Add API docs back to staging repo [Serverless] (#82)

* Revert "Remove API docs files from staging repo (temporarily) [Serverless] (#65)" This reverts commit e4f4c7b. * Move transclusions folder * Move endpoint apis * Move cases APIs * Move the rest of the APIs Detections, Exceptions, Lists * Fix image ref * Reorg * Add pages to docnav * Map new pages to classic-sources sandbox ids * Add rough content banner to all API pages * Comment out descriptions (for now) * Add basic tags
elastic · Sep 5, 2023 · 2d396e0 · 2d396e0
1 parent 53d94d3
commit 2d396e0
Show file tree

Hide file tree

Showing 83 changed files with 14,726 additions and 14 deletions.
diff --git a/docs/alerts/signals-to-cases.mdx b/docs/alerts/signals-to-cases.mdx
@@ -15,13 +15,8 @@ import RoughContent from '../partials/rough-content-notice.mdx'
 
 From the Alerts table, you can attach one or more alerts to a <DocLink id="serverlessSecuritySignalsToCases" section="add-alerts-to-a-new-case">new case</DocLink> or <DocLink id="serverlessSecuritySignalsToCases" section="add-alerts-to-an-existing-case">an existing one</DocLink>. Alerts from any rule type can be added to a case.
 
-{/* The following note is commented out because Security APIs are not yet available for Serverless. 
-Once the API is available, we can revert to the commented version. */}
-{/* <DocCallOut title="Note">
-Once you've added an alert to a case, you can only remove it through the <DocLink id="serverlessSecurityCasesApiOverview">Elastic Security Cases API</DocLink>.
-</DocCallOut> */}
 <DocCallOut title="Note">
-Once you've added an alert to a case, you cannot remove it.
+Once you've added an alert to a case, you can only remove it through the <DocLink id="serverlessSecurityCasesApiOverview">Elastic Security Cases API</DocLink>.
 </DocCallOut>
 
 <DocImage size="l" url="../images/signals-to-cases/-detections-add-alert-to-case.gif" alt="Animation of adding an alert to a case" />

diff --git a/docs/api/cases-api/actions-api-overview.mdx b/docs/api/cases-api/actions-api-overview.mdx
@@ -0,0 +1,40 @@
+---
+id: serverlessSecurityActionsApiOverview
+slug: /serverless/security/actions-api-overview
+title: Actions API (for pushing cases to external systems)
+# description: Description to be written
+tags: [ 'serverless', 'security', 'reference' ]
+status: rough content
+---
+
+import RoughContent from '../../partials/rough-content-notice.mdx'
+
+<RoughContent />
+
+
+<div id="actions-api-overview"></div>
+
+You can push ((elastic-sec)) cases to these third-party systems:
+
+* ((sn))
+* ((jira)) (including Jira Service Desk)
+* ((ibm-r))
+* ((swimlane))
+* ((webhook-cm))
+
+To push cases, you need to create a connector, which stores the information
+required to communicate with the external system.
+
+((elastic-sec)) uses these external APIs to send cases:
+
+* ((sn)): [Import Set API](https://developer.servicenow.com/dev.do#!/reference/api/rome/rest/c_ImportSetAPI)
+* ((jira)): [REST API v2](https://developer.atlassian.com/cloud/jira/platform/rest/v2/)
+* ((ibm-r)): [Resilient REST API](https://developer.ibm.com/security/resilient/rest/)
+* ((swimlane)): [Swimlane REST API](https://swimlane.com/knowledge-center/docs/developer-guide/rest-api/)
+
+To send cases to an external system and keep the ((elastic-sec)) UI updated:
+
+1. [Create connector](((kibana-ref))/create-connector-api.html): Create the connector.
+1. [Create case](((kibana-ref))/cases-api-create.html): Create a case with the connector from the previous step.
+1. [Push case](((kibana-ref))/cases-api-push.html): Push the case to the external system.
+
diff --git a/docs/api/cases-api/cases-api-overview.mdx b/docs/api/cases-api/cases-api-overview.mdx
@@ -0,0 +1,25 @@
+---
+id: serverlessSecurityCasesApiOverview
+slug: /serverless/security/cases-api-overview
+title: Cases API
+# description: Description to be written
+tags: [ 'serverless', 'security', 'reference' ]
+status: rough content
+---
+
+import RoughContent from '../../partials/rough-content-notice.mdx'
+
+<RoughContent />
+
+<div id="cases-api-overview"></div>
+
+You can create, manage, configure, and send cases to external systems with these APIs:
+
+<DocCallOut title="Note">
+Cases return a warning header for deprecated endpoints. The value of the warning header is in the form `299 Kibana-((kibana_version)) "{warning_text}"`
+</DocCallOut>
+
+* [Cases APIs](((kibana-ref))/cases-api.html): Used to open and manage security action items.
+
+* [Connector APIs](((kibana-ref))/actions-and-connectors-api.html): Used to communicate with and send cases to external systems.
+