b/x-pack/plugins/observability_solution/investigate_app/public/services/types.ts @@ -5,8 +5,10 @@ * 2.0. */ +import { ChartsPluginStart } from '@kbn/charts-plugin/public'; import type { EsqlService } from './esql'; export interface InvestigateAppServices { esql: EsqlService; + charts: ChartsPluginStart; } diff --git a/x-pack/plugins/observability_solution/investigate_app/public/types.ts b/x-pack/plugins/observability_solution/investigate_app/public/types.ts index 101d6993ab9c5..a2d7b5227a201 100644 --- a/x-pack/plugins/observability_solution/investigate_app/public/types.ts +++ b/x-pack/plugins/observability_solution/investigate_app/public/types.ts @@ -8,6 +8,7 @@ import type { ObservabilityAIAssistantPublicSetup, ObservabilityAIAssistantPublicStart, } from '@kbn/observability-ai-assistant-plugin/public'; +import { ChartsPluginStart } from '@kbn/charts-plugin/public'; import type { ContentManagementPublicStart } from '@kbn/content-management-plugin/public'; import type { DataPublicPluginSetup, DataPublicPluginStart } from '@kbn/data-plugin/public'; import type { @@ -66,6 +67,7 @@ export interface InvestigateAppStartDependencies { unifiedSearch: UnifiedSearchPublicPluginStart; uiActions: UiActionsStart; security: SecurityPluginStart; + charts: ChartsPluginStart; } export interface InvestigateAppPublicSetup {} diff --git a/x-pack/plugins/observability_solution/investigate_app/tsconfig.json b/x-pack/plugins/observability_solution/investigate_app/tsconfig.json index 377db42186f5e..7ea8234fba670 100644 --- a/x-pack/plugins/observability_solution/investigate_app/tsconfig.json +++ b/x-pack/plugins/observability_solution/investigate_app/tsconfig.json @@ -66,6 +66,7 @@ "@kbn/core-elasticsearch-server", "@kbn/calculate-auto", "@kbn/ml-random-sampler-utils", + "@kbn/charts-plugin", "@kbn/observability-utils", ], } diff --git a/x-pack/plugins/observability_solution/observability/public/components/custom_threshold/components/alert_details_app_section/log_rate_analysis.tsx b/x-pack/plugins/observability_solution/observability/public/components/custom_threshold/components/alert_details_app_section/log_rate_analysis.tsx index e2cd954087a3b..f2285b3529f65 100644 --- a/x-pack/plugins/observability_solution/observability/public/components/custom_threshold/components/alert_details_app_section/log_rate_analysis.tsx +++ b/x-pack/plugins/observability_solution/observability/public/components/custom_threshold/components/alert_details_app_section/log_rate_analysis.tsx @@ -185,7 +185,6 @@ export function LogRateAnalysis({ diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant_app/public/components/chat/chat_body.tsx b/x-pack/plugins/observability_solution/observability_ai_assistant_app/public/components/chat/chat_body.tsx index f54dc021938d5..0bf5a8009b635 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant_app/public/components/chat/chat_body.tsx +++ b/x-pack/plugins/observability_solution/observability_ai_assistant_app/public/components/chat/chat_body.tsx @@ -110,6 +110,7 @@ export function ChatBody({ showLinkToConversationsApp, onConversationUpdate, onToggleFlyoutPositionMode, + onClose, }: { connectors: ReturnType; currentUser?: Pick; @@ -121,6 +122,7 @@ export function ChatBody({ showLinkToConversationsApp: boolean; onConversationUpdate: (conversation: { conversation: Conversation['conversation'] }) => void; onToggleFlyoutPositionMode?: (flyoutPositionMode: FlyoutPositionMode) => void; + onClose?: () => void; }) { const license = useLicense(); const hasCorrectLicense = license?.hasAtLeast('enterprise'); @@ -498,6 +500,7 @@ export function ChatBody({ saveTitle(newTitle); }} onToggleFlyoutPositionMode={onToggleFlyoutPositionMode} + onClose={onClose} /> diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant_app/public/components/chat/chat_flyout.tsx b/x-pack/plugins/observability_solution/observability_ai_assistant_app/public/components/chat/chat_flyout.tsx index 4194f9a2ca0c4..67ac37a88d724 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant_app/public/components/chat/chat_flyout.tsx +++ b/x-pack/plugins/observability_solution/observability_ai_assistant_app/public/components/chat/chat_flyout.tsx @@ -274,6 +274,7 @@ export function ChatFlyout({ conversationList.conversations.refresh(); }} onToggleFlyoutPositionMode={handleToggleFlyoutPositionMode} + onClose={onClose} /> diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant_app/public/components/chat/chat_header.tsx b/x-pack/plugins/observability_solution/observability_ai_assistant_app/public/components/chat/chat_header.tsx index d4ede58040391..c67596fbafd5e 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant_app/public/components/chat/chat_header.tsx +++ b/x-pack/plugins/observability_solution/observability_ai_assistant_app/public/components/chat/chat_header.tsx @@ -50,6 +50,7 @@ export function ChatHeader({ onCopyConversation, onSaveTitle, onToggleFlyoutPositionMode, + onClose, }: { connectors: UseGenAIConnectorsResult; conversationId?: string; @@ -60,6 +61,7 @@ export function ChatHeader({ onCopyConversation: () => void; onSaveTitle: (title: string) => void; onToggleFlyoutPositionMode?: (newFlyoutPositionMode: FlyoutPositionMode) => void; + onClose?: () => void; }) { const theme = useEuiTheme(); const breakpoint = useCurrentEuiBreakpoint(); @@ -73,6 +75,10 @@ export function ChatHeader({ }, [title]); const handleNavigateToConversations = () => { + if (onClose) { + onClose(); + } + if (conversationId) { router.push('/conversations/{conversationId}', { path: { diff --git a/x-pack/plugins/observability_solution/slo/public/components/slo/burn_rate/alert_details/components/custom_panels/custom_kql/log_rate_analysis_panel.tsx b/x-pack/plugins/observability_solution/slo/public/components/slo/burn_rate/alert_details/components/custom_panels/custom_kql/log_rate_analysis_panel.tsx index 13c2bcf82de82..e94b8d5baed55 100644 --- a/x-pack/plugins/observability_solution/slo/public/components/slo/burn_rate/alert_details/components/custom_panels/custom_kql/log_rate_analysis_panel.tsx +++ b/x-pack/plugins/observability_solution/slo/public/components/slo/burn_rate/alert_details/components/custom_panels/custom_kql/log_rate_analysis_panel.tsx @@ -279,7 +279,6 @@ export function LogRateAnalysisPanel({ slo, alert, rule }: Props) { diff --git a/x-pack/plugins/osquery/docs/openapi/ess/osquery_api_2023_10_31.bundled.schema.yaml b/x-pack/plugins/osquery/docs/openapi/ess/osquery_api_2023_10_31.bundled.schema.yaml index f224add76d524..c18b9d891524a 100644 --- a/x-pack/plugins/osquery/docs/openapi/ess/osquery_api_2023_10_31.bundled.schema.yaml +++ b/x-pack/plugins/osquery/docs/openapi/ess/osquery_api_2023_10_31.bundled.schema.yaml @@ -639,3 +639,4 @@ security: tags: - description: Run live queries, manage packs and saved queries. name: Security Osquery API + x-displayName: Security Osquery diff --git a/x-pack/plugins/osquery/docs/openapi/serverless/osquery_api_2023_10_31.bundled.schema.yaml b/x-pack/plugins/osquery/docs/openapi/serverless/osquery_api_2023_10_31.bundled.schema.yaml index 9228355269d02..3e308d1ebfcc5 100644 --- a/x-pack/plugins/osquery/docs/openapi/serverless/osquery_api_2023_10_31.bundled.schema.yaml +++ b/x-pack/plugins/osquery/docs/openapi/serverless/osquery_api_2023_10_31.bundled.schema.yaml @@ -639,3 +639,4 @@ security: tags: - description: Run live queries, manage packs and saved queries. name: Security Osquery API + x-displayName: Security Osquery diff --git a/x-pack/plugins/osquery/scripts/openapi/bundle.js b/x-pack/plugins/osquery/scripts/openapi/bundle.js index cc9e1dc93b66d..49594c2fa5ce2 100644 --- a/x-pack/plugins/osquery/scripts/openapi/bundle.js +++ b/x-pack/plugins/osquery/scripts/openapi/bundle.js @@ -28,6 +28,7 @@ const ELASTIC_ASSISTANT_ROOT = resolve(__dirname, '../..'); tags: [ { name: 'Security Osquery API', + 'x-displayName': 'Security Osquery', description: 'Run live queries, manage packs and saved queries.', }, ], @@ -49,6 +50,7 @@ const ELASTIC_ASSISTANT_ROOT = resolve(__dirname, '../..'); tags: [ { name: 'Security Osquery API', + 'x-displayName': 'Security Osquery', description: 'Run live queries, manage packs and saved queries.', }, ], diff --git a/x-pack/plugins/remote_clusters/public/application/sections/remote_cluster_list/components/connection_status/connection_status.js b/x-pack/plugins/remote_clusters/public/application/sections/remote_cluster_list/components/connection_status/connection_status.js index 5cdbfe596135f..1804bdd1385bb 100644 --- a/x-pack/plugins/remote_clusters/public/application/sections/remote_cluster_list/components/connection_status/connection_status.js +++ b/x-pack/plugins/remote_clusters/public/application/sections/remote_cluster_list/components/connection_status/connection_status.js @@ -9,7 +9,7 @@ import React from 'react'; import PropTypes from 'prop-types'; import { i18n } from '@kbn/i18n'; -import { EuiBadge, EuiFlexGroup, EuiFlexItem, EuiIconTip } from '@elastic/eui'; +import { EuiHealth, EuiFlexGroup, EuiFlexItem, EuiIconTip } from '@elastic/eui'; import { SNIFF_MODE, PROXY_MODE } from '../../../../../../common/constants'; @@ -24,7 +24,7 @@ export function ConnectionStatus({ isConnected, mode }) { return ( - @@ -35,7 +35,7 @@ export function ConnectionStatus({ isConnected, mode }) { : i18n.translate('xpack.remoteClusters.connectedStatus.notConnectedAriaLabel', { defaultMessage: 'Not connected', })} - + {!isConnected && mode === SNIFF_MODE && ( diff --git a/x-pack/plugins/remote_clusters/server/routes/api/get_route.ts b/x-pack/plugins/remote_clusters/server/routes/api/get_route.ts index e4541414acfe2..96805e10357cd 100644 --- a/x-pack/plugins/remote_clusters/server/routes/api/get_route.ts +++ b/x-pack/plugins/remote_clusters/server/routes/api/get_route.ts @@ -5,15 +5,16 @@ * 2.0. */ -import { get } from 'lodash'; +import { get, chunk, assign } from 'lodash'; -import type { IndicesResolveClusterResponse } from '@elastic/elasticsearch/lib/api/types'; import { RequestHandler } from '@kbn/core/server'; import { deserializeCluster } from '../../../common/lib'; import { API_BASE_PATH } from '../../../common/constants'; import { licensePreRoutingFactory } from '../../lib/license_pre_routing_factory'; import { RouteDependencies } from '../../types'; +const CLUSTER_STATUS_CHUNK_SIZE = 10; + export const register = (deps: RouteDependencies): void => { const { router, @@ -35,15 +36,32 @@ export const register = (deps: RouteDependencies): void => { const clustersByName = await clusterClient.asCurrentUser.cluster.remoteInfo(); const clusterNames = (clustersByName && Object.keys(clustersByName)) || []; - // Retrieve the cluster information for all the configured remote clusters. - // _none is never a valid index/alias/data-stream name so that way we can avoid - // using * which could be computationally expensive. - let clustersStatus: IndicesResolveClusterResponse = {}; - if (clusterNames.length > 0) { - clustersStatus = await clusterClient.asCurrentUser.indices.resolveCluster({ - name: clusterNames.map((cluster) => `${cluster}:_none`), - }); - } + const clusterNamesChunks = chunk(clusterNames, CLUSTER_STATUS_CHUNK_SIZE); + const promises = clusterNamesChunks.map(async (clustersChunk) => { + try { + return await clusterClient.asCurrentUser.indices.resolveCluster( + { + name: clustersChunk.map((cluster) => `${cluster}:*`), + filter_path: '*.connected', + }, + { + // Set a longer timeout given that sometimes unresponsive clusters + // can take a while to respond. + // We should be able to be more aggresive with this timeout once + // https://github.com/elastic/elasticsearch/issues/114020 is resolved. + requestTimeout: '60s', + } + ); + } catch (error) { + return Promise.resolve(null); + } + }); + + const resolvedClusterStatus = await Promise.all(promises); + // Flatten the resolved cluster status and filter out any null values + const flattenedClusterStatus = resolvedClusterStatus.flat().filter(Boolean); + // Combine the resolved cluster status into a single object + const clusterStatus = assign({}, ...flattenedClusterStatus); const body = clusterNames.map((clusterName: string): any => { const cluster = clustersByName[clusterName]; @@ -70,9 +88,9 @@ export const register = (deps: RouteDependencies): void => { config.isCloudEnabled ), isConfiguredByNode, - // We prioritize the cluster status from the resolve cluster api, and fallback to - // the cluster connected status in case its not present. - isConnected: clustersStatus[clusterName]?.connected || cluster.connected, + // We prioritize the cluster status from the resolve cluster API, and fallback to + // the cluster connected status in case it's not present. + isConnected: clusterStatus[clusterName]?.connected || cluster.connected, }; }); diff --git a/x-pack/plugins/reporting/public/management/components/report_diagnostic.test.tsx b/x-pack/plugins/reporting/public/management/components/report_diagnostic.test.tsx new file mode 100644 index 0000000000000..95ede7f2d3444 --- /dev/null +++ b/x-pack/plugins/reporting/public/management/components/report_diagnostic.test.tsx @@ -0,0 +1,118 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import React, { type ComponentProps } from 'react'; +import userEvent from '@testing-library/user-event'; +import { render, screen, waitFor } from '@testing-library/react'; +import { __IntlProvider as IntlProvider } from '@kbn/i18n-react'; +import { ReportDiagnostic } from './report_diagnostic'; + +const mockedApiClient: jest.Mocked< + Pick['apiClient'], 'verifyBrowser'> +> = { + verifyBrowser: jest.fn(), +}; + +const defaultProps: Pick, 'apiClient'> = { + // @ts-expect-error we don't need to provide the full apiClient for the test + apiClient: mockedApiClient, +}; + +const renderComponent = (props: Pick, 'clientConfig'>) => { + render( + + + + ); +}; + +describe('ReportDiagnostic', () => { + afterEach(() => { + jest.clearAllMocks(); + }); + + it("does not render the component, if image exports aren't supported", () => { + renderComponent({ + clientConfig: { + export_types: { pdf: { enabled: false }, png: { enabled: false } }, + } as unknown as ComponentProps['clientConfig'], + }); + + expect(screen.queryByTestId('screenshotDiagnosticLink')).not.toBeInTheDocument(); + }); + + it('renders the component if image exports are supported', () => { + renderComponent({ + clientConfig: { + export_types: { + png: { enabled: true }, + pdf: { enabled: true }, + }, + } as unknown as ComponentProps['clientConfig'], + }); + + expect(screen.getByTestId('screenshotDiagnosticLink')).toBeInTheDocument(); + }); + + it('renders a callout with a warning if a problem is detected during diagnosis', async () => { + const user = userEvent.setup(); + + mockedApiClient.verifyBrowser.mockResolvedValue({ + success: false, + help: ['help'], + logs: 'logs', + }); + + renderComponent({ + clientConfig: { + export_types: { + png: { enabled: true }, + pdf: { enabled: true }, + }, + } as unknown as ComponentProps['clientConfig'], + }); + + await user.click(screen.getByTestId('screenshotDiagnosticLink')); + + await waitFor(() => expect(screen.getByTestId('reportDiagnosisFlyout')).toBeInTheDocument()); + + user.click(screen.getByTestId('reportingDiagnosticInitiationButton')); + + await waitFor(() => + expect(screen.getByTestId('reportingDiagnosticFailureCallout')).toBeInTheDocument() + ); + }); + + it('renders a success callout if no problem is detected during diagnosis', async () => { + const user = userEvent.setup(); + + mockedApiClient.verifyBrowser.mockResolvedValue({ + success: true, + help: [], + logs: 'logs', + }); + + renderComponent({ + clientConfig: { + export_types: { + png: { enabled: true }, + pdf: { enabled: true }, + }, + } as unknown as ComponentProps['clientConfig'], + }); + + await user.click(screen.getByTestId('screenshotDiagnosticLink')); + + await waitFor(() => expect(screen.getByTestId('reportDiagnosisFlyout')).toBeInTheDocument()); + + user.click(screen.getByTestId('reportingDiagnosticInitiationButton')); + + await waitFor(() => + expect(screen.getByTestId('reportingDiagnosticSuccessCallout')).toBeInTheDocument() + ); + }); +}); diff --git a/x-pack/plugins/reporting/public/management/components/report_diagnostic.tsx b/x-pack/plugins/reporting/public/management/components/report_diagnostic.tsx index bbaab324a3fd4..90139a56ead28 100644 --- a/x-pack/plugins/reporting/public/management/components/report_diagnostic.tsx +++ b/x-pack/plugins/reporting/public/management/components/report_diagnostic.tsx @@ -100,17 +100,17 @@ export const ReportDiagnostic = ({ apiClient, clientConfig }: Props) => { if (state.success && chromeStatus === 'complete') { outcomeCallout = ( ); - } else if (!state.success && chromeStatus === 'complete') { + } else if (!state.success && chromeStatus === 'danger') { outcomeCallout = ( { } flyout = ( - +

@@ -161,6 +166,7 @@ export const ReportDiagnostic = ({ apiClient, clientConfig }: Props) => { onClick={apiWrapper(() => apiClient.verifyBrowser(), statuses.chromeStatus)} isLoading={isBusy && chromeStatus === 'incomplete'} iconType={chromeStatus === 'complete' ? 'check' : undefined} + data-test-subj="reportingDiagnosticInitiationButton" > ({ defaultMessage: `Unable to use Chromium sandbox. This can be disabled at your own risk with 'xpack.screenshotting.browser.chromium.disableSandbox'. Please see {url}`, values: { url: docLinks.links.reporting.browserSandboxDependencies }, }), + + 'Fontconfig error: Cannot load default config file': i18n.translate( + 'xpack.reporting.diagnostic.fontconfigError', + { + defaultMessage: `The browser couldn't start properly due to missing system font dependencies. Please see {url}`, + values: { url: docLinks.links.reporting.browserSystemDependencies }, + } + ), }); const path = INTERNAL_ROUTES.DIAGNOSE.BROWSER; diff --git a/x-pack/plugins/reporting/server/routes/internal/diagnostic/integration_tests/browser.test.ts b/x-pack/plugins/reporting/server/routes/internal/diagnostic/integration_tests/browser.test.ts index 3f1966d2e78d8..531b357e30bc0 100644 --- a/x-pack/plugins/reporting/server/routes/internal/diagnostic/integration_tests/browser.test.ts +++ b/x-pack/plugins/reporting/server/routes/internal/diagnostic/integration_tests/browser.test.ts @@ -120,6 +120,30 @@ describe(`GET ${INTERNAL_ROUTES.DIAGNOSE.BROWSER}`, () => { }); }); + it('returns a response including log received from the browser + helpful link on font config error', async () => { + const fontErrorLog = `Fontconfig error: Cannot load default config file: No such file: (null)`; + + registerDiagnoseBrowser(core, mockLogger); + + await server.start(); + screenshotting.diagnose.mockReturnValue(Rx.of(fontErrorLog)); + + return supertest(httpSetup.server.listener) + .get(INTERNAL_ROUTES.DIAGNOSE.BROWSER) + .expect(200) + .then(({ body }) => { + expect(body).toMatchInlineSnapshot(` + Object { + "help": Array [ + "The browser couldn't start properly due to missing system font dependencies. Please see https://www.elastic.co/guide/en/kibana/test-branch/secure-reporting.html#install-reporting-packages", + ], + "logs": "${fontErrorLog}", + "success": false, + } + `); + }); + }); + it('logs a message when the browser starts, but then has problems later', async () => { registerDiagnoseBrowser(core, mockLogger); diff --git a/x-pack/plugins/search_homepage/server/config.ts b/x-pack/plugins/search_homepage/server/config.ts index 3e068a719f046..b086b537e3162 100644 --- a/x-pack/plugins/search_homepage/server/config.ts +++ b/x-pack/plugins/search_homepage/server/config.ts @@ -11,7 +11,7 @@ import { PluginConfigDescriptor } from '@kbn/core/server'; export * from './types'; const configSchema = schema.object({ - enabled: schema.boolean({ defaultValue: true }), + enabled: schema.boolean({ defaultValue: false }), ui: schema.object({ enabled: schema.boolean({ defaultValue: false }), }), diff --git a/x-pack/plugins/security_solution/common/api/detection_engine/model/rule_schema/rule_response_schema.mock.ts b/x-pack/plugins/security_solution/common/api/detection_engine/model/rule_schema/rule_response_schema.mock.ts index c605436576995..59b09533a6e14 100644 --- a/x-pack/plugins/security_solution/common/api/detection_engine/model/rule_schema/rule_response_schema.mock.ts +++ b/x-pack/plugins/security_solution/common/api/detection_engine/model/rule_schema/rule_response_schema.mock.ts @@ -47,6 +47,7 @@ const getResponseBaseParams = (anchorDate: string = ANCHOR_DATE): SharedResponse risk_score: 55, risk_score_mapping: [], rule_id: 'query-rule-id', + rule_source: { type: 'internal' }, interval: '5m', exceptions_list: getListArrayMock(), related_integrations: [], diff --git a/x-pack/plugins/security_solution/common/api/detection_engine/model/rule_schema/rule_response_schema.test.ts b/x-pack/plugins/security_solution/common/api/detection_engine/model/rule_schema/rule_response_schema.test.ts index 30fe84514e05a..9546ab3a59b09 100644 --- a/x-pack/plugins/security_solution/common/api/detection_engine/model/rule_schema/rule_response_schema.test.ts +++ b/x-pack/plugins/security_solution/common/api/detection_engine/model/rule_schema/rule_response_schema.test.ts @@ -266,12 +266,13 @@ describe('rule_source', () => { expect(result.data).toEqual(payload); }); - test('it should validate a rule with "rule_source" set to undefined', () => { + test('it should not validate a rule with "rule_source" set to undefined', () => { const payload = getRulesSchemaMock(); - payload.rule_source = undefined; + // @ts-expect-error + delete payload.rule_source; const result = RuleResponse.safeParse(payload); - expectParseSuccess(result); - expect(result.data).toEqual(payload); + expectParseError(result); + expect(stringifyZodError(result.error)).toMatchInlineSnapshot(`"rule_source: Required"`); }); }); diff --git a/x-pack/plugins/security_solution/common/api/detection_engine/model/rule_schema/rule_schemas.gen.ts b/x-pack/plugins/security_solution/common/api/detection_engine/model/rule_schema/rule_schemas.gen.ts index a723eb8e7da89..da4661ae8464c 100644 --- a/x-pack/plugins/security_solution/common/api/detection_engine/model/rule_schema/rule_schemas.gen.ts +++ b/x-pack/plugins/security_solution/common/api/detection_engine/model/rule_schema/rule_schemas.gen.ts @@ -160,7 +160,7 @@ export const ResponseFields = z.object({ id: RuleObjectId, rule_id: RuleSignatureId, immutable: IsRuleImmutable, - rule_source: RuleSource.optional(), + rule_source: RuleSource, updated_at: z.string().datetime(), updated_by: z.string(), created_at: z.string().datetime(), diff --git a/x-pack/plugins/security_solution/common/api/detection_engine/model/rule_schema/rule_schemas.schema.yaml b/x-pack/plugins/security_solution/common/api/detection_engine/model/rule_schema/rule_schemas.schema.yaml index ca2f325c8f713..d8aba232c26f9 100644 --- a/x-pack/plugins/security_solution/common/api/detection_engine/model/rule_schema/rule_schemas.schema.yaml +++ b/x-pack/plugins/security_solution/common/api/detection_engine/model/rule_schema/rule_schemas.schema.yaml @@ -203,6 +203,7 @@ components: - id - rule_id - immutable + - rule_source - updated_at - updated_by - created_at diff --git a/x-pack/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/response_schema.test.ts b/x-pack/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/response_schema.test.ts index 2d4af1c18f6d1..fb03c9c4b18ee 100644 --- a/x-pack/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/response_schema.test.ts +++ b/x-pack/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/response_schema.test.ts @@ -46,7 +46,7 @@ describe('Bulk CRUD rules response schema', () => { const result = BulkCrudRulesResponse.safeParse(payload); expectParseError(result); expect(stringifyZodError(result.error)).toMatchInlineSnapshot( - `"0.name: Required, 0.error: Required, 0: Unrecognized key(s) in object: 'author', 'created_at', 'updated_at', 'created_by', 'description', 'enabled', 'false_positives', 'from', 'immutable', 'references', 'revision', 'severity', 'severity_mapping', 'updated_by', 'tags', 'to', 'threat', 'version', 'output_index', 'max_signals', 'risk_score', 'risk_score_mapping', 'interval', 'exceptions_list', 'related_integrations', 'required_fields', 'setup', 'throttle', 'actions', 'building_block_type', 'note', 'license', 'outcome', 'alias_target_id', 'alias_purpose', 'timeline_id', 'timeline_title', 'meta', 'rule_name_override', 'timestamp_override', 'timestamp_override_fallback_disabled', 'namespace', 'investigation_fields', 'query', 'type', 'language', 'index', 'data_view_id', 'filters', 'saved_id', 'response_actions', 'alert_suppression'"` + `"0.name: Required, 0.error: Required, 0: Unrecognized key(s) in object: 'author', 'created_at', 'updated_at', 'created_by', 'description', 'enabled', 'false_positives', 'from', 'immutable', 'references', 'revision', 'severity', 'severity_mapping', 'updated_by', 'tags', 'to', 'threat', 'version', 'output_index', 'max_signals', 'risk_score', 'risk_score_mapping', 'rule_source', 'interval', 'exceptions_list', 'related_integrations', 'required_fields', 'setup', 'throttle', 'actions', 'building_block_type', 'note', 'license', 'outcome', 'alias_target_id', 'alias_purpose', 'timeline_id', 'timeline_title', 'meta', 'rule_name_override', 'timestamp_override', 'timestamp_override_fallback_disabled', 'namespace', 'investigation_fields', 'query', 'type', 'language', 'index', 'data_view_id', 'filters', 'saved_id', 'response_actions', 'alert_suppression'"` ); }); diff --git a/x-pack/plugins/security_solution/common/api/entity_analytics/risk_engine/engine_cleanup_route.gen.ts b/x-pack/plugins/security_solution/common/api/entity_analytics/risk_engine/engine_cleanup_route.gen.ts index 13194051244cb..9928b33af9a5a 100644 --- a/x-pack/plugins/security_solution/common/api/entity_analytics/risk_engine/engine_cleanup_route.gen.ts +++ b/x-pack/plugins/security_solution/common/api/entity_analytics/risk_engine/engine_cleanup_route.gen.ts @@ -11,7 +11,7 @@ * * info: * title: Risk Scoring API - * version: 1 + * version: 2023-10-31 */ import { z } from '@kbn/zod'; diff --git a/x-pack/plugins/security_solution/common/api/entity_analytics/risk_engine/engine_cleanup_route.schema.yaml b/x-pack/plugins/security_solution/common/api/entity_analytics/risk_engine/engine_cleanup_route.schema.yaml index 2dffe3879961e..4eba00a8ffbe6 100644 --- a/x-pack/plugins/security_solution/common/api/entity_analytics/risk_engine/engine_cleanup_route.schema.yaml +++ b/x-pack/plugins/security_solution/common/api/entity_analytics/risk_engine/engine_cleanup_route.schema.yaml @@ -1,6 +1,6 @@ openapi: 3.0.0 info: - version: '1' + version: '2023-10-31' title: Risk Scoring API description: These APIs allow the consumer to manage Entity Risk Scores within Entity Analytics. paths: @@ -57,4 +57,3 @@ components: type: integer error: type: string - diff --git a/x-pack/plugins/security_solution/common/api/quickstart_client.gen.ts b/x-pack/plugins/security_solution/common/api/quickstart_client.gen.ts index 255b56c485b9b..288a08fdb8afb 100644 --- a/x-pack/plugins/security_solution/common/api/quickstart_client.gen.ts +++ b/x-pack/plugins/security_solution/common/api/quickstart_client.gen.ts @@ -554,7 +554,7 @@ If asset criticality records already exist for the specified entities, those rec .request({ path: '/api/risk_score/engine/dangerously_delete_data', headers: { - [ELASTIC_HTTP_VERSION_HEADER]: '1', + [ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31', }, method: 'DELETE', }) diff --git a/x-pack/plugins/security_solution/docs/openapi/ess/security_solution_detections_api_2023_10_31.bundled.schema.yaml b/x-pack/plugins/security_solution/docs/openapi/ess/security_solution_detections_api_2023_10_31.bundled.schema.yaml index 73a8554ceaac0..8fca765f4fb3f 100644 --- a/x-pack/plugins/security_solution/docs/openapi/ess/security_solution_detections_api_2023_10_31.bundled.schema.yaml +++ b/x-pack/plugins/security_solution/docs/openapi/ess/security_solution_detections_api_2023_10_31.bundled.schema.yaml @@ -4890,6 +4890,7 @@ components: - id - rule_id - immutable + - rule_source - updated_at - updated_by - created_at @@ -7000,3 +7001,4 @@ tags: sent to Elastic Security into detection alerts. These alerts are displayed on the Detections page. name: Security Detections API + x-displayName: Security detections diff --git a/x-pack/plugins/security_solution/docs/openapi/ess/security_solution_endpoint_management_api_2023_10_31.bundled.schema.yaml b/x-pack/plugins/security_solution/docs/openapi/ess/security_solution_endpoint_management_api_2023_10_31.bundled.schema.yaml index 3aa292c02c18c..ae35a302cbb42 100644 --- a/x-pack/plugins/security_solution/docs/openapi/ess/security_solution_endpoint_management_api_2023_10_31.bundled.schema.yaml +++ b/x-pack/plugins/security_solution/docs/openapi/ess/security_solution_endpoint_management_api_2023_10_31.bundled.schema.yaml @@ -1136,3 +1136,4 @@ security: tags: - description: Interact with and manage endpoints running the Elastic Defend integration. name: Security Endpoint Management API + x-displayName: Security endpoint management diff --git a/x-pack/plugins/security_solution/docs/openapi/ess/security_solution_entity_analytics_api_1.bundled.schema.yaml b/x-pack/plugins/security_solution/docs/openapi/ess/security_solution_entity_analytics_api_1.bundled.schema.yaml deleted file mode 100644 index 9d6d57abd382a..0000000000000 --- a/x-pack/plugins/security_solution/docs/openapi/ess/security_solution_entity_analytics_api_1.bundled.schema.yaml +++ /dev/null @@ -1,88 +0,0 @@ -openapi: 3.0.3 -info: - description: '' - title: Security Entity Analytics API (Elastic Cloud and self-hosted) - version: '1' -servers: - - url: http://{kibana_host}:{port} - variables: - kibana_host: - default: localhost - port: - default: '5601' -paths: - /api/risk_score/engine/dangerously_delete_data: - delete: - description: >- - Cleaning up the the Risk Engine by removing the indices, mapping and - transforms - operationId: CleanUpRiskEngine - responses: - '200': - content: - application/json: - schema: - type: object - properties: - cleanup_successful: - type: boolean - description: Successful response - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/TaskManagerUnavailableResponse' - description: Task manager is unavailable - default: - content: - application/json: - schema: - $ref: '#/components/schemas/CleanUpRiskEngineErrorResponse' - description: Unexpected error - summary: Cleanup the Risk Engine - tags: - - Security Entity Analytics API -components: - schemas: - CleanUpRiskEngineErrorResponse: - type: object - properties: - cleanup_successful: - example: false - type: boolean - errors: - items: - type: object - properties: - error: - type: string - seq: - type: integer - required: - - seq - - error - type: array - required: - - cleanup_successful - - errors - TaskManagerUnavailableResponse: - description: Task manager is unavailable - type: object - properties: - message: - type: string - status_code: - minimum: 400 - type: integer - required: - - status_code - - message - securitySchemes: - BasicAuth: - scheme: basic - type: http -security: - - BasicAuth: [] -tags: - - description: '' - name: Security Entity Analytics API diff --git a/x-pack/plugins/security_solution/docs/openapi/ess/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml b/x-pack/plugins/security_solution/docs/openapi/ess/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml index c0f3df5536459..05f6cdc427566 100644 --- a/x-pack/plugins/security_solution/docs/openapi/ess/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml +++ b/x-pack/plugins/security_solution/docs/openapi/ess/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml @@ -524,6 +524,37 @@ paths: summary: List Entity Store Entities tags: - Security Entity Analytics API + /api/risk_score/engine/dangerously_delete_data: + delete: + description: >- + Cleaning up the the Risk Engine by removing the indices, mapping and + transforms + operationId: CleanUpRiskEngine + responses: + '200': + content: + application/json: + schema: + type: object + properties: + cleanup_successful: + type: boolean + description: Successful response + '400': + content: + application/json: + schema: + $ref: '#/components/schemas/TaskManagerUnavailableResponse' + description: Task manager is unavailable + default: + content: + application/json: + schema: + $ref: '#/components/schemas/CleanUpRiskEngineErrorResponse' + description: Unexpected error + summary: Cleanup the Risk Engine + tags: + - Security Entity Analytics API /api/risk_score/engine/schedule_now: post: description: >- @@ -655,6 +686,27 @@ components: required: - id_value - id_field + CleanUpRiskEngineErrorResponse: + type: object + properties: + cleanup_successful: + example: false + type: boolean + errors: + items: + type: object + properties: + error: + type: string + seq: + type: integer + required: + - seq + - error + type: array + required: + - cleanup_successful + - errors CreateAssetCriticalityRecord: allOf: - $ref: '#/components/schemas/AssetCriticalityRecordIdParts' @@ -1043,3 +1095,4 @@ security: tags: - description: '' name: Security Entity Analytics API + x-displayName: Security entity analytics diff --git a/x-pack/plugins/security_solution/docs/openapi/ess/security_solution_timeline_api_2023_10_31.bundled.schema.yaml b/x-pack/plugins/security_solution/docs/openapi/ess/security_solution_timeline_api_2023_10_31.bundled.schema.yaml index 68740efb388a4..48eb959168856 100644 --- a/x-pack/plugins/security_solution/docs/openapi/ess/security_solution_timeline_api_2023_10_31.bundled.schema.yaml +++ b/x-pack/plugins/security_solution/docs/openapi/ess/security_solution_timeline_api_2023_10_31.bundled.schema.yaml @@ -1660,3 +1660,4 @@ tags: You can create Timelines and Timeline templates via the API, as well as import new Timelines from an ndjson file. name: Security Timeline API + x-displayName: Security timeline diff --git a/x-pack/plugins/security_solution/docs/openapi/serverless/security_solution_detections_api_2023_10_31.bundled.schema.yaml b/x-pack/plugins/security_solution/docs/openapi/serverless/security_solution_detections_api_2023_10_31.bundled.schema.yaml index 24a0032201c90..38b419972a681 100644 --- a/x-pack/plugins/security_solution/docs/openapi/serverless/security_solution_detections_api_2023_10_31.bundled.schema.yaml +++ b/x-pack/plugins/security_solution/docs/openapi/serverless/security_solution_detections_api_2023_10_31.bundled.schema.yaml @@ -4043,6 +4043,7 @@ components: - id - rule_id - immutable + - rule_source - updated_at - updated_by - created_at @@ -6146,3 +6147,4 @@ tags: sent to Elastic Security into detection alerts. These alerts are displayed on the Detections page. name: Security Detections API + x-displayName: Security detections diff --git a/x-pack/plugins/security_solution/docs/openapi/serverless/security_solution_endpoint_management_api_2023_10_31.bundled.schema.yaml b/x-pack/plugins/security_solution/docs/openapi/serverless/security_solution_endpoint_management_api_2023_10_31.bundled.schema.yaml index 7156c0a5226be..df98520fe783f 100644 --- a/x-pack/plugins/security_solution/docs/openapi/serverless/security_solution_endpoint_management_api_2023_10_31.bundled.schema.yaml +++ b/x-pack/plugins/security_solution/docs/openapi/serverless/security_solution_endpoint_management_api_2023_10_31.bundled.schema.yaml @@ -1036,3 +1036,4 @@ security: tags: - description: Interact with and manage endpoints running the Elastic Defend integration. name: Security Endpoint Management API + x-displayName: Security endpoint management diff --git a/x-pack/plugins/security_solution/docs/openapi/serverless/security_solution_entity_analytics_api_1.bundled.schema.yaml b/x-pack/plugins/security_solution/docs/openapi/serverless/security_solution_entity_analytics_api_1.bundled.schema.yaml deleted file mode 100644 index 835d8f79b1fea..0000000000000 --- a/x-pack/plugins/security_solution/docs/openapi/serverless/security_solution_entity_analytics_api_1.bundled.schema.yaml +++ /dev/null @@ -1,88 +0,0 @@ -openapi: 3.0.3 -info: - description: '' - title: Security Entity Analytics API (Elastic Cloud Serverless) - version: '1' -servers: - - url: http://{kibana_host}:{port} - variables: - kibana_host: - default: localhost - port: - default: '5601' -paths: - /api/risk_score/engine/dangerously_delete_data: - delete: - description: >- - Cleaning up the the Risk Engine by removing the indices, mapping and - transforms - operationId: CleanUpRiskEngine - responses: - '200': - content: - application/json: - schema: - type: object - properties: - cleanup_successful: - type: boolean - description: Successful response - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/TaskManagerUnavailableResponse' - description: Task manager is unavailable - default: - content: - application/json: - schema: - $ref: '#/components/schemas/CleanUpRiskEngineErrorResponse' - description: Unexpected error - summary: Cleanup the Risk Engine - tags: - - Security Entity Analytics API -components: - schemas: - CleanUpRiskEngineErrorResponse: - type: object - properties: - cleanup_successful: - example: false - type: boolean - errors: - items: - type: object - properties: - error: - type: string - seq: - type: integer - required: - - seq - - error - type: array - required: - - cleanup_successful - - errors - TaskManagerUnavailableResponse: - description: Task manager is unavailable - type: object - properties: - message: - type: string - status_code: - minimum: 400 - type: integer - required: - - status_code - - message - securitySchemes: - BasicAuth: - scheme: basic - type: http -security: - - BasicAuth: [] -tags: - - description: '' - name: Security Entity Analytics API diff --git a/x-pack/plugins/security_solution/docs/openapi/serverless/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml b/x-pack/plugins/security_solution/docs/openapi/serverless/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml index 690b59c518409..1ad7423a05b21 100644 --- a/x-pack/plugins/security_solution/docs/openapi/serverless/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml +++ b/x-pack/plugins/security_solution/docs/openapi/serverless/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml @@ -524,6 +524,37 @@ paths: summary: List Entity Store Entities tags: - Security Entity Analytics API + /api/risk_score/engine/dangerously_delete_data: + delete: + description: >- + Cleaning up the the Risk Engine by removing the indices, mapping and + transforms + operationId: CleanUpRiskEngine + responses: + '200': + content: + application/json: + schema: + type: object + properties: + cleanup_successful: + type: boolean + description: Successful response + '400': + content: + application/json: + schema: + $ref: '#/components/schemas/TaskManagerUnavailableResponse' + description: Task manager is unavailable + default: + content: + application/json: + schema: + $ref: '#/components/schemas/CleanUpRiskEngineErrorResponse' + description: Unexpected error + summary: Cleanup the Risk Engine + tags: + - Security Entity Analytics API /api/risk_score/engine/schedule_now: post: description: >- @@ -655,6 +686,27 @@ components: required: - id_value - id_field + CleanUpRiskEngineErrorResponse: + type: object + properties: + cleanup_successful: + example: false + type: boolean + errors: + items: + type: object + properties: + error: + type: string + seq: + type: integer + required: + - seq + - error + type: array + required: + - cleanup_successful + - errors CreateAssetCriticalityRecord: allOf: - $ref: '#/components/schemas/AssetCriticalityRecordIdParts' @@ -1043,3 +1095,4 @@ security: tags: - description: '' name: Security Entity Analytics API + x-displayName: Security entity analytics diff --git a/x-pack/plugins/security_solution/docs/openapi/serverless/security_solution_timeline_api_2023_10_31.bundled.schema.yaml b/x-pack/plugins/security_solution/docs/openapi/serverless/security_solution_timeline_api_2023_10_31.bundled.schema.yaml index cfcb36e2dee75..343ec3dc30a73 100644 --- a/x-pack/plugins/security_solution/docs/openapi/serverless/security_solution_timeline_api_2023_10_31.bundled.schema.yaml +++ b/x-pack/plugins/security_solution/docs/openapi/serverless/security_solution_timeline_api_2023_10_31.bundled.schema.yaml @@ -1660,3 +1660,4 @@ tags: You can create Timelines and Timeline templates via the API, as well as import new Timelines from an ndjson file. name: Security Timeline API + x-displayName: Security timeline diff --git a/x-pack/plugins/security_solution/public/cloud_security_posture/components/index.tsx b/x-pack/plugins/security_solution/public/cloud_security_posture/components/index.tsx index 6045a8b8c9a5e..b4ec54a29a073 100644 --- a/x-pack/plugins/security_solution/public/cloud_security_posture/components/index.tsx +++ b/x-pack/plugins/security_solution/public/cloud_security_posture/components/index.tsx @@ -12,6 +12,7 @@ import { css } from '@emotion/react'; import { FormattedMessage } from '@kbn/i18n-react'; import { useCspSetupStatusApi } from '@kbn/cloud-security-posture/src/hooks/use_csp_setup_status_api'; import { MisconfigurationsPreview } from './misconfiguration/misconfiguration_preview'; +import { VulnerabilitiesPreview } from './vulnerabilities/vulnerabilities_preview'; export const EntityInsight = ({ name, @@ -25,10 +26,27 @@ export const EntityInsight = ({ const { euiTheme } = useEuiTheme(); const getSetupStatus = useCspSetupStatusApi(); const hasMisconfigurationFindings = getSetupStatus.data?.hasMisconfigurationsFindings; + const hasVulnerabilitiesFindings = getSetupStatus.data?.hasVulnerabilitiesFindings; + const insightContent: React.ReactElement[] = []; + const isVulnerabilitiesFindingForHost = hasVulnerabilitiesFindings && fieldName === 'host.name'; + if (hasMisconfigurationFindings) + insightContent.push( + <> + + + + ); + if (isVulnerabilitiesFindingForHost) + insightContent.push( + <> + + + + ); return ( <> - {hasMisconfigurationFindings && ( + {(hasMisconfigurationFindings || isVulnerabilitiesFindingForHost) && ( <> ({ } > - - + {insightContent} diff --git a/x-pack/plugins/security_solution/public/cloud_security_posture/components/misconfiguration/misconfiguration_preview.test.tsx b/x-pack/plugins/security_solution/public/cloud_security_posture/components/misconfiguration/misconfiguration_preview.test.tsx index 2e10d481b9934..b7560f5c68921 100644 --- a/x-pack/plugins/security_solution/public/cloud_security_posture/components/misconfiguration/misconfiguration_preview.test.tsx +++ b/x-pack/plugins/security_solution/public/cloud_security_posture/components/misconfiguration/misconfiguration_preview.test.tsx @@ -5,7 +5,6 @@ * 2.0. */ -// Add stuff here import { TestProviders } from '../../../common/mock'; import { render } from '@testing-library/react'; import React from 'react'; diff --git a/x-pack/plugins/security_solution/public/cloud_security_posture/components/vulnerabilities/vulnerabilities_preview.test.tsx b/x-pack/plugins/security_solution/public/cloud_security_posture/components/vulnerabilities/vulnerabilities_preview.test.tsx new file mode 100644 index 0000000000000..0436da3e192b3 --- /dev/null +++ b/x-pack/plugins/security_solution/public/cloud_security_posture/components/vulnerabilities/vulnerabilities_preview.test.tsx @@ -0,0 +1,27 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { TestProviders } from '../../../common/mock'; +import { render } from '@testing-library/react'; +import React from 'react'; +import { VulnerabilitiesPreview } from './vulnerabilities_preview'; + +const mockProps: { hostName: string } = { + hostName: 'testContextID', +}; + +describe('VulnerabilitiesPreview', () => { + it('renders', () => { + const { queryByTestId } = render(, { + wrapper: TestProviders, + }); + expect( + queryByTestId('securitySolutionFlyoutInsightsVulnerabilitiesContent') + ).toBeInTheDocument(); + expect(queryByTestId('noVulnerabilitiesDataTestSubj')).toBeInTheDocument(); + }); +}); diff --git a/x-pack/plugins/security_solution/public/cloud_security_posture/components/vulnerabilities/vulnerabilities_preview.tsx b/x-pack/plugins/security_solution/public/cloud_security_posture/components/vulnerabilities/vulnerabilities_preview.tsx new file mode 100644 index 0000000000000..6e30d39fc98a6 --- /dev/null +++ b/x-pack/plugins/security_solution/public/cloud_security_posture/components/vulnerabilities/vulnerabilities_preview.tsx @@ -0,0 +1,215 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import React from 'react'; +import { css } from '@emotion/react'; +import type { EuiThemeComputed } from '@elastic/eui'; +import { EuiFlexGroup, EuiFlexItem, EuiSpacer, EuiText, useEuiTheme, EuiTitle } from '@elastic/eui'; +import { FormattedMessage } from '@kbn/i18n-react'; +import { DistributionBar } from '@kbn/security-solution-distribution-bar'; +import { useVulnerabilitiesPreview } from '@kbn/cloud-security-posture/src/hooks/use_vulnerabilities_preview'; +import { i18n } from '@kbn/i18n'; +import { ExpandablePanel } from '@kbn/security-solution-common'; +import { + buildEntityFlyoutPreviewQuery, + VULNERABILITIES_SEVERITY, + getAbbreviatedNumber, +} from '@kbn/cloud-security-posture-common'; +import { getSeverityStatusColor, getSeverityText } from '@kbn/cloud-security-posture'; + +interface VulnerabilitiesDistributionBarProps { + key: string; + count: number; + color: string; +} + +const getVulnerabilityStats = ( + critical: number, + high: number, + medium: number, + low: number, + none: number +): VulnerabilitiesDistributionBarProps[] => { + const vulnerabilityStats: VulnerabilitiesDistributionBarProps[] = []; + if (critical === 0 && high === 0 && medium === 0 && low === 0 && none === 0) + return vulnerabilityStats; + + if (none > 0) + vulnerabilityStats.push({ + key: i18n.translate( + 'xpack.securitySolution.flyout.right.insights.vulnerabilities.noneVulnerabilitiesText', + { + defaultMessage: getSeverityText(VULNERABILITIES_SEVERITY.UNKNOWN), + } + ), + count: none, + color: getSeverityStatusColor(VULNERABILITIES_SEVERITY.UNKNOWN), + }); + if (low > 0) + vulnerabilityStats.push({ + key: i18n.translate( + 'xpack.securitySolution.flyout.right.insights.vulnerabilities.lowVulnerabilitiesText', + { + defaultMessage: getSeverityText(VULNERABILITIES_SEVERITY.LOW), + } + ), + count: low, + color: getSeverityStatusColor(VULNERABILITIES_SEVERITY.LOW), + }); + + if (medium > 0) + vulnerabilityStats.push({ + key: i18n.translate( + 'xpack.securitySolution.flyout.right.insights.vulnerabilities.mediumVulnerabilitiesText', + { + defaultMessage: getSeverityText(VULNERABILITIES_SEVERITY.MEDIUM), + } + ), + count: medium, + color: getSeverityStatusColor(VULNERABILITIES_SEVERITY.MEDIUM), + }); + if (high > 0) + vulnerabilityStats.push({ + key: i18n.translate( + 'xpack.securitySolution.flyout.right.insights.vulnerabilities.highVulnerabilitiesText', + { + defaultMessage: getSeverityText(VULNERABILITIES_SEVERITY.HIGH), + } + ), + count: high, + color: getSeverityStatusColor(VULNERABILITIES_SEVERITY.HIGH), + }); + if (critical > 0) + vulnerabilityStats.push({ + key: i18n.translate( + 'xpack.securitySolution.flyout.right.insights.vulnerabilities.CriticalVulnerabilitiesText', + { + defaultMessage: getSeverityText(VULNERABILITIES_SEVERITY.CRITICAL), + } + ), + count: critical, + color: getSeverityStatusColor(VULNERABILITIES_SEVERITY.CRITICAL), + }); + + return vulnerabilityStats; +}; + +const VulnerabilitiesEmptyState = ({ euiTheme }: { euiTheme: EuiThemeComputed<{}> }) => { + return ( + + + + +

{'-'}

+ + + + + + + + + + ); +}; + +const VulnerabilitiesCount = ({ + vulnerabilitiesTotal, + euiTheme, +}: { + vulnerabilitiesTotal: string | number; + euiTheme: EuiThemeComputed<{}>; +}) => { + return ( + + + + +

{vulnerabilitiesTotal}

+ + + + + + + + + + ); +}; + +export const VulnerabilitiesPreview = ({ hostName }: { hostName: string }) => { + const { data } = useVulnerabilitiesPreview({ + query: buildEntityFlyoutPreviewQuery('host.name', hostName), + sort: [], + enabled: true, + pageSize: 1, + }); + + const { CRITICAL = 0, HIGH = 0, MEDIUM = 0, LOW = 0, NONE = 0 } = data?.count || {}; + + const totalVulnerabilities = CRITICAL + HIGH + MEDIUM + LOW + NONE; + const { euiTheme } = useEuiTheme(); + const hasVulnerabilities = totalVulnerabilities > 0; + return ( + + + + ), + }} + data-test-subj={'securitySolutionFlyoutInsightsVulnerabilities'} + > + + {hasVulnerabilities ? ( + + ) : ( + + )} + + + + + + + + + + + + ); +}; diff --git a/x-pack/plugins/security_solution/public/detection_engine/rule_details_ui/pages/rule_details/legacy_url_conflict_callout.test.tsx b/x-pack/plugins/security_solution/public/detection_engine/rule_details_ui/pages/rule_details/legacy_url_conflict_callout.test.tsx index 5334143f27047..879a4570e6d03 100644 --- a/x-pack/plugins/security_solution/public/detection_engine/rule_details_ui/pages/rule_details/legacy_url_conflict_callout.test.tsx +++ b/x-pack/plugins/security_solution/public/detection_engine/rule_details_ui/pages/rule_details/legacy_url_conflict_callout.test.tsx @@ -114,4 +114,5 @@ const mockRule: Rule = { related_integrations: [], required_fields: [], setup: '', + rule_source: { type: 'internal' }, }; diff --git a/x-pack/plugins/security_solution/public/detection_engine/rule_details_ui/pages/rule_details/use_redirect_legacy_url.test.ts b/x-pack/plugins/security_solution/public/detection_engine/rule_details_ui/pages/rule_details/use_redirect_legacy_url.test.ts index e706f5fda4b39..2e005cd7ca03b 100644 --- a/x-pack/plugins/security_solution/public/detection_engine/rule_details_ui/pages/rule_details/use_redirect_legacy_url.test.ts +++ b/x-pack/plugins/security_solution/public/detection_engine/rule_details_ui/pages/rule_details/use_redirect_legacy_url.test.ts @@ -116,4 +116,5 @@ const mockRule: Rule = { related_integrations: [], required_fields: [], setup: '', + rule_source: { type: 'internal' }, }; diff --git a/x-pack/plugins/security_solution/public/detection_engine/rule_details_ui/pages/rule_details/use_rule_details_tabs.test.tsx b/x-pack/plugins/security_solution/public/detection_engine/rule_details_ui/pages/rule_details/use_rule_details_tabs.test.tsx index cf4446c7fea42..1dec9aa36d21a 100644 --- a/x-pack/plugins/security_solution/public/detection_engine/rule_details_ui/pages/rule_details/use_rule_details_tabs.test.tsx +++ b/x-pack/plugins/security_solution/public/detection_engine/rule_details_ui/pages/rule_details/use_rule_details_tabs.test.tsx @@ -53,6 +53,7 @@ const mockRule: Rule = { related_integrations: [], required_fields: [], setup: '', + rule_source: { type: 'internal' }, }; describe('useRuleDetailsTabs', () => { diff --git a/x-pack/plugins/security_solution/public/detection_engine/rule_management/components/rule_details/json_diff/json_diff.test.tsx b/x-pack/plugins/security_solution/public/detection_engine/rule_management/components/rule_details/json_diff/json_diff.test.tsx index 2a769e4be87d4..58ee6b56528a5 100644 --- a/x-pack/plugins/security_solution/public/detection_engine/rule_management/components/rule_details/json_diff/json_diff.test.tsx +++ b/x-pack/plugins/security_solution/public/detection_engine/rule_management/components/rule_details/json_diff/json_diff.test.tsx @@ -179,7 +179,7 @@ describe('Rule upgrade workflow: viewing rule changes in JSON diff view', () => }); describe('Technical properties should not be included in preview', () => { - it.each(['revision', 'created_at', 'created_by', 'updated_at', 'updated_by'])( + it.each(['revision', 'created_at', 'created_by', 'updated_at', 'updated_by', 'rule_source'])( 'Should not include "%s" in preview', (property) => { const oldRule: RuleResponse = { @@ -190,6 +190,7 @@ describe('Rule upgrade workflow: viewing rule changes in JSON diff view', () => created_by: 'mockUserOne', updated_at: '01/01/2024T00:00:000z', updated_by: 'mockUserTwo', + rule_source: { type: 'internal' }, }; const newRule: RuleResponse = { @@ -200,6 +201,7 @@ describe('Rule upgrade workflow: viewing rule changes in JSON diff view', () => created_by: 'mockUserOne', updated_at: '02/02/2024T00:00:001z', updated_by: 'mockUserThree', + rule_source: { type: 'external', is_customized: true }, }; render(); diff --git a/x-pack/plugins/security_solution/public/detection_engine/rule_management/components/rule_details/rule_diff_tab.tsx b/x-pack/plugins/security_solution/public/detection_engine/rule_management/components/rule_details/rule_diff_tab.tsx index dd6d0417d3bb6..c2bf9ffa29098 100644 --- a/x-pack/plugins/security_solution/public/detection_engine/rule_management/components/rule_details/rule_diff_tab.tsx +++ b/x-pack/plugins/security_solution/public/detection_engine/rule_management/components/rule_details/rule_diff_tab.tsx @@ -57,6 +57,10 @@ const HIDDEN_PROPERTIES: Array = [ 'updated_by', 'created_at', 'created_by', + /* + * Another technical property that is used for logic under the hood the user doesn't need to be aware of + */ + 'rule_source', ]; const sortAndStringifyJson = (jsObject: Record): string => diff --git a/x-pack/plugins/security_solution/public/detection_engine/rule_management/logic/mock.ts b/x-pack/plugins/security_solution/public/detection_engine/rule_management/logic/mock.ts index b8aba73818ac3..616469f03c1ba 100644 --- a/x-pack/plugins/security_solution/public/detection_engine/rule_management/logic/mock.ts +++ b/x-pack/plugins/security_solution/public/detection_engine/rule_management/logic/mock.ts @@ -41,6 +41,7 @@ export const savedRuleMock: RuleResponse = { references: [], related_integrations: [], required_fields: [], + rule_source: { type: 'internal' }, setup: '', severity: 'high', severity_mapping: [], @@ -99,6 +100,7 @@ export const rulesMock: FetchRulesResponse = { version: 1, revision: 1, exceptions_list: [], + rule_source: { type: 'internal' }, }, { actions: [], @@ -138,6 +140,7 @@ export const rulesMock: FetchRulesResponse = { version: 1, revision: 1, exceptions_list: [], + rule_source: { type: 'internal' }, }, ], }; diff --git a/x-pack/plugins/security_solution/public/detection_engine/rule_management/logic/use_rule_with_fallback.test.ts b/x-pack/plugins/security_solution/public/detection_engine/rule_management/logic/use_rule_with_fallback.test.ts index 81438f3708623..666a8e9fddf3e 100644 --- a/x-pack/plugins/security_solution/public/detection_engine/rule_management/logic/use_rule_with_fallback.test.ts +++ b/x-pack/plugins/security_solution/public/detection_engine/rule_management/logic/use_rule_with_fallback.test.ts @@ -118,6 +118,7 @@ const getMockRule = (overwrites: Pick): Rule => ({ updated_by: 'elastic', related_integrations: [], required_fields: [], + rule_source: { type: 'internal' }, setup: '', ...overwrites, }); diff --git a/x-pack/plugins/security_solution/public/detection_engine/rule_management_ui/components/rules_table/__mocks__/mock.ts b/x-pack/plugins/security_solution/public/detection_engine/rule_management_ui/components/rules_table/__mocks__/mock.ts index 0de6e5d1e0844..70d5ee6b6038f 100644 --- a/x-pack/plugins/security_solution/public/detection_engine/rule_management_ui/components/rules_table/__mocks__/mock.ts +++ b/x-pack/plugins/security_solution/public/detection_engine/rule_management_ui/components/rules_table/__mocks__/mock.ts @@ -94,6 +94,7 @@ export const mockRule = (id: string): SavedQueryRule => ({ version: 1, revision: 1, exceptions_list: [], + rule_source: { type: 'internal' }, }); export const mockRuleWithEverything = (id: string): RuleResponse => ({ diff --git a/x-pack/plugins/security_solution/public/timelines/components/timeline/tabs/notes/index.tsx b/x-pack/plugins/security_solution/public/timelines/components/timeline/tabs/notes/index.tsx index 959581a241764..dcc9f229b8420 100644 --- a/x-pack/plugins/security_solution/public/timelines/components/timeline/tabs/notes/index.tsx +++ b/x-pack/plugins/security_solution/public/timelines/components/timeline/tabs/notes/index.tsx @@ -160,7 +160,12 @@ const NotesTabContentComponent: React.FC = React.memo(({ t }, [timeline.description, timeline.updated, timeline.updatedBy]); return ( - + diff --git a/x-pack/plugins/security_solution/public/timelines/components/timeline/tabs/query/query_tab_unified_components.test.tsx b/x-pack/plugins/security_solution/public/timelines/components/timeline/tabs/query/query_tab_unified_components.test.tsx index 3d7f37205ca94..7a6c23279f435 100644 --- a/x-pack/plugins/security_solution/public/timelines/components/timeline/tabs/query/query_tab_unified_components.test.tsx +++ b/x-pack/plugins/security_solution/public/timelines/components/timeline/tabs/query/query_tab_unified_components.test.tsx @@ -38,6 +38,7 @@ import * as timelineActions from '../../../../store/actions'; import { useExpandableFlyoutApi } from '@kbn/expandable-flyout'; import { createExpandableFlyoutApiMock } from '../../../../../common/mock/expandable_flyout'; import { OPEN_FLYOUT_BUTTON_TEST_ID } from '../../../../../notes/components/test_ids'; +import { userEvent } from '@testing-library/user-event'; jest.mock('../../../../../common/components/user_privileges'); @@ -297,21 +298,27 @@ describe('query tab with unified timeline', () => { ); }); - // FLAKY: https://github.com/elastic/kibana/issues/189791 - describe.skip('pagination', () => { + describe('pagination', () => { beforeEach(() => { - // should return all the records instead just 3 - // as the case in the default mock + // pagination tests need more than 1 record so here + // we return 5 records instead of just 1. useTimelineEventsMock = jest.fn(() => [ false, { - events: structuredClone(mockTimelineData), + events: structuredClone(mockTimelineData.slice(0, 5)), pageInfo: { activePage: 0, - totalPages: 10, + totalPages: 5, }, refreshedAt: Date.now(), - totalCount: 70, + /* + * `totalCount` could be any number w.r.t this test + * and actually means total hits on elastic search + * and not the fecthed number of records. + * + * This helps in testing `sampleSize` and `loadMore` + */ + totalCount: 50, loadPage: loadPageMock, }, ]); @@ -326,21 +333,48 @@ describe('query tab with unified timeline', () => { it( 'should paginate correctly', async () => { - renderTestComponents(); + const mockStateWithNoteInTimeline = { + ...mockGlobalState, + timeline: { + ...mockGlobalState.timeline, + timelineById: { + [TimelineId.test]: { + ...mockGlobalState.timeline.timelineById[TimelineId.test], + /* 1 record for each page */ + itemsPerPage: 1, + itemsPerPageOptions: [1, 2, 3, 4, 5], + savedObjectId: 'timeline-1', // match timelineId in mocked notes data + pinnedEventIds: { '1': true }, + }, + }, + }, + }; - await waitFor(() => { - expect(screen.getByTestId('tablePaginationPopoverButton')).toHaveTextContent( - 'Rows per page: 5' - ); - }); + render( + + + + ); + + expect(await screen.findByTestId('discoverDocTable')).toBeVisible(); + expect(screen.getByTestId('pagination-button-previous')).toBeVisible(); + + expect(screen.getByTestId('tablePaginationPopoverButton')).toHaveTextContent( + 'Rows per page: 1' + ); expect(screen.getByTestId('pagination-button-0')).toHaveAttribute('aria-current', 'true'); - expect(screen.getByTestId('pagination-button-6')).toBeVisible(); + expect(screen.getByTestId('pagination-button-4')).toBeVisible(); + expect(screen.queryByTestId('pagination-button-5')).toBeNull(); - fireEvent.click(screen.getByTestId('pagination-button-6')); + fireEvent.click(screen.getByTestId('pagination-button-4')); await waitFor(() => { - expect(screen.getByTestId('pagination-button-6')).toHaveAttribute('aria-current', 'true'); + expect(screen.getByTestId('pagination-button-4')).toHaveAttribute('aria-current', 'true'); }); }, SPECIAL_TEST_TIMEOUT @@ -349,13 +383,45 @@ describe('query tab with unified timeline', () => { it( 'should load more records according to sample size correctly', async () => { - renderTestComponents(); + const mockStateWithNoteInTimeline = { + ...mockGlobalState, + timeline: { + ...mockGlobalState.timeline, + timelineById: { + [TimelineId.test]: { + ...mockGlobalState.timeline.timelineById[TimelineId.test], + itemsPerPage: 1, + /* + * `sampleSize` is the max number of records that are fetched from elasticsearch + * in one request. If hits > sampleSize, you can fetch more records ( <= sampleSize) + */ + sampleSize: 5, + itemsPerPageOptions: [1, 2, 3, 4, 5], + savedObjectId: 'timeline-1', // match timelineId in mocked notes data + pinnedEventIds: { '1': true }, + }, + }, + }, + }; + + render( + + + + ); + + expect(await screen.findByTestId('discoverDocTable')).toBeVisible(); + await waitFor(() => { expect(screen.getByTestId('pagination-button-0')).toHaveAttribute('aria-current', 'true'); - expect(screen.getByTestId('pagination-button-6')).toBeVisible(); + expect(screen.getByTestId('pagination-button-4')).toBeVisible(); }); // Go to last page - fireEvent.click(screen.getByTestId('pagination-button-6')); + fireEvent.click(screen.getByTestId('pagination-button-4')); await waitFor(() => { expect(screen.getByTestId('dscGridSampleSizeFetchMoreLink')).toBeVisible(); }); @@ -581,9 +647,7 @@ describe('query tab with unified timeline', () => { ); }); - // FLAKY: https://github.com/elastic/kibana/issues/189792 - // FLAKY: https://github.com/elastic/kibana/issues/189793 - describe.skip('left controls', () => { + describe('left controls', () => { it( 'should clear all sorting', async () => { @@ -600,9 +664,9 @@ describe('query tab with unified timeline', () => { // // timestamp sorting indicators expect( await screen.findByTestId('euiDataGridColumnSorting-sortColumn-@timestamp') - ).toBeVisible(); + ).toBeInTheDocument(); - expect(screen.getByTestId('dataGridHeaderCellSortingIcon-@timestamp')).toBeVisible(); + expect(screen.getByTestId('dataGridHeaderCellSortingIcon-@timestamp')).toBeInTheDocument(); fireEvent.click(screen.getByTestId('dataGridColumnSortingClearButton')); @@ -629,9 +693,9 @@ describe('query tab with unified timeline', () => { // // timestamp sorting indicators expect( await screen.findByTestId('euiDataGridColumnSorting-sortColumn-@timestamp') - ).toBeVisible(); + ).toBeInTheDocument(); - expect(screen.getByTestId('dataGridHeaderCellSortingIcon-@timestamp')).toBeVisible(); + expect(screen.getByTestId('dataGridHeaderCellSortingIcon-@timestamp')).toBeInTheDocument(); // add more columns to sorting fireEvent.click(screen.getByText(/Pick fields to sort by/)); @@ -639,7 +703,7 @@ describe('query tab with unified timeline', () => { await waitFor(() => { expect( screen.getByTestId('dataGridColumnSortingPopoverColumnSelection-event.severity') - ).toBeVisible(); + ).toBeInTheDocument(); }); fireEvent.click( @@ -648,13 +712,15 @@ describe('query tab with unified timeline', () => { // check new columns for sorting validity await waitFor(() => { - expect(screen.getByTestId('dataGridHeaderCellSortingIcon-event.severity')).toBeVisible(); + expect( + screen.getByTestId('dataGridHeaderCellSortingIcon-event.severity') + ).toBeInTheDocument(); }); expect( screen.getByTestId('euiDataGridColumnSorting-sortColumn-event.severity') - ).toBeVisible(); + ).toBeInTheDocument(); - expect(screen.getByTestId('dataGridHeaderCellSortingIcon-@timestamp')).toBeVisible(); + expect(screen.getByTestId('dataGridHeaderCellSortingIcon-@timestamp')).toBeInTheDocument(); }, SPECIAL_TEST_TIMEOUT ); @@ -820,8 +886,7 @@ describe('query tab with unified timeline', () => { }); describe('Leading actions - notes', () => { - // FLAKY: https://github.com/elastic/kibana/issues/189794 - describe.skip('securitySolutionNotesEnabled = true', () => { + describe('securitySolutionNotesEnabled = true', () => { beforeEach(() => { (useIsExperimentalFeatureEnabled as jest.Mock).mockImplementation( jest.fn((feature: keyof ExperimentalFeatures) => { @@ -847,10 +912,10 @@ describe('query tab with unified timeline', () => { expect(screen.getByTestId('timeline-notes-notification-dot')).toBeVisible(); - fireEvent.mouseOver(screen.getByTestId('timeline-notes-button-small')); + userEvent.hover(screen.getByTestId('timeline-notes-button-small')); await waitFor(() => { - expect(screen.getByTestId('timeline-notes-tool-tip')).toBeVisible(); + expect(screen.getByTestId('timeline-notes-tool-tip')).toBeInTheDocument(); expect(screen.getByTestId('timeline-notes-tool-tip')).toHaveTextContent( '1 Note available. Click to view it & add more.' ); diff --git a/x-pack/plugins/security_solution/scripts/openapi/bundle_detections.js b/x-pack/plugins/security_solution/scripts/openapi/bundle_detections.js index 7ae72255217e4..2c0e36f3db8ee 100644 --- a/x-pack/plugins/security_solution/scripts/openapi/bundle_detections.js +++ b/x-pack/plugins/security_solution/scripts/openapi/bundle_detections.js @@ -29,6 +29,7 @@ const ROOT = resolve(__dirname, '../..'); tags: [ { name: 'Security Detections API', + 'x-displayName': 'Security detections', description: 'You can create rules that automatically turn events and external alerts sent to Elastic Security into detection alerts. These alerts are displayed on the Detections page.', }, @@ -54,6 +55,7 @@ const ROOT = resolve(__dirname, '../..'); tags: [ { name: 'Security Detections API', + 'x-displayName': 'Security detections', description: 'You can create rules that automatically turn events and external alerts sent to Elastic Security into detection alerts. These alerts are displayed on the Detections page.', }, diff --git a/x-pack/plugins/security_solution/scripts/openapi/bundle_endpoint_management.js b/x-pack/plugins/security_solution/scripts/openapi/bundle_endpoint_management.js index 6ff13e46b0ccd..481e3df4803d5 100644 --- a/x-pack/plugins/security_solution/scripts/openapi/bundle_endpoint_management.js +++ b/x-pack/plugins/security_solution/scripts/openapi/bundle_endpoint_management.js @@ -28,6 +28,7 @@ const ROOT = resolve(__dirname, '../..'); tags: [ { name: 'Security Endpoint Management API', + 'x-displayName': 'Security endpoint management', description: 'Interact with and manage endpoints running the Elastic Defend integration.', }, @@ -52,6 +53,7 @@ const ROOT = resolve(__dirname, '../..'); tags: [ { name: 'Security Endpoint Management API', + 'x-displayName': 'Security endpoint management', description: 'Interact with and manage endpoints running the Elastic Defend integration.', }, diff --git a/x-pack/plugins/security_solution/scripts/openapi/bundle_entity_analytics.js b/x-pack/plugins/security_solution/scripts/openapi/bundle_entity_analytics.js index f8464b7dad367..89a60e1a8a0bb 100644 --- a/x-pack/plugins/security_solution/scripts/openapi/bundle_entity_analytics.js +++ b/x-pack/plugins/security_solution/scripts/openapi/bundle_entity_analytics.js @@ -28,6 +28,7 @@ const ROOT = resolve(__dirname, '../..'); tags: [ { name: 'Security Entity Analytics API', + 'x-displayName': 'Security entity analytics', description: '', }, ], @@ -51,6 +52,7 @@ const ROOT = resolve(__dirname, '../..'); tags: [ { name: 'Security Entity Analytics API', + 'x-displayName': 'Security entity analytics', description: '', }, ], diff --git a/x-pack/plugins/security_solution/scripts/openapi/bundle_timeline.js b/x-pack/plugins/security_solution/scripts/openapi/bundle_timeline.js index 507ca29293faf..e2a439b81b322 100644 --- a/x-pack/plugins/security_solution/scripts/openapi/bundle_timeline.js +++ b/x-pack/plugins/security_solution/scripts/openapi/bundle_timeline.js @@ -29,6 +29,7 @@ const ROOT = resolve(__dirname, '../..'); tags: [ { name: 'Security Timeline API', + 'x-displayName': 'Security timeline', description: 'You can create Timelines and Timeline templates via the API, as well as import new Timelines from an ndjson file.', }, @@ -54,6 +55,7 @@ const ROOT = resolve(__dirname, '../..'); tags: [ { name: 'Security Timeline API', + 'x-displayName': 'Security timeline', description: 'You can create Timelines and Timeline templates via the API, as well as import new Timelines from an ndjson file.', }, diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/rule_management/logic/detection_rules_client/converters/common_params_camel_to_snake.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/rule_management/logic/detection_rules_client/converters/common_params_camel_to_snake.ts index 6f98230043e74..f86abd4f08d8d 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/rule_management/logic/detection_rules_client/converters/common_params_camel_to_snake.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/rule_management/logic/detection_rules_client/converters/common_params_camel_to_snake.ts @@ -5,9 +5,11 @@ * 2.0. */ +import snakecaseKeys from 'snakecase-keys'; import { convertObjectKeysToSnakeCase } from '../../../../../../utils/object_case_converters'; import type { BaseRuleParams } from '../../../../rule_schema'; import { migrateLegacyInvestigationFields } from '../../../utils/utils'; +import type { NormalizedRuleParams } from './normalize_rule_params'; export const commonParamsCamelToSnake = (params: BaseRuleParams) => { return { @@ -45,3 +47,10 @@ export const commonParamsCamelToSnake = (params: BaseRuleParams) => { setup: params.setup ?? '', }; }; + +export const normalizedCommonParamsCamelToSnake = (params: NormalizedRuleParams) => { + return { + ...commonParamsCamelToSnake(params), + rule_source: snakecaseKeys(params.ruleSource, { deep: true }), + }; +}; diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/rule_management/logic/detection_rules_client/converters/internal_rule_to_api_response.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/rule_management/logic/detection_rules_client/converters/internal_rule_to_api_response.ts index 336cd8fae0405..5c53eb2c951a1 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/rule_management/logic/detection_rules_client/converters/internal_rule_to_api_response.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/rule_management/logic/detection_rules_client/converters/internal_rule_to_api_response.ts @@ -19,7 +19,7 @@ import { transformToActionFrequency, } from '../../../normalization/rule_actions'; import { typeSpecificCamelToSnake } from './type_specific_camel_to_snake'; -import { commonParamsCamelToSnake } from './common_params_camel_to_snake'; +import { normalizedCommonParamsCamelToSnake } from './common_params_camel_to_snake'; import { normalizeRuleParams } from './normalize_rule_params'; export const internalRuleToAPIResponse = ( @@ -58,7 +58,7 @@ export const internalRuleToAPIResponse = ( enabled: rule.enabled, revision: rule.revision, // Security solution shared rule params - ...commonParamsCamelToSnake(normalizedRuleParams), + ...normalizedCommonParamsCamelToSnake(normalizedRuleParams), // Type specific security solution rule params ...typeSpecificCamelToSnake(rule.params), // Actions diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/rule_management/logic/detection_rules_client/converters/normalize_rule_params.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/rule_management/logic/detection_rules_client/converters/normalize_rule_params.ts index eddd8b0434ba0..8d5793c04f22b 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/rule_management/logic/detection_rules_client/converters/normalize_rule_params.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/rule_management/logic/detection_rules_client/converters/normalize_rule_params.ts @@ -11,6 +11,10 @@ interface NormalizeRuleSourceParams { ruleSource: BaseRuleParams['ruleSource']; } +export interface NormalizedRuleParams extends BaseRuleParams { + ruleSource: RuleSourceCamelCased; +} + /* * Since there's no mechanism to migrate all rules at the same time, * we cannot guarantee that the ruleSource params is present in all rules. @@ -36,7 +40,7 @@ export const normalizeRuleSource = ({ return ruleSource; }; -export const normalizeRuleParams = (params: BaseRuleParams) => { +export const normalizeRuleParams = (params: BaseRuleParams): NormalizedRuleParams => { return { ...params, // Fields to normalize diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/rule_types/__mocks__/es_results.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/rule_types/__mocks__/es_results.ts index 0867245a40933..a31ea28e0972a 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/rule_types/__mocks__/es_results.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/rule_types/__mocks__/es_results.ts @@ -556,6 +556,7 @@ export const sampleSignalHit = (): SignalHit => ({ saved_id: undefined, alert_suppression: undefined, investigation_fields: undefined, + rule_source: { type: 'internal' }, }, depth: 1, }, diff --git a/x-pack/plugins/serverless_search/kibana.jsonc b/x-pack/plugins/serverless_search/kibana.jsonc index a326956635d80..8ef675723cf0e 100644 --- a/x-pack/plugins/serverless_search/kibana.jsonc +++ b/x-pack/plugins/serverless_search/kibana.jsonc @@ -7,11 +7,7 @@ "id": "serverlessSearch", "server": true, "browser": true, - "configPath": [ - "xpack", - "serverless", - "search" - ], + "configPath": ["xpack", "serverless", "search"], "requiredPlugins": [ "cloud", "console", @@ -29,13 +25,10 @@ "optionalPlugins": [ "indexManagement", "searchConnectors", - "searchHomepage", "searchIndices", "searchInferenceEndpoints", "usageCollection" ], - "requiredBundles": [ - "kibanaReact" - ] + "requiredBundles": ["kibanaReact"] } } diff --git a/x-pack/plugins/serverless_search/public/navigation_tree.ts b/x-pack/plugins/serverless_search/public/navigation_tree.ts index 53899994181d6..3fc084b5059d8 100644 --- a/x-pack/plugins/serverless_search/public/navigation_tree.ts +++ b/x-pack/plugins/serverless_search/public/navigation_tree.ts @@ -9,7 +9,7 @@ import type { NavigationTreeDefinition } from '@kbn/core-chrome-browser'; import { i18n } from '@kbn/i18n'; import { CONNECTORS_LABEL } from '../common/i18n_string'; -export const navigationTree = (useSearchHomepage: boolean = false): NavigationTreeDefinition => ({ +export const navigationTree = (): NavigationTreeDefinition => ({ body: [ { type: 'navGroup', @@ -25,7 +25,7 @@ export const navigationTree = (useSearchHomepage: boolean = false): NavigationTr title: i18n.translate('xpack.serverlessSearch.nav.home', { defaultMessage: 'Home', }), - link: useSearchHomepage ? 'searchHomepage' : 'serverlessElasticsearch', + link: 'serverlessElasticsearch', spaceBefore: 'm', }, { diff --git a/x-pack/plugins/serverless_search/public/plugin.ts b/x-pack/plugins/serverless_search/public/plugin.ts index d06a104d01fcc..66daece706eab 100644 --- a/x-pack/plugins/serverless_search/public/plugin.ts +++ b/x-pack/plugins/serverless_search/public/plugin.ts @@ -43,9 +43,6 @@ export class ServerlessSearchPlugin core: CoreSetup, setupDeps: ServerlessSearchPluginSetupDependencies ): ServerlessSearchPluginSetup { - const { searchHomepage } = setupDeps; - const useSearchHomepage = searchHomepage && searchHomepage.isHomepageFeatureEnabled(); - const queryClient = new QueryClient({ mutationCache: new MutationCache({ onError: (error) => { @@ -77,23 +74,6 @@ export class ServerlessSearchPlugin defaultMessage: 'Home', }); - if (useSearchHomepage) { - core.application.register({ - id: 'serverlessHomeRedirect', - title: homeTitle, - appRoute: '/app/elasticsearch', - euiIconType: 'logoElastic', - category: DEFAULT_APP_CATEGORIES.enterpriseSearch, - visibleIn: [], - async mount({}: AppMountParameters) { - const [coreStart] = await core.getStartServices(); - coreStart.chrome.docTitle.change(homeTitle); - coreStart.application.navigateToApp('searchHomepage'); - return () => {}; - }, - }); - } - core.application.register({ id: 'serverlessElasticsearch', title: i18n.translate('xpack.serverlessSearch.app.elasticsearch.title', { @@ -101,7 +81,7 @@ export class ServerlessSearchPlugin }), euiIconType: 'logoElastic', category: DEFAULT_APP_CATEGORIES.enterpriseSearch, - appRoute: useSearchHomepage ? '/app/elasticsearch/getting_started' : '/app/elasticsearch', + appRoute: '/app/elasticsearch', async mount({ element, history }: AppMountParameters) { const { renderApp } = await import('./application/elasticsearch'); const [coreStart, services] = await core.getStartServices(); @@ -149,12 +129,11 @@ export class ServerlessSearchPlugin core: CoreStart, services: ServerlessSearchPluginStartDependencies ): ServerlessSearchPluginStart { - const { serverless, management, indexManagement, security, searchHomepage } = services; - const useSearchHomepage = searchHomepage && searchHomepage.isHomepageFeatureEnabled(); + const { serverless, management, indexManagement, security } = services; - serverless.setProjectHome(useSearchHomepage ? '/app/elasticsearch/home' : '/app/elasticsearch'); + serverless.setProjectHome('/app/elasticsearch'); - const navigationTree$ = of(navigationTree(searchHomepage?.isHomepageFeatureEnabled() ?? false)); + const navigationTree$ = of(navigationTree()); serverless.initNavigation('search', navigationTree$, { dataTestSubj: 'svlSearchSideNav' }); const extendCardNavDefinitions = serverless.getNavigationCards( diff --git a/x-pack/plugins/serverless_search/public/types.ts b/x-pack/plugins/serverless_search/public/types.ts index d3011210c524f..7067851bc0196 100644 --- a/x-pack/plugins/serverless_search/public/types.ts +++ b/x-pack/plugins/serverless_search/public/types.ts @@ -15,10 +15,6 @@ import type { ServerlessPluginSetup, ServerlessPluginStart } from '@kbn/serverle import type { SharePluginStart } from '@kbn/share-plugin/public'; import type { IndexManagementPluginStart } from '@kbn/index-management-plugin/public'; import type { DiscoverSetup } from '@kbn/discover-plugin/public'; -import type { - SearchHomepagePluginSetup, - SearchHomepagePluginStart, -} from '@kbn/search-homepage/public'; // eslint-disable-next-line @typescript-eslint/no-empty-interface export interface ServerlessSearchPluginSetup {} @@ -31,7 +27,6 @@ export interface ServerlessSearchPluginSetupDependencies { management: ManagementSetup; serverless: ServerlessPluginSetup; discover: DiscoverSetup; - searchHomepage?: SearchHomepagePluginSetup; } export interface ServerlessSearchPluginStartDependencies { @@ -44,5 +39,4 @@ export interface ServerlessSearchPluginStartDependencies { serverless: ServerlessPluginStart; share: SharePluginStart; indexManagement?: IndexManagementPluginStart; - searchHomepage?: SearchHomepagePluginStart; } diff --git a/x-pack/plugins/serverless_search/tsconfig.json b/x-pack/plugins/serverless_search/tsconfig.json index 642ec77cd3213..c856b155acc7c 100644 --- a/x-pack/plugins/serverless_search/tsconfig.json +++ b/x-pack/plugins/serverless_search/tsconfig.json @@ -50,7 +50,6 @@ "@kbn/search-playground", "@kbn/security-api-key-management", "@kbn/search-inference-endpoints", - "@kbn/search-homepage", "@kbn/security-plugin-types-common", ] } diff --git a/x-pack/plugins/stack_alerts/server/feature.test.ts b/x-pack/plugins/stack_alerts/server/feature.test.ts index 8935a8a43c5d2..769fad5172d65 100644 --- a/x-pack/plugins/stack_alerts/server/feature.test.ts +++ b/x-pack/plugins/stack_alerts/server/feature.test.ts @@ -27,26 +27,37 @@ describe('Stack Alerts Feature Privileges', () => { const featuresSetup = featuresPluginMock.createSetup(); plugin.setup(coreSetup, { alerting: alertingSetup, features: featuresSetup }); - const typesInFeaturePrivilege = BUILT_IN_ALERTS_FEATURE.alerting ?? []; - const typesInFeaturePrivilegeAll = - BUILT_IN_ALERTS_FEATURE.privileges?.all?.alerting?.rule?.all ?? []; - const typesInFeaturePrivilegeRead = - BUILT_IN_ALERTS_FEATURE.privileges?.read?.alerting?.rule?.read ?? []; - // transform alerting rule is initialized during the transform plugin setup - expect(alertingSetup.registerType.mock.calls.length).toEqual( - typesInFeaturePrivilege.length - 1 - ); - expect(alertingSetup.registerType.mock.calls.length).toEqual( - typesInFeaturePrivilegeAll.length - 1 - ); - expect(alertingSetup.registerType.mock.calls.length).toEqual( - typesInFeaturePrivilegeRead.length - 1 - ); + expect(BUILT_IN_ALERTS_FEATURE.alerting).toMatchInlineSnapshot(` + Array [ + ".index-threshold", + ".geo-containment", + ".es-query", + "transform_health", + "observability.rules.custom_threshold", + "xpack.ml.anomaly_detection_alert", + ] + `); - alertingSetup.registerType.mock.calls.forEach((call) => { - expect(typesInFeaturePrivilege.indexOf(call[0].id)).toBeGreaterThanOrEqual(0); - expect(typesInFeaturePrivilegeAll.indexOf(call[0].id)).toBeGreaterThanOrEqual(0); - expect(typesInFeaturePrivilegeRead.indexOf(call[0].id)).toBeGreaterThanOrEqual(0); - }); + expect(BUILT_IN_ALERTS_FEATURE.privileges?.all?.alerting?.rule?.all).toMatchInlineSnapshot(` + Array [ + ".index-threshold", + ".geo-containment", + ".es-query", + "transform_health", + "observability.rules.custom_threshold", + "xpack.ml.anomaly_detection_alert", + ] + `); + + expect(BUILT_IN_ALERTS_FEATURE.privileges?.read?.alerting?.rule?.read).toMatchInlineSnapshot(` + Array [ + ".index-threshold", + ".geo-containment", + ".es-query", + "transform_health", + "observability.rules.custom_threshold", + "xpack.ml.anomaly_detection_alert", + ] + `); }); }); diff --git a/x-pack/plugins/stack_alerts/server/feature.ts b/x-pack/plugins/stack_alerts/server/feature.ts index 8f3c809829c49..fcb7aba3947a3 100644 --- a/x-pack/plugins/stack_alerts/server/feature.ts +++ b/x-pack/plugins/stack_alerts/server/feature.ts @@ -9,7 +9,11 @@ import { i18n } from '@kbn/i18n'; import { KibanaFeatureConfig } from '@kbn/features-plugin/common'; import { DEFAULT_APP_CATEGORIES } from '@kbn/core/server'; import { TRANSFORM_RULE_TYPE } from '@kbn/transform-plugin/common'; -import { STACK_ALERTS_FEATURE_ID } from '@kbn/rule-data-utils'; +import { + ML_ANOMALY_DETECTION_RULE_TYPE_ID, + OBSERVABILITY_THRESHOLD_RULE_TYPE_ID, + STACK_ALERTS_FEATURE_ID, +} from '@kbn/rule-data-utils'; import { ES_QUERY_ID as ElasticsearchQuery } from '@kbn/rule-data-utils'; import { KibanaFeatureScope } from '@kbn/features-plugin/common'; import { ID as IndexThreshold } from './rule_types/index_threshold/rule_type'; @@ -28,7 +32,14 @@ export const BUILT_IN_ALERTS_FEATURE: KibanaFeatureConfig = { management: { insightsAndAlerting: ['triggersActions'], }, - alerting: [IndexThreshold, GeoContainment, ElasticsearchQuery, TransformHealth], + alerting: [ + IndexThreshold, + GeoContainment, + ElasticsearchQuery, + TransformHealth, + OBSERVABILITY_THRESHOLD_RULE_TYPE_ID, + ML_ANOMALY_DETECTION_RULE_TYPE_ID, + ], privileges: { all: { app: [], @@ -38,17 +49,31 @@ export const BUILT_IN_ALERTS_FEATURE: KibanaFeatureConfig = { }, alerting: { rule: { - all: [IndexThreshold, GeoContainment, ElasticsearchQuery, TransformHealth], + all: [ + IndexThreshold, + GeoContainment, + ElasticsearchQuery, + TransformHealth, + OBSERVABILITY_THRESHOLD_RULE_TYPE_ID, + ML_ANOMALY_DETECTION_RULE_TYPE_ID, + ], }, alert: { - all: [IndexThreshold, GeoContainment, ElasticsearchQuery, TransformHealth], + all: [ + IndexThreshold, + GeoContainment, + ElasticsearchQuery, + TransformHealth, + OBSERVABILITY_THRESHOLD_RULE_TYPE_ID, + ML_ANOMALY_DETECTION_RULE_TYPE_ID, + ], }, }, savedObject: { all: [], read: [], }, - api: [], + api: ['rac'], ui: [], }, read: { @@ -59,17 +84,31 @@ export const BUILT_IN_ALERTS_FEATURE: KibanaFeatureConfig = { }, alerting: { rule: { - read: [IndexThreshold, GeoContainment, ElasticsearchQuery, TransformHealth], + read: [ + IndexThreshold, + GeoContainment, + ElasticsearchQuery, + TransformHealth, + OBSERVABILITY_THRESHOLD_RULE_TYPE_ID, + ML_ANOMALY_DETECTION_RULE_TYPE_ID, + ], }, alert: { - read: [IndexThreshold, GeoContainment, ElasticsearchQuery, TransformHealth], + read: [ + IndexThreshold, + GeoContainment, + ElasticsearchQuery, + TransformHealth, + OBSERVABILITY_THRESHOLD_RULE_TYPE_ID, + ML_ANOMALY_DETECTION_RULE_TYPE_ID, + ], }, }, savedObject: { all: [], read: [], }, - api: [], + api: ['rac'], ui: [], }, }, diff --git a/x-pack/plugins/translations/translations/fr-FR.json b/x-pack/plugins/translations/translations/fr-FR.json index cb98cb08e47f6..b3e9fce911ab2 100644 --- a/x-pack/plugins/translations/translations/fr-FR.json +++ b/x-pack/plugins/translations/translations/fr-FR.json @@ -10647,12 +10647,6 @@ "xpack.apm.mobileServiceDetails.serviceMapTabLabel": "Carte des services", "xpack.apm.mobileServiceDetails.transactionsTabLabel": "Transactions", "xpack.apm.mobileServices.breadcrumb.title": "Services", - "xpack.apm.multiSignal.servicesTable.environmentColumnLabel": "Environnement", - "xpack.apm.multiSignal.servicesTable.latencyAvgColumnLabel": "Latence (moy.)", - "xpack.apm.multiSignal.servicesTable.logErrorRate": "Taux d'erreur des logs", - "xpack.apm.multiSignal.servicesTable.nameColumnLabel": "Nom", - "xpack.apm.multiSignal.servicesTable.throughputColumnLabel": "Rendement", - "xpack.apm.multiSignal.servicesTable.transactionErrorRate": "Taux de transactions ayant échoué", "xpack.apm.navigation.apmSettingsTitle": "Paramètres", "xpack.apm.navigation.apmStorageExplorerTitle": "Explorateur de stockage", "xpack.apm.navigation.apmTutorialTitle": "Tutoriel", diff --git a/x-pack/plugins/translations/translations/ja-JP.json b/x-pack/plugins/translations/translations/ja-JP.json index 983ed0097e5f0..b6d7a0a2c92c7 100644 --- a/x-pack/plugins/translations/translations/ja-JP.json +++ b/x-pack/plugins/translations/translations/ja-JP.json @@ -10396,12 +10396,6 @@ "xpack.apm.mobileServiceDetails.serviceMapTabLabel": "サービスマップ", "xpack.apm.mobileServiceDetails.transactionsTabLabel": "トランザクション", "xpack.apm.mobileServices.breadcrumb.title": "サービス", - "xpack.apm.multiSignal.servicesTable.environmentColumnLabel": "環境", - "xpack.apm.multiSignal.servicesTable.latencyAvgColumnLabel": "レイテンシ(平均)", - "xpack.apm.multiSignal.servicesTable.logErrorRate": "ログエラー率", - "xpack.apm.multiSignal.servicesTable.nameColumnLabel": "名前", - "xpack.apm.multiSignal.servicesTable.throughputColumnLabel": "スループット", - "xpack.apm.multiSignal.servicesTable.transactionErrorRate": "失敗したトランザクション率", "xpack.apm.navigation.apmSettingsTitle": "設定", "xpack.apm.navigation.apmStorageExplorerTitle": "ストレージエクスプローラー", "xpack.apm.navigation.apmTutorialTitle": "チュートリアル", diff --git a/x-pack/plugins/translations/translations/zh-CN.json b/x-pack/plugins/translations/translations/zh-CN.json index 092a3924977c7..8aa856352f83a 100644 --- a/x-pack/plugins/translations/translations/zh-CN.json +++ b/x-pack/plugins/translations/translations/zh-CN.json @@ -10418,12 +10418,6 @@ "xpack.apm.mobileServiceDetails.serviceMapTabLabel": "服务地图", "xpack.apm.mobileServiceDetails.transactionsTabLabel": "事务", "xpack.apm.mobileServices.breadcrumb.title": "服务", - "xpack.apm.multiSignal.servicesTable.environmentColumnLabel": "环境", - "xpack.apm.multiSignal.servicesTable.latencyAvgColumnLabel": "延迟(平均值)", - "xpack.apm.multiSignal.servicesTable.logErrorRate": "日志错误率", - "xpack.apm.multiSignal.servicesTable.nameColumnLabel": "名称", - "xpack.apm.multiSignal.servicesTable.throughputColumnLabel": "吞吐量", - "xpack.apm.multiSignal.servicesTable.transactionErrorRate": "失败事务率", "xpack.apm.navigation.apmSettingsTitle": "设置", "xpack.apm.navigation.apmStorageExplorerTitle": "Storage Explorer", "xpack.apm.navigation.apmTutorialTitle": "教程", diff --git a/x-pack/plugins/triggers_actions_ui/public/application/lib/value_validators.ts b/x-pack/plugins/triggers_actions_ui/public/application/lib/value_validators.ts index bb98c2664141d..6ad7eb14c8270 100644 --- a/x-pack/plugins/triggers_actions_ui/public/application/lib/value_validators.ts +++ b/x-pack/plugins/triggers_actions_ui/public/application/lib/value_validators.ts @@ -20,7 +20,7 @@ const filterQueryRequiredError = i18n.translate( export const validateActionFilterQuery = (actionItem: RuleUiAction): string | null => { if ('alertsFilter' in actionItem) { const query = actionItem?.alertsFilter?.query; - if (query && !query.kql) { + if (query && !(query.kql || query.filters.length)) { return filterQueryRequiredError; } } diff --git a/x-pack/test/alerting_api_integration/security_and_spaces/group1/tests/alerting/find.ts b/x-pack/test/alerting_api_integration/security_and_spaces/group1/tests/alerting/find.ts index 8c11b69db03be..37d42ceeccb3a 100644 --- a/x-pack/test/alerting_api_integration/security_and_spaces/group1/tests/alerting/find.ts +++ b/x-pack/test/alerting_api_integration/security_and_spaces/group1/tests/alerting/find.ts @@ -10,7 +10,12 @@ import { Agent as SuperTestAgent } from 'supertest'; import { chunk, omit } from 'lodash'; import { v4 as uuidv4 } from 'uuid'; import { SupertestWithoutAuthProviderType } from '@kbn/ftr-common-functional-services'; -import { SuperuserAtSpace1, UserAtSpaceScenarios } from '../../../scenarios'; +import { + ES_QUERY_ID, + ML_ANOMALY_DETECTION_RULE_TYPE_ID, + OBSERVABILITY_THRESHOLD_RULE_TYPE_ID, +} from '@kbn/rule-data-utils'; +import { SuperuserAtSpace1, UserAtSpaceScenarios, StackAlertsOnly } from '../../../scenarios'; import { getUrlPrefix, getTestRuleData, ObjectRemover } from '../../../../common/lib'; import { FtrProviderContext } from '../../../../common/ftr_provider_context'; @@ -663,5 +668,120 @@ export default function createFindTests({ getService }: FtrProviderContext) { findTestUtils('public', objectRemover, supertest, supertestWithoutAuth); findTestUtils('internal', objectRemover, supertest, supertestWithoutAuth); + + describe('stack alerts', () => { + const ruleTypes = [ + [ + ES_QUERY_ID, + { + searchType: 'esQuery', + timeWindowSize: 5, + timeWindowUnit: 'm', + threshold: [1000], + thresholdComparator: '>', + size: 100, + esQuery: '{\n "query":{\n "match_all" : {}\n }\n }', + aggType: 'count', + groupBy: 'all', + termSize: 5, + excludeHitsFromPreviousRun: false, + sourceFields: [], + index: ['.kibana'], + timeField: 'created_at', + }, + ], + [ + OBSERVABILITY_THRESHOLD_RULE_TYPE_ID, + { + criteria: [ + { + comparator: '>', + metrics: [ + { + name: 'A', + aggType: 'count', + }, + ], + threshold: [100], + timeSize: 1, + timeUnit: 'm', + }, + ], + alertOnNoData: false, + alertOnGroupDisappear: false, + searchConfiguration: { + query: { + query: '', + language: 'kuery', + }, + index: 'kibana-event-log-data-view', + }, + }, + ], + [ + ML_ANOMALY_DETECTION_RULE_TYPE_ID, + { + severity: 75, + resultType: 'bucket', + includeInterim: false, + jobSelection: { + jobIds: ['low_request_rate'], + }, + }, + ], + ]; + + const createRule = async (rule = {}) => { + const { body: createdAlert } = await supertest + .post(`${getUrlPrefix('space1')}/api/alerting/rule`) + .set('kbn-xsrf', 'foo') + .send(getTestRuleData({ ...rule })) + .expect(200); + + objectRemover.add('space1', createdAlert.id, 'rule', 'alerting'); + }; + + for (const [ruleTypeId, params] of ruleTypes) { + it(`should get rules of ${ruleTypeId} rule type ID and stackAlerts consumer`, async () => { + /** + * We create two rules. The first one is a test.noop + * rule with stackAlerts as consumer. The second rule + * is has different rule type ID but with the same consumer as the first rule (stackAlerts). + * This way we can verify that the find API call returns only the rules the user is authorized to. + * Specifically only the second rule because the StackAlertsOnly user does not have + * access to the test.noop rule type. + */ + await createRule({ consumer: 'stackAlerts' }); + await createRule({ rule_type_id: ruleTypeId, params, consumer: 'stackAlerts' }); + + const response = await supertestWithoutAuth + .get(`${getUrlPrefix('space1')}/api/alerting/rules/_find`) + .auth(StackAlertsOnly.username, StackAlertsOnly.password); + + expect(response.statusCode).to.eql(200); + expect(response.body.total).to.equal(1); + expect(response.body.data[0].rule_type_id).to.equal(ruleTypeId); + expect(response.body.data[0].consumer).to.equal('stackAlerts'); + }); + } + + for (const [ruleTypeId, params] of ruleTypes) { + it(`should NOT get rules of ${ruleTypeId} rule type ID and NOT stackAlerts consumer`, async () => { + /** + * We create two rules with logs as consumer. The user is authorized to + * access rules only with the stackAlerts consumers. + */ + await createRule({ consumer: 'logs' }); + await createRule({ rule_type_id: ruleTypeId, params, consumer: 'logs' }); + + const response = await supertestWithoutAuth + .get(`${getUrlPrefix('space1')}/api/alerting/rules/_find`) + .auth(StackAlertsOnly.username, StackAlertsOnly.password); + + expect(response.statusCode).to.eql(200); + expect(response.body.total).to.equal(0); + }); + } + }); }); } diff --git a/x-pack/test/alerting_api_integration/security_and_spaces/scenarios.ts b/x-pack/test/alerting_api_integration/security_and_spaces/scenarios.ts index a852657e0b891..fdb56a4fb501e 100644 --- a/x-pack/test/alerting_api_integration/security_and_spaces/scenarios.ts +++ b/x-pack/test/alerting_api_integration/security_and_spaces/scenarios.ts @@ -190,6 +190,31 @@ const CasesAll: User = { }, }; +export const StackAlertsOnly: User = { + username: 'stack_alerts_only', + fullName: 'stack_alerts_only', + password: 'stack_alerts_only-password', + role: { + name: 'stack_alerts_only_role', + kibana: [ + { + feature: { + stackAlerts: ['all'], + }, + spaces: ['space1'], + }, + ], + elasticsearch: { + indices: [ + { + names: [`${ES_TEST_INDEX_NAME}*`], + privileges: ['all'], + }, + ], + }, + }, +}; + export const Users: User[] = [ NoKibanaPrivileges, Superuser, @@ -198,6 +223,7 @@ export const Users: User[] = [ Space1AllWithRestrictedFixture, Space1AllAlertingNoneActions, CasesAll, + StackAlertsOnly, ]; const Space1: Space = { @@ -256,14 +282,6 @@ const GlobalReadAtSpace1: GlobalReadAtSpace1 = { space: Space1, }; -interface Space1AllAtSpace1 extends Scenario { - id: 'space_1_all at space1'; -} -const Space1AllAtSpace1: Space1AllAtSpace1 = { - id: 'space_1_all at space1', - user: Space1All, - space: Space1, -}; interface Space1AllWithRestrictedFixtureAtSpace1 extends Scenario { id: 'space_1_all_with_restricted_fixture at space1'; } @@ -301,6 +319,15 @@ export const systemActionScenario: SystemActionSpace1 = { space: Space1, }; +interface Space1AllAtSpace1 extends Scenario { + id: 'space_1_all at space1'; +} +const Space1AllAtSpace1: Space1AllAtSpace1 = { + id: 'space_1_all at space1', + user: Space1All, + space: Space1, +}; + export const UserAtSpaceScenarios: [ NoKibanaPrivilegesAtSpace1, SuperuserAtSpace1, diff --git a/x-pack/test/api_integration/services/security_solution_api.gen.ts b/x-pack/test/api_integration/services/security_solution_api.gen.ts index aba6550ea9c3b..c110ce8676edb 100644 --- a/x-pack/test/api_integration/services/security_solution_api.gen.ts +++ b/x-pack/test/api_integration/services/security_solution_api.gen.ts @@ -270,7 +270,7 @@ If asset criticality records already exist for the specified entities, those rec return supertest .delete(routeWithNamespace('/api/risk_score/engine/dangerously_delete_data', kibanaSpace)) .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); }, /** diff --git a/x-pack/test/fleet_api_integration/apis/epm/install_overrides.ts b/x-pack/test/fleet_api_integration/apis/epm/install_overrides.ts index c67ef64762d60..50aafabd56d6f 100644 --- a/x-pack/test/fleet_api_integration/apis/epm/install_overrides.ts +++ b/x-pack/test/fleet_api_integration/apis/epm/install_overrides.ts @@ -21,8 +21,7 @@ export default function (providerContext: FtrProviderContext) { const deletePackage = async (pkg: string, version: string) => supertest.delete(`/api/fleet/epm/packages/${pkg}/${version}`).set('kbn-xsrf', 'xxxx'); - // Failing: See https://github.com/elastic/kibana/issues/194714 - describe.skip('installs packages that include settings and mappings overrides', () => { + describe('installs packages that include settings and mappings overrides', () => { skipIfNoDockerRegistry(providerContext); before(async () => { @@ -165,6 +164,10 @@ export default function (providerContext: FtrProviderContext) { name: 'logs', index_patterns: ['logs-*-*'], }, + { + index_patterns: ['logs-*.otel-*'], + name: 'logs-otel@template', + }, ], }); }); diff --git a/x-pack/test/functional_with_es_ssl/apps/triggers_actions_ui/alert_create_flyout.ts b/x-pack/test/functional_with_es_ssl/apps/triggers_actions_ui/alert_create_flyout.ts index c2b301d384a1b..bf4a81ea4772d 100644 --- a/x-pack/test/functional_with_es_ssl/apps/triggers_actions_ui/alert_create_flyout.ts +++ b/x-pack/test/functional_with_es_ssl/apps/triggers_actions_ui/alert_create_flyout.ts @@ -253,6 +253,97 @@ export default ({ getPageObjects, getService }: FtrProviderContext) => { await deleteAlerts(alertsToDelete.map((alertItem: { id: string }) => alertItem.id)); }); + it('should create an alert with composite query in filter for conditional action', async () => { + const alertName = generateUniqueKey(); + await rules.common.defineIndexThresholdAlert(alertName); + + // filterKuery validation + await testSubjects.setValue('filterKuery', 'group:'); + const filterKueryInput = await testSubjects.find('filterKuery'); + expect(await filterKueryInput.elementHasClass('euiFieldSearch-isInvalid')).to.eql(true); + await testSubjects.setValue('filterKuery', 'group: group-0'); + expect(await filterKueryInput.elementHasClass('euiFieldSearch-isInvalid')).to.eql(false); + + await testSubjects.click('.slack-alerting-ActionTypeSelectOption'); + await testSubjects.click('addNewActionConnectorButton-.slack'); + const slackConnectorName = generateUniqueKey(); + await testSubjects.setValue('nameInput', slackConnectorName); + await testSubjects.setValue('slackWebhookUrlInput', 'https://test.com'); + await find.clickByCssSelector('[data-test-subj="saveActionButtonModal"]:not(disabled)'); + const createdConnectorToastTitle = await toasts.getTitleAndDismiss(); + expect(createdConnectorToastTitle).to.eql(`Created '${slackConnectorName}'`); + await testSubjects.click('notifyWhenSelect'); + await testSubjects.click('onThrottleInterval'); + await testSubjects.setValue('throttleInput', '10'); + + // Alerts search bar (conditional actions) + await testSubjects.click('alertsFilterQueryToggle'); + + await pageObjects.header.waitUntilLoadingHasFinished(); + await testSubjects.click('addFilter'); + // Add first part of query before AND + await testSubjects.click('filterFieldSuggestionList'); + await comboBox.set('filterFieldSuggestionList', '_id'); + await comboBox.set('filterOperatorList', 'is not'); + await testSubjects.setValue('filterParams', 'fake-rule-id'); + await testSubjects.click('add-and-filter'); + // Add second part of query after AND + const firstDropdown = await find.byCssSelector( + '[data-test-subj="filter-0.1"] [data-test-subj="filterFieldSuggestionList"] [data-test-subj="comboBoxSearchInput"]' + ); + await firstDropdown.click(); + await firstDropdown.type('kibana.alert.action_group'); + await find.clickByButtonText('kibana.alert.action_group'); + const secondDropdown = await find.byCssSelector( + '[data-test-subj="filter-0.1"] [data-test-subj="filterOperatorList"] [data-test-subj="comboBoxSearchInput"]' + ); + await secondDropdown.click(); + await secondDropdown.type('exists'); + await find.clickByButtonText('exists'); + await testSubjects.click('saveFilter'); + await testSubjects.setValue('queryInput', '_id: *'); + + const messageTextArea = await find.byCssSelector('[data-test-subj="messageTextArea"]'); + expect(await messageTextArea.getAttribute('value')).to.eql( + `Rule {{rule.name}} is active for group {{context.group}}: + +- Value: {{context.value}} +- Conditions Met: {{context.conditions}} over {{rule.params.timeWindowSize}}{{rule.params.timeWindowUnit}} +- Timestamp: {{context.date}}` + ); + await testSubjects.setValue('messageTextArea', 'test message '); + await testSubjects.click('messageAddVariableButton'); + await testSubjects.click('variableMenuButton-alert.actionGroup'); + expect(await messageTextArea.getAttribute('value')).to.eql( + 'test message {{alert.actionGroup}}' + ); + await messageTextArea.type(' some additional text '); + + await testSubjects.click('messageAddVariableButton'); + await testSubjects.setValue('messageVariablesSelectableSearch', 'rule.id'); + await testSubjects.click('variableMenuButton-rule.id'); + + expect(await messageTextArea.getAttribute('value')).to.eql( + 'test message {{alert.actionGroup}} some additional text {{rule.id}}' + ); + await testSubjects.click('saveRuleButton'); + const toastTitle = await toasts.getTitleAndDismiss(); + expect(toastTitle).to.eql(`Created rule "${alertName}"`); + await pageObjects.triggersActionsUI.searchAlerts(alertName); + const searchResultsAfterSave = await pageObjects.triggersActionsUI.getAlertsList(); + const searchResultAfterSave = searchResultsAfterSave[0]; + expect(omit(searchResultAfterSave, 'duration')).to.eql({ + name: `${alertName}Index threshold`, + tags: '', + interval: '1 min', + }); + expect(searchResultAfterSave.duration).to.match(/\d{2,}:\d{2}/); + + // clean up created alert + const alertsToDelete = await getAlertsByName(alertName); + await deleteAlerts(alertsToDelete.map((alertItem: { id: string }) => alertItem.id)); + }); + it('should create an alert with actions in multiple groups', async () => { const alertName = generateUniqueKey(); await defineAlwaysFiringAlert(alertName); diff --git a/x-pack/test/functional_with_es_ssl/config.base.ts b/x-pack/test/functional_with_es_ssl/config.base.ts index 4280d6c31d6f4..2fdf49bc41fef 100644 --- a/x-pack/test/functional_with_es_ssl/config.base.ts +++ b/x-pack/test/functional_with_es_ssl/config.base.ts @@ -126,6 +126,14 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) { spaces: ['*'], }, ], + elasticsearch: { + indices: [ + { + names: ['.alerts-*'], + privileges: ['read'], + }, + ], + }, }, only_actions_role: { kibana: [ diff --git a/x-pack/test/rule_registry/common/lib/authentication/roles.ts b/x-pack/test/rule_registry/common/lib/authentication/roles.ts index df887ea463e29..6f60cb7a3c151 100644 --- a/x-pack/test/rule_registry/common/lib/authentication/roles.ts +++ b/x-pack/test/rule_registry/common/lib/authentication/roles.ts @@ -265,6 +265,23 @@ export const logsOnlyAllSpacesAll: Role = { }, }; +export const stackAlertsOnlyReadSpacesAll: Role = { + name: 'stack_alerts_only_read_spaces_all', + privileges: { + elasticsearch: { + indices: [], + }, + kibana: [ + { + feature: { + stackAlerts: ['read'], + }, + spaces: ['*'], + }, + ], + }, +}; + export const stackAlertsOnlyAllSpacesAll: Role = { name: 'stack_alerts_only_all_spaces_all', privileges: { @@ -511,6 +528,7 @@ export const allRoles = [ securitySolutionOnlyReadSpacesAll, observabilityOnlyAllSpacesAll, logsOnlyAllSpacesAll, + stackAlertsOnlyReadSpacesAll, stackAlertsOnlyAllSpacesAll, observabilityOnlyReadSpacesAll, observabilityOnlyAllSpacesAllWithReadESIndices, diff --git a/x-pack/test/rule_registry/common/lib/authentication/users.ts b/x-pack/test/rule_registry/common/lib/authentication/users.ts index 3d418ab9e779d..f227ac1bcbb90 100644 --- a/x-pack/test/rule_registry/common/lib/authentication/users.ts +++ b/x-pack/test/rule_registry/common/lib/authentication/users.ts @@ -30,7 +30,8 @@ import { observabilityMinReadAlertsAllSpacesAll, observabilityOnlyAllSpacesAllWithReadESIndices, securitySolutionOnlyAllSpacesAllWithReadESIndices, - stackAlertsOnlyAllSpacesAll, + stackAlertsOnlyReadSpacesAll as stackAlertsOnlyReadSpacesAllRole, + stackAlertsOnlyAllSpacesAll as stackAlertsOnlyAllSpacesAllRole, } from './roles'; import { User } from './types'; @@ -130,6 +131,12 @@ export const obsOnlyReadSpacesAll: User = { roles: [observabilityOnlyReadSpacesAll.name], }; +export const stackAlertsOnlyReadSpacesAll: User = { + username: 'stack_alerts_only_read_spaces_all', + password: 'stack_alerts_only_read_spaces_all', + roles: [stackAlertsOnlyReadSpacesAllRole.name], +}; + export const users = [ superUser, secOnly, @@ -177,10 +184,10 @@ export const logsOnlySpacesAll: User = { roles: [logsOnlyAllSpacesAll.name], }; -export const stackAlertsOnlySpacesAll: User = { +export const stackAlertsOnlyAllSpacesAll: User = { username: 'stack_alerts_only_all_spaces_all', password: 'stack_alerts_only_all_spaces_all', - roles: [stackAlertsOnlyAllSpacesAll.name], + roles: [stackAlertsOnlyAllSpacesAllRole.name], }; export const obsOnlySpacesAllEsRead: User = { @@ -297,7 +304,8 @@ export const allUsers = [ secOnlyReadSpacesAll, obsOnlySpacesAll, logsOnlySpacesAll, - stackAlertsOnlySpacesAll, + stackAlertsOnlyReadSpacesAll, + stackAlertsOnlyAllSpacesAll, obsSecSpacesAll, obsSecReadSpacesAll, obsMinReadAlertsRead, diff --git a/x-pack/test/rule_registry/security_and_spaces/tests/basic/get_alerts_index.ts b/x-pack/test/rule_registry/security_and_spaces/tests/basic/get_alerts_index.ts index 1146fa925908c..530c0a57b02ef 100644 --- a/x-pack/test/rule_registry/security_and_spaces/tests/basic/get_alerts_index.ts +++ b/x-pack/test/rule_registry/security_and_spaces/tests/basic/get_alerts_index.ts @@ -7,7 +7,12 @@ import expect from '@kbn/expect'; -import { superUser, obsOnlySpacesAll, secOnlyRead } from '../../../common/lib/authentication/users'; +import { + superUser, + obsOnlySpacesAll, + secOnlyRead, + stackAlertsOnlyReadSpacesAll, +} from '../../../common/lib/authentication/users'; import type { User } from '../../../common/lib/authentication/types'; import { FtrProviderContext } from '../../../common/ftr_provider_context'; import { getSpaceUrlPrefix } from '../../../common/lib/authentication/spaces'; @@ -22,27 +27,19 @@ export default ({ getService }: FtrProviderContext) => { const SPACE1 = 'space1'; const APM_ALERT_INDEX = '.alerts-observability.apm.alerts-default'; const SECURITY_SOLUTION_ALERT_INDEX = '.alerts-security.alerts'; + const STACK_ALERT_INDEX = '.alerts-stack.alerts-default'; - const getAPMIndexName = async (user: User, space: string, expectedStatusCode: number = 200) => { - const resp = await supertestWithoutAuth - .get(`${getSpaceUrlPrefix(space)}${ALERTS_INDEX_URL}?features=apm`) - .auth(user.username, user.password) - .set('kbn-xsrf', 'true') - .expect(expectedStatusCode); - return resp.body.index_name as string[]; - }; - - const getSecuritySolutionIndexName = async ( + const getIndexName = async ( + featureIds: string[], user: User, space: string, expectedStatusCode: number = 200 ) => { const resp = await supertestWithoutAuth - .get(`${getSpaceUrlPrefix(space)}${ALERTS_INDEX_URL}?features=siem`) + .get(`${getSpaceUrlPrefix(space)}${ALERTS_INDEX_URL}?features=${featureIds.join(',')}`) .auth(user.username, user.password) .set('kbn-xsrf', 'true') .expect(expectedStatusCode); - return resp.body.index_name as string[]; }; @@ -52,24 +49,33 @@ export default ({ getService }: FtrProviderContext) => { }); describe('Users:', () => { it(`${obsOnlySpacesAll.username} should be able to access the APM alert in ${SPACE1}`, async () => { - const indexNames = await getAPMIndexName(obsOnlySpacesAll, SPACE1); + const indexNames = await getIndexName(['apm'], obsOnlySpacesAll, SPACE1); expect(indexNames.includes(APM_ALERT_INDEX)).to.eql(true); // assert this here so we can use constants in the dynamically-defined test cases below }); it(`${superUser.username} should be able to access the APM alert in ${SPACE1}`, async () => { - const indexNames = await getAPMIndexName(superUser, SPACE1); + const indexNames = await getIndexName(['apm'], superUser, SPACE1); expect(indexNames.includes(APM_ALERT_INDEX)).to.eql(true); // assert this here so we can use constants in the dynamically-defined test cases below }); it(`${secOnlyRead.username} should NOT be able to access the APM alert in ${SPACE1}`, async () => { - const indexNames = await getAPMIndexName(secOnlyRead, SPACE1); + const indexNames = await getIndexName(['apm'], secOnlyRead, SPACE1); expect(indexNames?.length).to.eql(0); }); it(`${secOnlyRead.username} should be able to access the security solution alert in ${SPACE1}`, async () => { - const indexNames = await getSecuritySolutionIndexName(secOnlyRead, SPACE1); + const indexNames = await getIndexName(['siem'], secOnlyRead, SPACE1); expect(indexNames.includes(`${SECURITY_SOLUTION_ALERT_INDEX}-${SPACE1}`)).to.eql(true); // assert this here so we can use constants in the dynamically-defined test cases below }); + + it(`${stackAlertsOnlyReadSpacesAll.username} should be able to access the stack alert in ${SPACE1}`, async () => { + const indexNames = await getIndexName( + ['stackAlerts'], + stackAlertsOnlyReadSpacesAll, + SPACE1 + ); + expect(indexNames.includes(STACK_ALERT_INDEX)).to.eql(true); + }); }); }); }; diff --git a/x-pack/test/rule_registry/security_and_spaces/tests/basic/search_strategy.ts b/x-pack/test/rule_registry/security_and_spaces/tests/basic/search_strategy.ts index 2fe2567f5e523..289fe4347e8f6 100644 --- a/x-pack/test/rule_registry/security_and_spaces/tests/basic/search_strategy.ts +++ b/x-pack/test/rule_registry/security_and_spaces/tests/basic/search_strategy.ts @@ -13,7 +13,7 @@ import { obsOnlySpacesAll, logsOnlySpacesAll, secOnlySpacesAllEsReadAll, - stackAlertsOnlySpacesAll, + stackAlertsOnlyAllSpacesAll, superUser, } from '../../../common/lib/authentication/users'; @@ -360,8 +360,8 @@ export default ({ getService }: FtrProviderContext) => { const result = await secureBsearch.send({ supertestWithoutAuth, auth: { - username: stackAlertsOnlySpacesAll.username, - password: stackAlertsOnlySpacesAll.password, + username: stackAlertsOnlyAllSpacesAll.username, + password: stackAlertsOnlyAllSpacesAll.password, }, referer: 'test', kibanaVersion, diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/expandable_flyout/vulnerabilities_contextual_flyout.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/expandable_flyout/vulnerabilities_contextual_flyout.cy.ts new file mode 100644 index 0000000000000..04ba10c908df7 --- /dev/null +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/expandable_flyout/vulnerabilities_contextual_flyout.cy.ts @@ -0,0 +1,195 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN } from '@kbn/cloud-security-posture-common'; +import { createRule } from '../../../../tasks/api_calls/rules'; +import { getNewRule } from '../../../../objects/rule'; +import { getDataTestSubjectSelector } from '../../../../helpers/common'; + +import { rootRequest, deleteAlertsAndRules } from '../../../../tasks/api_calls/common'; +import { expandFirstAlertHostFlyout } from '../../../../tasks/asset_criticality/common'; +import { waitForAlertsToPopulate } from '../../../../tasks/create_new_rule'; +import { login } from '../../../../tasks/login'; +import { ALERTS_URL } from '../../../../urls/navigation'; +import { visit } from '../../../../tasks/navigation'; + +const CSP_INSIGHT_VULNERABILITIES_TITLE = getDataTestSubjectSelector( + 'securitySolutionFlyoutInsightsVulnerabilitiesTitleText' +); + +const NO_VULNERABILITIES_TEXT = getDataTestSubjectSelector('noVulnerabilitiesDataTestSubj'); + +const timestamp = Date.now(); + +// Create a Date object using the timestamp +const date = new Date(timestamp); + +// Convert the Date object to ISO 8601 format +const iso8601String = date.toISOString(); + +const getMockVulnerability = (isNameMatchesAlert: boolean) => { + return { + '@timestamp': iso8601String, + resource: { name: '634yfsdg2.dkr.ecr.eu-central-1.amazon.stage', id: 'ami_12328' }, + agent: { + name: 'ip-172-31-33-74', + type: 'cloudbeat', + version: '8.8.0', + ephemeral_id: '49f19e6a-94e9-4f2b-81e3-2f3794a74068', + id: 'd0313a94-c168-4d95-b1f0-97a388dac29a', + }, + cloud: { + availability_zone: 'eu-west-1c', + service: { name: 'EC2' }, + account: { id: '704479110758' }, + image: { id: 'ami-02dc8dbcc971f2c74' }, + provider: 'aws', + instance: { id: 'i-0fb7759c6e5d400cf' }, + machine: { type: 'c6g.medium' }, + region: 'eu-west-1', + }, + package: { fixed_version: '0.4.0', version: 'v0.2.0', name: 'golang.org/x/net' }, + vulnerability: { + published_date: '2022-08-10T00:00:00.000Z', + data_source: { + ID: 'go-vulndb', + Name: 'The Go Vulnerability Database', + URL: 'https://github.com/golang/vulndb', + }, + enumeration: 'CVE', + description: + 'An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.', + title: + 'golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests', + reference: 'https://avd.aquasec.com/nvd/cve-2022-41717', + severity: 'MEDIUM', + cvss: { + nvd: { V3Vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L', V3Score: 5.3 }, + redhat: { V3Vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L', V3Score: 5.3 }, + ghsa: { V3Vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L', V3Score: 5.3 }, + }, + scanner: { vendor: 'Trivy' }, + score: { base: 5.3, version: '3.0' }, + cwe: ['CWE-770'], + id: 'CVE-2022-41717', + classification: 'CVSS', + }, + cloudbeat: { + commit_sha: 'b5c4b728f0a9268e7f2d195c00dad0320c8a74e6', + commit_time: '2023-03-30T07:47:06Z', + version: '8.8.0', + }, + event: { + category: ['vulnerability'], + created: '2023-03-30T10:27:35.013537768Z', + id: '5cfbcbe5-7f90-47b8-b1d4-7f79313b2a6d', + kind: 'state', + sequence: 1680172055, + outcome: 'success', + type: ['info'], + }, + ecs: { version: '8.0.0' }, + host: { + os: { + kernel: '5.15.0-1028-aws', + codename: 'jammy', + type: 'linux', + platform: 'ubuntu', + version: '22.04.1 LTS (Jammy Jellyfish)', + family: 'debian', + name: 'Ubuntu', + }, + id: 'ec2644f440799ed0cf8aa595a9a105cc', + containerized: false, + name: isNameMatchesAlert ? 'siem-kibana' : 'not-siem-kibana', + ip: ['172.31.33.74', 'fe80::85d:f0ff:fe91:c01b'], + mac: ['0A-5D-F0-91-C0-1B'], + hostname: 'ip-172-31-33-74', + architecture: 'aarch64', + }, + data_stream: { + dataset: 'cloud_security_posture.vulnerabilities', + }, + }; +}; + +const createMockVulnerability = (isNameMatchesAlert: boolean) => { + return rootRequest({ + method: 'POST', + url: `${Cypress.env( + 'ELASTICSEARCH_URL' + )}/${CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN}/_doc`, + body: getMockVulnerability(isNameMatchesAlert), + }); +}; + +const deleteDataStream = () => { + return rootRequest({ + method: 'DELETE', + url: `${Cypress.env( + 'ELASTICSEARCH_URL' + )}/_data_stream/${CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN}`, + }); +}; + +describe('Alert Host details expandable flyout', { tags: ['@ess', '@serverless'] }, () => { + beforeEach(() => { + deleteAlertsAndRules(); + login(); + createRule(getNewRule()); + visit(ALERTS_URL); + waitForAlertsToPopulate(); + }); + + context('No Vulnerabilities Findings', () => { + it('should not display Vulnerabilities preview under Insights Entities when it does not have Vulnerabilities Findings', () => { + expandFirstAlertHostFlyout(); + + cy.log('check if Vulnerabilities preview title is not shown'); + cy.get(CSP_INSIGHT_VULNERABILITIES_TITLE).should('not.exist'); + }); + }); + + context('Host name - Has Vulnerabilities findings', () => { + beforeEach(() => { + createMockVulnerability(true); + cy.reload(); + expandFirstAlertHostFlyout(); + }); + + afterEach(() => { + deleteDataStream(); + }); + + it('should display Vulnerabilities preview under Insights Entities when it has Vulnerabilities Findings', () => { + cy.log('check if Vulnerabilities preview title shown'); + cy.get(CSP_INSIGHT_VULNERABILITIES_TITLE).should('be.visible'); + }); + }); + + context( + 'Host name - Has Vulnerabilities findings but host name is not the same as alert host name', + () => { + beforeEach(() => { + createMockVulnerability(false); + cy.reload(); + expandFirstAlertHostFlyout(); + }); + + afterEach(() => { + deleteDataStream(); + }); + + it('should display Vulnerabilities preview under Insights Entities when it has Vulnerabilities Findings but it should show no vulnerabilities title', () => { + cy.log('check if Vulnerabilities preview title shown'); + cy.get(CSP_INSIGHT_VULNERABILITIES_TITLE).should('be.visible'); + cy.log('check if no vulnerabilities text is shown'); + cy.get(NO_VULNERABILITIES_TEXT).should('be.visible'); + }); + } + ); +}); diff --git a/x-pack/test/security_solution_cypress/cypress/tsconfig.json b/x-pack/test/security_solution_cypress/cypress/tsconfig.json index 36ef2376ec1ad..b117f42efceae 100644 --- a/x-pack/test/security_solution_cypress/cypress/tsconfig.json +++ b/x-pack/test/security_solution_cypress/cypress/tsconfig.json @@ -44,5 +44,6 @@ "@kbn/securitysolution-endpoint-exceptions-common", "@kbn/repo-info", "@kbn/elastic-assistant-common", + "@kbn/cloud-security-posture-common", ] } diff --git a/x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture/find_csp_benchmark_rule.ts b/x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture/find_csp_benchmark_rule.ts index cefe3dc598b40..637369c1b128b 100644 --- a/x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture/find_csp_benchmark_rule.ts +++ b/x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture/find_csp_benchmark_rule.ts @@ -23,7 +23,7 @@ export default function ({ getService }: FtrProviderContext) { const svlUserManager = getService('svlUserManager'); // find csp benchmark rule tests - describe('GET internal/cloud_security_posture/rules/_find', function () { + describe.skip('GET internal/cloud_security_posture/rules/_find', function () { // security_exception: action [indices:admin/create] is unauthorized for user [elastic] with effective roles [superuser] on restricted indices [.fleet-actions-7], this action is granted by the index privileges [create_index,manage,all] this.tags(['failsOnMKI']); diff --git a/x-pack/test_serverless/functional/test_suites/common/discover/group6/_sidebar.ts b/x-pack/test_serverless/functional/test_suites/common/discover/group6/_sidebar.ts index c6ecd1386cbe9..61cd9728223d1 100644 --- a/x-pack/test_serverless/functional/test_suites/common/discover/group6/_sidebar.ts +++ b/x-pack/test_serverless/functional/test_suites/common/discover/group6/_sidebar.ts @@ -30,6 +30,9 @@ export default function ({ getService, getPageObjects }: FtrProviderContext) { const INITIAL_FIELD_LIST_SUMMARY = '48 available fields. 5 empty fields. 4 meta fields.'; describe('discover sidebar', function describeIndexTests() { + // see details: https://github.com/elastic/kibana/issues/195100 + this.tags(['failsOnMKI']); + before(async function () { await esArchiver.loadIfNeeded('test/functional/fixtures/es_archiver/logstash_functional'); await PageObjects.svlCommonPage.loginAsAdmin(); diff --git a/x-pack/test_serverless/functional/test_suites/common/management/data_views/_edit_field.ts b/x-pack/test_serverless/functional/test_suites/common/management/data_views/_edit_field.ts index cd19615dc8304..7d1bdc586d681 100644 --- a/x-pack/test_serverless/functional/test_suites/common/management/data_views/_edit_field.ts +++ b/x-pack/test_serverless/functional/test_suites/common/management/data_views/_edit_field.ts @@ -30,11 +30,19 @@ export default function ({ getService, getPageObjects }: FtrProviderContext) { }); it('should show preview for fields in _source', async function () { - await PageObjects.settings.changeAndValidateFieldFormat('extension', 'text'); + await PageObjects.settings.changeAndValidateFieldFormat({ + name: 'extension', + fieldType: 'text', + expectedPreviewText: 'css', + }); }); it('should show preview for fields not in _source', async function () { - await PageObjects.settings.changeAndValidateFieldFormat('extension.raw', 'keyword'); + await PageObjects.settings.changeAndValidateFieldFormat({ + name: 'extension.raw', + fieldType: 'keyword', + expectedPreviewText: 'css', + }); }); }); }); diff --git a/x-pack/test_serverless/functional/test_suites/common/visualizations/group1/logsdb.ts b/x-pack/test_serverless/functional/test_suites/common/visualizations/group1/logsdb.ts index 4fe3046aa5dbe..040490310d95d 100644 --- a/x-pack/test_serverless/functional/test_suites/common/visualizations/group1/logsdb.ts +++ b/x-pack/test_serverless/functional/test_suites/common/visualizations/group1/logsdb.ts @@ -37,6 +37,8 @@ export default function ({ getService, getPageObjects }: FtrProviderContext) { const createDocs = getDocsGenerator(log, es, 'logsdb'); describe('lens logsdb', function () { + // see details: https://github.com/elastic/kibana/issues/195089 + this.tags(['failsOnMKI']); const logsdbIndex = 'kibana_sample_data_logslogsdb'; const logsdbDataView = logsdbIndex; const logsdbEsArchive = 'test/functional/fixtures/es_archiver/kibana_sample_data_logs_logsdb'; diff --git a/x-pack/test_serverless/functional/test_suites/search/index.ts b/x-pack/test_serverless/functional/test_suites/search/index.ts index cede675747839..bc2056268f8bd 100644 --- a/x-pack/test_serverless/functional/test_suites/search/index.ts +++ b/x-pack/test_serverless/functional/test_suites/search/index.ts @@ -25,6 +25,5 @@ export default function ({ loadTestFile }: FtrProviderContext) { loadTestFile(require.resolve('./search_playground/playground_overview')); loadTestFile(require.resolve('./ml')); - loadTestFile(require.resolve('./search_homepage')); }); } diff --git a/yarn.lock b/yarn.lock index fbbc2dc9a6e2c..a0aa74c80e252 100644 --- a/yarn.lock +++ b/yarn.lock @@ -6003,6 +6003,10 @@ version "0.0.0" uid "" +"@kbn/product-doc-artifact-builder@link:x-pack/packages/ai-infra/product-doc-artifact-builder": + version "0.0.0" + uid "" + "@kbn/profiling-data-access-plugin@link:x-pack/plugins/observability_solution/profiling_data_access": version "0.0.0" uid "" @@ -8437,22 +8441,22 @@ unbzip2-stream "^1.4.3" yargs "^17.7.2" -"@redocly/ajv@^8.11.0": - version "8.11.0" - resolved "https://registry.yarnpkg.com/@redocly/ajv/-/ajv-8.11.0.tgz#2fad322888dc0113af026e08fceb3e71aae495ae" - integrity sha512-9GWx27t7xWhDIR02PA18nzBdLcKQRgc46xNQvjFkrYk4UOmvKhJ/dawwiX0cCOeetN5LcaaiqQbVOWYK62SGHw== +"@redocly/ajv@^8.11.2": + version "8.11.2" + resolved "https://registry.yarnpkg.com/@redocly/ajv/-/ajv-8.11.2.tgz#46e1bf321ec0ac1e0fd31dea41a3d1fcbdcda0b5" + integrity sha512-io1JpnwtIcvojV7QKDUSIuMN/ikdOUd1ReEnUnMKGfDVridQZ31J0MmIuqwuRjWDZfmvr+Q0MqCcfHM2gTivOg== dependencies: fast-deep-equal "^3.1.1" json-schema-traverse "^1.0.0" require-from-string "^2.0.2" - uri-js "^4.2.2" + uri-js-replace "^1.0.1" -"@redocly/cli@^1.21.0": - version "1.22.0" - resolved "https://registry.yarnpkg.com/@redocly/cli/-/cli-1.22.0.tgz#9a007eb89ce6223795d5807ab4030d99c7667615" - integrity sha512-KXWTVKcyM4u4AHmxF9aDQOLbUWKwfEH8tM/CprcWnVvi9Gc0aPz1Y3aTrcohDE1oIgzJfn/Fj6TNdof86bNZvw== +"@redocly/cli@^1.25.3": + version "1.25.5" + resolved "https://registry.yarnpkg.com/@redocly/cli/-/cli-1.25.5.tgz#258f6d23e8298814518ec4d24d023c1e21e3b081" + integrity sha512-sFh4A8wqwuig7mF/nYNVIyxSfKKZikWC+uVH6OB1IepYQXNsHFaLAU1VaNI9gS5mMvWmYx5SEuSCVB9LaNFBhw== dependencies: - "@redocly/openapi-core" "1.22.0" + "@redocly/openapi-core" "1.25.5" abort-controller "^3.0.0" chokidar "^3.5.1" colorette "^1.2.0" @@ -8472,18 +8476,18 @@ styled-components "^6.0.7" yargs "17.0.1" -"@redocly/config@^0.10.1": - version "0.10.1" - resolved "https://registry.yarnpkg.com/@redocly/config/-/config-0.10.1.tgz#c7bcbab6cb3b82236c2f5c87aa44924a652d8e80" - integrity sha512-H3LnKVGzOaxskwJu8pmJYwBOWjP61qOK7TuTrbafqArDVckE06fhA6l0nO4KvBbjLPjy1Al7UnlxOu23V4Nl0w== +"@redocly/config@^0.12.1": + version "0.12.1" + resolved "https://registry.yarnpkg.com/@redocly/config/-/config-0.12.1.tgz#7b905a17d710244550ef826542d0db164d5ace02" + integrity sha512-RW3rSirfsPdr0uvATijRDU3f55SuZV3m7/ppdTDvGw4IB0cmeZRkFmqTrchxMqWP50Gfg1tpHnjdxUCNo0E2qg== -"@redocly/openapi-core@1.22.0", "@redocly/openapi-core@^1.4.0": - version "1.22.0" - resolved "https://registry.yarnpkg.com/@redocly/openapi-core/-/openapi-core-1.22.0.tgz#dea3eb5705a96fd1bb105ac97f51369256628d61" - integrity sha512-IXazrCCUwRkwgVGlaWghFEyyLrz5EM1VM+Kn3/By4QGaNVd04oxC1c92h3kbt1StAxtrTfxBAGwS7bqqCF7nsw== +"@redocly/openapi-core@1.25.5", "@redocly/openapi-core@^1.4.0": + version "1.25.5" + resolved "https://registry.yarnpkg.com/@redocly/openapi-core/-/openapi-core-1.25.5.tgz#443b1488c8ef1ddcb8f407c3e7dd8cb7b388b427" + integrity sha512-BNgXjqesJu4L5f8F73c2hkkH5IdvjYCKYFgIl+m9oNgqGRIPBJjtiEGOx7jkQ6nElN4311z7Z4aTECtklaaHwg== dependencies: - "@redocly/ajv" "^8.11.0" - "@redocly/config" "^0.10.1" + "@redocly/ajv" "^8.11.2" + "@redocly/config" "^0.12.1" colorette "^1.2.0" https-proxy-agent "^7.0.4" js-levenshtein "^1.1.6" @@ -31352,6 +31356,11 @@ update-browserslist-db@^1.0.13: escalade "^3.1.1" picocolors "^1.0.0" +uri-js-replace@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/uri-js-replace/-/uri-js-replace-1.0.1.tgz#c285bb352b701c9dfdaeffc4da5be77f936c9048" + integrity sha512-W+C9NWNLFOoBI2QWDp4UT9pv65r2w5Cx+3sTYFvtMdDBxkKt1syCqsUdSFAChbEe1uK5TfS04wt/nGwmaeIQ0g== + uri-js@^4.2.2: version "4.2.2" resolved "https://registry.yarnpkg.com/uri-js/-/uri-js-4.2.2.tgz#94c540e1ff772956e2299507c010aea6c8838eb0"